| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 462 |
| CVE-ID | CVE-2023-31248 CVE-2023-3772 CVE-2023-39197 CVE-2023-42753 CVE-2023-53147 CVE-2023-53148 CVE-2023-53150 CVE-2023-53151 CVE-2023-53152 CVE-2023-53165 CVE-2023-53167 CVE-2023-53170 CVE-2023-53174 CVE-2023-53175 CVE-2023-53177 CVE-2023-53179 CVE-2023-53180 CVE-2023-53181 CVE-2023-53183 CVE-2023-53184 CVE-2023-53185 CVE-2023-53187 CVE-2023-53189 CVE-2023-53192 CVE-2023-53195 CVE-2023-53196 CVE-2023-53201 CVE-2023-53204 CVE-2023-53205 CVE-2023-53206 CVE-2023-53207 CVE-2023-53208 CVE-2023-53209 CVE-2023-53210 CVE-2023-53215 CVE-2023-53217 CVE-2023-53220 CVE-2023-53221 CVE-2023-53222 CVE-2023-53226 CVE-2023-53230 CVE-2023-53231 CVE-2023-53235 CVE-2023-53238 CVE-2023-53243 CVE-2023-53245 CVE-2023-53247 CVE-2023-53248 CVE-2023-53249 CVE-2023-53251 CVE-2023-53252 CVE-2023-53255 CVE-2023-53257 CVE-2023-53258 CVE-2023-53260 CVE-2023-53263 CVE-2023-53264 CVE-2023-53272 CVE-2023-53274 CVE-2023-53275 CVE-2023-53280 CVE-2023-53286 CVE-2023-53287 CVE-2023-53288 CVE-2023-53291 CVE-2023-53292 CVE-2023-53303 CVE-2023-53304 CVE-2023-53305 CVE-2023-53309 CVE-2023-53311 CVE-2023-53312 CVE-2023-53313 CVE-2023-53314 CVE-2023-53316 CVE-2023-53319 CVE-2023-53321 CVE-2023-53322 CVE-2023-53323 CVE-2023-53324 CVE-2023-53325 CVE-2023-53328 CVE-2023-53331 CVE-2023-53333 CVE-2023-53336 CVE-2023-53338 CVE-2023-53339 CVE-2023-53342 CVE-2023-53343 CVE-2023-53350 CVE-2023-53352 CVE-2023-53354 CVE-2023-53356 CVE-2023-53357 CVE-2023-53360 CVE-2023-53362 CVE-2023-53364 CVE-2023-53365 CVE-2023-53367 CVE-2023-53368 CVE-2023-53369 CVE-2023-53370 CVE-2023-53371 CVE-2023-53374 CVE-2023-53377 CVE-2023-53379 CVE-2023-53380 CVE-2023-53384 CVE-2023-53385 CVE-2023-53386 CVE-2023-53391 CVE-2023-53394 CVE-2023-53395 CVE-2023-53397 CVE-2023-53401 CVE-2023-53420 CVE-2023-53421 CVE-2023-53424 CVE-2023-53425 CVE-2023-53426 CVE-2023-53428 CVE-2023-53429 CVE-2023-53432 CVE-2023-53436 CVE-2023-53438 CVE-2023-53441 CVE-2023-53442 CVE-2023-53444 CVE-2023-53446 CVE-2023-53447 CVE-2023-53448 CVE-2023-53451 CVE-2023-53454 CVE-2023-53456 CVE-2023-53457 CVE-2023-53461 CVE-2023-53462 CVE-2023-53463 CVE-2023-53465 CVE-2023-53472 CVE-2023-53479 CVE-2023-53480 CVE-2023-53485 CVE-2023-53487 CVE-2023-53488 CVE-2023-53490 CVE-2023-53491 CVE-2023-53492 CVE-2023-53493 CVE-2023-53495 CVE-2023-53496 CVE-2023-53500 CVE-2023-53501 CVE-2023-53504 CVE-2023-53505 CVE-2023-53507 CVE-2023-53508 CVE-2023-53510 CVE-2023-53515 CVE-2023-53516 CVE-2023-53518 CVE-2023-53519 CVE-2023-53520 CVE-2023-53523 CVE-2023-53526 CVE-2023-53527 CVE-2023-53528 CVE-2023-53530 CVE-2023-53531 CVE-2023-53538 CVE-2023-53539 CVE-2023-53540 CVE-2023-53541 CVE-2023-53543 CVE-2023-53545 CVE-2023-53546 CVE-2023-53548 CVE-2023-53550 CVE-2023-53552 CVE-2023-53553 CVE-2023-53554 CVE-2023-53555 CVE-2023-53556 CVE-2023-53557 CVE-2023-53558 CVE-2023-53559 CVE-2023-53560 CVE-2023-53563 CVE-2023-53568 CVE-2023-53570 CVE-2023-53572 CVE-2023-53574 CVE-2023-53575 CVE-2023-53577 CVE-2023-53579 CVE-2023-53580 CVE-2023-53581 CVE-2023-53583 CVE-2023-53585 CVE-2023-53588 CVE-2023-53593 CVE-2023-53596 CVE-2023-53597 CVE-2023-53599 CVE-2023-53600 CVE-2023-53601 CVE-2023-53602 CVE-2023-53603 CVE-2023-53611 CVE-2023-53613 CVE-2023-53615 CVE-2023-53616 CVE-2023-53617 CVE-2023-53618 CVE-2023-53619 CVE-2023-53621 CVE-2023-53622 CVE-2023-53631 CVE-2023-53632 CVE-2023-53633 CVE-2023-53638 CVE-2023-53645 CVE-2023-53646 CVE-2023-53647 CVE-2023-53648 CVE-2023-53649 CVE-2023-53650 CVE-2023-53652 CVE-2023-53653 CVE-2023-53654 CVE-2023-53656 CVE-2023-53657 CVE-2023-53658 CVE-2023-53659 CVE-2023-53660 CVE-2023-53662 CVE-2023-53663 CVE-2023-53665 CVE-2023-53666 CVE-2023-53668 CVE-2023-53670 CVE-2023-53672 CVE-2023-53673 CVE-2023-53674 CVE-2023-53681 CVE-2023-53686 CVE-2023-53687 CVE-2023-53693 CVE-2023-53697 CVE-2023-53698 CVE-2023-53699 CVE-2023-53703 CVE-2023-53704 CVE-2023-53707 CVE-2023-53708 CVE-2023-53711 CVE-2023-53713 CVE-2023-53718 CVE-2023-53721 CVE-2023-53722 CVE-2023-53725 CVE-2023-53726 CVE-2023-53727 CVE-2023-53728 CVE-2023-53729 CVE-2023-53730 CVE-2023-53731 CVE-2023-53733 CVE-2024-26584 CVE-2024-58240 CVE-2025-38008 CVE-2025-38465 CVE-2025-38539 CVE-2025-38552 CVE-2025-38653 CVE-2025-38680 CVE-2025-38681 CVE-2025-38683 CVE-2025-38685 CVE-2025-38687 CVE-2025-38691 CVE-2025-38692 CVE-2025-38693 CVE-2025-38694 CVE-2025-38695 CVE-2025-38697 CVE-2025-38698 CVE-2025-38699 CVE-2025-38700 CVE-2025-38702 CVE-2025-38706 CVE-2025-38712 CVE-2025-38713 CVE-2025-38714 CVE-2025-38715 CVE-2025-38718 CVE-2025-38724 CVE-2025-38725 CVE-2025-38727 CVE-2025-38729 CVE-2025-38734 CVE-2025-38735 CVE-2025-38736 CVE-2025-39673 CVE-2025-39675 CVE-2025-39676 CVE-2025-39679 CVE-2025-39683 CVE-2025-39684 CVE-2025-39685 CVE-2025-39686 CVE-2025-39693 CVE-2025-39694 CVE-2025-39697 CVE-2025-39701 CVE-2025-39702 CVE-2025-39706 CVE-2025-39709 CVE-2025-39710 CVE-2025-39713 CVE-2025-39714 CVE-2025-39719 CVE-2025-39721 CVE-2025-39724 CVE-2025-39726 CVE-2025-39730 CVE-2025-39732 CVE-2025-39739 CVE-2025-39742 CVE-2025-39743 CVE-2025-39750 CVE-2025-39751 CVE-2025-39756 CVE-2025-39757 CVE-2025-39758 CVE-2025-39759 CVE-2025-39760 CVE-2025-39761 CVE-2025-39763 CVE-2025-39772 CVE-2025-39783 CVE-2025-39790 CVE-2025-39794 CVE-2025-39797 CVE-2025-39798 CVE-2025-39800 CVE-2025-39801 CVE-2025-39806 CVE-2025-39808 CVE-2025-39810 CVE-2025-39812 CVE-2025-39813 CVE-2025-39824 CVE-2025-39826 CVE-2025-39827 CVE-2025-39828 CVE-2025-39832 CVE-2025-39833 CVE-2025-39839 CVE-2025-39841 CVE-2025-39844 CVE-2025-39845 CVE-2025-39846 CVE-2025-39847 CVE-2025-39848 CVE-2025-39849 CVE-2025-39850 CVE-2025-39851 CVE-2025-39853 CVE-2025-39854 CVE-2025-39860 CVE-2025-39861 CVE-2025-39863 CVE-2025-39864 CVE-2025-39866 CVE-2025-39869 CVE-2025-39870 CVE-2025-39871 CVE-2025-39873 CVE-2025-39876 CVE-2025-39881 CVE-2025-39882 CVE-2025-39889 CVE-2025-39891 CVE-2025-39895 CVE-2025-39898 CVE-2025-39900 CVE-2025-39902 CVE-2025-39907 CVE-2025-39911 CVE-2025-39920 CVE-2025-39923 CVE-2025-39925 CVE-2025-39931 CVE-2025-39934 CVE-2025-39937 CVE-2025-39938 CVE-2025-39945 CVE-2025-39946 CVE-2025-39947 CVE-2025-39948 CVE-2025-39949 CVE-2025-39952 CVE-2025-39955 CVE-2025-39957 CVE-2025-39965 CVE-2025-39967 CVE-2025-39968 CVE-2025-39969 CVE-2025-39970 CVE-2025-39971 CVE-2025-39972 CVE-2025-39973 CVE-2025-39978 CVE-2025-39981 CVE-2025-39982 CVE-2025-39984 CVE-2025-39985 CVE-2025-39986 CVE-2025-39987 CVE-2025-39988 CVE-2025-39991 CVE-2025-39993 CVE-2025-39994 CVE-2025-39995 CVE-2025-39996 CVE-2025-39997 CVE-2025-40000 CVE-2025-40005 CVE-2025-40010 CVE-2025-40011 CVE-2025-40012 CVE-2025-40013 CVE-2025-40016 CVE-2025-40018 CVE-2025-40019 CVE-2025-40020 CVE-2025-40029 CVE-2025-40032 CVE-2025-40035 CVE-2025-40036 CVE-2025-40037 CVE-2025-40043 CVE-2025-40044 CVE-2025-40049 CVE-2025-40051 CVE-2025-40052 CVE-2025-40056 CVE-2025-40058 CVE-2025-40060 CVE-2025-40061 CVE-2025-40062 CVE-2025-40071 CVE-2025-40078 CVE-2025-40082 CVE-2025-40085 CVE-2025-40087 CVE-2025-40088 CVE-2025-40091 CVE-2025-40096 CVE-2025-40100 CVE-2025-40104 |
| CWE-ID | CWE-416 CWE-476 CWE-125 CWE-787 CWE-399 CWE-401 CWE-908 CWE-404 CWE-20 CWE-191 CWE-617 CWE-119 CWE-667 CWE-190 CWE-388 CWE-200 CWE-366 CWE-665 CWE-362 CWE-682 CWE-415 CWE-835 CWE-369 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #399 is available. Public exploit code for vulnerability #406 is available. |
| Vulnerable software |
SUSE Linux Enterprise Live Patching Operating systems & Components / Operating system Legacy Module Operating systems & Components / Operating system SUSE Linux Enterprise High Availability Extension 15 Operating systems & Components / Operating system Basesystem Module Operating systems & Components / Operating system SUSE Linux Enterprise Workstation Extension 15 Operating systems & Components / Operating system Development Tools Module Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Desktop 15 Operating systems & Components / Operating system kernel-default-livepatch Operating systems & Components / Operating system package or component kernel-livepatch-6_4_0-150700_53_22-default-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-6_4_0-150700_53_22-default Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP7_Update_6-debugsource Operating systems & Components / Operating system package or component kernel-default-livepatch-devel Operating systems & Components / Operating system package or component kernel-default-extra-debuginfo Operating systems & Components / Operating system package or component kernel-default-extra Operating systems & Components / Operating system package or component gfs2-kmp-default Operating systems & Components / Operating system package or component cluster-md-kmp-default-debuginfo Operating systems & Components / Operating system package or component ocfs2-kmp-default Operating systems & Components / Operating system package or component ocfs2-kmp-default-debuginfo Operating systems & Components / Operating system package or component dlm-kmp-default-debuginfo Operating systems & Components / Operating system package or component cluster-md-kmp-default Operating systems & Components / Operating system package or component dlm-kmp-default Operating systems & Components / Operating system package or component gfs2-kmp-default-debuginfo Operating systems & Components / Operating system package or component reiserfs-kmp-default Operating systems & Components / Operating system package or component reiserfs-kmp-default-debuginfo Operating systems & Components / Operating system package or component kernel-source Operating systems & Components / Operating system package or component kernel-obs-build Operating systems & Components / Operating system package or component kernel-syms Operating systems & Components / Operating system package or component kernel-obs-build-debugsource Operating systems & Components / Operating system package or component kernel-docs Operating systems & Components / Operating system package or component kernel-zfcpdump-debugsource Operating systems & Components / Operating system package or component kernel-zfcpdump-debuginfo Operating systems & Components / Operating system package or component kernel-zfcpdump Operating systems & Components / Operating system package or component kernel-devel Operating systems & Components / Operating system package or component kernel-macros Operating systems & Components / Operating system package or component kernel-default-devel Operating systems & Components / Operating system package or component kernel-default-devel-debuginfo Operating systems & Components / Operating system package or component kernel-default-debugsource Operating systems & Components / Operating system package or component kernel-default-debuginfo Operating systems & Components / Operating system package or component kernel-default-base Operating systems & Components / Operating system package or component kernel-default Operating systems & Components / Operating system package or component kernel-64kb-debugsource Operating systems & Components / Operating system package or component kernel-64kb-devel-debuginfo Operating systems & Components / Operating system package or component kernel-64kb-devel Operating systems & Components / Operating system package or component kernel-64kb-debuginfo Operating systems & Components / Operating system package or component kernel-64kb Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 462 vulnerabilities.
EUVDB-ID: #VU78325
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-31248
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in nft_chain_lookup_byid() function, which failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace. A local user ca trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU80578
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-3772
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the xfrm_update_ae_params() function in the IP framework for transforming packets (XFRM subsystem). A local user with CAP_NET_ADMIN privileges can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU84353
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-39197
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the Netfilter Connection Tracking (conntrack) in the Linux kernel in the nf_conntrack_dccp_packet() function in net/netfilter/nf_conntrack_proto_dccp.c. A remote attacker can send specially crafted DCCP packets to the system, trigger an out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU81663
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-42753
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in the netfilter subsystem in Linux kernel. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115456
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53147
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xfrm_update_ae_params() function in net/xfrm/xfrm_user.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115580
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53148
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the igb_io_error_detected() function in drivers/net/ethernet/intel/igb/igb_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115455
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53150
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qla24xx_bsg_request() function in drivers/scsi/qla2xxx/qla_bsg.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115349
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53151
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the flush_pending_writes() and raid10_unplug() functions in drivers/md/raid10.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115615
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53152
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the psp_sw_fini() and psp_hw_fini() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115521
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53165
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the udf_name_from_CS0() function in fs/udf/unicode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115453
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53167
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115638
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53170
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the felix_parse_ports_node() function in drivers/net/dsa/ocelot/felix.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115347
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53174
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the raid_component_add() function in drivers/scsi/raid_class.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115500
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53175
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hv_pci_restore_msi_msg() function in drivers/pci/controller/pci-hyperv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115527
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53177
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the hi846_set_ctrl() function in drivers/media/i2c/hi846.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115410
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53179
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the MODULE_ALIAS() function in net/netfilter/ipset/ip_set_hash_netportnet.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115451
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53180
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ath12k_mac_mgmt_tx_wmi() function in drivers/net/wireless/ath/ath12k/mac.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115345
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53181
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dma_resv_get_fences() function in drivers/dma-buf/dma-resv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115507
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53183
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the prepare_to_merge() and merge_reloc_roots() functions in fs/btrfs/relocation.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115533
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53184
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the vec_set_vector_length() function in arch/arm64/kernel/fpsimd.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115653
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53185
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the htc_process_conn_rsp() function in drivers/net/wireless/ath/ath9k/htc_hst.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115386
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53187
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fs/btrfs/block-group.h. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115526
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53189
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the addrconf_del_dad_work() function in net/ipv6/addrconf.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115479
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53192
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the include/net/vxlan.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115342
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53195
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlxsw_m_linecards_init() function in drivers/net/ethernet/mellanox/mlxsw/minimal.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115343
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53196
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dwc3_qcom_probe() function in drivers/usb/dwc3/dwc3-qcom.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115523
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53201
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the __send_message() and bnxt_qplib_alloc_rcfw_channel() functions in drivers/infiniband/hw/bnxt_re/qplib_rcfw.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115471
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53204
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the unix_inflight(), unix_notinflight() and too_many_unix_fds() functions in net/unix/scm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115404
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53205
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the diag9c_forwarding_overrun() and __diag_time_slice_end_directed() functions in arch/s390/kvm/diag.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115434
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53206
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the _pmbus_is_enabled(), _pmbus_get_flags() and pmbus_get_flags() functions in drivers/hwmon/pmbus/pmbus_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115470
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53207
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ublk_ctrl_end_recovery() function in drivers/block/ublk_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115506
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53208
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the nested_svm_vmexit() function in arch/x86/kvm/svm/nested.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115433
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53209
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mac80211_hwsim_select_tx_link() function in drivers/net/wireless/virtual/mac80211_hwsim.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115432
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53210
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the r5l_log_flush_endio() function in drivers/md/raid5-cache.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115576
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53215
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the load_balance() function in kernel/sched/fair.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115467
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53217
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nubus_proc_rsrc_show(), nubus_proc_add_rsrc_mem() and nubus_proc_add_rsrc() functions in drivers/nubus/proc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115431
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53220
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the az6007_i2c_xfer() function in drivers/media/usb/dvb-usb-v2/az6007.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115241
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53221
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bpf_trampoline_get_progs() and bpf_trampoline_update() functions in kernel/bpf/trampoline.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115402
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53222
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the fs/jfs/jfs_filsys.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115401
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53226
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mwifiex_process_mgmt_packet() function in drivers/net/wireless/marvell/mwifiex/util.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115237
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53230
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cifs_smb3_do_mount() function in fs/smb/client/cifsfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115465
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53231
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the z_erofs_decompress_kickoff() function in fs/erofs/zdata.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115367
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53235
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the include/drm/drm_kunit_helpers.h. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115400
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53238
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hisi_inno_phy_probe() function in drivers/phy/hisilicon/phy-hisi-inno-usb2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115513
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53243
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the btrfs_reduce_alloc_profile() function in fs/btrfs/block-group.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115426
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53245
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the storvsc_host_reset_handler() function in drivers/scsi/storvsc_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115463
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53247
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the btrfs_truncate_block() function in fs/btrfs/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115422
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53248
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_vm_bo_add(), amdgpu_vm_init() and amdgpu_vm_make_compute() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115234
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53249
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the imx8mn_clocks_probe() function in drivers/clk/imx/clk-imx8mn.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115420
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53251
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the iwl_pcie_irq_rx_msix_handler() function in drivers/net/wireless/intel/iwlwifi/pcie/rx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115365
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53252
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the restart_le_actions(), set_device_flags(), hci_conn_params_set() and remove_device() functions in net/bluetooth/mgmt.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115233
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53255
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the svc_create_memory_pool() function in drivers/firmware/stratix10-svc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115652
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53257
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ieee80211_rx_h_action() function in net/mac80211/rx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115525
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53258
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the dcn314_populate_dml_pipes_from_context_fpu() function in drivers/gpu/drm/amd/display/dc/dml/dcn314/dcn314_fpu.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115419
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53260
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ovl_permission() function in fs/overlayfs/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115530
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53263
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the nouveau_connector_create() function in drivers/gpu/drm/nouveau/nouveau_connector.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115544
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53264
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the imxrt1050_clocks_probe() function in drivers/clk/imx/clk-imxrt1050.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115522
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53272
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the ena_com_comp_status_to_errno() function in drivers/net/ethernet/amazon/ena/ena_com.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115529
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53274
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the function in drivers/clk/mediatek/clk-mt8183.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115555
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53275
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the EXPORT_SYMBOL_GPL() function in sound/hda/hdac_regmap.c. A local user can corrupt data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115558
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53280
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the qla_nvme_ls_req() and qla_nvme_post_cmd() functions in drivers/scsi/qla2xxx/qla_nvme.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115603
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53286
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mlx5_core_destroy_qp(), mlx5_core_xrcd_dealloc() and mlx5_core_destroy_rq_tracked() functions in drivers/infiniband/hw/mlx5/qpc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115567
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53287
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the drivers/usb/cdns3/core.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115541
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53288
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the drm_client_modeset_probe() function in drivers/gpu/drm/drm_client_modeset.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115564
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53291
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the rcu_scale_cleanup() function in kernel/rcu/rcuscale.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115649
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53292
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the blk_mq_elv_switch_none() function in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115539
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53303
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the vcap_dup_rule() function in drivers/net/ethernet/microchip/vcap/vcap_api.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115666
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53304
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nft_rbtree_get() and __nft_rbtree_insert() functions in net/netfilter/nft_set_rbtree.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115679
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53305
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_le_command_rej() function in net/bluetooth/l2cap_core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115699
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53309
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the radeon_cs_parser_init() function in drivers/gpu/drm/radeon/radeon_cs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115681
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53311
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fs/nilfs2/the_nilfs.h. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115707
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53312
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the include/trace/events/net.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115706
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53313
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the max_corrected_read_errors_store() function in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115662
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53314
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ep93xxfb_probe() function in drivers/video/fbdev/ep93xx-fb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115677
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53316
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dp_display_remove() function in drivers/gpu/drm/msm/dp/dp_display.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115678
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53319
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the finalize_pkvm() function in arch/arm64/kvm/pkvm.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115710
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53321
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hwsim_cloned_frame_received_nl() function in drivers/net/wireless/mac80211_hwsim.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115676
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53322
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qla2x00_terminate_rport_io() function in drivers/scsi/qla2xxx/qla_attr.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115692
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53323
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext2_setsize() function in fs/ext2/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115661
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53324
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mdp5_plane_destroy_state() function in drivers/gpu/drm/msm/disp/mdp5/mdp5_plane.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115686
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53325
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_dp_aux_do_transfer() and mtk_dp_aux_transfer() functions in drivers/gpu/drm/mediatek/mtk_dp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115684
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53328
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ni_create_attr_list() function in fs/ntfs3/frecord.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115697
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53331
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the persistent_ram_post_init() function in fs/pstore/ram_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115682
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53333
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dccp_error() function in net/netfilter/nf_conntrack_proto_dccp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115795
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53336
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ipu_bridge_connect_sensor() function in drivers/media/pci/intel/ipu-bridge.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115779
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53338
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the run_lwt_bpf() and bpf_lwt_xmit_reroute() functions in net/core/lwt_bpf.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115811
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53339
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the btrfs_cancel_balance() function in fs/btrfs/volumes.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115821
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53342
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the prestera_util_neigh2nc_key() and prestera_kern_fib_info_nhc() functions in drivers/net/ethernet/marvell/prestera/prestera_router.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115791
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53343
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the icmp6_dev() function in net/ipv6/icmp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115770
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53350
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qaic_attach_slice_bo_ioctl() function in drivers/accel/qaic/qaic_data.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115788
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53352
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ttm_bo_evict_swapout_allowable() function in drivers/gpu/drm/ttm/ttm_bo.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115789
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53354
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the skb_segment() function in net/core/skbuff.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115790
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53356
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() function in drivers/usb/gadget/function/u_serial.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115782
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53357
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the __acquires() function in drivers/md/md-bitmap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115785
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53360
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nfs_readhdr_alloc() and nfs_pageio_reset_read_mds() functions in fs/nfs/read.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115808
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53362
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __fsl_mc_device_remove_if_not_in_mc() function in drivers/bus/fsl-mc/dprc-driver.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115786
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53364
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the da9063_check_xvp_constraints() and da9063_regulator_probe() functions in drivers/regulator/da9063-regulator.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115802
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53365
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ip6mr_cache_report() function in net/ipv6/ip6mr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115764
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53367
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hl_device_open() function in drivers/accel/habanalabs/common/habanalabs_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115810
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53368
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the tracing_snapshot_open() and tracing_snapshot_write() functions in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115947
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53369
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dcbnl_bcn_setcfg() function in net/dcb/dcbnl.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115870
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53370
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amdgpu_ring_fini() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115869
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53371
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlx5e_fs_tt_redirect_any_create() function in drivers/net/ethernet/mellanox/mlx5/core/en/fs_tt_redirect.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115894
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53374
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_conn_add() and hci_conn_unlink() functions in net/bluetooth/hci_conn.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115895
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53377
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb2_compound_op() function in fs/smb/client/smb2inode.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115868
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53379
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tahvo_usb_probe() function in drivers/usb/phy/phy-tahvo.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115927
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53380
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the raid10_sync_request() function in drivers/md/raid10.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115925
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53384
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mwifiex_handle_uap_rx_forward() function in drivers/net/wireless/marvell/mwifiex/uap_txrx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115865
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53385
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mdp_get_subsys_id() function in drivers/media/platform/mediatek/mdp3/mtk-mdp3-comp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115893
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53386
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_uuids_clear() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115863
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53391
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the function in mm/shmem.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115956
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53394
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mlx5e_modify_rq_state() and mlx5e_rq_to_ready() functions in drivers/net/ethernet/mellanox/mlx5/core/en_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115907
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53395
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the function in drivers/acpi/acpica/psopcode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115908
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53397
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the default_mismatch_handler() function in scripts/mod/modpost.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115891
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53401
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mod_objcg_state(), consume_obj_stock(), drain_obj_stock() and refill_obj_stock() functions in mm/memcontrol.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115905
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53420
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ntfs_list_ea() function in fs/ntfs3/xattr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115916
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53421
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the blkcg_reset_stats() function in block/blk-cgroup.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115837
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53424
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mtk_clk_simple_probe() function in drivers/clk/mediatek/clk-mtk.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115914
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53425
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the load_requested_vpu() function in drivers/media/platform/mtk-vpu/mtk_vpu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115884
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53426
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xsk_diag_fill() function in net/xdp/xsk_diag.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115941
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53428
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the scmi_powercap_unregister_all_zones(), scmi_powercap_get_parent_zone() and scmi_powercap_probe() functions in drivers/powercap/arm_scmi_powercap.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115835
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53429
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __extent_writepage() function in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115882
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53432
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fwnet_finish_incoming_packet() function in drivers/firewire/net.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115832
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53436
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the snic_tgt_create() function in drivers/scsi/snic/snic_disc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115938
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53438
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the arch/x86/kernel/cpu/mce/internal.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115831
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53441
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the get_cpu_map_entry() and put_cpu_map_entry() functions in kernel/bpf/cpumap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115913
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53442
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_setup_tc() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115912
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53444
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ttm_lru_bulk_move_pos_tail() and ttm_lru_bulk_move_del() functions in drivers/gpu/drm/ttm/ttm_resource.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115879
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53446
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pcie_aspm_exit_link_state() function in drivers/pci/pcie/aspm.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115911
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53447
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the f2fs_show_options(), default_options(), f2fs_remount() and f2fs_fill_super() functions in fs/f2fs/super.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116338
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53448
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the imxfb_probe() function in drivers/video/fbdev/imxfb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116383
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53451
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qla24xx_build_scsi_type_6_iocbs() function in drivers/scsi/qla2xxx/qla_iocb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116322
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53454
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the mt_post_parse() and mt_input_configured() functions in drivers/hid/hid-multitouch.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116346
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53456
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qla4xxx_set_chap_entry(), qla4xxx_iface_set_param() and qla4xxx_sysfs_ddb_set_param() functions in drivers/scsi/qla4xxx/ql4_os.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116381
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53457
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the jfs_link() function in fs/jfs/namei.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116333
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53461
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the io_ring_exit_work() function in io_uring/io_uring.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116319
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53462
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the fill_frame_info() function in net/hsr/hsr_forward.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116265
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53463
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the __ibmvnic_open() function in drivers/net/ethernet/ibm/ibmvnic.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116318
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53465
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the function in drivers/soundwire/qcom.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116378
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53472
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the lpc32xx_pwm_config(), lpc32xx_pwm_enable(), lpc32xx_pwm_disable() and lpc32xx_pwm_probe() functions in drivers/pwm/pwm-lpc32xx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116375
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53479
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the cxl_parse_cfmws() function in drivers/cxl/acpi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116374
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53480
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the kset_register() function in lib/kobject.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116311
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53485
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dbAllocDmapLev() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116310
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53487
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the rtas_flash_init() function in arch/powerpc/kernel/rtas_flash.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116283
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53488
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the free_cntrs() function in drivers/infiniband/hw/hfi1/chip.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116331
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53490
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the subflow_state_change() and mptcp_subflow_queue_clean() functions in net/mptcp/subflow.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116332
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53491
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the print_unknown_bootoptions() function in init/main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116371
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53492
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nf_tables_updchain(), nft_chain_lookup_byid(), nf_tables_newrule() and nft_verdict_init() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116370
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53493
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the decode_message() function in drivers/accel/qaic/qaic_control.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116269
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53495
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an out-of-bounds write within the mvpp2_ethtool_get_rxnfc() function in drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116309
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53496
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the build_socket_tables() function in arch/x86/kernel/apic/x2apic_uv_x.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116308
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53500
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the xfrmi_xmit() function in net/xfrm/xfrm_interface_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116281
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53501
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the put_pasid_state() function in drivers/iommu/amd/iommu_v2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116306
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53504
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the bnxt_re_remove() function in drivers/infiniband/hw/bnxt_re/main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116342
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53505
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the load_timings_from_dt() and tegra_clk_register_emc() functions in drivers/clk/tegra/clk-tegra124-emc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116337
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53507
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the mlx5_uninit_one() function in drivers/net/ethernet/mellanox/mlx5/core/main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116330
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53508
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ublk_ctrl_start_dev() function in drivers/block/ublk_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116367
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53510
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ufshcd_queuecommand(), ufshcd_exec_dev_cmd(), ufshcd_release_scsi_cmd(), ufshcd_issue_devman_upiu_cmd() and ufshcd_advanced_rpmb_req_handler() functions in drivers/ufs/core/ufshcd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116304
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53515
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the virtio_mmio_release_dev() and virtio_mmio_probe() functions in drivers/virtio/virtio_mmio.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116364
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53516
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the function in drivers/net/macvlan.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116303
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53518
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the devfreq_dev_release() function in drivers/devfreq/devfreq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116362
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53519
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the include/media/v4l2-mem2mem.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116262
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53520
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the hci_suspend_notifier() function in net/bluetooth/hci_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116277
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53523
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the gs_cmd_reset(), gs_usb_get_timestamp(), gs_usb_receive_bulk_callback(), gs_can_open() and gs_can_close() functions in drivers/net/can/usb/gs_usb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116300
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53526
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the jbd2_journal_try_remove_checkpoint() function in fs/jbd2/checkpoint.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116301
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53527
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the tb_handle_dp_bandwidth_request() function in drivers/thunderbolt/tb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116361
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53528
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the flush_recv_queue() function in drivers/infiniband/sw/rxe/rxe_resp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116359
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53530
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the tcm_qla2xxx_free_cmd() and tcm_qla2xxx_handle_data() functions in drivers/scsi/qla2xxx/tcm_qla2xxx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116261
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53531
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the null_poll() and null_timeout_rq() functions in drivers/block/null_blk/main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116541
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53538
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btrfs_tree_mod_log_insert_key(), btrfs_tree_mod_log_insert_move() and btrfs_tree_mod_log_eb_copy() functions in fs/btrfs/tree-mod-log.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116585
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53539
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the save_state() and rxe_requester() functions in drivers/infiniband/sw/rxe/rxe_req.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116598
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53540
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the cfg80211_mlme_auth() and cfg80211_mlme_assoc() functions in net/wireless/mlme.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116525
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53541
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the write_oob_to_regs() function in drivers/mtd/nand/raw/brcmnand/brcmnand.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116526
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53543
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the function in drivers/vdpa/vdpa.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116561
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53545
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the amdgpu_driver_postclose_kms() function in drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116493
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53546
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlx5dr_cmd_create_reformat_ctx() function in drivers/net/ethernet/mellanox/mlx5/core/steering/dr_cmd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116591
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53548
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the function in drivers/net/usb/usbnet.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116597
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53550
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the amd_pstate_update_status(), show_status() and cpufreq_freq_attr_ro() functions in drivers/cpufreq/amd-pstate.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116492
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53552
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the i915_fence_release() function in drivers/gpu/drm/i915/i915_request.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116577
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53553
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the mousevsc_on_receive() function in drivers/hid/hid-hyperv.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116578
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53554
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the ks_wlan_set_encode_ext() function in drivers/staging/ks7010/ks_wlan_net.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116539
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53555
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the damos_new_filter() function in mm/damon/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116513
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53556
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the iavf_alloc_q_vectors() function in drivers/net/ethernet/intel/iavf/iavf_main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116590
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53557
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the unregister_fprobe() function in kernel/trace/fprobe.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116558
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53558
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the kernel/rcu/tasks.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116512
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53559
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vti_tunnel_xmit() function in net/ipv4/ip_vti.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116511
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53560
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the event_hist_trigger_func() function in kernel/trace/trace_events_hist.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116559
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53563
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the amd_pstate_ut_check_perf() and amd_pstate_ut_check_freq() functions in drivers/cpufreq/amd-pstate-ut.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116490
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53568
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the zcdn_create() function in drivers/s390/crypto/zcrypt_api.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116576
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53570
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the nl80211_parse_mbssid_elems() function in net/wireless/nl80211.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116509
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53572
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the imx_clk_scu_alloc_dev() function in drivers/clk/imx/clk-scu.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116488
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53574
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rtw_core_deinit() function in drivers/net/wireless/realtek/rtw88/main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116523
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53575
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iwl_mvm_sec_key_add() function in drivers/net/wireless/intel/iwlwifi/mvm/mld-key.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116586
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53577
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the put_cpu_map_entry(), cpu_map_kthread_stop(), cpu_map_bpf_prog_run() and __cpu_map_entry_alloc() functions in kernel/bpf/cpumap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116487
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53579
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mvebu_gpio_probe_syscon() and mvebu_gpio_probe() functions in drivers/gpio/gpio-mvebu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116556
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53580
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the EXPORT_SYMBOL_GPL() and gadget_unbind_driver() functions in drivers/usb/gadget/udc/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116557
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53581
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the remove_unready_flow() and mlx5e_tc_del_fdb_flow() functions in drivers/net/ethernet/mellanox/mlx5/core/en_tc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116572
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53583
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the riscv_pmu_start() function in drivers/perf/riscv_pmu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116554
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53585
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the BPF_CALL_3() function in net/core/filter.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116589
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53588
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ieee80211_probe_client() function in net/mac80211/cfg.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116485
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53593
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cifs_readpage_worker() function in fs/cifs/file.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116483
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53596
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the device_del() function in drivers/base/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116482
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53597
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the cifs_demultiplex_thread() function in fs/smb/client/connect.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116533
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53599
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the af_alg_alloc_areq() function in crypto/af_alg.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116522
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53600
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iptunnel_pmtud_build_icmp() function in net/ipv4/ip_tunnel_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116588
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53601
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bond_xmit_hash() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116481
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53602
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ath11k_update_stats_event() function in drivers/net/wireless/ath/ath11k/wmi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116532
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53603
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qla24xx_issue_sa_replace_iocb() function in drivers/scsi/qla2xxx/qla_edif.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116476
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53611
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the try_smi_init() function in drivers/char/ipmi/ipmi_si_intf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116506
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53613
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL_GPL() and devm_register_dax_mapping() functions in drivers/dax/bus.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116550
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53615
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qlt_free_session_done() and qlt_unreg_sess() functions in drivers/scsi/qla2xxx/qla_target.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116571
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53616
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the diUnmount() function in fs/jfs/jfs_imap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116703
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53617
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the aspeed_socinfo_init() function in drivers/soc/aspeed/aspeed-socinfo.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116810
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53618
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the check_root_key() function in fs/btrfs/tree-checker.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116754
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53619
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nf_conntrack_helper_register() and nf_conntrack_helper_fini() functions in net/netfilter/nf_conntrack_helper.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116785
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53621
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mem_cgroup_alloc() and mem_cgroup_css_online() functions in mm/memcontrol.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116802
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53622
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the gfs2_show_options() function in fs/gfs2/super.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116702
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53631
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the init_bios_attributes() function in drivers/platform/x86/dell/dell-wmi-sysman/sysman.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116799
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53632
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5e_destroy_q_counters() and mlx5e_nic_init() functions in drivers/net/ethernet/mellanox/mlx5/core/en_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116701
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53633
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the find_and_map_user_pages() function in drivers/accel/qaic/qaic_control.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116750
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53638
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the octep_device_cleanup() and octep_remove() functions in drivers/net/ethernet/marvell/octeon_ep/octep_main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116751
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53645
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the less() and rbtree_refcounted_node_ref_escapes() functions in tools/testing/selftests/bpf/progs/refcounted_kptr_fail.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116765
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53646
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the function in drivers/gpu/drm/i915/i915_perf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116780
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53647
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vmbus_acpi_add() function in drivers/hv/vmbus_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116779
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53648
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_ac97_mixer() function in sound/pci/ac97/ac97_codec.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116697
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53649
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the evlist__free_syscall_tp_fields() function in tools/perf/builtin-trace.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116696
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53650
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mipid_spi_probe() function in drivers/video/fbdev/omap/lcd_mipid.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116766
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53652
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the function in drivers/vdpa/vdpa.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116777
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53653
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the venc_g_parm() and venc_s_parm() functions in drivers/media/platform/amphion/venc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116808
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53654
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the cgx_lmac_write() function in drivers/net/ethernet/marvell/octeontx2/af/cgx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116830
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53656
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hisi_pcie_pmu_offline_cpu() function in drivers/perf/hisilicon/hisi_pcie_pmu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116776
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53657
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_eswitch_port_start_xmit() function in drivers/net/ethernet/intel/ice/ice_eswitch.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116747
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53658
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bcm_qspi_probe() function in drivers/spi/spi-bcm-qspi.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116764
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53659
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iavf_set_channels() function in drivers/net/ethernet/intel/iavf/iavf_ethtool.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116748
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53660
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __cpu_map_ring_cleanup() function in kernel/bpf/cpumap.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116695
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53662
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ext4_fname_setup_filename() and ext4_fname_prepare_lookup() functions in fs/ext4/crypto.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116811
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53663
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the nested_vmcb02_prepare_control() function in arch/x86/kvm/svm/nested.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116812
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53665
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the mddev_unlock() function in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116815
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53666
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the wcd938x_mbhc_init() function in sound/soc/codecs/wcd938x.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116796
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53668
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ring_buffer_size() function in kernel/trace/ring_buffer.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116693
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53670
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nvme_init_ctrl() function in drivers/nvme/host/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116825
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53672
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the lookup_inline_extent_backref() function in fs/btrfs/extent-tree.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116746
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53673
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_cs_disconnect() function in net/bluetooth/hci_event.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116692
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53674
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the devm_clk_notifier_register() function in drivers/clk/clk.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116772
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53681
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __bch_btree_node_alloc() function in drivers/md/bcache/btree.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116771
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53686
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the handshake_nl_accept_doit() and handshake_nl_done_doit() functions in net/handshake/netlink.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU116687
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53687
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the s3c24xx_serial_getclk() function in drivers/tty/serial/samsung.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117554
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53693
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gadget_bind() function in drivers/usb/gadget/legacy/raw_gadget.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117552
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53697
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the unregister_nvdimm_pmu() function in drivers/nvdimm/nd_perf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117601
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53698
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the xsk_bind() function in net/xdp/xsk.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117608
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53699
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the setup_bootmem() and paging_init() functions in arch/riscv/mm/init.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117581
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53703
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the float_to_int() function in drivers/hid/amd-sfh-hid/sfh1_1/amd_sfh_desc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117550
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53704
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the imx8mp_clocks_probe() function in drivers/clk/imx/clk-imx8mp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117599
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53707
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the amdgpu_cs_pass1() function in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117616
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53708
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpi_device_get_constraints_amd() function in drivers/acpi/x86/s2idle.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117609
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53711
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nfs_file_direct_read() function in fs/nfs/direct.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117600
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53713
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the arch/arm64/include/asm/fpsimdmacros.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117587
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53718
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the update_max_tr_single() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117588
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53721
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ath12k_mac_op_hw_scan() function in drivers/net/wireless/ath/ath12k/mac.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117579
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53722
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the raid1_remove_disk() function in drivers/md/raid1.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117543
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53725
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ttc_timer_probe() function in drivers/clocksource/timer-cadence-ttc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117576
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53726
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the do_csum() function in arch/arm64/lib/csum.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117595
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53727
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fq_pie_change() function in net/sched/sch_fq_pie.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117592
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53728
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the posix_timer_by_id() function in kernel/time/posix-timers.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117575
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53729
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the qmi_decode_string_elem() function in drivers/soc/qcom/qmi_encdec.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117593
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53730
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the adjust_inuse_and_calc_cost() function in block/blk-iocost.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117594
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53731
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __netlink_diag_dump() function in net/netlink/diag.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU117661
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-53733
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the u32_set_parms() and u32_change() functions in net/sched/cls_u32.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89001
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-26584
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error when handling backlogging of crypto requests in net/tls/tls_sw.c. A remote attacker can send specially crafted traffic to the system and perform a denial of service attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114555
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-58240
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tls_do_decryption() function in net/tls/tls_sw.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU111607
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38008
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the kvm_xen_vcpu_set_attr() function in arch/x86/kvm/xen.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU113331
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38465
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the netlink_skb_set_owner_r(), netlink_alloc_large_skb(), netlink_unicast_kernel(), EXPORT_SYMBOL_GPL() and netlink_dump() functions in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114155
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38539
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __register_event() and __trace_add_event_dirs() functions in kernel/trace/trace_events.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114157
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38552
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the subflow_sched_work_if_closed() and mptcp_subflow_fail() functions in net/mptcp/subflow.c, within the mptcp_data_ready(), __mptcp_finish_join(), __mptcp_retrans(), __mptcp_init_sock() and mptcp_finish_join() functions in net/mptcp/protocol.c, within the mptcp_pm_mp_fail_received() function in net/mptcp/pm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114496
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38653
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the proc_reg_open() function in fs/proc/inode.c, within the pde_set_flags() function in fs/proc/generic.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114816
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38680
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the uvc_parse_format() function in drivers/media/usb/uvc/uvc_driver.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114806
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38681
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ptdump_walk_pgd() function in mm/ptdump.c, within the ptdump_show() function in arch/s390/mm/dump_pagetables.c, within the ptdump_show() function in arch/arm64/mm/ptdump_debugfs.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114828
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38683
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the netvsc_probe(), netvsc_remove(), netvsc_suspend(), netvsc_event_set_vf_ns() and netvsc_netdev_event() functions in drivers/net/hyperv/netvsc_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114815
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38685
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the con2fb_init_display() and fbcon_set_disp() functions in drivers/video/fbdev/core/fbcon.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114805
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38687
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the comedi_device_detach_cleanup() function in drivers/comedi/drivers.c, within the is_device_busy() and do_devconfig_ioctl() functions in drivers/comedi/comedi_fops.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114803
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38691
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext_tree_encode_commit(), ext_tree_prepare_commit() and dprintk() functions in fs/nfs/blocklayout/extent_tree.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114844
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38692
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the exfat_hash_init(), exfat_read_root(), exfat_verify_boot_region(), __exfat_fill_super() and exfat_fill_super() functions in fs/exfat/super.c, within the exfat_check_dir_empty() function in fs/exfat/namei.c, within the exfat_count_num_clusters() function in fs/exfat/fatent.c, within the exfat_find_dir_entry() and exfat_count_dir_entries() functions in fs/exfat/dir.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114825
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38693
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the w7090p_tuner_write_serpar() and w7090p_tuner_read_serpar() functions in drivers/media/dvb-frontends/dib7000p.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114826
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38694
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dib7090p_rw_on_apb() function in drivers/media/dvb-frontends/dib7000p.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114827
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38695
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lpfc_sli4_vport_delete_fcp_xri_aborted() function in drivers/scsi/lpfc/lpfc_scsi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114814
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38697
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbAllocAG() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114849
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38698
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the jfs_open() function in fs/jfs/file.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114802
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38699
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfad_im_probe() function in drivers/scsi/bfa/bfad_im.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114823
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38700
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the iscsi_conn_setup() function in drivers/scsi/libiscsi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114840
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38702
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the do_register_framebuffer() function in drivers/video/fbdev/core/fbmem.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114821
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38706
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_soc_remove_pcm_runtime() function in sound/soc/soc-core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114847
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38712
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the PTR_ERR() function in fs/hfsplus/xattr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114810
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38713
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hfsplus_uni2asc() function in fs/hfsplus/unicode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114811
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38714
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the is_bnode_offset_valid(), hfs_bnode_write(), hfs_bnode_clear(), hfs_bnode_copy() and hfs_bnode_move() functions in fs/hfsplus/bnode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114813
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38715
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the is_bnode_offset_valid(), hfs_bnode_read(), hfs_bnode_write(), hfs_bnode_clear(), hfs_bnode_copy() and hfs_bnode_move() functions in fs/hfs/bnode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114833
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38718
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sctp_rcv() function in net/sctp/input.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114799
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38724
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nfsd4_setclientid_confirm() function in fs/nfsd/nfs4state.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114817
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38725
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ax88772_init_mdio() function in drivers/net/usb/asix_devices.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114832
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38727
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the netlink_attachskb() function in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114808
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38729
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the validate_uac3_feature_unit() and FUNC() functions in sound/usb/validate.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114912
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38734
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smc_listen_work() function in net/smc/af_smc.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114938
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38735
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the gve_shutdown() function in drivers/net/ethernet/google/gve/gve_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114919
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-38736
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ax88772_init_mdio() function in drivers/net/usb/asix_devices.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114936
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39673
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ppp_fill_forward_path(), ppp_unregister_channel(), ppp_connect_channel() and ppp_disconnect_channel() functions in drivers/net/ppp/ppp_generic.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114934
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39675
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mod_hdcp_hdcp1_create_session() function in drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114933
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39676
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qla4xxx_get_ep_fwdb() function in drivers/scsi/qla4xxx/ql4_os.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114904
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39679
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nvif_vmm_ctor() function in drivers/gpu/drm/nouveau/nvif/vmm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114917
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39683
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the trace_get_user() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114902
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39684
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the do_insnlist_ioctl() and do_insn_ioctl() functions in drivers/comedi/comedi_fops.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114915
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39685
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the pcl726_attach() function in drivers/comedi/drivers/pcl726.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114966
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39686
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the insn_rw_emulate_bits() function in drivers/comedi/drivers.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114929
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39693
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_dm_connector_atomic_check() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114951
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39694
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the sclpint_to_sccb(), __sclp_find_req() and sclp_interrupt_handler() functions in drivers/s390/char/sclp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114944
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39697
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nfs_page_set_inode_ref(), nfs_page_group_lock() and nfs_inode_remove_request() functions in fs/nfs/write.c, within the nfs_page_group_unlock() function in fs/nfs/pagelist.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114970
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39701
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the applicable_image() function in drivers/acpi/pfr_update.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114962
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39702
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the seg6_hmac_validate_skb() function in net/ipv6/seg6_hmac.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114926
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39706
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the kfd_exit() function in drivers/gpu/drm/amd/amdkfd/kfd_module.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114923
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39709
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the venus_probe() function in drivers/media/platform/qcom/venus/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114914
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39710
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the venus_write_queue() and venus_read_queue() functions in drivers/media/platform/qcom/venus/hfi_venus.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114942
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39713
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rain_interrupt() function in drivers/media/cec/usb/rainshadow/rainshadow-cec.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114943
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39714
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the usbtv_configure_for_norm() function in drivers/media/usb/usbtv/usbtv-video.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114913
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39719
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ARRAY_SIZE() and bno055_get_regmask() functions in drivers/iio/imu/bno055/bno055.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114908
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39721
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the adf_misc_wq_queue_delayed_work() function in drivers/crypto/intel/qat/qat_common/adf_isr.c, within the adf_dev_shutdown() function in drivers/crypto/intel/qat/qat_common/adf_init.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114949
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39724
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the serial8250_do_startup() function in drivers/tty/serial/8250/8250_port.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114959
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39726
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ism_cmd() and ism_probe() functions in drivers/s390/net/ism_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114967
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39730
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nfs_fh_to_dentry() function in fs/nfs/export.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU114961
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39732
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ath11k_mac_op_set_bitrate_mask() function in drivers/net/wireless/ath/ath11k/mac.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115519
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39739
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the function in drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115548
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39742
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the find_hw_thread_mask() function in drivers/infiniband/hw/hfi1/affinity.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115658
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39743
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the jfs_evict_inode() function in fs/jfs/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115418
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39750
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ath12k_dp_peer_setup() function in drivers/net/wireless/ath/ath12k/dp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115536
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39751
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the add_tuning_control() function in sound/pci/hda/patch_ca0132.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115586
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39756
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the alloc_fdtable() function in fs/file.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115415
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39757
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the convert_chmap_v3() and snd_usb_get_audioformat_uac3() functions in sound/usb/stream.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115416
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39758
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the siw_tcp_sendpages() function in drivers/infiniband/sw/siw/siw_qp_tx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115397
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39759
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btrfs_check_quota_leak() and btrfs_qgroup_rescan() functions in fs/btrfs/qgroup.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115417
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39760
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the usb_parse_ss_endpoint_companion() function in drivers/usb/core/config.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115414
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39761
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ath12k_dp_peer_setup() function in drivers/net/wireless/ath/ath12k/dp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115494
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39763
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ghes_do_proc() function in drivers/acpi/apei/ghes.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115460
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39772
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hibmc_load() function in drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115396
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39783
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pci_epf_remove_cfs() function in drivers/pci/endpoint/pci-epf-core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115511
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39790
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the parse_xfer_event() function in drivers/bus/mhi/host/main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115503
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39794
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the tegra_cpu_reset_handler_enable() function in arch/arm/mach-tegra/reset.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115516
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39797
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the xfrm_state_lookup_byspi() and xfrm_alloc_spi() functions in net/xfrm/xfrm_state.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115654
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39798
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the nfs4_server_capabilities() function in fs/nfs/nfs4proc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115617
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39800
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the btrfs_copy_root() function in fs/btrfs/ctree.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115581
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39801
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the __dwc3_stop_active_transfer() and dwc3_clear_stall_all_ep() functions in drivers/usb/dwc3/gadget.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115645
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39806
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mt_report_fixup() function in drivers/hid/hid-multitouch.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115600
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39808
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ntrig_report_version() function in drivers/hid/hid-ntrig.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115528
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39810
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the bnxt_set_xps_mapping(), bnxt_trim_dflt_sh_rings(), bnxt_set_dflt_rings() and bnxt_init_dflt_ring_mode() functions in drivers/net/ethernet/broadcom/bnxt/bnxt.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115643
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39812
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sctp_v6_from_sk() function in net/sctp/ipv6.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115599
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39813
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ftrace_dump() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115596
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39824
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the asus_probe() function in drivers/hid/hid-asus.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115556
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39826
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the rose_timer_expiry() function in net/rose/rose_timer.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115595
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39827
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the rose_add_node(), rose_del_node(), rose_add_loopback_node(), rose_del_loopback_node(), rose_rt_device_down(), rose_clear_routes(), rose_neigh_show() and rose_rt_free() functions in net/rose/rose_route.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115625
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39828
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an out-of-bounds write within the vcc_sendmsg() function in net/atm/common.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115695
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39832
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the drivers/net/ethernet/mellanox/mlx5/core/fw_reset.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115696
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39833
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hfcpci_softirq() and HFC_init() functions in drivers/isdn/hardware/mISDN/hfcpci.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115980
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39839
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the batadv_nc_skb_decode_packet() function in net/batman-adv/network-coding.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115979
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39841
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the lpfc_nvmet_defer_rcv() function in drivers/scsi/lpfc/lpfc_nvmet.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115996
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39844
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the include/linux/vmalloc.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debugsource: before 6.4.0-150700.53.22.1
kernel-zfcpdump-debuginfo: before 6.4.0-150700.53.22.1
kernel-zfcpdump: before 6.4.0-150700.53.22.1
kernel-devel: before 6.4.0-150700.53.22.1
kernel-macros: before 6.4.0-150700.53.22.1
kernel-default-devel: before 6.4.0-150700.53.22.1
kernel-default-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-debugsource: before 6.4.0-150700.53.22.1
kernel-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-base: before 6.4.0-150700.53.22.1.150700.17.15.1
kernel-default: before 6.4.0-150700.53.22.1
kernel-64kb-debugsource: before 6.4.0-150700.53.22.1
kernel-64kb-devel-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb-devel: before 6.4.0-150700.53.22.1
kernel-64kb-debuginfo: before 6.4.0-150700.53.22.1
kernel-64kb: before 6.4.0-150700.53.22.1
CPE2.3https://www.suse.com/support/update/announcement/2025/suse-su-20254057-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU115997
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-39845
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sync_global_pgds() function in arch/x86/mm/init_64.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP7
Legacy Module: 15-SP7
SUSE Linux Enterprise High Availability Extension 15: SP7
Basesystem Module: 15-SP7
SUSE Linux Enterprise Workstation Extension 15: SP7
Development Tools Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
kernel-default-livepatch: before 6.4.0-150700.53.22.1
kernel-livepatch-6_4_0-150700_53_22-default-debuginfo: before 1-150700.15.3.1
kernel-livepatch-6_4_0-150700_53_22-default: before 1-150700.15.3.1
kernel-livepatch-SLE15-SP7_Update_6-debugsource: before 1-150700.15.3.1
kernel-default-livepatch-devel: before 6.4.0-150700.53.22.1
kernel-default-extra-debuginfo: before 6.4.0-150700.53.22.1
kernel-default-extra: before 6.4.0-150700.53.22.1
gfs2-kmp-default: before 6.4.0-150700.53.22.1
cluster-md-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
ocfs2-kmp-default: before 6.4.0-150700.53.22.1
ocfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
dlm-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
cluster-md-kmp-default: before 6.4.0-150700.53.22.1
dlm-kmp-default: before 6.4.0-150700.53.22.1
gfs2-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
reiserfs-kmp-default: before 6.4.0-150700.53.22.1
reiserfs-kmp-default-debuginfo: before 6.4.0-150700.53.22.1
kernel-source: before 6.4.0-150700.53.22.1
kernel-obs-build: before 6.4.0-150700.53.22.1
kernel-syms: before 6.4.0-150700.53.22.1
kernel-obs-build-debugsource: before 6.4.0-150700.53.22.1
kernel-docs: before