From null at suse.de Fri Aug 1 12:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Aug 2025 12:30:07 -0000 Subject: SUSE-SU-2025:02464-2: moderate: Security update for libgcrypt Message-ID: <175405140715.2147.15596466470380882612@smelt2.prg2.suse.org> # Security update for libgcrypt Announcement ID: SUSE-SU-2025:02464-2 Release Date: 2025-08-01T09:18:00Z Rating: moderate References: * bsc#1221107 Cross-References: * CVE-2024-2236 CVSS scores: * CVE-2024-2236 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-2236 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for libgcrypt fixes the following issues: * CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2464=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2464=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2464=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2464=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2464=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-2464=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2464=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libgcrypt20-hmac-1.9.4-150400.6.11.1 * libgcrypt-devel-debuginfo-1.9.4-150400.6.11.1 * libgcrypt-devel-1.9.4-150400.6.11.1 * libgcrypt20-debuginfo-1.9.4-150400.6.11.1 * libgcrypt20-1.9.4-150400.6.11.1 * libgcrypt-debugsource-1.9.4-150400.6.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libgcrypt20-32bit-debuginfo-1.9.4-150400.6.11.1 * libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1 * libgcrypt20-32bit-1.9.4-150400.6.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libgcrypt20-hmac-1.9.4-150400.6.11.1 * libgcrypt-devel-debuginfo-1.9.4-150400.6.11.1 * libgcrypt-devel-1.9.4-150400.6.11.1 * libgcrypt20-debuginfo-1.9.4-150400.6.11.1 * libgcrypt20-1.9.4-150400.6.11.1 * libgcrypt-debugsource-1.9.4-150400.6.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libgcrypt20-32bit-debuginfo-1.9.4-150400.6.11.1 * libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1 * libgcrypt20-32bit-1.9.4-150400.6.11.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libgcrypt20-hmac-1.9.4-150400.6.11.1 * libgcrypt-devel-debuginfo-1.9.4-150400.6.11.1 * libgcrypt-devel-1.9.4-150400.6.11.1 * libgcrypt20-debuginfo-1.9.4-150400.6.11.1 * libgcrypt20-1.9.4-150400.6.11.1 * libgcrypt-debugsource-1.9.4-150400.6.11.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libgcrypt20-32bit-debuginfo-1.9.4-150400.6.11.1 * libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1 * libgcrypt20-32bit-1.9.4-150400.6.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libgcrypt20-hmac-1.9.4-150400.6.11.1 * libgcrypt-devel-debuginfo-1.9.4-150400.6.11.1 * libgcrypt-devel-1.9.4-150400.6.11.1 * libgcrypt20-debuginfo-1.9.4-150400.6.11.1 * libgcrypt20-1.9.4-150400.6.11.1 * libgcrypt-debugsource-1.9.4-150400.6.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libgcrypt20-32bit-debuginfo-1.9.4-150400.6.11.1 * libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1 * libgcrypt20-32bit-1.9.4-150400.6.11.1 * SUSE Manager Proxy 4.3 (x86_64) * libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1 * libgcrypt20-hmac-1.9.4-150400.6.11.1 * libgcrypt20-32bit-1.9.4-150400.6.11.1 * libgcrypt-devel-debuginfo-1.9.4-150400.6.11.1 * libgcrypt-devel-1.9.4-150400.6.11.1 * libgcrypt20-debuginfo-1.9.4-150400.6.11.1 * libgcrypt20-32bit-debuginfo-1.9.4-150400.6.11.1 * libgcrypt20-1.9.4-150400.6.11.1 * libgcrypt-debugsource-1.9.4-150400.6.11.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1 * libgcrypt20-hmac-1.9.4-150400.6.11.1 * libgcrypt20-32bit-1.9.4-150400.6.11.1 * libgcrypt-devel-debuginfo-1.9.4-150400.6.11.1 * libgcrypt-devel-1.9.4-150400.6.11.1 * libgcrypt20-debuginfo-1.9.4-150400.6.11.1 * libgcrypt20-32bit-debuginfo-1.9.4-150400.6.11.1 * libgcrypt20-1.9.4-150400.6.11.1 * libgcrypt-debugsource-1.9.4-150400.6.11.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libgcrypt20-hmac-1.9.4-150400.6.11.1 * libgcrypt-devel-debuginfo-1.9.4-150400.6.11.1 * libgcrypt-devel-1.9.4-150400.6.11.1 * libgcrypt20-debuginfo-1.9.4-150400.6.11.1 * libgcrypt20-1.9.4-150400.6.11.1 * libgcrypt-debugsource-1.9.4-150400.6.11.1 * SUSE Manager Server 4.3 (x86_64) * libgcrypt20-32bit-debuginfo-1.9.4-150400.6.11.1 * libgcrypt20-hmac-32bit-1.9.4-150400.6.11.1 * libgcrypt20-32bit-1.9.4-150400.6.11.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2236.html * https://bugzilla.suse.com/show_bug.cgi?id=1221107 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 1 12:30:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Aug 2025 12:30:12 -0000 Subject: SUSE-SU-2025:02587-1: moderate: Security update for sccache Message-ID: <175405141289.2147.9118408242204318368@smelt2.prg2.suse.org> # Security update for sccache Announcement ID: SUSE-SU-2025:02587-1 Release Date: 2025-08-01T08:49:26Z Rating: moderate References: * bsc#1243868 Cross-References: * CVE-2024-12224 CVSS scores: * CVE-2024-12224 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-12224 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-12224 ( NVD ): 5.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.4 An update that solves one vulnerability can now be installed. ## Description: This update for sccache fixes the following issues: * Update to version 0.4.2~4: * CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode. (bsc#1243868) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2587=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * sccache-debugsource-0.4.2~4-150400.3.6.1 * sccache-0.4.2~4-150400.3.6.1 * sccache-debuginfo-0.4.2~4-150400.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12224.html * https://bugzilla.suse.com/show_bug.cgi?id=1243868 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 1 12:30:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Aug 2025 12:30:16 -0000 Subject: SUSE-SU-2025:02586-1: moderate: Security update for rav1e Message-ID: <175405141619.2147.11398123115650064091@smelt2.prg2.suse.org> # Security update for rav1e Announcement ID: SUSE-SU-2025:02586-1 Release Date: 2025-08-01T08:49:19Z Rating: moderate References: * bsc#1243855 Cross-References: * CVE-2024-12224 CVSS scores: * CVE-2024-12224 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-12224 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-12224 ( NVD ): 5.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for rav1e fixes the following issues: * CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode. (bsc#1243855) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2586=1 openSUSE-SLE-15.6-2025-2586=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2586=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2586=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * librav1e0_6-0.6.6-150600.3.3.1 * rav1e-devel-0.6.6-150600.3.3.1 * rav1e-debuginfo-0.6.6-150600.3.3.1 * librav1e0_6-debuginfo-0.6.6-150600.3.3.1 * rav1e-debugsource-0.6.6-150600.3.3.1 * rav1e-0.6.6-150600.3.3.1 * openSUSE Leap 15.6 (x86_64) * librav1e0_6-32bit-debuginfo-0.6.6-150600.3.3.1 * librav1e0_6-32bit-0.6.6-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * librav1e0_6-64bit-debuginfo-0.6.6-150600.3.3.1 * librav1e0_6-64bit-0.6.6-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * librav1e0_6-debuginfo-0.6.6-150600.3.3.1 * librav1e0_6-0.6.6-150600.3.3.1 * rav1e-debugsource-0.6.6-150600.3.3.1 * rav1e-debuginfo-0.6.6-150600.3.3.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * librav1e0_6-debuginfo-0.6.6-150600.3.3.1 * librav1e0_6-0.6.6-150600.3.3.1 * rav1e-debugsource-0.6.6-150600.3.3.1 * rav1e-debuginfo-0.6.6-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12224.html * https://bugzilla.suse.com/show_bug.cgi?id=1243855 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 1 16:30:22 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Aug 2025 16:30:22 -0000 Subject: SUSE-SU-2025:02595-1: important: Security update for gnutls Message-ID: <175406582204.25827.14385933922159745296@smelt2.prg2.suse.org> # Security update for gnutls Announcement ID: SUSE-SU-2025:02595-1 Release Date: 2025-08-01T15:14:08Z Rating: important References: * bsc#1246232 * bsc#1246233 * bsc#1246267 * bsc#1246299 Cross-References: * CVE-2025-32988 * CVE-2025-32989 * CVE-2025-32990 * CVE-2025-6395 CVSS scores: * CVE-2025-32988 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-32988 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-32988 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-32989 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32989 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2025-32989 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-32990 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-32990 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2025-32990 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-6395 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-6395 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-6395 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities can now be installed. ## Description: This update for gnutls fixes the following issues: * CVE-2025-6395: Fix NULL pointer dereference when 2nd Client Hello omits PSK (bsc#1246299) * CVE-2025-32988: Fix double-free due to incorrect ownership handling in the export logic of SAN entries containing an otherName (bsc#1246232) * CVE-2025-32989: Fix heap buffer overread when handling the CT SCT extension during X.509 certificate parsing (bsc#1246233) * CVE-2025-32990: Fix 1-byte heap buffer overflow when parsing templates with certtool (bsc#1246267) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2595=1 openSUSE-SLE-15.6-2025-2595=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2595=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2595=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libgnutlsxx30-3.8.3-150600.4.9.1 * gnutls-debugsource-3.8.3-150600.4.9.1 * libgnutls-devel-3.8.3-150600.4.9.1 * libgnutlsxx-devel-3.8.3-150600.4.9.1 * gnutls-debuginfo-3.8.3-150600.4.9.1 * libgnutls30-debuginfo-3.8.3-150600.4.9.1 * libgnutls30-3.8.3-150600.4.9.1 * gnutls-3.8.3-150600.4.9.1 * libgnutlsxx30-debuginfo-3.8.3-150600.4.9.1 * openSUSE Leap 15.6 (x86_64) * libgnutls30-32bit-3.8.3-150600.4.9.1 * libgnutls-devel-32bit-3.8.3-150600.4.9.1 * libgnutls30-32bit-debuginfo-3.8.3-150600.4.9.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libgnutls30-64bit-3.8.3-150600.4.9.1 * libgnutls30-64bit-debuginfo-3.8.3-150600.4.9.1 * libgnutls-devel-64bit-3.8.3-150600.4.9.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libgnutlsxx30-3.8.3-150600.4.9.1 * gnutls-debugsource-3.8.3-150600.4.9.1 * libgnutls-devel-3.8.3-150600.4.9.1 * libgnutlsxx-devel-3.8.3-150600.4.9.1 * gnutls-debuginfo-3.8.3-150600.4.9.1 * libgnutls30-debuginfo-3.8.3-150600.4.9.1 * libgnutls30-3.8.3-150600.4.9.1 * gnutls-3.8.3-150600.4.9.1 * libgnutlsxx30-debuginfo-3.8.3-150600.4.9.1 * Basesystem Module 15-SP6 (x86_64) * libgnutls30-32bit-3.8.3-150600.4.9.1 * libgnutls30-32bit-debuginfo-3.8.3-150600.4.9.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libgnutlsxx30-3.8.3-150600.4.9.1 * gnutls-debugsource-3.8.3-150600.4.9.1 * libgnutls-devel-3.8.3-150600.4.9.1 * libgnutlsxx-devel-3.8.3-150600.4.9.1 * gnutls-debuginfo-3.8.3-150600.4.9.1 * libgnutls30-debuginfo-3.8.3-150600.4.9.1 * libgnutls30-3.8.3-150600.4.9.1 * gnutls-3.8.3-150600.4.9.1 * libgnutlsxx30-debuginfo-3.8.3-150600.4.9.1 * Basesystem Module 15-SP7 (x86_64) * libgnutls30-32bit-3.8.3-150600.4.9.1 * libgnutls30-32bit-debuginfo-3.8.3-150600.4.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-32988.html * https://www.suse.com/security/cve/CVE-2025-32989.html * https://www.suse.com/security/cve/CVE-2025-32990.html * https://www.suse.com/security/cve/CVE-2025-6395.html * https://bugzilla.suse.com/show_bug.cgi?id=1246232 * https://bugzilla.suse.com/show_bug.cgi?id=1246233 * https://bugzilla.suse.com/show_bug.cgi?id=1246267 * https://bugzilla.suse.com/show_bug.cgi?id=1246299 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 1 16:30:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Aug 2025 16:30:13 -0000 Subject: SUSE-SU-2025:02597-1: moderate: Security update for python310 Message-ID: <175406581397.25827.13897418775271603160@smelt2.prg2.suse.org> # Security update for python310 Announcement ID: SUSE-SU-2025:02597-1 Release Date: 2025-08-01T15:14:37Z Rating: moderate References: * bsc#1244705 Cross-References: * CVE-2025-6069 CVSS scores: * CVE-2025-6069 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H * CVE-2025-6069 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H * CVE-2025-6069 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for python310 fixes the following issues: * CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser (bsc#1244705). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2597=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2597=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python310-3.10.18-150400.4.85.1 * python310-dbm-debuginfo-3.10.18-150400.4.85.1 * python310-curses-3.10.18-150400.4.85.1 * python310-testsuite-debuginfo-3.10.18-150400.4.85.1 * python310-dbm-3.10.18-150400.4.85.1 * python310-doc-devhelp-3.10.18-150400.4.85.1 * libpython3_10-1_0-3.10.18-150400.4.85.1 * python310-base-3.10.18-150400.4.85.1 * python310-core-debugsource-3.10.18-150400.4.85.1 * python310-curses-debuginfo-3.10.18-150400.4.85.1 * python310-debuginfo-3.10.18-150400.4.85.1 * python310-debugsource-3.10.18-150400.4.85.1 * python310-devel-3.10.18-150400.4.85.1 * python310-doc-3.10.18-150400.4.85.1 * python310-tk-debuginfo-3.10.18-150400.4.85.1 * python310-testsuite-3.10.18-150400.4.85.1 * python310-idle-3.10.18-150400.4.85.1 * python310-base-debuginfo-3.10.18-150400.4.85.1 * libpython3_10-1_0-debuginfo-3.10.18-150400.4.85.1 * python310-tk-3.10.18-150400.4.85.1 * python310-tools-3.10.18-150400.4.85.1 * openSUSE Leap 15.4 (x86_64) * python310-32bit-3.10.18-150400.4.85.1 * libpython3_10-1_0-32bit-3.10.18-150400.4.85.1 * python310-base-32bit-3.10.18-150400.4.85.1 * python310-32bit-debuginfo-3.10.18-150400.4.85.1 * python310-base-32bit-debuginfo-3.10.18-150400.4.85.1 * libpython3_10-1_0-32bit-debuginfo-3.10.18-150400.4.85.1 * openSUSE Leap 15.4 (aarch64_ilp32) * python310-base-64bit-debuginfo-3.10.18-150400.4.85.1 * libpython3_10-1_0-64bit-debuginfo-3.10.18-150400.4.85.1 * libpython3_10-1_0-64bit-3.10.18-150400.4.85.1 * python310-base-64bit-3.10.18-150400.4.85.1 * python310-64bit-debuginfo-3.10.18-150400.4.85.1 * python310-64bit-3.10.18-150400.4.85.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python310-3.10.18-150400.4.85.1 * python310-dbm-debuginfo-3.10.18-150400.4.85.1 * python310-curses-3.10.18-150400.4.85.1 * python310-testsuite-debuginfo-3.10.18-150400.4.85.1 * python310-dbm-3.10.18-150400.4.85.1 * python310-doc-devhelp-3.10.18-150400.4.85.1 * libpython3_10-1_0-3.10.18-150400.4.85.1 * python310-base-3.10.18-150400.4.85.1 * python310-core-debugsource-3.10.18-150400.4.85.1 * python310-curses-debuginfo-3.10.18-150400.4.85.1 * python310-debuginfo-3.10.18-150400.4.85.1 * python310-debugsource-3.10.18-150400.4.85.1 * python310-devel-3.10.18-150400.4.85.1 * python310-doc-3.10.18-150400.4.85.1 * python310-testsuite-3.10.18-150400.4.85.1 * python310-tk-debuginfo-3.10.18-150400.4.85.1 * python310-idle-3.10.18-150400.4.85.1 * python310-base-debuginfo-3.10.18-150400.4.85.1 * libpython3_10-1_0-debuginfo-3.10.18-150400.4.85.1 * python310-tk-3.10.18-150400.4.85.1 * python310-tools-3.10.18-150400.4.85.1 * openSUSE Leap 15.6 (x86_64) * python310-32bit-3.10.18-150400.4.85.1 * libpython3_10-1_0-32bit-3.10.18-150400.4.85.1 * python310-base-32bit-3.10.18-150400.4.85.1 * python310-32bit-debuginfo-3.10.18-150400.4.85.1 * python310-base-32bit-debuginfo-3.10.18-150400.4.85.1 * libpython3_10-1_0-32bit-debuginfo-3.10.18-150400.4.85.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6069.html * https://bugzilla.suse.com/show_bug.cgi?id=1244705 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 1 16:30:32 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Aug 2025 16:30:32 -0000 Subject: SUSE-SU-2025:02593-1: important: Security update for valkey Message-ID: <175406583223.25827.1655714002372540341@smelt2.prg2.suse.org> # Security update for valkey Announcement ID: SUSE-SU-2025:02593-1 Release Date: 2025-08-01T15:13:11Z Rating: important References: * bsc#1246058 * bsc#1246059 Cross-References: * CVE-2025-32023 * CVE-2025-48367 CVSS scores: * CVE-2025-32023 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-32023 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-32023 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-48367 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-48367 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-48367 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for valkey fixes the following issues: * CVE-2025-32023: Fixed an out-of-bounds write when working with HyperLogLog commands that can lead to remote code execution. (bsc#1246059) * CVE-2025-48367: Fixed unauthenticated connection causing repeated IP protocol erros that can lead to client starvation and DoS. (bsc#1246058) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2593=1 openSUSE-SLE-15.6-2025-2593=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-2593=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * valkey-devel-8.0.2-150600.13.14.1 * valkey-debugsource-8.0.2-150600.13.14.1 * valkey-debuginfo-8.0.2-150600.13.14.1 * valkey-8.0.2-150600.13.14.1 * openSUSE Leap 15.6 (noarch) * valkey-compat-redis-8.0.2-150600.13.14.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * valkey-devel-8.0.2-150600.13.14.1 * valkey-debugsource-8.0.2-150600.13.14.1 * valkey-debuginfo-8.0.2-150600.13.14.1 * valkey-8.0.2-150600.13.14.1 * Server Applications Module 15-SP6 (noarch) * valkey-compat-redis-8.0.2-150600.13.14.1 ## References: * https://www.suse.com/security/cve/CVE-2025-32023.html * https://www.suse.com/security/cve/CVE-2025-48367.html * https://bugzilla.suse.com/show_bug.cgi?id=1246058 * https://bugzilla.suse.com/show_bug.cgi?id=1246059 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 1 16:30:26 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Aug 2025 16:30:26 -0000 Subject: SUSE-SU-2025:02594-1: important: Security update for valkey Message-ID: <175406582615.25827.16284367470436168174@smelt2.prg2.suse.org> # Security update for valkey Announcement ID: SUSE-SU-2025:02594-1 Release Date: 2025-08-01T15:13:19Z Rating: important References: * bsc#1246058 * bsc#1246059 Cross-References: * CVE-2025-32023 * CVE-2025-48367 CVSS scores: * CVE-2025-32023 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-32023 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-32023 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-48367 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-48367 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-48367 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Server Applications Module 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for valkey fixes the following issues: * CVE-2025-32023: Fixed an out-of-bounds write when working with HyperLogLog commands that can lead to remote code execution. (bsc#1246059) * CVE-2025-48367: Fixed unauthenticated connection causing repeated IP protocol erros that can lead to client starvation and DoS. (bsc#1246058) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-2594=1 ## Package List: * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * valkey-debugsource-8.0.2-150700.3.8.1 * valkey-devel-8.0.2-150700.3.8.1 * valkey-debuginfo-8.0.2-150700.3.8.1 * valkey-8.0.2-150700.3.8.1 * Server Applications Module 15-SP7 (noarch) * valkey-compat-redis-8.0.2-150700.3.8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-32023.html * https://www.suse.com/security/cve/CVE-2025-48367.html * https://bugzilla.suse.com/show_bug.cgi?id=1246058 * https://bugzilla.suse.com/show_bug.cgi?id=1246059 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 1 16:30:37 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Aug 2025 16:30:37 -0000 Subject: SUSE-SU-2025:02592-1: important: Security update for cosign Message-ID: <175406583739.25827.17048767782436614697@smelt2.prg2.suse.org> # Security update for cosign Announcement ID: SUSE-SU-2025:02592-1 Release Date: 2025-08-01T14:44:33Z Rating: important References: * bsc#1246725 * jsc#SLE-23879 Cross-References: * CVE-2025-46569 CVSS scores: * CVE-2025-46569 ( SUSE ): 7.6 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-46569 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L * CVE-2025-46569 ( NVD ): 7.4 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and contains one feature can now be installed. ## Description: This update for cosign fixes the following issues: Update to version 2.5.3 (jsc#SLE-23879): * CVE-2025-46569: Fixed OPA server Data API HTTP path injection of Rego (bsc#1246725) Changelog: Update to 2.5.3: * Add signing-config create command (#4280) * Allow multiple services to be specified for trusted-root create (#4285) * force when copying the latest image to overwrite (#4298) * Fix cert verification logic for trusted-root/SCTs (#4294) * Fix lint error for types package (#4295) * feat: Add OCI 1.1+ experimental support to tree (#4205) * Add validity period end for trusted-root create (#4271) * avoid double-loading trustedroot from file (#4264) Update to 2.5.2: * Do not load trusted root when CT env key is set * docs: improve doc for --no-upload option (#4206) Update to 2.5.1: * Add Rekor v2 support for trusted-root create (#4242) * Add baseUrl and Uri to trusted-root create command * Upgrade to TUF v2 client with trusted root * Don't verify SCT for a private PKI cert (#4225) * Bump TSA library to relax EKU chain validation rules (#4219) * Bump sigstore-go to pick up log index=0 fix (#4162) * remove unused recursive flag on attest command (#4187) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2592=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2592=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-2592=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2592=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2592=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2592=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2592=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2592=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2592=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2592=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2592=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2592=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2592=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2592=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2592=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * cosign-2.5.3-150400.3.30.1 * SUSE Manager Proxy 4.3 (x86_64) * cosign-2.5.3-150400.3.30.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * cosign-2.5.3-150400.3.30.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * cosign-2.5.3-150400.3.30.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * cosign-debuginfo-2.5.3-150400.3.30.1 * cosign-2.5.3-150400.3.30.1 * openSUSE Leap 15.4 (noarch) * cosign-zsh-completion-2.5.3-150400.3.30.1 * cosign-fish-completion-2.5.3-150400.3.30.1 * cosign-bash-completion-2.5.3-150400.3.30.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * cosign-debuginfo-2.5.3-150400.3.30.1 * cosign-2.5.3-150400.3.30.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * cosign-debuginfo-2.5.3-150400.3.30.1 * cosign-2.5.3-150400.3.30.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * cosign-debuginfo-2.5.3-150400.3.30.1 * cosign-2.5.3-150400.3.30.1 * Basesystem Module 15-SP7 (noarch) * cosign-zsh-completion-2.5.3-150400.3.30.1 * cosign-bash-completion-2.5.3-150400.3.30.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * cosign-2.5.3-150400.3.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * cosign-2.5.3-150400.3.30.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * cosign-2.5.3-150400.3.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * cosign-2.5.3-150400.3.30.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * cosign-2.5.3-150400.3.30.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * cosign-2.5.3-150400.3.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * cosign-2.5.3-150400.3.30.1 ## References: * https://www.suse.com/security/cve/CVE-2025-46569.html * https://bugzilla.suse.com/show_bug.cgi?id=1246725 * https://jira.suse.com/browse/SLE-23879 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 1 16:30:51 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Aug 2025 16:30:51 -0000 Subject: SUSE-SU-2025:02589-1: important: Security update for gnutls Message-ID: <175406585179.25827.6466013816368133639@smelt2.prg2.suse.org> # Security update for gnutls Announcement ID: SUSE-SU-2025:02589-1 Release Date: 2025-08-01T13:06:32Z Rating: important References: * bsc#1246232 * bsc#1246233 * bsc#1246267 * bsc#1246299 Cross-References: * CVE-2025-32988 * CVE-2025-32989 * CVE-2025-32990 * CVE-2025-6395 CVSS scores: * CVE-2025-32988 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-32988 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-32988 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-32989 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32989 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2025-32989 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-32990 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-32990 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2025-32990 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-6395 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-6395 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-6395 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities can now be installed. ## Description: This update for gnutls fixes the following issues: * CVE-2025-6395: Fix NULL pointer dereference when 2nd Client Hello omits PSK (bsc#1246299) * CVE-2025-32988: Fix double-free due to incorrect ownership handling in the export logic of SAN entries containing an otherName (bsc#1246232) * CVE-2025-32989: Fix heap buffer overread when handling the CT SCT extension during X.509 certificate parsing (bsc#1246233) * CVE-2025-32990: Fix 1-byte heap buffer overflow when parsing templates with certtool (bsc#1246267) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2589=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2589=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2589=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2589=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2589=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2589=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2589=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2589=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2589=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2589=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2589=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2589=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2589=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-2589=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2589=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * gnutls-debugsource-3.7.3-150400.4.50.1 * libgnutls30-hmac-3.7.3-150400.4.50.1 * libgnutls30-debuginfo-3.7.3-150400.4.50.1 * gnutls-guile-debuginfo-3.7.3-150400.4.50.1 * libgnutls-devel-3.7.3-150400.4.50.1 * libgnutlsxx-devel-3.7.3-150400.4.50.1 * libgnutlsxx28-3.7.3-150400.4.50.1 * gnutls-debuginfo-3.7.3-150400.4.50.1 * gnutls-guile-3.7.3-150400.4.50.1 * libgnutls30-3.7.3-150400.4.50.1 * gnutls-3.7.3-150400.4.50.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.50.1 * openSUSE Leap 15.4 (x86_64) * libgnutls-devel-32bit-3.7.3-150400.4.50.1 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.50.1 * libgnutls30-32bit-3.7.3-150400.4.50.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libgnutls30-64bit-debuginfo-3.7.3-150400.4.50.1 * libgnutls-devel-64bit-3.7.3-150400.4.50.1 * libgnutls30-hmac-64bit-3.7.3-150400.4.50.1 * libgnutls30-64bit-3.7.3-150400.4.50.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * gnutls-debugsource-3.7.3-150400.4.50.1 * libgnutls30-hmac-3.7.3-150400.4.50.1 * libgnutls30-debuginfo-3.7.3-150400.4.50.1 * gnutls-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-3.7.3-150400.4.50.1 * gnutls-3.7.3-150400.4.50.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * gnutls-debugsource-3.7.3-150400.4.50.1 * libgnutls30-hmac-3.7.3-150400.4.50.1 * libgnutls30-debuginfo-3.7.3-150400.4.50.1 * gnutls-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-3.7.3-150400.4.50.1 * gnutls-3.7.3-150400.4.50.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * gnutls-debugsource-3.7.3-150400.4.50.1 * libgnutls30-hmac-3.7.3-150400.4.50.1 * libgnutls30-debuginfo-3.7.3-150400.4.50.1 * gnutls-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-3.7.3-150400.4.50.1 * gnutls-3.7.3-150400.4.50.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * gnutls-debugsource-3.7.3-150400.4.50.1 * libgnutls30-hmac-3.7.3-150400.4.50.1 * libgnutls30-debuginfo-3.7.3-150400.4.50.1 * libgnutls-devel-3.7.3-150400.4.50.1 * libgnutlsxx-devel-3.7.3-150400.4.50.1 * libgnutlsxx28-3.7.3-150400.4.50.1 * gnutls-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-3.7.3-150400.4.50.1 * gnutls-3.7.3-150400.4.50.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.50.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libgnutls30-32bit-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.50.1 * libgnutls30-32bit-3.7.3-150400.4.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * gnutls-debugsource-3.7.3-150400.4.50.1 * libgnutls30-hmac-3.7.3-150400.4.50.1 * libgnutls30-debuginfo-3.7.3-150400.4.50.1 * libgnutls-devel-3.7.3-150400.4.50.1 * libgnutlsxx-devel-3.7.3-150400.4.50.1 * libgnutlsxx28-3.7.3-150400.4.50.1 * gnutls-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-3.7.3-150400.4.50.1 * gnutls-3.7.3-150400.4.50.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libgnutls30-32bit-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.50.1 * libgnutls30-32bit-3.7.3-150400.4.50.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * gnutls-debugsource-3.7.3-150400.4.50.1 * libgnutls30-hmac-3.7.3-150400.4.50.1 * libgnutls30-debuginfo-3.7.3-150400.4.50.1 * gnutls-guile-debuginfo-3.7.3-150400.4.50.1 * libgnutls-devel-3.7.3-150400.4.50.1 * libgnutlsxx-devel-3.7.3-150400.4.50.1 * libgnutlsxx28-3.7.3-150400.4.50.1 * gnutls-debuginfo-3.7.3-150400.4.50.1 * gnutls-guile-3.7.3-150400.4.50.1 * libgnutls30-3.7.3-150400.4.50.1 * gnutls-3.7.3-150400.4.50.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.50.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libgnutls30-32bit-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.50.1 * libgnutls30-32bit-3.7.3-150400.4.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * gnutls-debugsource-3.7.3-150400.4.50.1 * libgnutls30-hmac-3.7.3-150400.4.50.1 * libgnutls30-debuginfo-3.7.3-150400.4.50.1 * gnutls-guile-debuginfo-3.7.3-150400.4.50.1 * libgnutls-devel-3.7.3-150400.4.50.1 * libgnutlsxx-devel-3.7.3-150400.4.50.1 * libgnutlsxx28-3.7.3-150400.4.50.1 * gnutls-debuginfo-3.7.3-150400.4.50.1 * gnutls-guile-3.7.3-150400.4.50.1 * libgnutls30-3.7.3-150400.4.50.1 * gnutls-3.7.3-150400.4.50.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libgnutls30-32bit-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.50.1 * libgnutls30-32bit-3.7.3-150400.4.50.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * gnutls-debugsource-3.7.3-150400.4.50.1 * libgnutls30-hmac-3.7.3-150400.4.50.1 * libgnutls30-debuginfo-3.7.3-150400.4.50.1 * libgnutls-devel-3.7.3-150400.4.50.1 * libgnutlsxx-devel-3.7.3-150400.4.50.1 * libgnutlsxx28-3.7.3-150400.4.50.1 * gnutls-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-3.7.3-150400.4.50.1 * gnutls-3.7.3-150400.4.50.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.50.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libgnutls30-32bit-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.50.1 * libgnutls30-32bit-3.7.3-150400.4.50.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * gnutls-debugsource-3.7.3-150400.4.50.1 * libgnutls30-hmac-3.7.3-150400.4.50.1 * libgnutls30-debuginfo-3.7.3-150400.4.50.1 * gnutls-guile-debuginfo-3.7.3-150400.4.50.1 * libgnutls-devel-3.7.3-150400.4.50.1 * libgnutlsxx-devel-3.7.3-150400.4.50.1 * libgnutlsxx28-3.7.3-150400.4.50.1 * gnutls-debuginfo-3.7.3-150400.4.50.1 * gnutls-guile-3.7.3-150400.4.50.1 * libgnutls30-3.7.3-150400.4.50.1 * gnutls-3.7.3-150400.4.50.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.50.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libgnutls30-32bit-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.50.1 * libgnutls30-32bit-3.7.3-150400.4.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * gnutls-debugsource-3.7.3-150400.4.50.1 * libgnutls30-hmac-3.7.3-150400.4.50.1 * libgnutls30-debuginfo-3.7.3-150400.4.50.1 * libgnutls-devel-3.7.3-150400.4.50.1 * libgnutlsxx-devel-3.7.3-150400.4.50.1 * libgnutlsxx28-3.7.3-150400.4.50.1 * gnutls-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-3.7.3-150400.4.50.1 * gnutls-3.7.3-150400.4.50.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libgnutls30-32bit-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.50.1 * libgnutls30-32bit-3.7.3-150400.4.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * gnutls-debugsource-3.7.3-150400.4.50.1 * libgnutls30-hmac-3.7.3-150400.4.50.1 * libgnutls30-debuginfo-3.7.3-150400.4.50.1 * gnutls-guile-debuginfo-3.7.3-150400.4.50.1 * libgnutls-devel-3.7.3-150400.4.50.1 * libgnutlsxx-devel-3.7.3-150400.4.50.1 * libgnutlsxx28-3.7.3-150400.4.50.1 * gnutls-debuginfo-3.7.3-150400.4.50.1 * gnutls-guile-3.7.3-150400.4.50.1 * libgnutls30-3.7.3-150400.4.50.1 * gnutls-3.7.3-150400.4.50.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libgnutls30-32bit-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.50.1 * libgnutls30-32bit-3.7.3-150400.4.50.1 * SUSE Manager Proxy 4.3 (x86_64) * gnutls-debugsource-3.7.3-150400.4.50.1 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-hmac-3.7.3-150400.4.50.1 * libgnutls30-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.50.1 * libgnutls-devel-3.7.3-150400.4.50.1 * libgnutls30-32bit-3.7.3-150400.4.50.1 * libgnutlsxx-devel-3.7.3-150400.4.50.1 * libgnutlsxx28-3.7.3-150400.4.50.1 * gnutls-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-3.7.3-150400.4.50.1 * gnutls-3.7.3-150400.4.50.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.50.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * gnutls-debugsource-3.7.3-150400.4.50.1 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-hmac-3.7.3-150400.4.50.1 * libgnutls30-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.50.1 * libgnutls-devel-3.7.3-150400.4.50.1 * libgnutls30-32bit-3.7.3-150400.4.50.1 * libgnutlsxx-devel-3.7.3-150400.4.50.1 * libgnutlsxx28-3.7.3-150400.4.50.1 * gnutls-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-3.7.3-150400.4.50.1 * gnutls-3.7.3-150400.4.50.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.50.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * gnutls-debugsource-3.7.3-150400.4.50.1 * libgnutls30-hmac-3.7.3-150400.4.50.1 * libgnutls30-debuginfo-3.7.3-150400.4.50.1 * libgnutls-devel-3.7.3-150400.4.50.1 * libgnutlsxx-devel-3.7.3-150400.4.50.1 * libgnutlsxx28-3.7.3-150400.4.50.1 * gnutls-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-3.7.3-150400.4.50.1 * gnutls-3.7.3-150400.4.50.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.50.1 * SUSE Manager Server 4.3 (x86_64) * libgnutls30-32bit-debuginfo-3.7.3-150400.4.50.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.50.1 * libgnutls30-32bit-3.7.3-150400.4.50.1 ## References: * https://www.suse.com/security/cve/CVE-2025-32988.html * https://www.suse.com/security/cve/CVE-2025-32989.html * https://www.suse.com/security/cve/CVE-2025-32990.html * https://www.suse.com/security/cve/CVE-2025-6395.html * https://bugzilla.suse.com/show_bug.cgi?id=1246232 * https://bugzilla.suse.com/show_bug.cgi?id=1246233 * https://bugzilla.suse.com/show_bug.cgi?id=1246267 * https://bugzilla.suse.com/show_bug.cgi?id=1246299 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 1 16:30:42 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Aug 2025 16:30:42 -0000 Subject: SUSE-SU-2025:02591-1: moderate: Security update for tgt Message-ID: <175406584201.25827.17946810854374026278@smelt2.prg2.suse.org> # Security update for tgt Announcement ID: SUSE-SU-2025:02591-1 Release Date: 2025-08-01T14:08:43Z Rating: moderate References: * bsc#1230360 Cross-References: * CVE-2024-45751 CVSS scores: * CVE-2024-45751 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-45751 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * openSUSE Leap 15.4 An update that solves one vulnerability can now be installed. ## Description: This update for tgt fixes the following issues: * CVE-2024-45751: Fixed CHAP authentication bypass in user-space Linux target framework (bsc#1230360) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2591=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * tgt-debuginfo-1.0.85-150400.3.6.1 * tgt-debugsource-1.0.85-150400.3.6.1 * tgt-1.0.85-150400.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45751.html * https://bugzilla.suse.com/show_bug.cgi?id=1230360 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 1 16:31:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Aug 2025 16:31:14 -0000 Subject: SUSE-SU-2025:02588-1: important: Security update for the Linux Kernel Message-ID: <175406587458.25827.12457875202096146481@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:02588-1 Release Date: 2025-08-01T12:35:30Z Rating: important References: * bsc#1206051 * bsc#1221829 * bsc#1233551 * bsc#1234480 * bsc#1234863 * bsc#1236104 * bsc#1236333 * bsc#1238160 * bsc#1239644 * bsc#1242417 * bsc#1244523 * bsc#1245217 * bsc#1245431 * bsc#1246000 * bsc#1246029 * bsc#1246037 * bsc#1246045 * bsc#1246073 * bsc#1246186 * bsc#1246287 * bsc#1246555 Cross-References: * CVE-2022-49138 * CVE-2022-49770 * CVE-2023-52923 * CVE-2023-52927 * CVE-2024-26643 * CVE-2024-53057 * CVE-2024-53164 * CVE-2024-57947 * CVE-2025-37797 * CVE-2025-38079 * CVE-2025-38181 * CVE-2025-38200 * CVE-2025-38206 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38257 * CVE-2025-38289 CVSS scores: * CVE-2022-49138 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2022-49138 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-49770 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52923 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52923 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52927 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-52927 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26643 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26643 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53057 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53164 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53164 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57947 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57947 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38206 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38206 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38257 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38289 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38289 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 17 vulnerabilities and has four security fixes can now be installed. ## Description: This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2588=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2588=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2588=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2588=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-2588=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2588=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2588=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kernel-default-debugsource-5.14.21-150500.55.116.1 * kernel-default-devel-5.14.21-150500.55.116.1 * dlm-kmp-default-5.14.21-150500.55.116.1 * kernel-default-debuginfo-5.14.21-150500.55.116.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.116.1 * kernel-obs-build-5.14.21-150500.55.116.1 * ocfs2-kmp-default-5.14.21-150500.55.116.1 * gfs2-kmp-default-5.14.21-150500.55.116.1 * kernel-syms-5.14.21-150500.55.116.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.116.1 * kernel-default-base-5.14.21-150500.55.116.1.150500.6.55.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.116.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.116.1 * cluster-md-kmp-default-5.14.21-150500.55.116.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.116.1 * kernel-obs-build-debugsource-5.14.21-150500.55.116.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.116.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150500.55.116.1 * kernel-64kb-debuginfo-5.14.21-150500.55.116.1 * kernel-64kb-devel-5.14.21-150500.55.116.1 * kernel-64kb-debugsource-5.14.21-150500.55.116.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.116.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * kernel-devel-5.14.21-150500.55.116.1 * kernel-macros-5.14.21-150500.55.116.1 * kernel-source-5.14.21-150500.55.116.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.116.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kernel-default-debugsource-5.14.21-150500.55.116.1 * kernel-default-devel-5.14.21-150500.55.116.1 * dlm-kmp-default-5.14.21-150500.55.116.1 * kernel-default-debuginfo-5.14.21-150500.55.116.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.116.1 * kernel-obs-build-5.14.21-150500.55.116.1 * ocfs2-kmp-default-5.14.21-150500.55.116.1 * gfs2-kmp-default-5.14.21-150500.55.116.1 * kernel-syms-5.14.21-150500.55.116.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.116.1 * kernel-default-base-5.14.21-150500.55.116.1.150500.6.55.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.116.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.116.1 * cluster-md-kmp-default-5.14.21-150500.55.116.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.116.1 * kernel-obs-build-debugsource-5.14.21-150500.55.116.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.116.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150500.55.116.1 * kernel-64kb-debuginfo-5.14.21-150500.55.116.1 * kernel-64kb-devel-5.14.21-150500.55.116.1 * kernel-64kb-debugsource-5.14.21-150500.55.116.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.116.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * kernel-devel-5.14.21-150500.55.116.1 * kernel-macros-5.14.21-150500.55.116.1 * kernel-source-5.14.21-150500.55.116.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.116.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150500.55.116.1 * kernel-default-devel-5.14.21-150500.55.116.1 * dlm-kmp-default-5.14.21-150500.55.116.1 * kernel-default-debuginfo-5.14.21-150500.55.116.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.116.1 * kernel-obs-build-5.14.21-150500.55.116.1 * ocfs2-kmp-default-5.14.21-150500.55.116.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.116.1 * gfs2-kmp-default-5.14.21-150500.55.116.1 * kernel-syms-5.14.21-150500.55.116.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.116.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.116.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.116.1 * reiserfs-kmp-default-5.14.21-150500.55.116.1 * cluster-md-kmp-default-5.14.21-150500.55.116.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.116.1 * kernel-obs-build-debugsource-5.14.21-150500.55.116.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.116.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150500.55.116.1 * kernel-64kb-debuginfo-5.14.21-150500.55.116.1 * kernel-64kb-devel-5.14.21-150500.55.116.1 * kernel-64kb-debugsource-5.14.21-150500.55.116.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.116.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.116.1.150500.6.55.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * kernel-devel-5.14.21-150500.55.116.1 * kernel-macros-5.14.21-150500.55.116.1 * kernel-source-5.14.21-150500.55.116.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch nosrc) * kernel-docs-5.14.21-150500.55.116.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.116.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (s390x) * kernel-zfcpdump-debugsource-5.14.21-150500.55.116.1 * kernel-zfcpdump-debuginfo-5.14.21-150500.55.116.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * kernel-default-debugsource-5.14.21-150500.55.116.1 * kernel-default-devel-5.14.21-150500.55.116.1 * dlm-kmp-default-5.14.21-150500.55.116.1 * kernel-default-debuginfo-5.14.21-150500.55.116.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.116.1 * kernel-obs-build-5.14.21-150500.55.116.1 * ocfs2-kmp-default-5.14.21-150500.55.116.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.116.1 * gfs2-kmp-default-5.14.21-150500.55.116.1 * kernel-syms-5.14.21-150500.55.116.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.116.1 * kernel-default-base-5.14.21-150500.55.116.1.150500.6.55.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.116.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.116.1 * reiserfs-kmp-default-5.14.21-150500.55.116.1 * cluster-md-kmp-default-5.14.21-150500.55.116.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.116.1 * kernel-obs-build-debugsource-5.14.21-150500.55.116.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150500.55.116.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * kernel-devel-5.14.21-150500.55.116.1 * kernel-macros-5.14.21-150500.55.116.1 * kernel-source-5.14.21-150500.55.116.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.116.1 * SUSE Linux Enterprise Live Patching 15-SP5 (nosrc) * kernel-default-5.14.21-150500.55.116.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150500.55.116.1 * kernel-default-debuginfo-5.14.21-150500.55.116.1 * kernel-livepatch-5_14_21-150500_55_116-default-debuginfo-1-150500.11.3.1 * kernel-default-livepatch-5.14.21-150500.55.116.1 * kernel-default-livepatch-devel-5.14.21-150500.55.116.1 * kernel-livepatch-5_14_21-150500_55_116-default-1-150500.11.3.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x) * kernel-livepatch-SLE15-SP5_Update_29-debugsource-1-150500.11.3.1 * openSUSE Leap 15.5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.116.1 * openSUSE Leap 15.5 (noarch) * kernel-source-5.14.21-150500.55.116.1 * kernel-source-vanilla-5.14.21-150500.55.116.1 * kernel-macros-5.14.21-150500.55.116.1 * kernel-devel-5.14.21-150500.55.116.1 * kernel-docs-html-5.14.21-150500.55.116.1 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * kernel-kvmsmall-devel-5.14.21-150500.55.116.1 * kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.116.1 * kernel-default-base-5.14.21-150500.55.116.1.150500.6.55.1 * kernel-kvmsmall-debuginfo-5.14.21-150500.55.116.1 * kernel-default-base-rebuild-5.14.21-150500.55.116.1.150500.6.55.1 * kernel-kvmsmall-debugsource-5.14.21-150500.55.116.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150500.55.116.1 * kernel-default-devel-5.14.21-150500.55.116.1 * cluster-md-kmp-default-5.14.21-150500.55.116.1 * kernel-default-livepatch-5.14.21-150500.55.116.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.116.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.116.1 * kernel-default-optional-5.14.21-150500.55.116.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.116.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.116.1 * kernel-obs-build-debugsource-5.14.21-150500.55.116.1 * ocfs2-kmp-default-5.14.21-150500.55.116.1 * kernel-obs-build-5.14.21-150500.55.116.1 * gfs2-kmp-default-5.14.21-150500.55.116.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.116.1 * reiserfs-kmp-default-5.14.21-150500.55.116.1 * kernel-syms-5.14.21-150500.55.116.1 * kselftests-kmp-default-5.14.21-150500.55.116.1 * kernel-obs-qa-5.14.21-150500.55.116.1 * kernel-default-debuginfo-5.14.21-150500.55.116.1 * kernel-default-extra-debuginfo-5.14.21-150500.55.116.1 * kernel-default-optional-debuginfo-5.14.21-150500.55.116.1 * kselftests-kmp-default-debuginfo-5.14.21-150500.55.116.1 * dlm-kmp-default-5.14.21-150500.55.116.1 * kernel-default-extra-5.14.21-150500.55.116.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.116.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.116.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_116-default-debuginfo-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_55_116-default-1-150500.11.3.1 * kernel-default-livepatch-devel-5.14.21-150500.55.116.1 * kernel-livepatch-SLE15-SP5_Update_29-debugsource-1-150500.11.3.1 * openSUSE Leap 15.5 (x86_64) * kernel-kvmsmall-vdso-5.14.21-150500.55.116.1 * kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.116.1 * kernel-default-vdso-debuginfo-5.14.21-150500.55.116.1 * kernel-default-vdso-5.14.21-150500.55.116.1 * openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150500.55.116.1 * openSUSE Leap 15.5 (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.116.1 * openSUSE Leap 15.5 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150500.55.116.1 * kernel-zfcpdump-debuginfo-5.14.21-150500.55.116.1 * openSUSE Leap 15.5 (nosrc) * dtb-aarch64-5.14.21-150500.55.116.1 * openSUSE Leap 15.5 (aarch64) * dtb-broadcom-5.14.21-150500.55.116.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.116.1 * dtb-amlogic-5.14.21-150500.55.116.1 * dtb-renesas-5.14.21-150500.55.116.1 * dtb-amazon-5.14.21-150500.55.116.1 * kernel-64kb-extra-5.14.21-150500.55.116.1 * dtb-altera-5.14.21-150500.55.116.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.116.1 * dtb-qcom-5.14.21-150500.55.116.1 * dtb-apple-5.14.21-150500.55.116.1 * dlm-kmp-64kb-5.14.21-150500.55.116.1 * dtb-lg-5.14.21-150500.55.116.1 * cluster-md-kmp-64kb-5.14.21-150500.55.116.1 * kernel-64kb-debugsource-5.14.21-150500.55.116.1 * dtb-xilinx-5.14.21-150500.55.116.1 * ocfs2-kmp-64kb-5.14.21-150500.55.116.1 * dtb-rockchip-5.14.21-150500.55.116.1 * dtb-freescale-5.14.21-150500.55.116.1 * dtb-hisilicon-5.14.21-150500.55.116.1 * kernel-64kb-devel-5.14.21-150500.55.116.1 * reiserfs-kmp-64kb-5.14.21-150500.55.116.1 * dtb-marvell-5.14.21-150500.55.116.1 * dtb-apm-5.14.21-150500.55.116.1 * dtb-mediatek-5.14.21-150500.55.116.1 * dtb-sprd-5.14.21-150500.55.116.1 * kernel-64kb-optional-5.14.21-150500.55.116.1 * dtb-cavium-5.14.21-150500.55.116.1 * dtb-allwinner-5.14.21-150500.55.116.1 * dtb-exynos-5.14.21-150500.55.116.1 * kselftests-kmp-64kb-5.14.21-150500.55.116.1 * kernel-64kb-optional-debuginfo-5.14.21-150500.55.116.1 * gfs2-kmp-64kb-5.14.21-150500.55.116.1 * dtb-amd-5.14.21-150500.55.116.1 * kernel-64kb-debuginfo-5.14.21-150500.55.116.1 * dtb-nvidia-5.14.21-150500.55.116.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.116.1 * dlm-kmp-64kb-debuginfo-5.14.21-150500.55.116.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.116.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.116.1 * dtb-arm-5.14.21-150500.55.116.1 * dtb-socionext-5.14.21-150500.55.116.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.116.1 * kernel-64kb-extra-debuginfo-5.14.21-150500.55.116.1 * openSUSE Leap 15.5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.116.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.116.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * kernel-default-base-5.14.21-150500.55.116.1.150500.6.55.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150500.55.116.1 * kernel-default-debuginfo-5.14.21-150500.55.116.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-macros-5.14.21-150500.55.116.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49138.html * https://www.suse.com/security/cve/CVE-2022-49770.html * https://www.suse.com/security/cve/CVE-2023-52923.html * https://www.suse.com/security/cve/CVE-2023-52927.html * https://www.suse.com/security/cve/CVE-2024-26643.html * https://www.suse.com/security/cve/CVE-2024-53057.html * https://www.suse.com/security/cve/CVE-2024-53164.html * https://www.suse.com/security/cve/CVE-2024-57947.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38206.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38257.html * https://www.suse.com/security/cve/CVE-2025-38289.html * https://bugzilla.suse.com/show_bug.cgi?id=1206051 * https://bugzilla.suse.com/show_bug.cgi?id=1221829 * https://bugzilla.suse.com/show_bug.cgi?id=1233551 * https://bugzilla.suse.com/show_bug.cgi?id=1234480 * https://bugzilla.suse.com/show_bug.cgi?id=1234863 * https://bugzilla.suse.com/show_bug.cgi?id=1236104 * https://bugzilla.suse.com/show_bug.cgi?id=1236333 * https://bugzilla.suse.com/show_bug.cgi?id=1238160 * https://bugzilla.suse.com/show_bug.cgi?id=1239644 * https://bugzilla.suse.com/show_bug.cgi?id=1242417 * https://bugzilla.suse.com/show_bug.cgi?id=1244523 * https://bugzilla.suse.com/show_bug.cgi?id=1245217 * https://bugzilla.suse.com/show_bug.cgi?id=1245431 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246073 * https://bugzilla.suse.com/show_bug.cgi?id=1246186 * https://bugzilla.suse.com/show_bug.cgi?id=1246287 * https://bugzilla.suse.com/show_bug.cgi?id=1246555 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 1 20:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Aug 2025 20:30:09 -0000 Subject: SUSE-SU-2025:02350-2: moderate: Security update for kubernetes1.28 Message-ID: <175408020923.22670.17649147137045960478@smelt2.prg2.suse.org> # Security update for kubernetes1.28 Announcement ID: SUSE-SU-2025:02350-2 Release Date: 2025-08-01T16:07:54Z Rating: moderate References: * bsc#1241865 Cross-References: * CVE-2025-22872 CVSS scores: * CVE-2025-22872 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-22872 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * Containers Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for kubernetes1.28 fixes the following issues: * CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2350=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2350=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2350=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2350=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2350=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2350=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2350=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2350=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-2350=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.14.1 * kubernetes1.28-client-1.28.13-150400.9.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.14.1 * kubernetes1.28-client-1.28.13-150400.9.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.14.1 * kubernetes1.28-client-1.28.13-150400.9.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.14.1 * kubernetes1.28-client-1.28.13-150400.9.14.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.14.1 * kubernetes1.28-client-1.28.13-150400.9.14.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.14.1 * kubernetes1.28-client-1.28.13-150400.9.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.14.1 * kubernetes1.28-client-1.28.13-150400.9.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.14.1 * kubernetes1.28-client-1.28.13-150400.9.14.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.14.1 * kubernetes1.28-client-1.28.13-150400.9.14.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22872.html * https://bugzilla.suse.com/show_bug.cgi?id=1241865 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:30:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:30:14 -0000 Subject: SUSE-SU-2025:02619-1: important: Security update for the Linux Kernel (Live Patch 56 for SLE 15 SP3) Message-ID: <175429621418.25540.10586655328171356180@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 56 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:02619-1 Release Date: 2025-08-04T07:34:31Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_201 fixes several issues. The following security issues were fixed: * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2619=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2619=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_56-debugsource-3-150300.2.1 * kernel-livepatch-5_3_18-150300_59_201-default-debuginfo-3-150300.2.1 * kernel-livepatch-5_3_18-150300_59_201-default-3-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_201-preempt-3-150300.2.1 * kernel-livepatch-5_3_18-150300_59_201-preempt-debuginfo-3-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_56-debugsource-3-150300.2.1 * kernel-livepatch-5_3_18-150300_59_201-default-debuginfo-3-150300.2.1 * kernel-livepatch-5_3_18-150300_59_201-default-3-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:30:20 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:30:20 -0000 Subject: SUSE-SU-2025:02618-1: important: Security update for the Linux Kernel (Live Patch 63 for SLE 12 SP5) Message-ID: <175429622061.25540.17461350817354727216@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 63 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:02618-1 Release Date: 2025-08-04T07:34:19Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_237 fixes several issues. The following security issues were fixed: * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-2618=1 SUSE-SLE-Live- Patching-12-SP5-2025-2616=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_237-default-8-2.1 * kgraft-patch-4_12_14-122_228-default-13-2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:30:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:30:25 -0000 Subject: SUSE-SU-2025:02621-1: important: Security update for libxml2 Message-ID: <175429622543.25540.5188831935587521264@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2025:02621-1 Release Date: 2025-08-04T07:44:00Z Rating: important References: * bsc#1246296 Cross-References: * CVE-2025-7425 CVSS scores: * CVE-2025-7425 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-7425 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2025-7425 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2025-7425: Fixed heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr (bsc#1246296) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2621=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2621=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2621=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2621=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2621=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2621=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2621=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2621=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python3-libxml2-python-debuginfo-2.9.7-150000.3.85.1 * python3-libxml2-python-2.9.7-150000.3.85.1 * python-libxml2-python-debugsource-2.9.7-150000.3.85.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * python3-libxml2-python-debuginfo-2.9.7-150000.3.85.1 * libxml2-tools-2.9.7-150000.3.85.1 * libxml2-2-2.9.7-150000.3.85.1 * libxml2-tools-debuginfo-2.9.7-150000.3.85.1 * libxml2-debugsource-2.9.7-150000.3.85.1 * libxml2-2-debuginfo-2.9.7-150000.3.85.1 * libxml2-devel-2.9.7-150000.3.85.1 * python-libxml2-python-debugsource-2.9.7-150000.3.85.1 * python3-libxml2-python-2.9.7-150000.3.85.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * libxml2-2-32bit-2.9.7-150000.3.85.1 * libxml2-2-32bit-debuginfo-2.9.7-150000.3.85.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * python3-libxml2-python-debuginfo-2.9.7-150000.3.85.1 * libxml2-tools-2.9.7-150000.3.85.1 * libxml2-2-2.9.7-150000.3.85.1 * libxml2-tools-debuginfo-2.9.7-150000.3.85.1 * libxml2-debugsource-2.9.7-150000.3.85.1 * libxml2-2-debuginfo-2.9.7-150000.3.85.1 * libxml2-devel-2.9.7-150000.3.85.1 * python-libxml2-python-debugsource-2.9.7-150000.3.85.1 * python3-libxml2-python-2.9.7-150000.3.85.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64) * libxml2-2-32bit-2.9.7-150000.3.85.1 * libxml2-2-32bit-debuginfo-2.9.7-150000.3.85.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * python3-libxml2-python-debuginfo-2.9.7-150000.3.85.1 * libxml2-tools-2.9.7-150000.3.85.1 * libxml2-2-2.9.7-150000.3.85.1 * libxml2-tools-debuginfo-2.9.7-150000.3.85.1 * libxml2-debugsource-2.9.7-150000.3.85.1 * libxml2-2-debuginfo-2.9.7-150000.3.85.1 * libxml2-devel-2.9.7-150000.3.85.1 * python-libxml2-python-debugsource-2.9.7-150000.3.85.1 * python3-libxml2-python-2.9.7-150000.3.85.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * libxml2-2-32bit-2.9.7-150000.3.85.1 * libxml2-2-32bit-debuginfo-2.9.7-150000.3.85.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * python3-libxml2-python-debuginfo-2.9.7-150000.3.85.1 * libxml2-tools-2.9.7-150000.3.85.1 * libxml2-2-2.9.7-150000.3.85.1 * libxml2-tools-debuginfo-2.9.7-150000.3.85.1 * libxml2-debugsource-2.9.7-150000.3.85.1 * libxml2-2-debuginfo-2.9.7-150000.3.85.1 * libxml2-devel-2.9.7-150000.3.85.1 * python-libxml2-python-debugsource-2.9.7-150000.3.85.1 * python3-libxml2-python-2.9.7-150000.3.85.1 * SUSE Enterprise Storage 7.1 (x86_64) * libxml2-2-32bit-2.9.7-150000.3.85.1 * libxml2-2-32bit-debuginfo-2.9.7-150000.3.85.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libxml2-tools-2.9.7-150000.3.85.1 * libxml2-2-2.9.7-150000.3.85.1 * libxml2-tools-debuginfo-2.9.7-150000.3.85.1 * libxml2-debugsource-2.9.7-150000.3.85.1 * libxml2-2-debuginfo-2.9.7-150000.3.85.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * python3-libxml2-python-debuginfo-2.9.7-150000.3.85.1 * libxml2-tools-2.9.7-150000.3.85.1 * libxml2-2-2.9.7-150000.3.85.1 * libxml2-tools-debuginfo-2.9.7-150000.3.85.1 * libxml2-debugsource-2.9.7-150000.3.85.1 * libxml2-2-debuginfo-2.9.7-150000.3.85.1 * python-libxml2-python-debugsource-2.9.7-150000.3.85.1 * python3-libxml2-python-2.9.7-150000.3.85.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * python3-libxml2-python-debuginfo-2.9.7-150000.3.85.1 * libxml2-tools-2.9.7-150000.3.85.1 * libxml2-2-2.9.7-150000.3.85.1 * libxml2-tools-debuginfo-2.9.7-150000.3.85.1 * libxml2-debugsource-2.9.7-150000.3.85.1 * libxml2-2-debuginfo-2.9.7-150000.3.85.1 * python-libxml2-python-debugsource-2.9.7-150000.3.85.1 * python3-libxml2-python-2.9.7-150000.3.85.1 ## References: * https://www.suse.com/security/cve/CVE-2025-7425.html * https://bugzilla.suse.com/show_bug.cgi?id=1246296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:30:30 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:30:30 -0000 Subject: SUSE-SU-2025:02620-1: important: Security update for libxml2 Message-ID: <175429623008.25540.2894511620437643230@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2025:02620-1 Release Date: 2025-08-04T07:43:07Z Rating: important References: * bsc#1246296 Cross-References: * CVE-2025-7425 CVSS scores: * CVE-2025-7425 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-7425 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2025-7425 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS An update that solves one vulnerability can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2025-7425: Fixed heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr (bsc#1246296) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-2620=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-2620=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-2620=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2620=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2620=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2620=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2620=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2620=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2620=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2620=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2620=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2620=1 ## Package List: * SUSE Manager Proxy 4.3 LTS (x86_64) * python3-libxml2-2.9.14-150400.5.47.1 * libxml2-2-32bit-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-2.9.14-150400.5.47.1 * libxml2-2-32bit-2.9.14-150400.5.47.1 * libxml2-devel-2.9.14-150400.5.47.1 * libxml2-tools-debuginfo-2.9.14-150400.5.47.1 * libxml2-tools-2.9.14-150400.5.47.1 * libxml2-debugsource-2.9.14-150400.5.47.1 * python3-libxml2-debuginfo-2.9.14-150400.5.47.1 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * python3-libxml2-2.9.14-150400.5.47.1 * libxml2-2-32bit-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-2.9.14-150400.5.47.1 * libxml2-2-32bit-2.9.14-150400.5.47.1 * libxml2-devel-2.9.14-150400.5.47.1 * libxml2-tools-debuginfo-2.9.14-150400.5.47.1 * libxml2-tools-2.9.14-150400.5.47.1 * libxml2-debugsource-2.9.14-150400.5.47.1 * python3-libxml2-debuginfo-2.9.14-150400.5.47.1 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * python3-libxml2-2.9.14-150400.5.47.1 * libxml2-2-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-2.9.14-150400.5.47.1 * libxml2-devel-2.9.14-150400.5.47.1 * libxml2-tools-debuginfo-2.9.14-150400.5.47.1 * libxml2-tools-2.9.14-150400.5.47.1 * libxml2-debugsource-2.9.14-150400.5.47.1 * python3-libxml2-debuginfo-2.9.14-150400.5.47.1 * SUSE Manager Server 4.3 LTS (x86_64) * libxml2-2-32bit-2.9.14-150400.5.47.1 * libxml2-2-32bit-debuginfo-2.9.14-150400.5.47.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python3-libxml2-2.9.14-150400.5.47.1 * python311-libxml2-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-2.9.14-150400.5.47.1 * libxml2-python-debugsource-2.9.14-150400.5.47.1 * libxml2-devel-2.9.14-150400.5.47.1 * libxml2-tools-debuginfo-2.9.14-150400.5.47.1 * python311-libxml2-2.9.14-150400.5.47.1 * libxml2-tools-2.9.14-150400.5.47.1 * libxml2-debugsource-2.9.14-150400.5.47.1 * python3-libxml2-debuginfo-2.9.14-150400.5.47.1 * openSUSE Leap 15.4 (x86_64) * libxml2-2-32bit-2.9.14-150400.5.47.1 * libxml2-devel-32bit-2.9.14-150400.5.47.1 * libxml2-2-32bit-debuginfo-2.9.14-150400.5.47.1 * openSUSE Leap 15.4 (noarch) * libxml2-doc-2.9.14-150400.5.47.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libxml2-2-64bit-2.9.14-150400.5.47.1 * libxml2-2-64bit-debuginfo-2.9.14-150400.5.47.1 * libxml2-devel-64bit-2.9.14-150400.5.47.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * python3-libxml2-2.9.14-150400.5.47.1 * libxml2-2-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-2.9.14-150400.5.47.1 * libxml2-python-debugsource-2.9.14-150400.5.47.1 * libxml2-tools-debuginfo-2.9.14-150400.5.47.1 * libxml2-tools-2.9.14-150400.5.47.1 * libxml2-debugsource-2.9.14-150400.5.47.1 * python3-libxml2-debuginfo-2.9.14-150400.5.47.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * python3-libxml2-2.9.14-150400.5.47.1 * libxml2-2-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-2.9.14-150400.5.47.1 * libxml2-python-debugsource-2.9.14-150400.5.47.1 * libxml2-tools-debuginfo-2.9.14-150400.5.47.1 * libxml2-tools-2.9.14-150400.5.47.1 * libxml2-debugsource-2.9.14-150400.5.47.1 * python3-libxml2-debuginfo-2.9.14-150400.5.47.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * python3-libxml2-2.9.14-150400.5.47.1 * libxml2-2-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-2.9.14-150400.5.47.1 * libxml2-python-debugsource-2.9.14-150400.5.47.1 * libxml2-tools-debuginfo-2.9.14-150400.5.47.1 * libxml2-tools-2.9.14-150400.5.47.1 * libxml2-debugsource-2.9.14-150400.5.47.1 * python3-libxml2-debuginfo-2.9.14-150400.5.47.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * python3-libxml2-2.9.14-150400.5.47.1 * libxml2-2-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-2.9.14-150400.5.47.1 * libxml2-python-debugsource-2.9.14-150400.5.47.1 * libxml2-tools-debuginfo-2.9.14-150400.5.47.1 * libxml2-tools-2.9.14-150400.5.47.1 * libxml2-debugsource-2.9.14-150400.5.47.1 * python3-libxml2-debuginfo-2.9.14-150400.5.47.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python3-libxml2-2.9.14-150400.5.47.1 * python311-libxml2-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-2.9.14-150400.5.47.1 * libxml2-devel-2.9.14-150400.5.47.1 * libxml2-tools-debuginfo-2.9.14-150400.5.47.1 * python311-libxml2-2.9.14-150400.5.47.1 * libxml2-tools-2.9.14-150400.5.47.1 * libxml2-debugsource-2.9.14-150400.5.47.1 * python3-libxml2-debuginfo-2.9.14-150400.5.47.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libxml2-2-32bit-2.9.14-150400.5.47.1 * libxml2-2-32bit-debuginfo-2.9.14-150400.5.47.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python3-libxml2-2.9.14-150400.5.47.1 * python311-libxml2-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-2.9.14-150400.5.47.1 * libxml2-devel-2.9.14-150400.5.47.1 * libxml2-tools-debuginfo-2.9.14-150400.5.47.1 * python311-libxml2-2.9.14-150400.5.47.1 * libxml2-tools-2.9.14-150400.5.47.1 * libxml2-debugsource-2.9.14-150400.5.47.1 * python3-libxml2-debuginfo-2.9.14-150400.5.47.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libxml2-2-32bit-2.9.14-150400.5.47.1 * libxml2-2-32bit-debuginfo-2.9.14-150400.5.47.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * python3-libxml2-2.9.14-150400.5.47.1 * python311-libxml2-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-2.9.14-150400.5.47.1 * libxml2-devel-2.9.14-150400.5.47.1 * libxml2-tools-debuginfo-2.9.14-150400.5.47.1 * python311-libxml2-2.9.14-150400.5.47.1 * libxml2-tools-2.9.14-150400.5.47.1 * libxml2-debugsource-2.9.14-150400.5.47.1 * python3-libxml2-debuginfo-2.9.14-150400.5.47.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libxml2-2-32bit-2.9.14-150400.5.47.1 * libxml2-2-32bit-debuginfo-2.9.14-150400.5.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python3-libxml2-2.9.14-150400.5.47.1 * python311-libxml2-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-debuginfo-2.9.14-150400.5.47.1 * libxml2-2-2.9.14-150400.5.47.1 * libxml2-devel-2.9.14-150400.5.47.1 * libxml2-tools-debuginfo-2.9.14-150400.5.47.1 * python311-libxml2-2.9.14-150400.5.47.1 * libxml2-tools-2.9.14-150400.5.47.1 * libxml2-debugsource-2.9.14-150400.5.47.1 * python3-libxml2-debuginfo-2.9.14-150400.5.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libxml2-2-32bit-2.9.14-150400.5.47.1 * libxml2-2-32bit-debuginfo-2.9.14-150400.5.47.1 ## References: * https://www.suse.com/security/cve/CVE-2025-7425.html * https://bugzilla.suse.com/show_bug.cgi?id=1246296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:30:35 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:30:35 -0000 Subject: SUSE-SU-2025:02617-1: important: Security update for libxml2 Message-ID: <175429623589.25540.14434053289084652807@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2025:02617-1 Release Date: 2025-08-04T07:05:10Z Rating: important References: * bsc#1246296 Cross-References: * CVE-2025-7425 CVSS scores: * CVE-2025-7425 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-7425 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2025-7425 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2025-7425: Fixed heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr (bsc#1246296) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2025-2617=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2617=1 ## Package List: * Python 3 Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python311-libxml2-debuginfo-2.12.10-150700.4.6.1 * libxml2-python-debugsource-2.12.10-150700.4.6.1 * python311-libxml2-2.12.10-150700.4.6.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libxml2-2-2.12.10-150700.4.6.1 * python3-libxml2-debuginfo-2.12.10-150700.4.6.1 * python3-libxml2-2.12.10-150700.4.6.1 * libxml2-python-debugsource-2.12.10-150700.4.6.1 * libxml2-debugsource-2.12.10-150700.4.6.1 * libxml2-devel-2.12.10-150700.4.6.1 * libxml2-tools-2.12.10-150700.4.6.1 * libxml2-tools-debuginfo-2.12.10-150700.4.6.1 * libxml2-2-debuginfo-2.12.10-150700.4.6.1 * Basesystem Module 15-SP7 (x86_64) * libxml2-2-32bit-debuginfo-2.12.10-150700.4.6.1 * libxml2-2-32bit-2.12.10-150700.4.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-7425.html * https://bugzilla.suse.com/show_bug.cgi?id=1246296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:30:52 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:30:52 -0000 Subject: SUSE-SU-2025:02611-1: important: Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP4) Message-ID: <175429625262.25540.3205355800300097628@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:02611-1 Release Date: 2025-08-03T16:34:15Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-53125 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_158 fixes several issues. The following security issues were fixed: * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2611=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-2611=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_158-default-debuginfo-3-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_38-debugsource-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_158-default-debuginfo-3-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_38-debugsource-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:31:00 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:31:00 -0000 Subject: SUSE-SU-2025:02610-1: important: Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4) Message-ID: <175429626039.25540.8658573317103912789@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:02610-1 Release Date: 2025-08-03T09:34:08Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_144 fixes several issues. The following security issues were fixed: * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-2610=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2610=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-10-150400.2.1 * kernel-livepatch-5_14_21-150400_24_144-default-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_34-debugsource-10-150400.2.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-10-150400.2.1 * kernel-livepatch-5_14_21-150400_24_144-default-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_34-debugsource-10-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:31:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:31:05 -0000 Subject: SUSE-SU-2025:02608-1: important: Security update for the Linux Kernel (Live Patch 57 for SLE 15 SP3) Message-ID: <175429626509.25540.3212174167154187573@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 57 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:02608-1 Release Date: 2025-08-02T23:34:26Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_204 fixes several issues. The following security issues were fixed: * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2608=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2608=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_204-default-debuginfo-3-150300.2.1 * kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_57-debugsource-3-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_204-preempt-3-150300.2.1 * kernel-livepatch-5_3_18-150300_59_204-preempt-debuginfo-3-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_204-default-debuginfo-3-150300.2.1 * kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_57-debugsource-3-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:31:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:31:09 -0000 Subject: SUSE-SU-2025:02607-1: important: Security update for the Linux Kernel (Live Patch 51 for SLE 15 SP3) Message-ID: <175429626962.25540.4255002223361422751@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 51 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:02607-1 Release Date: 2025-08-03T02:34:31Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_185 fixes several issues. The following security issues were fixed: * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2607=1 SUSE-2025-2609=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2607=1 SUSE-SLE- Module-Live-Patching-15-SP3-2025-2609=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_48-debugsource-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_174-default-debuginfo-14-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_51-debugsource-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_185-default-debuginfo-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_185-default-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_174-default-14-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_185-preempt-debuginfo-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_185-preempt-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_174-preempt-debuginfo-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_174-preempt-14-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_185-default-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_174-default-14-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:31:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:31:12 -0000 Subject: SUSE-SU-2025:20530-1: moderate: Security update for opensc Message-ID: <175429627285.25540.16456177627334599737@smelt2.prg2.suse.org> # Security update for opensc Announcement ID: SUSE-SU-2025:20530-1 Release Date: 2025-08-01T09:26:08Z Rating: moderate References: * bsc#1219386 Cross-References: * CVE-2023-5992 CVSS scores: * CVE-2023-5992 ( SUSE ): 4.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2023-5992 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N * CVE-2023-5992 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-5992 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for opensc fixes the following issues: * CVE-2023-5992: Fixed side-channel leaks while stripping encryption PKCS#1 padding (bsc#1219386) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-406=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * opensc-debugsource-0.24.0-4.1 * opensc-debuginfo-0.24.0-4.1 * opensc-0.24.0-4.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5992.html * https://bugzilla.suse.com/show_bug.cgi?id=1219386 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:31:15 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:31:15 -0000 Subject: SUSE-SU-2025:20529-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_6 Message-ID: <175429627577.25540.3415473801242619672@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_6 Announcement ID: SUSE-SU-2025:20529-1 Release Date: 2025-08-01T08:37:43Z Rating: important References: * bsc#1241579 * bsc#1244337 Cross-References: * CVE-2025-22115 CVSS scores: * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues: * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-64=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_6-debugsource-2-3.1 * kernel-livepatch-6_4_0-28-default-debuginfo-2-3.1 * kernel-livepatch-6_4_0-28-default-2-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:31:20 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:31:20 -0000 Subject: SUSE-SU-2025:20528-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_5 Message-ID: <175429628052.25540.17658258748657701914@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_5 Announcement ID: SUSE-SU-2025:20528-1 Release Date: 2025-08-01T08:37:40Z Rating: important References: * bsc#1238912 * bsc#1241579 * bsc#1244337 Cross-References: * CVE-2025-21772 * CVE-2025-22115 CVSS scores: * CVE-2025-21772 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21772 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues: * CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912) * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-63=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-25-default-debuginfo-4-1.2 * kernel-livepatch-MICRO-6-0_Update_5-debugsource-4-1.2 * kernel-livepatch-6_4_0-25-default-4-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-21772.html * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1238912 * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:31:31 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:31:31 -0000 Subject: SUSE-SU-2025:20527-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_4 Message-ID: <175429629186.25540.18306304529073050648@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_4 Announcement ID: SUSE-SU-2025:20527-1 Release Date: 2025-08-01T08:37:40Z Rating: important References: * bsc#1234854 * bsc#1234885 * bsc#1234892 * bsc#1235005 * bsc#1235769 * bsc#1235921 * bsc#1238912 * bsc#1241579 * bsc#1243648 * bsc#1244337 Cross-References: * CVE-2024-53146 * CVE-2024-53166 * CVE-2024-53173 * CVE-2024-53214 * CVE-2024-56558 * CVE-2024-57793 * CVE-2024-57893 * CVE-2025-21772 * CVE-2025-22115 CVSS scores: * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53166 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53166 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56558 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56558 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56558 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57793 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-57793 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H * CVE-2024-57893 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57893 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21772 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21772 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves nine vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues: * CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854) * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885) * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892) * CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005) * CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769) * CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921) * CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912) * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) * CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-62=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-24-default-6-1.2 * kernel-livepatch-MICRO-6-0_Update_4-debugsource-6-1.2 * kernel-livepatch-6_4_0-24-default-debuginfo-6-1.2 ## References: * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53166.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-56558.html * https://www.suse.com/security/cve/CVE-2024-57793.html * https://www.suse.com/security/cve/CVE-2024-57893.html * https://www.suse.com/security/cve/CVE-2025-21772.html * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1234854 * https://bugzilla.suse.com/show_bug.cgi?id=1234885 * https://bugzilla.suse.com/show_bug.cgi?id=1234892 * https://bugzilla.suse.com/show_bug.cgi?id=1235005 * https://bugzilla.suse.com/show_bug.cgi?id=1235769 * https://bugzilla.suse.com/show_bug.cgi?id=1235921 * https://bugzilla.suse.com/show_bug.cgi?id=1238912 * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1243648 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:31:44 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:31:44 -0000 Subject: SUSE-SU-2025:20526-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_3 Message-ID: <175429630457.25540.11581761146838359869@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_3 Announcement ID: SUSE-SU-2025:20526-1 Release Date: 2025-08-01T08:37:40Z Rating: important References: * bsc#1233118 * bsc#1233227 * bsc#1234854 * bsc#1234885 * bsc#1234892 * bsc#1235005 * bsc#1235769 * bsc#1235921 * bsc#1238912 * bsc#1241579 * bsc#1243648 * bsc#1244337 Cross-References: * CVE-2024-50208 * CVE-2024-50250 * CVE-2024-53146 * CVE-2024-53166 * CVE-2024-53173 * CVE-2024-53214 * CVE-2024-56558 * CVE-2024-57793 * CVE-2024-57893 * CVE-2025-21772 * CVE-2025-22115 CVSS scores: * CVE-2024-50208 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50208 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50208 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50250 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-50250 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-50250 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53166 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53166 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56558 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56558 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56558 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57793 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-57793 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H * CVE-2024-57893 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57893 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21772 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21772 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves 11 vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues: * CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233118) * CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233227) * CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854) * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885) * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892) * CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005) * CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769) * CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921) * CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912) * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) * CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-61=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-20-default-8-1.2 * kernel-livepatch-MICRO-6-0_Update_3-debugsource-8-1.2 * kernel-livepatch-6_4_0-20-default-debuginfo-8-1.2 ## References: * https://www.suse.com/security/cve/CVE-2024-50208.html * https://www.suse.com/security/cve/CVE-2024-50250.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53166.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-56558.html * https://www.suse.com/security/cve/CVE-2024-57793.html * https://www.suse.com/security/cve/CVE-2024-57893.html * https://www.suse.com/security/cve/CVE-2025-21772.html * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1233118 * https://bugzilla.suse.com/show_bug.cgi?id=1233227 * https://bugzilla.suse.com/show_bug.cgi?id=1234854 * https://bugzilla.suse.com/show_bug.cgi?id=1234885 * https://bugzilla.suse.com/show_bug.cgi?id=1234892 * https://bugzilla.suse.com/show_bug.cgi?id=1235005 * https://bugzilla.suse.com/show_bug.cgi?id=1235769 * https://bugzilla.suse.com/show_bug.cgi?id=1235921 * https://bugzilla.suse.com/show_bug.cgi?id=1238912 * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1243648 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:31:55 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:31:55 -0000 Subject: SUSE-SU-2025:20525-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_2 Message-ID: <175429631582.25540.11246816677003146629@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_2 Announcement ID: SUSE-SU-2025:20525-1 Release Date: 2025-08-01T08:37:40Z Rating: important References: * bsc#1233118 * bsc#1233227 * bsc#1234854 * bsc#1234885 * bsc#1234892 * bsc#1235005 * bsc#1235769 * bsc#1235921 * bsc#1238912 * bsc#1241579 * bsc#1243648 * bsc#1244337 Cross-References: * CVE-2024-50208 * CVE-2024-50250 * CVE-2024-53146 * CVE-2024-53166 * CVE-2024-53173 * CVE-2024-53214 * CVE-2024-56558 * CVE-2024-57793 * CVE-2024-57893 * CVE-2025-21772 * CVE-2025-22115 CVSS scores: * CVE-2024-50208 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50208 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50208 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50250 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-50250 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-50250 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53166 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53166 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56558 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56558 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56558 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57793 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-57793 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H * CVE-2024-57893 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57893 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21772 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21772 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves 11 vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues: * CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233118) * CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233227) * CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854) * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885) * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892) * CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005) * CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769) * CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921) * CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912) * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) * CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-60=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_2-debugsource-8-1.1 * kernel-livepatch-6_4_0-19-default-debuginfo-8-1.1 * kernel-livepatch-6_4_0-19-default-8-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50208.html * https://www.suse.com/security/cve/CVE-2024-50250.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53166.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-56558.html * https://www.suse.com/security/cve/CVE-2024-57793.html * https://www.suse.com/security/cve/CVE-2024-57893.html * https://www.suse.com/security/cve/CVE-2025-21772.html * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1233118 * https://bugzilla.suse.com/show_bug.cgi?id=1233227 * https://bugzilla.suse.com/show_bug.cgi?id=1234854 * https://bugzilla.suse.com/show_bug.cgi?id=1234885 * https://bugzilla.suse.com/show_bug.cgi?id=1234892 * https://bugzilla.suse.com/show_bug.cgi?id=1235005 * https://bugzilla.suse.com/show_bug.cgi?id=1235769 * https://bugzilla.suse.com/show_bug.cgi?id=1235921 * https://bugzilla.suse.com/show_bug.cgi?id=1238912 * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1243648 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:31:59 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:31:59 -0000 Subject: SUSE-SU-2025:20524-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 Message-ID: <175429631985.25540.17658089719871180819@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 Announcement ID: SUSE-SU-2025:20524-1 Release Date: 2025-08-01T07:30:37Z Rating: important References: * bsc#1241579 * bsc#1244337 Cross-References: * CVE-2025-22115 CVSS scores: * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues: * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-65=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-28-rt-debuginfo-2-3.1 * kernel-livepatch-MICRO-6-0-RT_Update_6-debugsource-2-3.1 * kernel-livepatch-6_4_0-28-rt-2-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:32:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:32:04 -0000 Subject: SUSE-SU-2025:20523-1: moderate: Security update for coreutils Message-ID: <175429632406.25540.15858731659795824550@smelt2.prg2.suse.org> # Security update for coreutils Announcement ID: SUSE-SU-2025:20523-1 Release Date: 2025-07-31T09:44:31Z Rating: moderate References: * bsc#1243767 Cross-References: * CVE-2025-5278 CVSS scores: * CVE-2025-5278 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-5278 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5278 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for coreutils fixes the following issues: * CVE-2025-5278: Fixed heap buffer under-read ledaing to a crash or leak sensitive data (bsc#1243767) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-405=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * coreutils-debugsource-9.4-5.1 * coreutils-9.4-5.1 * coreutils-debuginfo-9.4-5.1 ## References: * https://www.suse.com/security/cve/CVE-2025-5278.html * https://bugzilla.suse.com/show_bug.cgi?id=1243767 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:32:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:32:13 -0000 Subject: SUSE-SU-2025:20521-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 Message-ID: <175429633308.25540.12021351286157797813@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 Announcement ID: SUSE-SU-2025:20521-1 Release Date: 2025-07-30T16:17:29Z Rating: important References: * bsc#1241579 * bsc#1244337 Cross-References: * CVE-2025-22115 CVSS scores: * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues: * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-59=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-30-rt-2-1.3 * kernel-livepatch-MICRO-6-0-RT_Update_7-debugsource-2-1.3 * kernel-livepatch-6_4_0-30-rt-debuginfo-2-1.3 ## References: * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:32:18 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:32:18 -0000 Subject: SUSE-SU-2025:20520-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 Message-ID: <175429633889.25540.2686521082630151497@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 Announcement ID: SUSE-SU-2025:20520-1 Release Date: 2025-07-30T16:17:29Z Rating: important References: * bsc#1238912 * bsc#1241579 * bsc#1244337 Cross-References: * CVE-2025-21772 * CVE-2025-22115 CVSS scores: * CVE-2025-21772 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21772 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues: * CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912) * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-58=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_5-debugsource-4-1.1 * kernel-livepatch-6_4_0-25-rt-debuginfo-4-1.1 * kernel-livepatch-6_4_0-25-rt-4-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21772.html * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1238912 * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:32:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:32:28 -0000 Subject: SUSE-SU-2025:20519-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 Message-ID: <175429634865.25540.14572672162488979793@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 Announcement ID: SUSE-SU-2025:20519-1 Release Date: 2025-07-30T16:17:29Z Rating: important References: * bsc#1234854 * bsc#1234885 * bsc#1234892 * bsc#1235005 * bsc#1235769 * bsc#1235921 * bsc#1238912 * bsc#1241579 * bsc#1243648 * bsc#1244337 Cross-References: * CVE-2024-53146 * CVE-2024-53166 * CVE-2024-53173 * CVE-2024-53214 * CVE-2024-56558 * CVE-2024-57793 * CVE-2024-57893 * CVE-2025-21772 * CVE-2025-22115 CVSS scores: * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53166 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53166 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56558 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56558 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56558 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57793 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-57793 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H * CVE-2024-57893 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57893 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21772 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21772 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves nine vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues: * CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854) * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885) * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892) * CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005) * CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769) * CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921) * CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912) * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) * CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-57=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-22-rt-5-1.1 * kernel-livepatch-6_4_0-22-rt-debuginfo-5-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_4-debugsource-5-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53166.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-56558.html * https://www.suse.com/security/cve/CVE-2024-57793.html * https://www.suse.com/security/cve/CVE-2024-57893.html * https://www.suse.com/security/cve/CVE-2025-21772.html * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1234854 * https://bugzilla.suse.com/show_bug.cgi?id=1234885 * https://bugzilla.suse.com/show_bug.cgi?id=1234892 * https://bugzilla.suse.com/show_bug.cgi?id=1235005 * https://bugzilla.suse.com/show_bug.cgi?id=1235769 * https://bugzilla.suse.com/show_bug.cgi?id=1235921 * https://bugzilla.suse.com/show_bug.cgi?id=1238912 * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1243648 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:32:43 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:32:43 -0000 Subject: SUSE-SU-2025:20518-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 Message-ID: <175429636305.25540.15955892387989374640@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 Announcement ID: SUSE-SU-2025:20518-1 Release Date: 2025-07-30T16:17:29Z Rating: important References: * bsc#1233118 * bsc#1233227 * bsc#1234854 * bsc#1234885 * bsc#1234892 * bsc#1235005 * bsc#1235769 * bsc#1235921 * bsc#1238912 * bsc#1241579 * bsc#1243648 * bsc#1244337 Cross-References: * CVE-2024-50208 * CVE-2024-50250 * CVE-2024-53146 * CVE-2024-53166 * CVE-2024-53173 * CVE-2024-53214 * CVE-2024-56558 * CVE-2024-57793 * CVE-2024-57893 * CVE-2025-21772 * CVE-2025-22115 CVSS scores: * CVE-2024-50208 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50208 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50208 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50250 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-50250 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-50250 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53166 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53166 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56558 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56558 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56558 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57793 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-57793 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H * CVE-2024-57893 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57893 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21772 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21772 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves 11 vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_3 fixes the following issues: * CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233118) * CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233227) * CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854) * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885) * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892) * CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005) * CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769) * CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921) * CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912) * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) * CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-56=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-11-rt-debuginfo-8-1.2 * kernel-livepatch-6_4_0-11-rt-8-1.2 * kernel-livepatch-MICRO-6-0-RT_Update_3-debugsource-8-1.2 ## References: * https://www.suse.com/security/cve/CVE-2024-50208.html * https://www.suse.com/security/cve/CVE-2024-50250.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53166.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-56558.html * https://www.suse.com/security/cve/CVE-2024-57793.html * https://www.suse.com/security/cve/CVE-2024-57893.html * https://www.suse.com/security/cve/CVE-2025-21772.html * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1233118 * https://bugzilla.suse.com/show_bug.cgi?id=1233227 * https://bugzilla.suse.com/show_bug.cgi?id=1234854 * https://bugzilla.suse.com/show_bug.cgi?id=1234885 * https://bugzilla.suse.com/show_bug.cgi?id=1234892 * https://bugzilla.suse.com/show_bug.cgi?id=1235005 * https://bugzilla.suse.com/show_bug.cgi?id=1235769 * https://bugzilla.suse.com/show_bug.cgi?id=1235921 * https://bugzilla.suse.com/show_bug.cgi?id=1238912 * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1243648 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:32:53 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:32:53 -0000 Subject: SUSE-SU-2025:20517-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 Message-ID: <175429637346.25540.3090358254004009591@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 Announcement ID: SUSE-SU-2025:20517-1 Release Date: 2025-07-30T16:17:29Z Rating: important References: * bsc#1233118 * bsc#1233227 * bsc#1234854 * bsc#1234885 * bsc#1234892 * bsc#1235005 * bsc#1235769 * bsc#1235921 * bsc#1238912 * bsc#1241579 * bsc#1243648 * bsc#1244337 Cross-References: * CVE-2024-50208 * CVE-2024-50250 * CVE-2024-53146 * CVE-2024-53166 * CVE-2024-53173 * CVE-2024-53214 * CVE-2024-56558 * CVE-2024-57793 * CVE-2024-57893 * CVE-2025-21772 * CVE-2025-22115 CVSS scores: * CVE-2024-50208 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50208 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50208 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50250 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-50250 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-50250 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53166 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53166 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56558 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56558 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56558 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57793 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-57793 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H * CVE-2024-57893 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57893 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21772 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21772 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves 11 vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues: * CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233118) * CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233227) * CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854) * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885) * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892) * CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005) * CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769) * CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921) * CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912) * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) * CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-54=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-10-rt-debuginfo-8-1.1 * kernel-livepatch-6_4_0-10-rt-8-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_2-debugsource-8-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50208.html * https://www.suse.com/security/cve/CVE-2024-50250.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53166.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-56558.html * https://www.suse.com/security/cve/CVE-2024-57793.html * https://www.suse.com/security/cve/CVE-2024-57893.html * https://www.suse.com/security/cve/CVE-2025-21772.html * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1233118 * https://bugzilla.suse.com/show_bug.cgi?id=1233227 * https://bugzilla.suse.com/show_bug.cgi?id=1234854 * https://bugzilla.suse.com/show_bug.cgi?id=1234885 * https://bugzilla.suse.com/show_bug.cgi?id=1234892 * https://bugzilla.suse.com/show_bug.cgi?id=1235005 * https://bugzilla.suse.com/show_bug.cgi?id=1235769 * https://bugzilla.suse.com/show_bug.cgi?id=1235921 * https://bugzilla.suse.com/show_bug.cgi?id=1238912 * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1243648 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:32:59 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:32:59 -0000 Subject: SUSE-SU-2025:20516-1: important: Security update for helm Message-ID: <175429637949.25540.9793374316467075704@smelt2.prg2.suse.org> # Security update for helm Announcement ID: SUSE-SU-2025:20516-1 Release Date: 2025-07-30T09:26:37Z Rating: important References: * bsc#1241802 * bsc#1246152 Cross-References: * CVE-2025-22872 * CVE-2025-53547 CVSS scores: * CVE-2025-22872 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-22872 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-53547 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H * CVE-2025-53547 ( SUSE ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H * CVE-2025-53547 ( NVD ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for helm fixes the following issues: Update to version 3.18.4 (bsc#1246152, CVE-2025-53547): * Disabling linter due to unknown issue f20a4ad (Matt Farina) * build(deps): bump the k8s-io group with 7 updates 563b094 (dependabot[bot]) * Updating link handling 00de613 (Matt Farina) Update to version 3.18.3: * build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0 6838ebc (dependabot[bot]) * fix: user username password for login 5b9e2f6 (Terry Howe) * Update pkg/registry/transport.go 2782412 (Terry Howe) * Update pkg/registry/transport.go e66cf6a (Terry Howe) * fix: add debug logging to oci transport 191f05c (Terry Howe) Update to version 3.18.2: * fix: legacy docker support broken for login 04cad46 (Terry Howe) * Handle an empty registry config file. bc9f8a2 (Matt Farina) Update to version 3.18.1: * Notes: * This release fixes regressions around template generation and OCI registry interaction in 3.18.0 * There are at least 2 known regressions unaddressed in this release. They are being worked on. * Empty registry configuration files. When the file exists but it is empty. * Login to Docker Hub on some domains fails. * Changelog * fix(client): skipnode utilization for PreCopy * fix(client): layers now returns manifest - remove duplicate from descriptors * fix(client): return nil on non-allowed media types * Prevent fetching newReference again as we have in calling method * Prevent failure when resolving version tags in oras memory store * Update pkg/plugin/plugin.go * Update pkg/plugin/plugin.go * Wait for Helm v4 before raising when platformCommand and Command are set * Fix 3.18.0 regression: registry login with scheme * Revert "fix (helm) : toToml` renders int as float [ backport to v3 ]" Update to version 3.18.0 (bsc#1241802, CVE-2025-22872): * Notable Changes: * Add support for JSON Schema 2020 * Enabled cpu and memory profiling * Add hook annotation to output hook logs to client on error * Changelog: * build(deps): bump the k8s-io group with 7 updates * fix: govulncheck workflow * bump version to v3.18.0 * fix:add proxy support when mTLS configured * docs: Note about http fallback for OCI registries * Bump net package to avoid CVE on dev-v3 * Bump toml * backport #30677to dev3 * build(deps): bump github.com/rubenv/sql-migrate from 1.7.2 to 1.8.0 * Add install test for TakeOwnership flag * Fix --take-ownership * build(deps): bump github.com/rubenv/sql-migrate from 1.7.1 to 1.7.2 * build(deps): bump golang.org/x/crypto from 0.36.0 to 0.37.0 * build(deps): bump golang.org/x/term from 0.30.0 to 0.31.0 * Testing text bump * Permit more Go version and not only 1.23.8 * Bumps github.com/distribution/distribution/v3 from 3.0.0-rc.3 to 3.0.0 * Unarchiving fix * Fix typo * Report as debug log, the time spent waiting for resources * build(deps): bump github.com/containerd/containerd from 1.7.26 to 1.7.27 * Update pkg/registry/fallback.go * automatic fallback to http * chore(oci): upgrade to ORAS v2 * Updating to 0.37.0 for x/net * build(deps): bump the k8s-io group with 7 updates * build(deps): bump golang.org/x/crypto from 0.35.0 to 0.36.0 * build(deps): bump github.com/opencontainers/image-spec * build(deps): bump github.com/containerd/containerd from 1.7.25 to 1.7.26 * build(deps): bump golang.org/x/crypto from 0.33.0 to 0.35.0 * Fix cherry-pick helm.sh/helm/v4 -> helm.sh/helm/v3 * Refactor based on review comment * Refactor based on review comment * Add HookOutputFunc and generic yaml unmarshaller * clarify fix error message * fix err check * remove comments about previous functionality * add short circuit return * Update based on review comments * Update based on review comments * Fix lint * Tidy up imports * Add hook annotations to output pod logs to client on success and fail * chore: use []error instead of []string * Update cmd/helm/profiling.go * chore: update profiling doc in CONTRIBUTING.md * Update CONTRIBUTING guide * Prefer environment variables to CLI flags * Fix linter warning * Move pprof paths to HELM_PPROF env variable * Update CONTRIBUTING.md * Update CONTRIBUTING.md * Additional review fixes from PR * feat: Add flags to enable CPU and memory profiling * build(deps): bump github.com/distribution/distribution/v3 * build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1 * Moving to SetOut and SetErr for Cobra * build(deps): bump the k8s-io group with 7 updates * build(deps): bump golang.org/x/crypto from 0.32.0 to 0.33.0 * build(deps): bump golang.org/x/term from 0.28.0 to 0.29.0 * build(deps): bump golang.org/x/text from 0.21.0 to 0.22.0 * build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6 * build(deps): bump github.com/cyphar/filepath-securejoin * build(deps): bump github.com/evanphx/json-patch * build(deps): bump the k8s-io group with 7 updates * fix: check group for resource info match * Bump github.com/cyphar/filepath-securejoin from 0.3.6 to 0.4.0 * add test for nullifying nested global value * Ensuring the file paths are clean prior to passing to securejoin * Bump github.com/containerd/containerd from 1.7.24 to 1.7.25 * Bump golang.org/x/crypto from 0.31.0 to 0.32.0 * Bump golang.org/x/term from 0.27.0 to 0.28.0 * bump version to v3.17.0 * Bump github.com/moby/term from 0.5.0 to 0.5.2 * Add test case for removing an entire object * Tests for bugfix: Override subcharts with null values #12879 * feat: Added multi-platform plugin hook support to v3 * This commit fixes the issue where the yaml.Unmarshaller converts all int values into float64, this passes in option to decoder, which enables conversion of int into . * merge null child chart objects Update to version 3.17.3: Helm v3.17.3 is a security (patch) release. Users are strongly recommended to update to this release. * Changelog * Unarchiving fix e4da497 (Matt Farina) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-404=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * helm-debuginfo-3.18.4-1.1 * helm-3.18.4-1.1 * SUSE Linux Micro 6.0 (noarch) * helm-bash-completion-3.18.4-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22872.html * https://www.suse.com/security/cve/CVE-2025-53547.html * https://bugzilla.suse.com/show_bug.cgi?id=1241802 * https://bugzilla.suse.com/show_bug.cgi?id=1246152 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:33:02 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:33:02 -0000 Subject: SUSE-SU-2025:20515-1: important: Security update for ignition Message-ID: <175429638226.25540.503355397078367186@smelt2.prg2.suse.org> # Security update for ignition Announcement ID: SUSE-SU-2025:20515-1 Release Date: 2025-07-30T09:22:52Z Rating: important References: * bsc#1238681 * bsc#1239192 Cross-References: * CVE-2025-22868 * CVE-2025-22870 CVSS scores: * CVE-2025-22868 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22868 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22870 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-22870 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for ignition fixes the following issues: * CVE-2025-22870: golang.org/x/net/http/httpproxy: Fixed proxy bypass using IPv6 zone IDs (bsc#1238681) * CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239192) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-403=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * ignition-debuginfo-2.19.0-2.1 * ignition-2.19.0-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22868.html * https://www.suse.com/security/cve/CVE-2025-22870.html * https://bugzilla.suse.com/show_bug.cgi?id=1238681 * https://bugzilla.suse.com/show_bug.cgi?id=1239192 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:33:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:33:07 -0000 Subject: SUSE-SU-2025:20514-1: important: Security update for protobuf Message-ID: <175429638727.25540.8346097751753526716@smelt2.prg2.suse.org> # Security update for protobuf Announcement ID: SUSE-SU-2025:20514-1 Release Date: 2025-07-30T09:19:49Z Rating: important References: * bsc#1244663 Cross-References: * CVE-2025-4565 CVSS scores: * CVE-2025-4565 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-4565 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4565 ( NVD ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for protobuf fixes the following issues: * CVE-2025-4565: Fixed a crash due to RecursionError (bsc#1244663) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-402=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libprotobuf-lite23_4_0-23.4-10.1 * protobuf-debugsource-23.4-10.1 * libprotobuf-lite23_4_0-debuginfo-23.4-10.1 * libprotobuf23_4_0-23.4-10.1 * libprotobuf23_4_0-debuginfo-23.4-10.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4565.html * https://bugzilla.suse.com/show_bug.cgi?id=1244663 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:33:15 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:33:15 -0000 Subject: SUSE-SU-2025:20513-1: important: Security update for pam-config Message-ID: <175429639548.25540.16533706709797584923@smelt2.prg2.suse.org> # Security update for pam-config Announcement ID: SUSE-SU-2025:20513-1 Release Date: 2025-07-29T14:28:20Z Rating: important References: * bsc#1243226 Cross-References: * CVE-2025-6018 CVSS scores: * CVE-2025-6018 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-6018 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-6018 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for pam-config fixes the following issues: * CVE-2025-6018: Stop adding pam_env in AUTH stack, and be sure to put this module at the really end of the SESSION stack. (bsc#1243226) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-401=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * pam-config-debuginfo-2.11-2.1 * pam-config-2.11-2.1 * pam-config-debugsource-2.11-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6018.html * https://bugzilla.suse.com/show_bug.cgi?id=1243226 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:33:42 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:33:42 -0000 Subject: SUSE-SU-2025:20511-1: important: Security update for grub2 Message-ID: <175429642214.25540.11314479356752714949@smelt2.prg2.suse.org> # Security update for grub2 Announcement ID: SUSE-SU-2025:20511-1 Release Date: 2025-07-29T08:22:13Z Rating: important References: * bsc#1229163 * bsc#1229164 * bsc#1233606 * bsc#1233608 * bsc#1233609 * bsc#1233610 * bsc#1233612 * bsc#1233613 * bsc#1233614 * bsc#1233615 * bsc#1233616 * bsc#1233617 * bsc#1234958 * bsc#1236316 * bsc#1236317 * bsc#1237002 * bsc#1237006 * bsc#1237008 * bsc#1237009 * bsc#1237010 * bsc#1237011 * bsc#1237012 * bsc#1237013 * bsc#1237014 * bsc#1239674 * bsc#1242971 Cross-References: * CVE-2024-45774 * CVE-2024-45775 * CVE-2024-45776 * CVE-2024-45777 * CVE-2024-45778 * CVE-2024-45779 * CVE-2024-45780 * CVE-2024-45781 * CVE-2024-45782 * CVE-2024-45783 * CVE-2024-49504 * CVE-2024-56737 * CVE-2025-0622 * CVE-2025-0624 * CVE-2025-0677 * CVE-2025-0678 * CVE-2025-0684 * CVE-2025-0685 * CVE-2025-0686 * CVE-2025-0689 * CVE-2025-0690 * CVE-2025-1118 * CVE-2025-1125 * CVE-2025-4382 CVSS scores: * CVE-2024-45774 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45774 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45775 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45775 ( NVD ): 5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2024-45776 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45776 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45777 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45777 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45778 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45778 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45778 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45779 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45779 ( NVD ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2024-45779 ( NVD ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2024-45780 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45780 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45781 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45781 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45782 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45782 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45782 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45783 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45783 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49504 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49504 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-49504 ( NVD ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-56737 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56737 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56737 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-0622 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0622 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0624 ( SUSE ): 7.6 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2025-0624 ( NVD ): 7.6 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2025-0677 ( SUSE ): 8.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-0677 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0677 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0678 ( SUSE ): 8.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-0678 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0678 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0678 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0684 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0684 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0684 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0685 ( SUSE ): 8.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-0685 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0685 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0685 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0686 ( SUSE ): 8.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-0686 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0686 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0686 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0689 ( SUSE ): 8.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-0689 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0689 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0689 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-0690 ( SUSE ): 7.3 CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-0690 ( SUSE ): 6.1 CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2025-0690 ( NVD ): 6.1 CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1118 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-1118 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2025-1118 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2025-1125 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-1125 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-1125 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-1125 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-4382 ( SUSE ): 8.4 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N * CVE-2025-4382 ( SUSE ): 5.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2025-4382 ( NVD ): 5.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves 24 vulnerabilities and has two fixes can now be installed. ## Description: This update for grub2 fixes the following issues: * CVE-2025-4382: Fixed TPM auto-decryption data exposure (bsc#1242971) * Filter out the non-subvolume btrfs mount points when creating the relative path (bsc#1239674) * CVE-2024-45781: Fixed ufs strcpy overflow (bsc#1233617) * CVE-2024-56737: Fixed heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem (bsc#1234958) * CVE-2024-45782: Fixed hfs strcpy overflow (bsc#1233615) * CVE-2024-45780: Fixed overflow in tar/cpio(bsc#1233614) * CVE-2024-45783: Fixed hfsplus refcount overflow (bsc#1233616) * CVE-2025-0624: Fixed out-of-bounds write in grub_net_search_config_file() (bsc#1236316) * CVE-2024-45774: Fixed heap overflows in JPEG parser (bsc#1233609) * CVE-2024-45775: Fixed missing NULL check in extcmd parser (bsc#1233610) * CVE-2025-0622: Fixed command/gpg: Use-after-free due to hooks not being removed on module unload (bsc#1236317) * CVE-2024-45776: Fixed overflow in .MO file (gettext) handling (bsc#1233612) * CVE-2024-45777: Fixed integer overflow in gettext (bsc#1233613) * CVE-2025-0690: Fixed integer overflow in read that may lead to out-of-bounds write (bsc#1237012) * CVE-2025-1118: Fixed commands/dump: The dump command is not in lockdown when secure boot is enabled(bsc#1237013) * CVE-2024-45778: Fixed bfs filesystem not fuzzing stable (bsc#1233606) * CVE-2024-45779: Fixed bfs heap overflow (bsc#1233608) * CVE-2025-0677: Fixed integer overflow that may lead to heap based out-of- bounds write when handling symlinks in ufs (bsc#1237002) * CVE-2025-0684: Fixed reiserfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data (bsc#1237008) * CVE-2025-0685: Fixed jfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data (bsc#1237009) * CVE-2025-0686: Fixed romfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data (bsc#1237010) * CVE-2025-0689: Fixed udf: Heap based buffer overflow in grub_udf_read_block() may lead to arbitrary code execution (bsc#1237011) * CVE-2025-1125: Fixed fs/hfs: Interger overflow may lead to heap based out- of-bounds write (bsc#1237014) * CVE-2025-0678: Fixed squash4: Integer overflow may lead to heap based out- of-bounds write when reading data (bsc#1237006) * Bump upstream SBAT generation to 5 to block older grub2 versions. * CVE-2024-49504: Fixed Bypassing TPM-bound disk encryption on SL(E)M encrypted Images (bsc#1229163) (bsc#1229164) * Restrict CLI access if the encrypted root device is automatically unlocked by the TPM. LUKS password authentication is required for access to be granted * Obsolete, as CLI access is now locked and granted access no longer requires the previous restrictions ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-399=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * grub2-debuginfo-2.12~rc1-6.1 * grub2-debugsource-2.12~rc1-6.1 * grub2-2.12~rc1-6.1 * SUSE Linux Micro 6.0 (noarch) * grub2-snapper-plugin-2.12~rc1-6.1 * grub2-i386-pc-2.12~rc1-6.1 * grub2-x86_64-xen-2.12~rc1-6.1 * grub2-arm64-efi-2.12~rc1-6.1 * grub2-x86_64-efi-2.12~rc1-6.1 * SUSE Linux Micro 6.0 (s390x) * grub2-s390x-emu-2.12~rc1-6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45774.html * https://www.suse.com/security/cve/CVE-2024-45775.html * https://www.suse.com/security/cve/CVE-2024-45776.html * https://www.suse.com/security/cve/CVE-2024-45777.html * https://www.suse.com/security/cve/CVE-2024-45778.html * https://www.suse.com/security/cve/CVE-2024-45779.html * https://www.suse.com/security/cve/CVE-2024-45780.html * https://www.suse.com/security/cve/CVE-2024-45781.html * https://www.suse.com/security/cve/CVE-2024-45782.html * https://www.suse.com/security/cve/CVE-2024-45783.html * https://www.suse.com/security/cve/CVE-2024-49504.html * https://www.suse.com/security/cve/CVE-2024-56737.html * https://www.suse.com/security/cve/CVE-2025-0622.html * https://www.suse.com/security/cve/CVE-2025-0624.html * https://www.suse.com/security/cve/CVE-2025-0677.html * https://www.suse.com/security/cve/CVE-2025-0678.html * https://www.suse.com/security/cve/CVE-2025-0684.html * https://www.suse.com/security/cve/CVE-2025-0685.html * https://www.suse.com/security/cve/CVE-2025-0686.html * https://www.suse.com/security/cve/CVE-2025-0689.html * https://www.suse.com/security/cve/CVE-2025-0690.html * https://www.suse.com/security/cve/CVE-2025-1118.html * https://www.suse.com/security/cve/CVE-2025-1125.html * https://www.suse.com/security/cve/CVE-2025-4382.html * https://bugzilla.suse.com/show_bug.cgi?id=1229163 * https://bugzilla.suse.com/show_bug.cgi?id=1229164 * https://bugzilla.suse.com/show_bug.cgi?id=1233606 * https://bugzilla.suse.com/show_bug.cgi?id=1233608 * https://bugzilla.suse.com/show_bug.cgi?id=1233609 * https://bugzilla.suse.com/show_bug.cgi?id=1233610 * https://bugzilla.suse.com/show_bug.cgi?id=1233612 * https://bugzilla.suse.com/show_bug.cgi?id=1233613 * https://bugzilla.suse.com/show_bug.cgi?id=1233614 * https://bugzilla.suse.com/show_bug.cgi?id=1233615 * https://bugzilla.suse.com/show_bug.cgi?id=1233616 * https://bugzilla.suse.com/show_bug.cgi?id=1233617 * https://bugzilla.suse.com/show_bug.cgi?id=1234958 * https://bugzilla.suse.com/show_bug.cgi?id=1236316 * https://bugzilla.suse.com/show_bug.cgi?id=1236317 * https://bugzilla.suse.com/show_bug.cgi?id=1237002 * https://bugzilla.suse.com/show_bug.cgi?id=1237006 * https://bugzilla.suse.com/show_bug.cgi?id=1237008 * https://bugzilla.suse.com/show_bug.cgi?id=1237009 * https://bugzilla.suse.com/show_bug.cgi?id=1237010 * https://bugzilla.suse.com/show_bug.cgi?id=1237011 * https://bugzilla.suse.com/show_bug.cgi?id=1237012 * https://bugzilla.suse.com/show_bug.cgi?id=1237013 * https://bugzilla.suse.com/show_bug.cgi?id=1237014 * https://bugzilla.suse.com/show_bug.cgi?id=1239674 * https://bugzilla.suse.com/show_bug.cgi?id=1242971 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:33:49 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:33:49 -0000 Subject: SUSE-SU-2025:20510-1: moderate: Security update for docker Message-ID: <175429642940.25540.9232820828350551071@smelt2.prg2.suse.org> # Security update for docker Announcement ID: SUSE-SU-2025:20510-1 Release Date: 2025-07-28T14:32:31Z Rating: moderate References: * bsc#1240150 * bsc#1241830 * bsc#1242114 * bsc#1243833 * bsc#1244035 * bsc#1246556 Cross-References: * CVE-2025-22872 CVSS scores: * CVE-2025-22872 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-22872 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability and has five fixes can now be installed. ## Description: This update for docker fixes the following issues: * Update to Go 1.24 for builds, to match upstream. * Update to Docker 28.3.2-ce. See upstream changelog online at * Update to Docker 28.3.1-ce. See upstream changelog online at * Update to Docker 28.3.0-ce. See upstream changelog online at bsc#1246556 * Update to docker-buildx v0.25.0. Upstream changelog: * CVE-2025-22872: golang.org/x/net/html: Fixed incorrectly interpreted tags causing content to be placed wrong scope during DOM construction (bsc#1241830) * Do not try to inject SUSEConnect secrets when in Rootless Docker mode, as Docker does not have permission to access the host zypper credentials in this mode (and unprivileged users cannot disable the feature using /etc/docker/suse-secrets-enable.) bsc#1240150 * Always clear SUSEConnect suse_* secrets when starting containers regardless of whether the daemon was built with SUSEConnect support. Not doing this causes containers from SUSEConnect-enabled daemons to fail to start when running with SUSEConnect-disabled (i.e. upstream) daemons. This was a long-standing issue with our secrets support but until recently this would've required migrating from SLE packages to openSUSE packages (which wasn't supported). However, as SLE Micro 6.x and SLES 16 will move away from in-built SUSEConnect support, this is now a practical issue users will run into. bsc#1244035 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-398=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * docker-debuginfo-28.3.2_ce-5.1 * docker-buildx-debuginfo-0.25.0-5.1 * docker-28.3.2_ce-5.1 * docker-buildx-0.25.0-5.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22872.html * https://bugzilla.suse.com/show_bug.cgi?id=1240150 * https://bugzilla.suse.com/show_bug.cgi?id=1241830 * https://bugzilla.suse.com/show_bug.cgi?id=1242114 * https://bugzilla.suse.com/show_bug.cgi?id=1243833 * https://bugzilla.suse.com/show_bug.cgi?id=1244035 * https://bugzilla.suse.com/show_bug.cgi?id=1246556 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:33:55 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:33:55 -0000 Subject: SUSE-SU-2025:20509-1: moderate: Security update for jbigkit Message-ID: <175429643558.25540.6756816012858919895@smelt2.prg2.suse.org> # Security update for jbigkit Announcement ID: SUSE-SU-2025:20509-1 Release Date: 2025-07-28T14:29:10Z Rating: moderate References: * bsc#1198146 Cross-References: * CVE-2022-1210 CVSS scores: * CVE-2022-1210 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2022-1210 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for jbigkit fixes the following issues: * Updated to version 2.1: * CVE-2022-1210: Fixed denial of service in TIFF File Handler (bsc#1198146) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-397=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * jbigkit-debugsource-2.1-4.1 * libjbig2-debuginfo-2.1-4.1 * libjbig2-2.1-4.1 ## References: * https://www.suse.com/security/cve/CVE-2022-1210.html * https://bugzilla.suse.com/show_bug.cgi?id=1198146 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:34:00 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:34:00 -0000 Subject: SUSE-SU-2025:20508-1: important: Security update for glib2 Message-ID: <175429644031.25540.3145825219769224822@smelt2.prg2.suse.org> # Security update for glib2 Announcement ID: SUSE-SU-2025:20508-1 Release Date: 2025-07-24T11:46:50Z Rating: important References: * bsc#1242844 * bsc#1244596 Cross-References: * CVE-2025-4373 * CVE-2025-6052 CVSS scores: * CVE-2025-4373 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-4373 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-4373 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-6052 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-6052 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-6052 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for glib2 fixes the following issues: * CVE-2025-4373: Fixed buffer underflow through glib/gstring.c via function g_string_insert_unichar (bsc#1242844) * CVE-2025-6052: Fixed integer overflow in g_string_maybe_expand() leads to potential buffer overflow in GString (bsc#1244596) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-395=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * glib2-tools-2.76.2-9.1 * libgobject-2_0-0-debuginfo-2.76.2-9.1 * libgmodule-2_0-0-2.76.2-9.1 * libgobject-2_0-0-2.76.2-9.1 * libgmodule-2_0-0-debuginfo-2.76.2-9.1 * libgio-2_0-0-debuginfo-2.76.2-9.1 * glib2-debugsource-2.76.2-9.1 * glib2-tools-debuginfo-2.76.2-9.1 * libglib-2_0-0-debuginfo-2.76.2-9.1 * libgio-2_0-0-2.76.2-9.1 * libglib-2_0-0-2.76.2-9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4373.html * https://www.suse.com/security/cve/CVE-2025-6052.html * https://bugzilla.suse.com/show_bug.cgi?id=1242844 * https://bugzilla.suse.com/show_bug.cgi?id=1244596 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:34:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:34:04 -0000 Subject: SUSE-SU-2025:20507-1: moderate: Security update for gstreamer-plugins-base Message-ID: <175429644437.25540.8312936324685805014@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-base Announcement ID: SUSE-SU-2025:20507-1 Release Date: 2025-07-24T11:44:54Z Rating: moderate References: * bsc#1244403 * bsc#1244404 * bsc#1244407 Cross-References: * CVE-2025-47806 * CVE-2025-47807 * CVE-2025-47808 CVSS scores: * CVE-2025-47806 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-47806 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-47807 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-47807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-47808 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-47808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for gstreamer-plugins-base fixes the following issues: * CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser (bsc#1244403) * CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser (bsc#1244404) * CVE-2025-47806: Fixed Stack buffer overflow in SubRip subtitle parser (bsc#1244407) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-394=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libgstaudio-1_0-0-1.22.9-3.1 * libgstgl-1_0-0-debuginfo-1.22.9-3.1 * libgstapp-1_0-0-debuginfo-1.22.9-3.1 * libgstgl-1_0-0-1.22.9-3.1 * libgsttag-1_0-0-1.22.9-3.1 * libgstpbutils-1_0-0-debuginfo-1.22.9-3.1 * libgstpbutils-1_0-0-1.22.9-3.1 * libgsttag-1_0-0-debuginfo-1.22.9-3.1 * libgstvideo-1_0-0-debuginfo-1.22.9-3.1 * libgstaudio-1_0-0-debuginfo-1.22.9-3.1 * libgstriff-1_0-0-1.22.9-3.1 * libgstallocators-1_0-0-1.22.9-3.1 * libgstriff-1_0-0-debuginfo-1.22.9-3.1 * libgstvideo-1_0-0-1.22.9-3.1 * libgstapp-1_0-0-1.22.9-3.1 * gstreamer-plugins-base-1.22.9-3.1 * gstreamer-plugins-base-debugsource-1.22.9-3.1 * gstreamer-plugins-base-debuginfo-1.22.9-3.1 * libgstallocators-1_0-0-debuginfo-1.22.9-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47806.html * https://www.suse.com/security/cve/CVE-2025-47807.html * https://www.suse.com/security/cve/CVE-2025-47808.html * https://bugzilla.suse.com/show_bug.cgi?id=1244403 * https://bugzilla.suse.com/show_bug.cgi?id=1244404 * https://bugzilla.suse.com/show_bug.cgi?id=1244407 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:34:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:34:08 -0000 Subject: SUSE-SU-2025:20506-1: moderate: Security update for jq Message-ID: <175429644876.25540.16956226893301391422@smelt2.prg2.suse.org> # Security update for jq Announcement ID: SUSE-SU-2025:20506-1 Release Date: 2025-07-24T11:41:20Z Rating: moderate References: * bsc#1243450 Cross-References: * CVE-2024-23337 CVSS scores: * CVE-2024-23337 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-23337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-23337 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-23337 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for jq fixes the following issues: * CVE-2024-23337: Fixed signed integer overflow in jv.c:jvp_array_write (bsc#1243450) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-393=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libjq1-1.6-4.1 * libjq1-debuginfo-1.6-4.1 * jq-debugsource-1.6-4.1 * jq-1.6-4.1 * jq-debuginfo-1.6-4.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23337.html * https://bugzilla.suse.com/show_bug.cgi?id=1243450 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:34:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:34:13 -0000 Subject: SUSE-SU-2025:02606-1: important: Security update for the Linux Kernel (Live Patch 66 for SLE 12 SP5) Message-ID: <175429645332.25540.11818588907490424180@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 66 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:02606-1 Release Date: 2025-08-02T16:34:10Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_250 fixes several issues. The following security issues were fixed: * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-2606=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_250-default-5-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:34:17 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:34:17 -0000 Subject: SUSE-SU-2025:02604-1: important: Security update for the Linux Kernel (Live Patch 62 for SLE 12 SP5) Message-ID: <175429645783.25540.11221726554060529051@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 62 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:02604-1 Release Date: 2025-08-02T13:04:56Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_234 fixes several issues. The following security issues were fixed: * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-2604=1 SUSE-SLE-Live- Patching-12-SP5-2025-2605=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_234-default-12-2.1 * kgraft-patch-4_12_14-122_231-default-12-2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:34:23 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:34:23 -0000 Subject: SUSE-SU-2025:02602-1: important: Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP6) Message-ID: <175429646368.25540.3164776764033816238@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02602-1 Release Date: 2025-08-02T06:06:10Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_29 fixes several issues. The following security issues were fixed: * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2602=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-2603=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_26-rt-4-150600.2.1 * kernel-livepatch-6_4_0-150600_10_29-rt-4-150600.2.1 * kernel-livepatch-6_4_0-150600_10_29-rt-debuginfo-4-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_9-debugsource-4-150600.2.1 * kernel-livepatch-6_4_0-150600_10_26-rt-debuginfo-4-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_8-debugsource-4-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:34:31 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:34:31 -0000 Subject: SUSE-SU-2025:02601-1: important: Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6) Message-ID: <175429647135.25540.10160037707849071603@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02601-1 Release Date: 2025-08-02T05:34:36Z Rating: important References: * bsc#1228645 * bsc#1235250 * bsc#1245771 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-26809 * CVE-2024-41069 * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-26809 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26809 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41069 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41069 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves seven vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_8 fixes several issues. The following security issues were fixed: * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). * CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228645). * CVE-2024-26809: netfilter: nft_set_pipapo: release elements in clone only from destroy path (bsc#1245771). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2601=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-SLE15-SP6-RT_Update_0-debugsource-19-150600.3.1 * kernel-livepatch-6_4_0-150600_8-rt-debuginfo-19-150600.3.1 * kernel-livepatch-6_4_0-150600_8-rt-19-150600.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26809.html * https://www.suse.com/security/cve/CVE-2024-41069.html * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1228645 * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245771 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 08:34:37 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 08:34:37 -0000 Subject: SUSE-SU-2025:02600-1: important: Security update for nvidia-open-driver-G06-signed Message-ID: <175429647799.25540.15329268069976440166@smelt2.prg2.suse.org> # Security update for nvidia-open-driver-G06-signed Announcement ID: SUSE-SU-2025:02600-1 Release Date: 2025-08-01T20:15:46Z Rating: important References: * bsc#1234675 * bsc#1235461 * bsc#1235871 Cross-References: * CVE-2024-0131 * CVE-2024-0147 * CVE-2024-0149 * CVE-2024-0150 * CVE-2024-53869 CVSS scores: * CVE-2024-0131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-0131 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0147 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0149 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-0149 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-0150 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-53869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53869 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * Public Cloud Module 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS An update that solves five vulnerabilities can now be installed. ## Description: This update for nvidia-open-driver-G06-signed fixes the following issues: * Update to 550.144.03 (bsc#1235461, bsc#1235871) * fixes CVE-2024-0131, CVE-2024-0147, CVE-2024-0149, CVE-2024-0150, CVE-2024-53869 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-2600=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-2600=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2600=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2600=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2600=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2600=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2600=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-2600=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2600=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2600=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2600=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2600=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-2600=1 ## Package List: * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.89.1 * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150400.89.1 * nv-prefer-signed-open-driver-565.57.01-150400.89.1 * SUSE Manager Server 4.3 LTS (x86_64) * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.89.1 * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150400.89.1 * nv-prefer-signed-open-driver-565.57.01-150400.89.1 * openSUSE Leap 15.4 (x86_64) * nvidia-open-driver-G06-signed-cuda-azure-devel-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-kmp-azure-debuginfo-550.144.03_k5.14.21_150400.14.75-150400.89.1 * nvidia-open-driver-G06-signed-azure-devel-550.144.03-150400.89.1 * nvidia-open-driver-G06-signed-kmp-azure-550.144.03_k5.14.21_150400.14.75-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-azure-565.57.01_k5.14.21_150400.14.75-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-azure-debuginfo-565.57.01_k5.14.21_150400.14.75-150400.89.1 * openSUSE Leap 15.4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.89.1 * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150400.89.1 * nv-prefer-signed-open-driver-565.57.01-150400.89.1 * openSUSE Leap 15.4 (aarch64) * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-64kb-devel-550.144.03-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-64kb-devel-565.57.01-150400.89.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.89.1 * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nv-prefer-signed-open-driver-565.57.01-150400.89.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.89.1 * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nv-prefer-signed-open-driver-565.57.01-150400.89.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.89.1 * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nv-prefer-signed-open-driver-565.57.01-150400.89.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.89.1 * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nv-prefer-signed-open-driver-565.57.01-150400.89.1 * Public Cloud Module 15-SP4 (x86_64) * nvidia-open-driver-G06-signed-cuda-azure-devel-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-kmp-azure-debuginfo-550.144.03_k5.14.21_150400.14.75-150400.89.1 * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-azure-devel-550.144.03-150400.89.1 * nvidia-open-driver-G06-signed-kmp-azure-550.144.03_k5.14.21_150400.14.75-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-azure-565.57.01_k5.14.21_150400.14.75-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-azure-debuginfo-565.57.01_k5.14.21_150400.14.75-150400.89.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.89.1 * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150400.89.1 * nv-prefer-signed-open-driver-565.57.01-150400.89.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-64kb-devel-550.144.03-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-64kb-devel-565.57.01-150400.89.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.89.1 * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150400.89.1 * nv-prefer-signed-open-driver-565.57.01-150400.89.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-64kb-devel-550.144.03-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-64kb-devel-565.57.01-150400.89.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 x86_64) * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.89.1 * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150400.89.1 * nv-prefer-signed-open-driver-565.57.01-150400.89.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64) * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-64kb-devel-550.144.03-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-64kb-devel-565.57.01-150400.89.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.24.170-150400.89.1 * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150400.89.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.89.1 * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.24.170-150400.89.1 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150400.89.1 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150400.89.1 * nv-prefer-signed-open-driver-565.57.01-150400.89.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0131.html * https://www.suse.com/security/cve/CVE-2024-0147.html * https://www.suse.com/security/cve/CVE-2024-0149.html * https://www.suse.com/security/cve/CVE-2024-0150.html * https://www.suse.com/security/cve/CVE-2024-53869.html * https://bugzilla.suse.com/show_bug.cgi?id=1234675 * https://bugzilla.suse.com/show_bug.cgi?id=1235461 * https://bugzilla.suse.com/show_bug.cgi?id=1235871 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 12:33:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 12:33:05 -0000 Subject: SUSE-SU-2025:02647-1: important: Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP4) Message-ID: <175431078500.25534.14111408646447341592@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:02647-1 Release Date: 2025-08-04T11:34:23Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-53125 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_164 fixes several issues. The following security issues were fixed: * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2651=1 SUSE-2025-2641=1 SUSE-2025-2664=1 SUSE-2025-2647=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-2647=1 SUSE-SLE- Module-Live-Patching-15-SP4-2025-2651=1 SUSE-SLE-Module-Live- Patching-15-SP4-2025-2641=1 SUSE-SLE-Module-Live-Patching-15-SP4-2025-2664=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_150-default-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_37-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_161-default-3-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_39-debugsource-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_161-default-debuginfo-3-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_40-debugsource-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_150-default-debuginfo-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_36-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_164-default-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_153-default-debuginfo-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_153-default-4-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_150-default-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_37-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_161-default-3-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_39-debugsource-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_161-default-debuginfo-3-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_40-debugsource-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_150-default-debuginfo-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_36-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_164-default-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_153-default-debuginfo-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_153-default-4-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 12:33:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 12:33:08 -0000 Subject: SUSE-SU-2025:02636-1: important: Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP4) Message-ID: <175431078892.25534.970171772344248522@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:02636-1 Release Date: 2025-08-04T09:04:46Z Rating: important References: * bsc#1228645 * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-41069 * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-41069 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41069 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves six vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_125 fixes several issues. The following security issues were fixed: * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). * CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228645). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2636=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-2636=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_125-default-16-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_28-debugsource-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-16-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_125-default-16-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_28-debugsource-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-16-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-41069.html * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1228645 * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 12:33:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 12:33:13 -0000 Subject: SUSE-SU-2025:02632-1: important: Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6) Message-ID: <175431079331.25534.17787098833199865972@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02632-1 Release Date: 2025-08-04T11:34:30Z Rating: important References: * bsc#1235250 * bsc#1245771 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-26809 * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-26809 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26809 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves six vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_17 fixes several issues. The following security issues were fixed: * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). * CVE-2024-26809: netfilter: nft_set_pipapo: release elements in clone only from destroy path (bsc#1245771). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2632=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-2665=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2665=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_5-rt-18-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource-18-150600.2.1 * kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo-18-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_3-debugsource-18-150600.2.1 * kernel-livepatch-6_4_0-150600_23_17-default-18-150600.2.1 * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-18-150600.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_3-debugsource-18-150600.2.1 * kernel-livepatch-6_4_0-150600_23_17-default-18-150600.2.1 * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-18-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26809.html * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245771 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 12:33:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 12:33:16 -0000 Subject: SUSE-SU-2025:02652-1: important: Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5) Message-ID: <175431079667.25534.6721101993680716122@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:02652-1 Release Date: 2025-08-04T10:05:39Z Rating: important References: * bsc#1232927 * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_83 fixes several issues. The following security issues were fixed: * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2653=1 SUSE-2025-2652=1 SUSE-2025-2631=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-2653=1 SUSE-SLE- Module-Live-Patching-15-SP5-2025-2652=1 SUSE-SLE-Module-Live- Patching-15-SP5-2025-2631=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_83-default-12-150500.2.1 * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-12-150500.2.1 * kernel-livepatch-5_14_21-150500_55_80-default-12-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_20-debugsource-12-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_19-debugsource-12-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_17-debugsource-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_73-default-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-12-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_83-default-12-150500.2.1 * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-12-150500.2.1 * kernel-livepatch-5_14_21-150500_55_80-default-12-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_20-debugsource-12-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_19-debugsource-12-150500.2.1 * kernel-livepatch-5_14_21-150500_55_73-default-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-12-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le x86_64) * kernel-livepatch-SLE15-SP5_Update_17-debugsource-14-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1232927 * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 12:33:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 12:33:21 -0000 Subject: SUSE-SU-2025:02627-1: important: Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3) Message-ID: <175431080130.25534.10798174975285313552@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:02627-1 Release Date: 2025-08-04T08:34:47Z Rating: important References: * bsc#1228645 * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2024-41069 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-41069 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41069 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_167 fixes several issues. The following security issues were fixed: * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). * CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228645). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2627=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2627=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_46-debugsource-17-150300.2.1 * kernel-livepatch-5_3_18-150300_59_167-default-debuginfo-17-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_167-preempt-debuginfo-17-150300.2.1 * kernel-livepatch-5_3_18-150300_59_167-preempt-17-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-41069.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1228645 * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 12:33:23 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 12:33:23 -0000 Subject: SUSE-SU-2025:02626-1: important: Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP6) Message-ID: <175431080367.25534.2510701871006736413@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02626-1 Release Date: 2025-08-04T08:05:31Z Rating: important References: * bsc#1244337 * bsc#1245776 Cross-References: * CVE-2025-37752 CVSS scores: * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_39 fixes several issues. The following security issue was fixed: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2626=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_39-rt-2-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_11-debugsource-2-150600.2.1 * kernel-livepatch-6_4_0-150600_10_39-rt-debuginfo-2-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-37752.html * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 12:33:26 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 12:33:26 -0000 Subject: SUSE-SU-2025:02638-1: important: Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6) Message-ID: <175431080660.25534.11762785243612990502@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02638-1 Release Date: 2025-08-04T11:04:30Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_25 fixes several issues. The following security issues were fixed: * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2630=1 SUSE-2025-2638=1 SUSE-2025-2639=1 SUSE-2025-2658=1 SUSE-2025-2640=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-2630=1 SUSE-SLE- Module-Live-Patching-15-SP4-2025-2638=1 SUSE-SLE-Module-Live- Patching-15-SP4-2025-2639=1 SUSE-SLE-Module-Live-Patching-15-SP4-2025-2658=1 SUSE-SLE-Module-Live-Patching-15-SP4-2025-2640=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2624=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-2625=1 SUSE-SLE-Module-Live- Patching-15-SP6-2025-2633=1 SUSE-SLE-Module-Live-Patching-15-SP6-2025-2634=1 SUSE-SLE-Module-Live-Patching-15-SP6-2025-2643=1 SUSE-SLE-Module-Live- Patching-15-SP6-2025-2659=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2659=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_35-debugsource-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_33-debugsource-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_133-default-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_147-default-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-11-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_32-debugsource-12-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_31-debugsource-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_141-default-11-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_29-debugsource-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_128-default-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_136-default-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-9-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_35-debugsource-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_33-debugsource-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_133-default-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_147-default-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-11-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_32-debugsource-12-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_31-debugsource-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_141-default-11-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_29-debugsource-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_128-default-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_136-default-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-9-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo-13-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource-12-150600.2.1 * kernel-livepatch-6_4_0-150600_10_14-rt-13-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource-14-150600.2.1 * kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo-9-150600.2.1 * kernel-livepatch-6_4_0-150600_10_11-rt-debuginfo-14-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource-13-150600.2.1 * kernel-livepatch-6_4_0-150600_10_20-rt-9-150600.2.1 * kernel-livepatch-6_4_0-150600_10_11-rt-14-150600.2.1 * kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo-12-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_3-debugsource-14-150600.2.1 * kernel-livepatch-6_4_0-150600_10_17-rt-12-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource-9-150600.2.1 * kernel-livepatch-6_4_0-150600_10_8-rt-14-150600.2.1 * kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo-14-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_25-default-13-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_5-debugsource-13-150600.2.1 * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-13-150600.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_25-default-13-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_5-debugsource-13-150600.2.1 * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-13-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 12:33:31 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 12:33:31 -0000 Subject: SUSE-SU-2025:02648-1: important: Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6) Message-ID: <175431081146.25534.14687837636333562582@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02648-1 Release Date: 2025-08-04T10:05:04Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_23 fixes several issues. The following security issues were fixed: * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-2648=1 SUSE-SLE-Live- Patching-12-SP5-2025-2646=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2649=1 SUSE-2025-2629=1 SUSE-2025-2628=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2628=1 SUSE-SLE- Module-Live-Patching-15-SP3-2025-2649=1 SUSE-SLE-Module-Live- Patching-15-SP3-2025-2629=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2623=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-2623=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2644=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_225-default-14-2.1 * kgraft-patch-4_12_14-122_222-default-15-2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_188-default-debuginfo-8-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_49-debugsource-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_188-default-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-default-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_179-default-13-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_52-debugsource-8-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_47-debugsource-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-13-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_179-preempt-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-preempt-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_179-preempt-debuginfo-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_188-preempt-debuginfo-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_188-preempt-8-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_49-debugsource-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_188-default-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-default-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_179-default-13-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_47-debugsource-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-13-150300.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_91-default-8-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_22-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_91-default-debuginfo-8-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_91-default-8-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_22-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_91-default-debuginfo-8-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-SLE15-SP6-RT_Update_7-debugsource-9-150600.2.1 * kernel-livepatch-6_4_0-150600_10_23-rt-9-150600.2.1 * kernel-livepatch-6_4_0-150600_10_23-rt-debuginfo-9-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 12:33:35 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 12:33:35 -0000 Subject: SUSE-SU-2025:02637-1: important: Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP6) Message-ID: <175431081511.25534.8307263705711760431@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02637-1 Release Date: 2025-08-04T11:34:13Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_34 fixes several issues. The following security issues were fixed: * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-2637=1 SUSE-SLE-Live- Patching-12-SP5-2025-2622=1 SUSE-SLE-Live-Patching-12-SP5-2025-2663=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2650=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2650=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2654=1 SUSE-2025-2642=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-2654=1 SUSE-SLE- Module-Live-Patching-15-SP5-2025-2642=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2635=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_244-default-7-2.1 * kgraft-patch-4_12_14-122_247-default-5-2.1 * kgraft-patch-4_12_14-122_255-default-4-2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_198-default-5-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_55-debugsource-5-150300.2.1 * kernel-livepatch-5_3_18-150300_59_198-default-debuginfo-5-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_198-preempt-5-150300.2.1 * kernel-livepatch-5_3_18-150300_59_198-preempt-debuginfo-5-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_198-default-5-150300.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_24-debugsource-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_94-default-debuginfo-4-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_23-debugsource-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_97-default-debuginfo-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_94-default-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_97-default-4-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_24-debugsource-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_94-default-debuginfo-4-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_23-debugsource-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_97-default-debuginfo-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_94-default-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_97-default-4-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_34-rt-debuginfo-3-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_10-debugsource-3-150600.2.1 * kernel-livepatch-6_4_0-150600_10_34-rt-3-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 12:33:44 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 12:33:44 -0000 Subject: SUSE-SU-2025:02657-1: important: Security update for java-21-openjdk Message-ID: <175431082492.25534.14176946524313154097@smelt2.prg2.suse.org> # Security update for java-21-openjdk Announcement ID: SUSE-SU-2025:02657-1 Release Date: 2025-08-04T10:34:53Z Rating: important References: * bsc#1213796 * bsc#1246575 * bsc#1246584 * bsc#1246595 * bsc#1246598 Cross-References: * CVE-2025-30749 * CVE-2025-30754 * CVE-2025-50059 * CVE-2025-50106 CVSS scores: * CVE-2025-30749 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-30749 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-30749 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-30754 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-30754 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-30754 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-50059 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-50059 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-50106 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-50106 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.8+9 (July 2025 CPU): Security fixes: * CVE-2025-30749: several scenarios can lead to heap corruption (bsc#1246595) * CVE-2025-30754: incomplete handshake may lead to weakening TLS protections (bsc#1246598) * CVE-2025-50059: Improve HTTP client header handling (bsc#1246575) * CVE-2025-50106: Glyph out-of-memory access and crash (bsc#1246584) Other fixes: * Allow compilation of openjdk for 40 years (bsc#1213796) Changelog: + JDK-6956385: URLConnection.getLastModified() leaks file handles for jar:file and file: URLs + JDK-8051591: Test javax/swing/JTabbedPane/8007563/Test8007563.java fails + JDK-8136895: Writer not closed with disk full error, file resource leaked + JDK-8180450: secondary_super_cache does not scale well + JDK-8183348: Better cleanup for jdk/test/sun/security/pkcs12/P12SecretKey.java + JDK-8200566: DistributionPointFetcher fails to fetch CRLs if the DistributionPoints field contains more than one DistributionPoint and the first one fails + JDK-8202100: Merge vm/share/InMemoryJavaCompiler w/ jdk/test/lib/compiler/InMemoryJavaCompiler + JDK-8210471: GZIPInputStream constructor could leak an un-end()ed Inflater + JDK-8211400: nsk.share.gc.Memory::getArrayLength returns wrong value + JDK-8220213: com/sun/jndi/dns/ConfigTests/Timeout.java failed intermittent + JDK-8249831: Test sun/security/mscapi/nonUniqueAliases/ /NonUniqueAliases.java is marked with @ignore + JDK-8253440: serviceability/sa/TestJhsdbJstackLineNumbers.java failed with "Didn't find enough line numbers" + JDK-8256211: assert fired in java/net/httpclient/DependentPromiseActionsTest (infrequent) + JDK-8258483: [TESTBUG] gtest CollectorPolicy.young_scaled_initial_ergo_vm fails if heap is too small + JDK-8267174: Many test files have the wrong Copyright header + JDK-8270269: Desktop.browse method fails if earlier CoInitialize call as COINIT_MULTITHREADED + JDK-8276995: Bug in jdk.jfr.event.gc.collection.TestSystemGC + JDK-8279016: JFR Leak Profiler is broken with Shenandoah + JDK-8280991: [XWayland] No displayChanged event after setDisplayMode call + JDK-8281511: java/net/ipv6tests/UdpTest.java fails with checkTime failed + JDK-8282726: java/net/vthread/BlockingSocketOps.java timeout/hang intermittently on Windows + JDK-8286204: [Accessibility,macOS,VoiceOver] VoiceOver reads the spinner value 10 as 1 when user iterates to 10 for the first time on macOS + JDK-8286789: Test forceEarlyReturn002.java timed out + JDK-8286875: ProgrammableUpcallHandler::on_entry/on_exit access thread fields from native + JDK-8294155: Exception thrown before awaitAndCheck hangs PassFailJFrame + JDK-8295804: javax/swing/JFileChooser/ /JFileChooserSetLocationTest.java failed with "setLocation() is not working properly" + JDK-8297692: Avoid sending per-region GCPhaseParallel JFR events in G1ScanCollectionSetRegionClosure + JDK-8303770: Remove Baltimore root certificate expiring in May 2025 + JDK-8305010: Test vmTestbase/nsk/jvmti/scenarios/sampling/ /SP05/sp05t003/TestDescription.java timed out: thread not suspended + JDK-8307318: Test serviceability/sa/ /ClhsdbCDSJstackPrintAll.java failed: ArrayIndexOutOfBoundsException + JDK-8307824: Clean up Finalizable.java and finalize terminology in vmTestbase/nsk/share + JDK-8308033: The jcmd thread dump related tests should test virtual threads + JDK-8308966: Add intrinsic for float/double modulo for x86 AVX2 and AVX512 + JDK-8309667: TLS handshake fails because of ConcurrentModificationException in PKCS12KeyStore .engineGetEntry + JDK-8309841: Jarsigner should print a warning if an entry is removed + JDK-8309978: [x64] Fix useless padding + JDK-8310066: Improve test coverage for JVMTI GetThreadState on carrier and mounted vthread + JDK-8310525: DynamicLauncher for JDP test needs to try harder to find a free port + JDK-8310643: Misformatted copyright messages in FFM + JDK-8312246: NPE when HSDB visits bad oop + JDK-8312475: org.jline.util.PumpReader signed byte problem + JDK-8313290: Misleading exception message from STS.Subtask::get when task forked after shutdown + JDK-8313430: [JVMCI] fatal error: Never compilable: in JVMCI shutdown + JDK-8313654: Test WaitNotifySuspendedVThreadTest.java timed out + JDK-8314056: Remove runtime platform check from frem/drem + JDK-8314136: Test java/net/httpclient/CancelRequestTest.java failed: WARNING: tracker for HttpClientImpl(42) has outstanding operations + JDK-8314236: Overflow in Collections.rotate + JDK-8314319: LogCompilation doesn't reset lateInlining when it encounters a failure. + JDK-8314840: 3 gc/epsilon tests ignore external vm options + JDK-8314842: zgc/genzgc tests ignore vm flags + JDK-8315128: jdk/jfr/event/runtime/ /TestResidentSetSizeEvent.java fails with "The size should be less than or equal to peak" + JDK-8315484: java/awt/dnd/RejectDragDropActionTest.java timed out + JDK-8315669: Open source several Swing PopupMenu related tests + JDK-8315742: Open source several Swing Scroll related tests + JDK-8315827: Kitchensink.java and RenaissanceStressTest.java time out with jvmti module errors + JDK-8315871: Opensource five more Swing regression tests + JDK-8315876: Open source several Swing CSS related tests + JDK-8315951: Open source several Swing HTMLEditorKit related tests + JDK-8315981: Opensource five more random Swing tests + JDK-8316061: Open source several Swing RootPane and Slider related tests + JDK-8316324: Opensource five miscellaneous Swing tests + JDK-8316388: Opensource five Swing component related regression tests + JDK-8316452: java/lang/instrument/modules/ /AppendToClassPathModuleTest.java ignores VM flags + JDK-8316497: ColorConvertOp - typo for non-ICC conversions needs one-line fix + JDK-8316580: HttpClient with StructuredTaskScope does not close when a task fails + JDK-8316629: j.text.DateFormatSymbols setZoneStrings() exception is unhelpful + JDK-8317264: Pattern.Bound has `static` fields that should be `static final`. + JDK-8318509: x86 count_positives intrinsic broken for -XX:AVX3Threshold=0 + JDK-8318636: Add jcmd to print annotated process memory map + JDK-8318700: MacOS Zero cannot run gtests due to wrong JVM path + JDK-8318811: Compiler directives parser swallows a character after line comments + JDK-8318915: Enhance checks in BigDecimal.toPlainString() + JDK-8319439: Move BufferNode from PtrQueue files to new files + JDK-8319572: Test jdk/incubator/vector/LoadJsvmlTest.java ignores VM flags + JDK-8319690: [AArch64] C2 compilation hits offset_ok_for_immed: assert "c2 compiler bug" + JDK-8320687: sun.jvmstat.monitor.MonitoredHost .getMonitoredHost() throws unexpected exceptions when invoked concurrently + JDK-8320948: NPE due to unreported compiler error + JDK-8321204: C2: assert(false) failed: node should be in igvn hash table + JDK-8321479: java -D-D crashes + JDK-8321931: memory_swap_current_in_bytes reports 0 as "unlimited" + JDK-8322141: SequenceInputStream.transferTo should not return as soon as Long.MAX_VALUE bytes have been transferred + JDK-8322475: Extend printing for System.map + JDK-8323795: jcmd Compiler.codecache should print total size of code cache + JDK-8324345: Stack overflow during C2 compilation when splitting memory phi + JDK-8324678: Replace NULL with nullptr in HotSpot gtests + JDK-8324681: Replace NULL with nullptr in HotSpot jtreg test native code files + JDK-8324799: Use correct extension for C++ test headers + JDK-8324880: Rename get_stack_trace.h + JDK-8325055: Rename Injector.h + JDK-8325180: Rename jvmti_FollowRefObjects.h + JDK-8325347: Rename native_thread.h + JDK-8325367: Rename nsk_list.h + JDK-8325435: [macos] Menu or JPopupMenu not closed when main window is resized + JDK-8325456: Rename nsk_mutex.h + JDK-8325458: Rename mlvmJvmtiUtils.h + JDK-8325680: Uninitialised memory in deleteGSSCB of GSSLibStub.c:179 + JDK-8325682: Rename nsk_strace.h + JDK-8325910: Rename jnihelper.h + JDK-8326090: Rename jvmti_aod.h + JDK-8326389: [test] improve assertEquals failure output + JDK-8326524: Rename agent_common.h + JDK-8326586: Improve Speed of System.map + JDK-8327071: [Testbug] g-tests for cgroup leave files in /tmp on linux + JDK-8327169: serviceability/dcmd/vm/SystemMapTest.java and SystemDumpMapTest.java may fail after JDK-8326586 + JDK-8327370: (ch) sun.nio.ch.Poller.register throws AssertionError + JDK-8327461: KeyStore getEntry is not thread-safe + JDK-8328107: Shenandoah/C2: TestVerifyLoopOptimizations test failure + JDK-8328301: Convert Applet test ManualHTMLDataFlavorTest.java to main program + JDK-8328482: Convert and Open source few manual applet test to main based + JDK-8328484: Convert and Opensource few JFileChooser applet test to main + JDK-8328648: Remove applet usage from JFileChooser tests bug4150029 + JDK-8328670: Automate and open source few closed manual applet test + JDK-8328673: Convert closed text/html/CSS manual applet test to main + JDK-8328864: NullPointerException in sun.security.jca.ProviderList.getService() + JDK-8329261: G1: interpreter post-barrier x86 code asserts index size of wrong buffer + JDK-8329729: java/util/Properties/StoreReproducibilityTest.java times out + JDK-8330106: C2: VectorInsertNode::make() shouldn't call ConINode::make() directly + JDK-8330158: C2: Loop strip mining uses ABS with min int + JDK-8330534: Update nsk/jdwp tests to use driver instead of othervm + JDK-8330598: java/net/httpclient/Http1ChunkedTest.java fails with java.util.MissingFormatArgumentException: Format specifier '%s' + JDK-8330936: [ubsan] exclude function BilinearInterp and ShapeSINextSpan in libawt java2d from ubsan checks + JDK-8331088: Incorrect TraceLoopPredicate output + JDK-8331735: UpcallLinker::on_exit races with GC when copying frame anchor + JDK-8332252: Clean up vmTestbase/vm/share + JDK-8332506: SIGFPE In ObjectSynchronizer::is_async_deflation_needed() + JDK-8332631: Update nsk.share.jpda.BindServer to don't use finalization + JDK-8332641: Update nsk.share.jpda.Jdb to don't use finalization + JDK-8332880: JFR GCHelper class recognizes "Archive" regions as valid + JDK-8332921: Ctrl+C does not call shutdown hooks after JLine upgrade + JDK-8333013: Update vmTestbase/nsk/share/LocalProcess.java to don't use finalization + JDK-8333117: Remove support of remote and manual debuggee launchers + JDK-8333680: com/sun/tools/attach/BasicTests.java fails with "SocketException: Permission denied: connect" + JDK-8333805: Replaying compilation with null static final fields results in a crash + JDK-8333890: Fatal error in auto-vectorizer with float16 kernel. + JDK-8334644: Automate javax/print/attribute/PageRangesException.java + JDK-8334780: Crash: assert(h_array_list.not_null()) failed: invariant + JDK-8334895: OpenJDK fails to configure on linux aarch64 when CDS is disabled after JDK-8331942 + JDK-8335181: Incorrect handling of HTTP/2 GOAWAY frames in HttpClient + JDK-8335643: serviceability/dcmd/vm tests fail for ZGC after JDK-8322475 + JDK-8335662: [AArch64] C1: guarantee(val < (1ULL << nbits)) failed: Field too big for insn + JDK-8335684: Test ThreadCpuTime.java should pause like ThreadCpuTimeArray.java + JDK-8335710: serviceability/dcmd/vm/SystemDumpMapTest.java and SystemMapTest.java fail on Linux Alpine after 8322475 + JDK-8335836: serviceability/jvmti/StartPhase/AllowedFunctions/ /AllowedFunctions.java fails with unexpected exit code: 112 + JDK-8335860: compiler/vectorization/ /TestFloat16VectorConvChain.java fails with non-standard AVX/SSE settings + JDK-8336042: Caller/callee param size mismatch in deoptimization causes crash + JDK-8336499: Failure when creating non-CRT RSA private keys in SunPKCS11 + JDK-8336587: failure_handler lldb command times out on macosx-aarch64 core file + JDK-8336827: compiler/vectorization/ /TestFloat16VectorConvChain.java timeouts on ppc64 platforms after JDK-8335860 + JDK-8337221: CompileFramework: test library to conveniently compile java and jasm sources for fuzzing + JDK-8337299: vmTestbase/nsk/jdb/stop_at/stop_at002/ /stop_at002.java failure goes undetected + JDK-8337681: PNGImageWriter uses much more memory than necessary + JDK-8337795: Type annotation attached to incorrect type during class reading + JDK-8337958: Out-of-bounds array access in secondary_super_cache + JDK-8337981: ShenandoahHeap::is_in should check for alive regions + JDK-8337998: CompletionFailure in getEnclosingType attaching type annotations + JDK-8338010: WB_IsFrameDeoptimized miss ResourceMark + JDK-8338064: Give better error for ConcurrentHashTable corruption + JDK-8338136: Hotspot should support multiple large page sizes on Windows + JDK-8338154: Fix -Wzero-as-null-pointer-constant warnings in gtest framework + JDK-8338202: Shenandoah: Improve handshake closure labels + JDK-8338314: JFR: Split JFRCheckpoint VM operation + JDK-8339148: Make os::Linux::active_processor_count() public + JDK-8339288: Improve diagnostic logging runtime/cds/DeterministicDump.java + JDK-8339300: CollectorPolicy.young_scaled_initial_ergo_vm gtest fails on ppc64 based platforms + JDK-8339538: Wrong timeout computations in DnsClient + JDK-8339639: Opensource few AWT PopupMenu tests + JDK-8339678: Update runtime/condy tests to be executed with VM flags + JDK-8339727: Open source several AWT focus tests - series 1 + JDK-8339769: Incorrect error message during startup if working directory does not exist + JDK-8339794: Open source closed choice tests #1 + JDK-8339810: Clean up the code in sun.tools.jar.Main to properly close resources and use ZipFile during extract + JDK-8339836: Open source several AWT Mouse tests - Batch 1 + JDK-8339842: Open source several AWT focus tests - series 2 + JDK-8339895: Open source several AWT focus tests - series 3 + JDK-8339906: Open source several AWT focus tests - series 4 + JDK-8339935: Open source several AWT focus tests - series 5 + JDK-8339982: Open source several AWT Mouse tests - Batch 2 + JDK-8339984: Open source AWT MenuItem related tests + JDK-8339995: Open source several AWT focus tests - series 6 + JDK-8340024: In ClassReader, extract a constant for the superclass supertype_index + JDK-8340077: Open source few Checkbox tests - Set2 + JDK-8340084: Open source AWT Frame related tests + JDK-8340143: Open source several Java2D rendering loop tests. + JDK-8340146: ZGC: TestAllocateHeapAt.java should not run with UseLargePages + JDK-8340164: Open source few Component tests - Set1 + JDK-8340173: Open source some Component/Panel/EventQueue tests - Set2 + JDK-8340176: Replace usage of -noclassgc with -Xnoclassgc in test/jdk/java/lang/management/MemoryMXBean/LowMemoryTest2.java + JDK-8340193: Open source several AWT Dialog tests - Batch 1 + JDK-8340228: Open source couple more miscellaneous AWT tests + JDK-8340271: Open source several AWT Robot tests + JDK-8340279: Open source several AWT Dialog tests - Batch 2 + JDK-8340332: Open source mixed AWT tests - Set3 + JDK-8340366: Open source several AWT Dialog tests - Batch 3 + JDK-8340367: Opensource few AWT image tests + JDK-8340393: Open source closed choice tests #2 + JDK-8340407: Open source a few more Component related tests + JDK-8340417: Open source some MenuBar tests - Set1 + JDK-8340432: Open source some MenuBar tests - Set2 + JDK-8340433: Open source closed choice tests #3 + JDK-8340437: Open source few more AWT Frame related tests + JDK-8340458: Open source additional Component tests (part 2) + JDK-8340555: Open source DnD tests - Set4 + JDK-8340560: Open Source several AWT/2D font and rendering tests + JDK-8340605: Open source several AWT PopupMenu tests + JDK-8340621: Open source several AWT List tests + JDK-8340625: Open source additional Component tests (part 3) + JDK-8340639: Open source few more AWT List tests + JDK-8340713: Open source DnD tests - Set5 + JDK-8340784: Remove PassFailJFrame constructor with screenshots + JDK-8340790: Open source several AWT Dialog tests - Batch 4 + JDK-8340809: Open source few more AWT PopupMenu tests + JDK-8340874: Open source some of the AWT Geometry/Button tests + JDK-8340907: Open source closed frame tests # 2 + JDK-8340966: Open source few Checkbox and Cursor tests - Set1 + JDK-8340967: Open source few Cursor tests - Set2 + JDK-8340978: Open source few DnD tests - Set6 + JDK-8340985: Open source some Desktop related tests + JDK-8341000: Open source some of the AWT Window tests + JDK-8341004: Open source AWT FileDialog related tests + JDK-8341072: Open source several AWT Canvas and Rectangle related tests + JDK-8341128: open source some 2d graphics tests + JDK-8341148: Open source several Choice related tests + JDK-8341162: Open source some of the AWT window test + JDK-8341170: Open source several Choice related tests (part 2) + JDK-8341177: Opensource few List and a Window test + JDK-8341191: Open source few more AWT FileDialog tests + JDK-8341239: Open source closed frame tests # 3 + JDK-8341257: Open source few DND tests - Set1 + JDK-8341258: Open source few various AWT tests - Set1 + JDK-8341278: Open source few TrayIcon tests - Set7 + JDK-8341298: Open source more AWT window tests + JDK-8341373: Open source closed frame tests # 4 + JDK-8341378: Open source few TrayIcon tests - Set8 + JDK-8341447: Open source closed frame tests # 5 + JDK-8341535: sun/awt/font/TestDevTransform.java fails with RuntimeException: Different rendering + JDK-8341637: java/net/Socket/UdpSocket.java fails with "java.net.BindException: Address already in use" (macos-aarch64) + JDK-8341779: [REDO BACKPORT] type annotations are not visible to javac plugins across compilation boundaries (JDK-8225377) + JDK-8341972: java/awt/dnd/DnDRemoveFocusOwnerCrashTest.java timed out after JDK-8341257 + JDK-8342075: HttpClient: improve HTTP/2 flow control checks + JDK-8342376: More reliable OOM handling in ExceptionDuringDumpAtObjectsInitPhase test + JDK-8342524: Use latch in AbstractButton/bug6298940.java instead of delay + JDK-8342633: javax/management/security/ /HashedPasswordFileTest.java creates tmp file in src dir + JDK-8342958: Use jvmArgs consistently in microbenchmarks + JDK-8343019: Primitive caches must use boxed instances from the archive + JDK-8343037: Missing @since tag on JColorChooser.showDialog overload + JDK-8343103: Enable debug logging for vmTestbase/nsk/jvmti/ /scenarios/sampling/SP05/sp05t003/TestDescription.java + JDK-8343124: Tests fails with java.lang.IllegalAccessException: class com.sun.javatest.regtest.agent.MainWrapper$MainTask cannot access + JDK-8343144: UpcallLinker::on_entry racingly clears pending exception with GC safepoints + JDK-8343170: java/awt/Cursor/JPanelCursorTest/ /JPanelCursorTest.java does not show the default cursor + JDK-8343224: print/Dialog/PaperSizeError.java fails with MediaSizeName is not A4: A4 + JDK-8343342: java/io/File/GetXSpace.java fails on Windows with CD-ROM drive + JDK-8343345: Use -jvmArgsPrepend when running microbenchmarks in RunTests.gmk + JDK-8343529: serviceability/sa/ClhsdbWhere.java fails AssertionFailure: Corrupted constant pool + JDK-8343754: Problemlist jdk/jfr/event/oldobject/TestShenandoah.java after JDK-8279016 + JDK-8343855: HTTP/2 ConnectionWindowUpdateSender may miss some unprocessed DataFrames from closed streams + JDK-8343891: Test javax/swing/JTabbedPane/ /TestJTabbedPaneBackgroundColor.java failed + JDK-8343936: Adjust timeout in test javax/management/monitor/DerivedGaugeMonitorTest.java + JDK-8344316: security/auth/callback/TextCallbackHandler/ /Password.java make runnable with JTReg and add the UI + JDK-8344346: java/net/httpclient/ShutdownNow.java fails with java.lang.AssertionError: client was still running, but exited after further delay: timeout should be adjusted + JDK-8344361: Restore null return for invalid services from legacy providers + JDK-8344414: ZGC: Another division by zero in rule_major_allocation_rate + JDK-8344925: translet-name ignored when package-name is also set + JDK-8345133: Test sun/security/tools/jarsigner/ /TsacertOptionTest.java failed: Warning found in stdout + JDK-8345134: Test sun/security/tools/jarsigner/ /ConciseJarsigner.java failed: unable to find valid certification path to requested target + JDK-8345146: [PPC64] Make intrinsic conversions between bit representations of half precision values and floats + JDK-8345341: Fix incorrect log message in JDI stop002t test + JDK-8345357: test/jdk/javax/swing/JRadioButton/8033699/ /bug8033699.java fails in ubuntu22.04 + JDK-8345447: test/jdk/javax/swing/JToolBar/4529206/ /bug4529206.java fails in ubuntu22.04 + JDK-8345547: test/jdk/javax/swing/text/DefaultEditorKit/ /4278839/bug4278839.java fails in ubuntu22.04 + JDK-8345598: Upgrade NSS binaries for interop tests + JDK-8345625: Better HTTP connections + JDK-8345728: [Accessibility,macOS,Screen Magnifier]: JCheckbox unchecked state does not magnify but works for checked state + JDK-8345838: Remove the appcds/javaldr/AnonVmClassesDuringDump.java test + JDK-8346049: jdk/test/lib/security/timestamp/TsaServer.java warnings + JDK-8346082: Output JVMTI agent information in hserr files + JDK-8346264: "Total compile time" counter should include time spent in failing/bailout compiles + JDK-8346581: JRadioButton/ButtonGroupFocusTest.java fails in CI on Linux + JDK-8346888: [ubsan] block.cpp:1617:30: runtime error: 9.97582e+36 is outside the range of representable values of type 'int' + JDK-8347000: Bug in com/sun/net/httpserver/bugs/B6361557.java test + JDK-8347019: Test javax/swing/JRadioButton/8033699/ /bug8033699.java still fails: Focus is not on Radio Button Single as Expected + JDK-8347083: Incomplete logging in nsk/jvmti/ /ResourceExhausted/resexhausted00* tests + JDK-8347126: gc/stress/TestStressG1Uncommit.java gets OOM-killed + JDK-8347173: java/net/DatagramSocket/ /InterruptibleDatagramSocket.java fails with virtual thread factory + JDK-8347286: (fs) Remove some extensions from java/nio/file/Files/probeContentType/Basic.java + JDK-8347296: WinInstallerUiTest fails in local test runs if the path to test work directory is longer that regular + JDK-8347373: HTTP/2 flow control checks may count unprocessed data twice + JDK-8347506: Compatible OCSP readtimeout property with OCSP timeout + JDK-8347596: Update HSS/LMS public key encoding + JDK-8347629: Test FailOverDirectExecutionControlTest.java fails with -Xcomp + JDK-8347995: Race condition in jdk/java/net/httpclient/ /offline/FixedResponseHttpClient.java + JDK-8348107: test/jdk/java/net/httpclient/ /HttpsTunnelAuthTest.java fails intermittently + JDK-8348110: Update LCMS to 2.17 + JDK-8348299: Update List/ItemEventTest/ItemEventTest.java + JDK-8348323: Corrupted timezone string in JVM crash log + JDK-8348596: Update FreeType to 2.13.3 + JDK-8348597: Update HarfBuzz to 10.4.0 + JDK-8348598: Update Libpng to 1.6.47 + JDK-8348600: Update PipeWire to 1.3.81 + JDK-8348865: JButton/bug4796987.java never runs because Windows XP is unavailable + JDK-8348936: [Accessibility,macOS,VoiceOver] VoiceOver doesn't announce untick on toggling the checkbox with "space" key on macOS + JDK-8348989: Better Glyph drawing + JDK-8349111: Enhance Swing supports + JDK-8349200: [JMH] time.format.ZonedDateTimeFormatterBenchmark fails + JDK-8349348: Refactor ClassLoaderDeadlock.sh and Deadlock.sh to run fully in java + JDK-8349358: [JMH] Cannot access class jdk.internal.vm.ContinuationScope + JDK-8349492: Update sun/security/pkcs12/ /KeytoolOpensslInteropTest.java to use a recent Openssl version + JDK-8349501: Relocate supporting classes in security/testlibrary to test/lib/jdk tree + JDK-8349594: Enhance TLS protocol support + JDK-8349623: [ASAN] Gtest os_linux.glibc_mallinfo_wrapper_vm fails + JDK-8349637: Integer.numberOfLeadingZeros outputs incorrectly in certain cases + JDK-8349751: AIX build failure after upgrade pipewire to 1.3.81 + JDK-8350201: Out of bounds access on Linux aarch64 in os::print_register_info + JDK-8350211: CTW: Attempt to preload all classes in constant pool + JDK-8350224: Test javax/swing/JComboBox/ /TestComboBoxComponentRendering.java fails in ubuntu 23.x and later + JDK-8350260: Improve HTML instruction formatting in PassFailJFrame + JDK-8350313: Include timings for leaving safepoint in safepoint logging + JDK-8350383: Test: add more test case for string compare (UL case) + JDK-8350386: Test TestCodeCacheFull.java fails with option -XX:-UseCodeCacheFlushing + JDK-8350412: [21u] AArch64: Ambiguous frame layout leads to incorrect traces in JFR + JDK-8350483: AArch64: turn on signum intrinsics by default on Ampere CPUs + JDK-8350498: Remove two Camerfirma root CA certificates + JDK-8350546: Several java/net/InetAddress tests fails UnknownHostException + JDK-8350616: Skip ValidateHazardPtrsClosure in non-debug builds + JDK-8350650: Bump update version for OpenJDK: jdk-21.0.8 + JDK-8350682: [JMH] vector.IndexInRangeBenchmark failed with IndexOutOfBoundsException for size=1024 + JDK-8350786: Some java/lang jtreg tests miss requires vm.hasJFR + JDK-8350924: javax/swing/JMenu/4213634/bug4213634.java fails + JDK-8350991: Improve HTTP client header handling + JDK-8351086: (fc) Make java/nio/channels/FileChannel/ /BlockDeviceSize.java test manual + JDK-8351500: G1: NUMA migrations cause crashes in region allocation + JDK-8351665: Remove unused UseNUMA in os_aix.cpp + JDK-8351933: Inaccurate masking of TC subfield decrement in ForkJoinPool + JDK-8352076: [21u] Problem list tests that fail in 21 and would be fixed by 8309622 + JDK-8352109: java/awt/Desktop/MailTest.java fails in platforms where Action.MAIL is not supported + JDK-8352302: Test sun/security/tools/jarsigner/ /TimestampCheck.java is failing + JDK-8352512: TestVectorZeroCount: counter not reset between iterations + JDK-8352676: Opensource JMenu tests - series1 + JDK-8352680: Opensource few misc swing tests + JDK-8352684: Opensource JInternalFrame tests - series1 + JDK-8352706: httpclient HeadTest does not run on HTTP2 + JDK-8352716: (tz) Update Timezone Data to 2025b + JDK-8352908: Open source several swing tests batch1 + JDK-8352942: jdk/jfr/startupargs/TestMemoryOptions.java fails with 32-bit build + JDK-8353070: Clean up and open source couple AWT Graphics related tests (Part 1) + JDK-8353138: Screen capture for test TaskbarPositionTest.java, failure case + JDK-8353190: Use "/native" Run Option for TestAvailableProcessors Execution + JDK-8353237: [AArch64] Incorrect result of VectorizedHashCode intrinsic on Cortex-A53 + JDK-8353320: Open source more Swing text tests + JDK-8353446: Open source several AWT Menu tests - Batch 2 + JDK-8353475: Open source two Swing DefaultCaret tests + JDK-8353685: Open some JComboBox bugs 4 + JDK-8353709: Debug symbols bundle should contain full debug files when building --with-external-symbols-in-bundles=public + JDK-8353787: Increased number of SHA-384-Digest java.util.jar.Attributes$Name instances leading to higher memory footprint + JDK-8353942: Open source Swing Tests - Set 5 + JDK-8354255: [jittester] Remove TempDir debug output + JDK-8354530: AIX: sporadic unexpected errno when calling setsockopt in Net.joinOrDrop + JDK-8354554: Open source several clipboard tests batch1 + JDK-8354802: MAX_SECS definition is unused in os_linux + JDK-8354893: [REDO BACKPORT] javac crashes while adding type annotations to the return type of a constructor (JDK-8320001) + JDK-8355498: [AIX] Adapt code for C++ VLA rule + JDK-8356053: Test java/awt/Toolkit/Headless/ /HeadlessToolkit.java fails by timeout + JDK-8356096: ISO 4217 Amendment 179 Update + JDK-8356571: Re-enable -Wtype-limits for GCC in LCMS + JDK-8357105: C2: compilation fails with "assert(false) failed: empty program detected during loop optimization" + JDK-8357193: [VS 2022 17.14] Warning C5287 in debugInit.c: enum type mismatch during build + JDK-8359170: Add 2 TLS and 2 CS Sectigo roots + JDK-8360147: Better Glyph drawing redux + JDK-8360406: [21u] Disable logic for attaching type annotations to class files until 8359336 is fixed + JDK-8361672: [21u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 21.0.8 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2657=1 openSUSE-SLE-15.6-2025-2657=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2657=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2657=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * java-21-openjdk-debuginfo-21.0.8.0-150600.3.15.1 * java-21-openjdk-debugsource-21.0.8.0-150600.3.15.1 * java-21-openjdk-devel-21.0.8.0-150600.3.15.1 * java-21-openjdk-headless-debuginfo-21.0.8.0-150600.3.15.1 * java-21-openjdk-src-21.0.8.0-150600.3.15.1 * java-21-openjdk-21.0.8.0-150600.3.15.1 * java-21-openjdk-demo-21.0.8.0-150600.3.15.1 * java-21-openjdk-devel-debuginfo-21.0.8.0-150600.3.15.1 * java-21-openjdk-headless-21.0.8.0-150600.3.15.1 * java-21-openjdk-jmods-21.0.8.0-150600.3.15.1 * openSUSE Leap 15.6 (noarch) * java-21-openjdk-javadoc-21.0.8.0-150600.3.15.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-21-openjdk-debuginfo-21.0.8.0-150600.3.15.1 * java-21-openjdk-debugsource-21.0.8.0-150600.3.15.1 * java-21-openjdk-devel-21.0.8.0-150600.3.15.1 * java-21-openjdk-headless-debuginfo-21.0.8.0-150600.3.15.1 * java-21-openjdk-21.0.8.0-150600.3.15.1 * java-21-openjdk-demo-21.0.8.0-150600.3.15.1 * java-21-openjdk-devel-debuginfo-21.0.8.0-150600.3.15.1 * java-21-openjdk-headless-21.0.8.0-150600.3.15.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * java-21-openjdk-debuginfo-21.0.8.0-150600.3.15.1 * java-21-openjdk-debugsource-21.0.8.0-150600.3.15.1 * java-21-openjdk-devel-21.0.8.0-150600.3.15.1 * java-21-openjdk-headless-debuginfo-21.0.8.0-150600.3.15.1 * java-21-openjdk-21.0.8.0-150600.3.15.1 * java-21-openjdk-demo-21.0.8.0-150600.3.15.1 * java-21-openjdk-devel-debuginfo-21.0.8.0-150600.3.15.1 * java-21-openjdk-headless-21.0.8.0-150600.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2025-30749.html * https://www.suse.com/security/cve/CVE-2025-30754.html * https://www.suse.com/security/cve/CVE-2025-50059.html * https://www.suse.com/security/cve/CVE-2025-50106.html * https://bugzilla.suse.com/show_bug.cgi?id=1213796 * https://bugzilla.suse.com/show_bug.cgi?id=1246575 * https://bugzilla.suse.com/show_bug.cgi?id=1246584 * https://bugzilla.suse.com/show_bug.cgi?id=1246595 * https://bugzilla.suse.com/show_bug.cgi?id=1246598 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 16:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 16:30:08 -0000 Subject: SUSE-SU-2025:02673-1: important: Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP6) Message-ID: <175432500873.10450.15809725264998957004@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02673-1 Release Date: 2025-08-04T13:34:07Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_33 fixes several issues. The following security issues were fixed: * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2673=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2673=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_33-default-debuginfo-9-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_7-debugsource-9-150600.2.1 * kernel-livepatch-6_4_0-150600_23_33-default-9-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_33-default-debuginfo-9-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_7-debugsource-9-150600.2.1 * kernel-livepatch-6_4_0-150600_23_33-default-9-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 16:30:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 16:30:11 -0000 Subject: SUSE-SU-2025:02671-1: important: Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP5) Message-ID: <175432501140.10450.8139553275317387607@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:02671-1 Release Date: 2025-08-04T12:38:45Z Rating: important References: * bsc#1245793 Cross-References: * CVE-2025-37797 CVSS scores: * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_113 fixes one issue. The following security issue was fixed: * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2671=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-2671=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_113-default-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-debuginfo-2-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_28-debugsource-2-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_113-default-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-debuginfo-2-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_28-debugsource-2-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245793 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 16:30:17 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 16:30:17 -0000 Subject: SUSE-SU-2025:02676-1: important: Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP5) Message-ID: <175432501738.10450.1815104415975203680@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:02676-1 Release Date: 2025-08-04T14:09:09Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_110 fixes several issues. The following security issues were fixed: * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-2669=1 SUSE-SLE- Module-Live-Patching-15-SP5-2025-2670=1 SUSE-SLE-Module-Live- Patching-15-SP5-2025-2668=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2670=1 SUSE-2025-2668=1 SUSE-2025-2669=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-2676=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_27-debugsource-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_100-default-3-150500.2.1 * kernel-livepatch-5_14_21-150500_55_103-default-3-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_25-debugsource-3-150500.2.1 * kernel-livepatch-5_14_21-150500_55_100-default-debuginfo-3-150500.2.1 * kernel-livepatch-5_14_21-150500_55_103-default-debuginfo-3-150500.2.1 * kernel-livepatch-5_14_21-150500_55_110-default-debuginfo-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_110-default-2-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_26-debugsource-3-150500.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_26-debugsource-3-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_27-debugsource-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_100-default-3-150500.2.1 * kernel-livepatch-5_14_21-150500_55_103-default-3-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_25-debugsource-3-150500.2.1 * kernel-livepatch-5_14_21-150500_55_100-default-debuginfo-3-150500.2.1 * kernel-livepatch-5_14_21-150500_55_103-default-debuginfo-3-150500.2.1 * kernel-livepatch-5_14_21-150500_55_110-default-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_110-default-debuginfo-2-150500.2.1 * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_258-default-2-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 16:30:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 16:30:25 -0000 Subject: SUSE-SU-2025:02685-1: important: Security update for apache2 Message-ID: <175432502599.10450.7787653949481016564@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2025:02685-1 Release Date: 2025-08-04T15:08:15Z Rating: important References: * bsc#1246169 * bsc#1246302 * bsc#1246303 * bsc#1246305 * bsc#1246306 * bsc#1246307 * bsc#1246477 Cross-References: * CVE-2024-42516 * CVE-2024-43204 * CVE-2024-47252 * CVE-2025-23048 * CVE-2025-49630 * CVE-2025-49812 * CVE-2025-53020 CVSS scores: * CVE-2024-42516 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-42516 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2024-42516 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-43204 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-43204 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-43204 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-47252 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-47252 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-47252 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-23048 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-23048 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-23048 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-49630 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-49630 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-49630 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-49812 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-49812 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L * CVE-2025-49812 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-53020 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-53020 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-53020 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves seven vulnerabilities can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2024-42516: Fixed HTTP response splitting. (bsc#1246477) * CVE-2024-43204: Fixed a SSRF when mod_proxy is loaded that allows an attacker to send outbound proxy requests to a URL controlled by them. (bsc#1246305) * CVE-2024-47252: Fixed insufficient escaping of user-supplied data in mod_ssl allows an untrusted SSL/TLS client to insert escape characters into log file. (bsc#1246303) * CVE-2025-23048: Fixed access control bypass by trusted clients through TLS 1.3 session resumption in some mod_ssl configurations. (bsc#1246302) * CVE-2025-49630: Fixed denial of service can be triggered by untrusted clients causing an assertion in mod_proxy_http2. (bsc#1246307) * CVE-2025-49812: Fixed Opossum Attack Application Layer Desynchronization using Opportunistic TLS. (bsc#1246169) * CVE-2025-53020: Fixed HTTP/2 denial of service due to late release of memory after effective lifetime. (bsc#1246306) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2685=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2685=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-2685=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * apache2-prefork-2.4.62-150700.4.3.1 * apache2-debuginfo-2.4.62-150700.4.3.1 * apache2-prefork-debuginfo-2.4.62-150700.4.3.1 * apache2-debugsource-2.4.62-150700.4.3.1 * apache2-prefork-debugsource-2.4.62-150700.4.3.1 * apache2-2.4.62-150700.4.3.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * apache2-event-debuginfo-2.4.62-150700.4.3.1 * apache2-event-debugsource-2.4.62-150700.4.3.1 * apache2-event-2.4.62-150700.4.3.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * apache2-worker-debugsource-2.4.62-150700.4.3.1 * apache2-worker-debuginfo-2.4.62-150700.4.3.1 * apache2-devel-2.4.62-150700.4.3.1 * apache2-worker-2.4.62-150700.4.3.1 * apache2-utils-debugsource-2.4.62-150700.4.3.1 * apache2-utils-2.4.62-150700.4.3.1 * apache2-utils-debuginfo-2.4.62-150700.4.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-42516.html * https://www.suse.com/security/cve/CVE-2024-43204.html * https://www.suse.com/security/cve/CVE-2024-47252.html * https://www.suse.com/security/cve/CVE-2025-23048.html * https://www.suse.com/security/cve/CVE-2025-49630.html * https://www.suse.com/security/cve/CVE-2025-49812.html * https://www.suse.com/security/cve/CVE-2025-53020.html * https://bugzilla.suse.com/show_bug.cgi?id=1246169 * https://bugzilla.suse.com/show_bug.cgi?id=1246302 * https://bugzilla.suse.com/show_bug.cgi?id=1246303 * https://bugzilla.suse.com/show_bug.cgi?id=1246305 * https://bugzilla.suse.com/show_bug.cgi?id=1246306 * https://bugzilla.suse.com/show_bug.cgi?id=1246307 * https://bugzilla.suse.com/show_bug.cgi?id=1246477 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 16:30:34 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 16:30:34 -0000 Subject: SUSE-SU-2025:02684-1: important: Security update for apache2 Message-ID: <175432503437.10450.15960215757220016875@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2025:02684-1 Release Date: 2025-08-04T15:07:40Z Rating: important References: * bsc#1246169 * bsc#1246302 * bsc#1246303 * bsc#1246305 * bsc#1246306 * bsc#1246307 * bsc#1246477 Cross-References: * CVE-2024-42516 * CVE-2024-43204 * CVE-2024-47252 * CVE-2025-23048 * CVE-2025-49630 * CVE-2025-49812 * CVE-2025-53020 CVSS scores: * CVE-2024-42516 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-42516 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2024-42516 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-43204 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-43204 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-43204 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-47252 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-47252 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-47252 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-23048 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-23048 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-23048 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-49630 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-49630 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-49630 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-49812 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-49812 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L * CVE-2025-49812 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-53020 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-53020 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-53020 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves seven vulnerabilities can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2024-42516: Fixed HTTP response splitting. (bsc#1246477) * CVE-2024-43204: Fixed a SSRF when mod_proxy is loaded that allows an attacker to send outbound proxy requests to a URL controlled by them. (bsc#1246305) * CVE-2024-47252: Fixed insufficient escaping of user-supplied data in mod_ssl allows an untrusted SSL/TLS client to insert escape characters into log file. (bsc#1246303) * CVE-2025-23048: Fixed access control bypass by trusted clients through TLS 1.3 session resumption in some mod_ssl configurations. (bsc#1246302) * CVE-2025-49630: Fixed denial of service can be triggered by untrusted clients causing an assertion in mod_proxy_http2. (bsc#1246307) * CVE-2025-49812: Fixed Opossum Attack Application Layer Desynchronization using Opportunistic TLS. (bsc#1246169) * CVE-2025-53020: Fixed HTTP/2 denial of service due to late release of memory after effective lifetime. (bsc#1246306) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2684=1 openSUSE-SLE-15.6-2025-2684=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2684=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2684=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-2684=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * apache2-event-debugsource-2.4.58-150600.5.35.1 * apache2-event-debuginfo-2.4.58-150600.5.35.1 * apache2-utils-debugsource-2.4.58-150600.5.35.1 * apache2-debugsource-2.4.58-150600.5.35.1 * apache2-prefork-debuginfo-2.4.58-150600.5.35.1 * apache2-utils-2.4.58-150600.5.35.1 * apache2-utils-debuginfo-2.4.58-150600.5.35.1 * apache2-event-2.4.58-150600.5.35.1 * apache2-devel-2.4.58-150600.5.35.1 * apache2-2.4.58-150600.5.35.1 * apache2-prefork-2.4.58-150600.5.35.1 * apache2-prefork-debugsource-2.4.58-150600.5.35.1 * apache2-worker-debugsource-2.4.58-150600.5.35.1 * apache2-worker-2.4.58-150600.5.35.1 * apache2-worker-debuginfo-2.4.58-150600.5.35.1 * apache2-debuginfo-2.4.58-150600.5.35.1 * openSUSE Leap 15.6 (noarch) * apache2-manual-2.4.58-150600.5.35.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-debugsource-2.4.58-150600.5.35.1 * apache2-prefork-debuginfo-2.4.58-150600.5.35.1 * apache2-prefork-2.4.58-150600.5.35.1 * apache2-2.4.58-150600.5.35.1 * apache2-prefork-debugsource-2.4.58-150600.5.35.1 * apache2-debuginfo-2.4.58-150600.5.35.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-event-debugsource-2.4.58-150600.5.35.1 * apache2-event-debuginfo-2.4.58-150600.5.35.1 * apache2-debugsource-2.4.58-150600.5.35.1 * apache2-event-2.4.58-150600.5.35.1 * apache2-debuginfo-2.4.58-150600.5.35.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-utils-debugsource-2.4.58-150600.5.35.1 * apache2-utils-debuginfo-2.4.58-150600.5.35.1 * apache2-utils-2.4.58-150600.5.35.1 * apache2-devel-2.4.58-150600.5.35.1 * apache2-worker-debugsource-2.4.58-150600.5.35.1 * apache2-worker-2.4.58-150600.5.35.1 * apache2-worker-debuginfo-2.4.58-150600.5.35.1 ## References: * https://www.suse.com/security/cve/CVE-2024-42516.html * https://www.suse.com/security/cve/CVE-2024-43204.html * https://www.suse.com/security/cve/CVE-2024-47252.html * https://www.suse.com/security/cve/CVE-2025-23048.html * https://www.suse.com/security/cve/CVE-2025-49630.html * https://www.suse.com/security/cve/CVE-2025-49812.html * https://www.suse.com/security/cve/CVE-2025-53020.html * https://bugzilla.suse.com/show_bug.cgi?id=1246169 * https://bugzilla.suse.com/show_bug.cgi?id=1246302 * https://bugzilla.suse.com/show_bug.cgi?id=1246303 * https://bugzilla.suse.com/show_bug.cgi?id=1246305 * https://bugzilla.suse.com/show_bug.cgi?id=1246306 * https://bugzilla.suse.com/show_bug.cgi?id=1246307 * https://bugzilla.suse.com/show_bug.cgi?id=1246477 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 16:30:40 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 16:30:40 -0000 Subject: SUSE-SU-2025:02683-1: important: Security update for apache2 Message-ID: <175432504077.10450.12167618617197068546@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2025:02683-1 Release Date: 2025-08-04T15:07:00Z Rating: important References: * bsc#1246169 * bsc#1246302 * bsc#1246303 * bsc#1246305 * bsc#1246306 * bsc#1246307 * bsc#1246477 Cross-References: * CVE-2024-42516 * CVE-2024-43204 * CVE-2024-47252 * CVE-2025-23048 * CVE-2025-49630 * CVE-2025-49812 * CVE-2025-53020 CVSS scores: * CVE-2024-42516 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-42516 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2024-42516 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-43204 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-43204 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-43204 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-47252 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-47252 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-47252 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-23048 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-23048 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-23048 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-49630 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-49630 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-49630 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-49812 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-49812 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L * CVE-2025-49812 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-53020 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-53020 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-53020 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves seven vulnerabilities can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2024-42516: Fixed HTTP response splitting. (bsc#1246477) * CVE-2024-43204: Fixed a SSRF when mod_proxy is loaded that allows an attacker to send outbound proxy requests to a URL controlled by them. (bsc#1246305) * CVE-2024-47252: Fixed insufficient escaping of user-supplied data in mod_ssl allows an untrusted SSL/TLS client to insert escape characters into log file. (bsc#1246303) * CVE-2025-23048: Fixed access control bypass by trusted clients through TLS 1.3 session resumption in some mod_ssl configurations. (bsc#1246302) * CVE-2025-49630: Fixed denial of service can be triggered by untrusted clients causing an assertion in mod_proxy_http2. (bsc#1246307) * CVE-2025-49812: Fixed Opossum Attack Application Layer Desynchronization using Opportunistic TLS. (bsc#1246169) * CVE-2025-53020: Fixed HTTP/2 denial of service due to late release of memory after effective lifetime. (bsc#1246306) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2683=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2683=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2683=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2683=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * apache2-worker-2.4.51-150200.3.82.1 * apache2-debugsource-2.4.51-150200.3.82.1 * apache2-prefork-debuginfo-2.4.51-150200.3.82.1 * apache2-debuginfo-2.4.51-150200.3.82.1 * apache2-utils-debuginfo-2.4.51-150200.3.82.1 * apache2-devel-2.4.51-150200.3.82.1 * apache2-utils-2.4.51-150200.3.82.1 * apache2-2.4.51-150200.3.82.1 * apache2-worker-debuginfo-2.4.51-150200.3.82.1 * apache2-prefork-2.4.51-150200.3.82.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * apache2-doc-2.4.51-150200.3.82.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * apache2-worker-2.4.51-150200.3.82.1 * apache2-debugsource-2.4.51-150200.3.82.1 * apache2-prefork-debuginfo-2.4.51-150200.3.82.1 * apache2-debuginfo-2.4.51-150200.3.82.1 * apache2-utils-debuginfo-2.4.51-150200.3.82.1 * apache2-devel-2.4.51-150200.3.82.1 * apache2-utils-2.4.51-150200.3.82.1 * apache2-2.4.51-150200.3.82.1 * apache2-worker-debuginfo-2.4.51-150200.3.82.1 * apache2-prefork-2.4.51-150200.3.82.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * apache2-doc-2.4.51-150200.3.82.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * apache2-worker-2.4.51-150200.3.82.1 * apache2-debugsource-2.4.51-150200.3.82.1 * apache2-prefork-debuginfo-2.4.51-150200.3.82.1 * apache2-debuginfo-2.4.51-150200.3.82.1 * apache2-utils-debuginfo-2.4.51-150200.3.82.1 * apache2-devel-2.4.51-150200.3.82.1 * apache2-utils-2.4.51-150200.3.82.1 * apache2-2.4.51-150200.3.82.1 * apache2-worker-debuginfo-2.4.51-150200.3.82.1 * apache2-prefork-2.4.51-150200.3.82.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * apache2-doc-2.4.51-150200.3.82.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * apache2-worker-2.4.51-150200.3.82.1 * apache2-debugsource-2.4.51-150200.3.82.1 * apache2-prefork-debuginfo-2.4.51-150200.3.82.1 * apache2-debuginfo-2.4.51-150200.3.82.1 * apache2-utils-debuginfo-2.4.51-150200.3.82.1 * apache2-devel-2.4.51-150200.3.82.1 * apache2-utils-2.4.51-150200.3.82.1 * apache2-2.4.51-150200.3.82.1 * apache2-worker-debuginfo-2.4.51-150200.3.82.1 * apache2-prefork-2.4.51-150200.3.82.1 * SUSE Enterprise Storage 7.1 (noarch) * apache2-doc-2.4.51-150200.3.82.1 ## References: * https://www.suse.com/security/cve/CVE-2024-42516.html * https://www.suse.com/security/cve/CVE-2024-43204.html * https://www.suse.com/security/cve/CVE-2024-47252.html * https://www.suse.com/security/cve/CVE-2025-23048.html * https://www.suse.com/security/cve/CVE-2025-49630.html * https://www.suse.com/security/cve/CVE-2025-49812.html * https://www.suse.com/security/cve/CVE-2025-53020.html * https://bugzilla.suse.com/show_bug.cgi?id=1246169 * https://bugzilla.suse.com/show_bug.cgi?id=1246302 * https://bugzilla.suse.com/show_bug.cgi?id=1246303 * https://bugzilla.suse.com/show_bug.cgi?id=1246305 * https://bugzilla.suse.com/show_bug.cgi?id=1246306 * https://bugzilla.suse.com/show_bug.cgi?id=1246307 * https://bugzilla.suse.com/show_bug.cgi?id=1246477 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 16:30:50 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 16:30:50 -0000 Subject: SUSE-SU-2025:02682-1: important: Security update for apache2 Message-ID: <175432505098.10450.3112622918778733399@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2025:02682-1 Release Date: 2025-08-04T15:06:33Z Rating: important References: * bsc#1246169 * bsc#1246302 * bsc#1246303 * bsc#1246305 * bsc#1246306 * bsc#1246307 * bsc#1246477 Cross-References: * CVE-2024-42516 * CVE-2024-43204 * CVE-2024-47252 * CVE-2025-23048 * CVE-2025-49630 * CVE-2025-49812 * CVE-2025-53020 CVSS scores: * CVE-2024-42516 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-42516 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2024-42516 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-43204 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-43204 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-43204 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-47252 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-47252 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-47252 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-23048 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-23048 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-23048 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-49630 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-49630 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-49630 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-49812 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-49812 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L * CVE-2025-49812 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-53020 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-53020 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-53020 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * Server Applications Module 15-SP6 * Server Applications Module 15-SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves seven vulnerabilities can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2024-42516: Fixed HTTP response splitting. (bsc#1246477) * CVE-2024-43204: Fixed a SSRF when mod_proxy is loaded that allows an attacker to send outbound proxy requests to a URL controlled by them. (bsc#1246305) * CVE-2024-47252: Fixed insufficient escaping of user-supplied data in mod_ssl allows an untrusted SSL/TLS client to insert escape characters into log file. (bsc#1246303) * CVE-2025-23048: Fixed access control bypass by trusted clients through TLS 1.3 session resumption in some mod_ssl configurations. (bsc#1246302) * CVE-2025-49630: Fixed denial of service can be triggered by untrusted clients causing an assertion in mod_proxy_http2. (bsc#1246307) * CVE-2025-49812: Fixed Opossum Attack Application Layer Desynchronization using Opportunistic TLS. (bsc#1246169) * CVE-2025-53020: Fixed HTTP/2 denial of service due to late release of memory after effective lifetime. (bsc#1246306) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2682=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-2682=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-2682=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2682=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2682=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2682=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2682=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2682=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2682=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2682=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2682=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2682=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-2682=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2682=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * apache2-event-debuginfo-2.4.51-150400.6.46.1 * apache2-worker-debuginfo-2.4.51-150400.6.46.1 * apache2-utils-debuginfo-2.4.51-150400.6.46.1 * apache2-devel-2.4.51-150400.6.46.1 * apache2-example-pages-2.4.51-150400.6.46.1 * apache2-prefork-2.4.51-150400.6.46.1 * apache2-2.4.51-150400.6.46.1 * apache2-worker-2.4.51-150400.6.46.1 * apache2-prefork-debuginfo-2.4.51-150400.6.46.1 * apache2-utils-2.4.51-150400.6.46.1 * apache2-event-2.4.51-150400.6.46.1 * apache2-debuginfo-2.4.51-150400.6.46.1 * apache2-debugsource-2.4.51-150400.6.46.1 * openSUSE Leap 15.4 (noarch) * apache2-doc-2.4.51-150400.6.46.1 * Server Applications Module 15-SP6 (noarch) * apache2-doc-2.4.51-150400.6.46.1 * Server Applications Module 15-SP7 (noarch) * apache2-doc-2.4.51-150400.6.46.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * apache2-utils-debuginfo-2.4.51-150400.6.46.1 * apache2-devel-2.4.51-150400.6.46.1 * apache2-prefork-2.4.51-150400.6.46.1 * apache2-2.4.51-150400.6.46.1 * apache2-worker-2.4.51-150400.6.46.1 * apache2-prefork-debuginfo-2.4.51-150400.6.46.1 * apache2-utils-2.4.51-150400.6.46.1 * apache2-worker-debuginfo-2.4.51-150400.6.46.1 * apache2-debuginfo-2.4.51-150400.6.46.1 * apache2-debugsource-2.4.51-150400.6.46.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.46.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * apache2-utils-debuginfo-2.4.51-150400.6.46.1 * apache2-devel-2.4.51-150400.6.46.1 * apache2-prefork-2.4.51-150400.6.46.1 * apache2-2.4.51-150400.6.46.1 * apache2-worker-2.4.51-150400.6.46.1 * apache2-prefork-debuginfo-2.4.51-150400.6.46.1 * apache2-utils-2.4.51-150400.6.46.1 * apache2-worker-debuginfo-2.4.51-150400.6.46.1 * apache2-debuginfo-2.4.51-150400.6.46.1 * apache2-debugsource-2.4.51-150400.6.46.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.46.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * apache2-utils-debuginfo-2.4.51-150400.6.46.1 * apache2-devel-2.4.51-150400.6.46.1 * apache2-prefork-2.4.51-150400.6.46.1 * apache2-2.4.51-150400.6.46.1 * apache2-worker-2.4.51-150400.6.46.1 * apache2-prefork-debuginfo-2.4.51-150400.6.46.1 * apache2-utils-2.4.51-150400.6.46.1 * apache2-worker-debuginfo-2.4.51-150400.6.46.1 * apache2-debuginfo-2.4.51-150400.6.46.1 * apache2-debugsource-2.4.51-150400.6.46.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * apache2-doc-2.4.51-150400.6.46.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * apache2-utils-debuginfo-2.4.51-150400.6.46.1 * apache2-devel-2.4.51-150400.6.46.1 * apache2-prefork-2.4.51-150400.6.46.1 * apache2-2.4.51-150400.6.46.1 * apache2-worker-2.4.51-150400.6.46.1 * apache2-prefork-debuginfo-2.4.51-150400.6.46.1 * apache2-utils-2.4.51-150400.6.46.1 * apache2-worker-debuginfo-2.4.51-150400.6.46.1 * apache2-debuginfo-2.4.51-150400.6.46.1 * apache2-debugsource-2.4.51-150400.6.46.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * apache2-doc-2.4.51-150400.6.46.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * apache2-utils-debuginfo-2.4.51-150400.6.46.1 * apache2-devel-2.4.51-150400.6.46.1 * apache2-prefork-2.4.51-150400.6.46.1 * apache2-2.4.51-150400.6.46.1 * apache2-worker-2.4.51-150400.6.46.1 * apache2-prefork-debuginfo-2.4.51-150400.6.46.1 * apache2-utils-2.4.51-150400.6.46.1 * apache2-worker-debuginfo-2.4.51-150400.6.46.1 * apache2-debuginfo-2.4.51-150400.6.46.1 * apache2-debugsource-2.4.51-150400.6.46.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * apache2-doc-2.4.51-150400.6.46.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * apache2-utils-debuginfo-2.4.51-150400.6.46.1 * apache2-devel-2.4.51-150400.6.46.1 * apache2-prefork-2.4.51-150400.6.46.1 * apache2-2.4.51-150400.6.46.1 * apache2-worker-2.4.51-150400.6.46.1 * apache2-prefork-debuginfo-2.4.51-150400.6.46.1 * apache2-utils-2.4.51-150400.6.46.1 * apache2-worker-debuginfo-2.4.51-150400.6.46.1 * apache2-debuginfo-2.4.51-150400.6.46.1 * apache2-debugsource-2.4.51-150400.6.46.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * apache2-doc-2.4.51-150400.6.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * apache2-utils-debuginfo-2.4.51-150400.6.46.1 * apache2-devel-2.4.51-150400.6.46.1 * apache2-prefork-2.4.51-150400.6.46.1 * apache2-2.4.51-150400.6.46.1 * apache2-worker-2.4.51-150400.6.46.1 * apache2-prefork-debuginfo-2.4.51-150400.6.46.1 * apache2-utils-2.4.51-150400.6.46.1 * apache2-worker-debuginfo-2.4.51-150400.6.46.1 * apache2-debuginfo-2.4.51-150400.6.46.1 * apache2-debugsource-2.4.51-150400.6.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * apache2-utils-debuginfo-2.4.51-150400.6.46.1 * apache2-devel-2.4.51-150400.6.46.1 * apache2-prefork-2.4.51-150400.6.46.1 * apache2-2.4.51-150400.6.46.1 * apache2-worker-2.4.51-150400.6.46.1 * apache2-prefork-debuginfo-2.4.51-150400.6.46.1 * apache2-utils-2.4.51-150400.6.46.1 * apache2-worker-debuginfo-2.4.51-150400.6.46.1 * apache2-debuginfo-2.4.51-150400.6.46.1 * apache2-debugsource-2.4.51-150400.6.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * apache2-doc-2.4.51-150400.6.46.1 * SUSE Manager Proxy 4.3 (x86_64) * apache2-utils-debuginfo-2.4.51-150400.6.46.1 * apache2-devel-2.4.51-150400.6.46.1 * apache2-prefork-2.4.51-150400.6.46.1 * apache2-2.4.51-150400.6.46.1 * apache2-worker-2.4.51-150400.6.46.1 * apache2-prefork-debuginfo-2.4.51-150400.6.46.1 * apache2-utils-2.4.51-150400.6.46.1 * apache2-worker-debuginfo-2.4.51-150400.6.46.1 * apache2-debuginfo-2.4.51-150400.6.46.1 * apache2-debugsource-2.4.51-150400.6.46.1 * SUSE Manager Proxy 4.3 (noarch) * apache2-doc-2.4.51-150400.6.46.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * apache2-utils-debuginfo-2.4.51-150400.6.46.1 * apache2-devel-2.4.51-150400.6.46.1 * apache2-prefork-2.4.51-150400.6.46.1 * apache2-2.4.51-150400.6.46.1 * apache2-worker-2.4.51-150400.6.46.1 * apache2-prefork-debuginfo-2.4.51-150400.6.46.1 * apache2-utils-2.4.51-150400.6.46.1 * apache2-worker-debuginfo-2.4.51-150400.6.46.1 * apache2-debuginfo-2.4.51-150400.6.46.1 * apache2-debugsource-2.4.51-150400.6.46.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.46.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * apache2-utils-debuginfo-2.4.51-150400.6.46.1 * apache2-devel-2.4.51-150400.6.46.1 * apache2-prefork-2.4.51-150400.6.46.1 * apache2-2.4.51-150400.6.46.1 * apache2-worker-2.4.51-150400.6.46.1 * apache2-prefork-debuginfo-2.4.51-150400.6.46.1 * apache2-utils-2.4.51-150400.6.46.1 * apache2-worker-debuginfo-2.4.51-150400.6.46.1 * apache2-debuginfo-2.4.51-150400.6.46.1 * apache2-debugsource-2.4.51-150400.6.46.1 * SUSE Manager Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.46.1 ## References: * https://www.suse.com/security/cve/CVE-2024-42516.html * https://www.suse.com/security/cve/CVE-2024-43204.html * https://www.suse.com/security/cve/CVE-2024-47252.html * https://www.suse.com/security/cve/CVE-2025-23048.html * https://www.suse.com/security/cve/CVE-2025-49630.html * https://www.suse.com/security/cve/CVE-2025-49812.html * https://www.suse.com/security/cve/CVE-2025-53020.html * https://bugzilla.suse.com/show_bug.cgi?id=1246169 * https://bugzilla.suse.com/show_bug.cgi?id=1246302 * https://bugzilla.suse.com/show_bug.cgi?id=1246303 * https://bugzilla.suse.com/show_bug.cgi?id=1246305 * https://bugzilla.suse.com/show_bug.cgi?id=1246306 * https://bugzilla.suse.com/show_bug.cgi?id=1246307 * https://bugzilla.suse.com/show_bug.cgi?id=1246477 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 16:30:55 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 16:30:55 -0000 Subject: SUSE-SU-2025:02681-1: important: Security update for redis Message-ID: <175432505566.10450.565796762617813187@smelt2.prg2.suse.org> # Security update for redis Announcement ID: SUSE-SU-2025:02681-1 Release Date: 2025-08-04T15:04:38Z Rating: important References: * bsc#1243804 * bsc#1246058 * bsc#1246059 Cross-References: * CVE-2025-27151 * CVE-2025-32023 * CVE-2025-48367 CVSS scores: * CVE-2025-27151 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-27151 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32023 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-32023 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-32023 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-48367 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-48367 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-48367 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for redis fixes the following issues: * CVE-2025-27151: Fixed absence of filename size check may cause a stack overflow. (bsc#1243804) * CVE-2025-32023: Fixed out-of-bounds write when working with HyperLogLog commands can lead to remote code execution. (bsc#1246059) * CVE-2025-48367: Fixed unauthenticated connection causing repeated IP protocol erros can lead to client starvation and DoS. (bsc#1246058) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2681=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2681=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2681=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2681=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2681=1 ## Package List: * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * redis7-debuginfo-7.0.8-150500.3.21.1 * redis7-7.0.8-150500.3.21.1 * redis7-debugsource-7.0.8-150500.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * redis7-debuginfo-7.0.8-150500.3.21.1 * redis7-7.0.8-150500.3.21.1 * redis7-debugsource-7.0.8-150500.3.21.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * redis7-debuginfo-7.0.8-150500.3.21.1 * redis7-7.0.8-150500.3.21.1 * redis7-debugsource-7.0.8-150500.3.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * redis7-debuginfo-7.0.8-150500.3.21.1 * redis7-7.0.8-150500.3.21.1 * redis7-debugsource-7.0.8-150500.3.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * redis7-debuginfo-7.0.8-150500.3.21.1 * redis7-7.0.8-150500.3.21.1 * redis7-debugsource-7.0.8-150500.3.21.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27151.html * https://www.suse.com/security/cve/CVE-2025-32023.html * https://www.suse.com/security/cve/CVE-2025-48367.html * https://bugzilla.suse.com/show_bug.cgi?id=1243804 * https://bugzilla.suse.com/show_bug.cgi?id=1246058 * https://bugzilla.suse.com/show_bug.cgi?id=1246059 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 16:31:00 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 16:31:00 -0000 Subject: SUSE-SU-2025:02680-1: important: Security update for redis Message-ID: <175432506009.10450.4933935543847133792@smelt2.prg2.suse.org> # Security update for redis Announcement ID: SUSE-SU-2025:02680-1 Release Date: 2025-08-04T15:04:10Z Rating: important References: * bsc#1246058 * bsc#1246059 Cross-References: * CVE-2025-32023 * CVE-2025-48367 CVSS scores: * CVE-2025-32023 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-32023 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-32023 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-48367 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-48367 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-48367 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for redis fixes the following issues: * CVE-2025-32023: Fixed out-of-bounds write when working with HyperLogLog commands can lead to remote code execution. (bsc#1246059) * CVE-2025-48367: Fixed unauthenticated connection causing repeated IP protocol erros can lead to client starvation and DoS. (bsc#1246058) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2680=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2680=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2680=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2680=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2680=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2680=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2680=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2680=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2680=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2680=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-2680=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2680=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * redis-debugsource-6.2.6-150400.3.37.1 * redis-debuginfo-6.2.6-150400.3.37.1 * redis-6.2.6-150400.3.37.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * redis-debugsource-6.2.6-150400.3.37.1 * redis-debuginfo-6.2.6-150400.3.37.1 * redis-6.2.6-150400.3.37.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * redis-debugsource-6.2.6-150400.3.37.1 * redis-debuginfo-6.2.6-150400.3.37.1 * redis-6.2.6-150400.3.37.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * redis-debugsource-6.2.6-150400.3.37.1 * redis-debuginfo-6.2.6-150400.3.37.1 * redis-6.2.6-150400.3.37.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * redis-debugsource-6.2.6-150400.3.37.1 * redis-debuginfo-6.2.6-150400.3.37.1 * redis-6.2.6-150400.3.37.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * redis-debugsource-6.2.6-150400.3.37.1 * redis-debuginfo-6.2.6-150400.3.37.1 * redis-6.2.6-150400.3.37.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * redis-debugsource-6.2.6-150400.3.37.1 * redis-debuginfo-6.2.6-150400.3.37.1 * redis-6.2.6-150400.3.37.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * redis-debugsource-6.2.6-150400.3.37.1 * redis-debuginfo-6.2.6-150400.3.37.1 * redis-6.2.6-150400.3.37.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * redis-debugsource-6.2.6-150400.3.37.1 * redis-debuginfo-6.2.6-150400.3.37.1 * redis-6.2.6-150400.3.37.1 * SUSE Manager Proxy 4.3 (x86_64) * redis-debugsource-6.2.6-150400.3.37.1 * redis-debuginfo-6.2.6-150400.3.37.1 * redis-6.2.6-150400.3.37.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * redis-debugsource-6.2.6-150400.3.37.1 * redis-debuginfo-6.2.6-150400.3.37.1 * redis-6.2.6-150400.3.37.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * redis-debugsource-6.2.6-150400.3.37.1 * redis-debuginfo-6.2.6-150400.3.37.1 * redis-6.2.6-150400.3.37.1 ## References: * https://www.suse.com/security/cve/CVE-2025-32023.html * https://www.suse.com/security/cve/CVE-2025-48367.html * https://bugzilla.suse.com/show_bug.cgi?id=1246058 * https://bugzilla.suse.com/show_bug.cgi?id=1246059 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 16:31:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 16:31:05 -0000 Subject: SUSE-SU-2025:02679-1: important: Security update for redis Message-ID: <175432506517.10450.8909408268731982185@smelt2.prg2.suse.org> # Security update for redis Announcement ID: SUSE-SU-2025:02679-1 Release Date: 2025-08-04T15:03:15Z Rating: important References: * bsc#1243804 * bsc#1246058 * bsc#1246059 Cross-References: * CVE-2025-27151 * CVE-2025-32023 * CVE-2025-48367 CVSS scores: * CVE-2025-27151 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-27151 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32023 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-32023 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-32023 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-48367 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-48367 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-48367 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for redis fixes the following issues: * CVE-2025-27151: Fixed absence of filename size check may cause a stack overflow. (bsc#1243804) * CVE-2025-32023: Fixed out-of-bounds write when working with HyperLogLog commands can lead to remote code execution. (bsc#1246059) * CVE-2025-48367: Fixed unauthenticated connection causing repeated IP protocol erros can lead to client starvation and DoS. (bsc#1246058) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-2679=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2679=1 openSUSE-SLE-15.6-2025-2679=1 ## Package List: * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * redis7-7.0.8-150600.8.16.1 * redis7-debugsource-7.0.8-150600.8.16.1 * redis7-debuginfo-7.0.8-150600.8.16.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * redis7-7.0.8-150600.8.16.1 * redis7-debugsource-7.0.8-150600.8.16.1 * redis7-debuginfo-7.0.8-150600.8.16.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27151.html * https://www.suse.com/security/cve/CVE-2025-32023.html * https://www.suse.com/security/cve/CVE-2025-48367.html * https://bugzilla.suse.com/show_bug.cgi?id=1243804 * https://bugzilla.suse.com/show_bug.cgi?id=1246058 * https://bugzilla.suse.com/show_bug.cgi?id=1246059 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 16:31:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 16:31:08 -0000 Subject: SUSE-SU-2025:02677-1: low: Security update for cairo Message-ID: <175432506897.10450.5704939330367877049@smelt2.prg2.suse.org> # Security update for cairo Announcement ID: SUSE-SU-2025:02677-1 Release Date: 2025-08-04T14:31:56Z Rating: low References: * bsc#1122338 Cross-References: * CVE-2019-6461 CVSS scores: * CVE-2019-6461 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2019-6461 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2019-6461 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for cairo fixes the following issues: * CVE-2019-6461: avoid assert when drawing arcs with NaN angles (bsc#1122338). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2677=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2677=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2677=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2677=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2677=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2677=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libcairo-gobject2-1.16.0-150400.11.6.1 * cairo-tools-1.16.0-150400.11.6.1 * libcairo2-1.16.0-150400.11.6.1 * cairo-debugsource-1.16.0-150400.11.6.1 * libcairo2-debuginfo-1.16.0-150400.11.6.1 * cairo-devel-1.16.0-150400.11.6.1 * libcairo-script-interpreter2-debuginfo-1.16.0-150400.11.6.1 * cairo-tools-debuginfo-1.16.0-150400.11.6.1 * libcairo-script-interpreter2-1.16.0-150400.11.6.1 * libcairo-gobject2-debuginfo-1.16.0-150400.11.6.1 * openSUSE Leap 15.4 (x86_64) * libcairo-script-interpreter2-32bit-1.16.0-150400.11.6.1 * libcairo2-32bit-debuginfo-1.16.0-150400.11.6.1 * libcairo-gobject2-32bit-debuginfo-1.16.0-150400.11.6.1 * libcairo2-32bit-1.16.0-150400.11.6.1 * cairo-devel-32bit-1.16.0-150400.11.6.1 * libcairo-gobject2-32bit-1.16.0-150400.11.6.1 * libcairo-script-interpreter2-32bit-debuginfo-1.16.0-150400.11.6.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libcairo-script-interpreter2-64bit-1.16.0-150400.11.6.1 * libcairo-gobject2-64bit-debuginfo-1.16.0-150400.11.6.1 * libcairo2-64bit-debuginfo-1.16.0-150400.11.6.1 * libcairo2-64bit-1.16.0-150400.11.6.1 * libcairo-gobject2-64bit-1.16.0-150400.11.6.1 * cairo-devel-64bit-1.16.0-150400.11.6.1 * libcairo-script-interpreter2-64bit-debuginfo-1.16.0-150400.11.6.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libcairo-gobject2-1.16.0-150400.11.6.1 * libcairo2-1.16.0-150400.11.6.1 * cairo-debugsource-1.16.0-150400.11.6.1 * libcairo2-debuginfo-1.16.0-150400.11.6.1 * libcairo-gobject2-debuginfo-1.16.0-150400.11.6.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libcairo-gobject2-1.16.0-150400.11.6.1 * libcairo2-1.16.0-150400.11.6.1 * cairo-debugsource-1.16.0-150400.11.6.1 * libcairo2-debuginfo-1.16.0-150400.11.6.1 * libcairo-gobject2-debuginfo-1.16.0-150400.11.6.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libcairo-gobject2-1.16.0-150400.11.6.1 * libcairo2-1.16.0-150400.11.6.1 * cairo-debugsource-1.16.0-150400.11.6.1 * libcairo2-debuginfo-1.16.0-150400.11.6.1 * libcairo-gobject2-debuginfo-1.16.0-150400.11.6.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libcairo-gobject2-1.16.0-150400.11.6.1 * libcairo2-1.16.0-150400.11.6.1 * cairo-debugsource-1.16.0-150400.11.6.1 * libcairo2-debuginfo-1.16.0-150400.11.6.1 * libcairo-gobject2-debuginfo-1.16.0-150400.11.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libcairo-gobject2-1.16.0-150400.11.6.1 * libcairo2-1.16.0-150400.11.6.1 * cairo-debugsource-1.16.0-150400.11.6.1 * libcairo2-debuginfo-1.16.0-150400.11.6.1 * libcairo-gobject2-debuginfo-1.16.0-150400.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2019-6461.html * https://bugzilla.suse.com/show_bug.cgi?id=1122338 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 16:31:19 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 16:31:19 -0000 Subject: SUSE-SU-2025:02675-1: moderate: Security update for systemd Message-ID: <175432507949.10450.11006838339783420457@smelt2.prg2.suse.org> # Security update for systemd Announcement ID: SUSE-SU-2025:02675-1 Release Date: 2025-08-04T14:00:15Z Rating: moderate References: * bsc#1243935 Cross-References: * CVE-2025-4598 CVSS scores: * CVE-2025-4598 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-4598 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for systemd fixes the following issues: * CVE-2025-4598: Fixed race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump (bsc#1243935). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2675=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2675=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2675=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2675=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2675=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2675=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2675=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2675=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-2675=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2675=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2675=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2675=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2675=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2675=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2675=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2675=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2675=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * systemd-249.17-150400.8.49.2 * systemd-coredump-debuginfo-249.17-150400.8.49.2 * systemd-debuginfo-249.17-150400.8.49.2 * libsystemd0-249.17-150400.8.49.2 * systemd-container-249.17-150400.8.49.2 * libudev1-debuginfo-249.17-150400.8.49.2 * systemd-doc-249.17-150400.8.49.2 * libudev1-249.17-150400.8.49.2 * libsystemd0-debuginfo-249.17-150400.8.49.2 * systemd-debugsource-249.17-150400.8.49.2 * systemd-sysvinit-249.17-150400.8.49.2 * udev-249.17-150400.8.49.2 * systemd-coredump-249.17-150400.8.49.2 * systemd-container-debuginfo-249.17-150400.8.49.2 * systemd-devel-249.17-150400.8.49.2 * udev-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * systemd-lang-249.17-150400.8.49.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * systemd-32bit-249.17-150400.8.49.2 * libsystemd0-32bit-debuginfo-249.17-150400.8.49.2 * libsystemd0-32bit-249.17-150400.8.49.2 * systemd-32bit-debuginfo-249.17-150400.8.49.2 * libudev1-32bit-249.17-150400.8.49.2 * libudev1-32bit-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * systemd-249.17-150400.8.49.2 * systemd-coredump-debuginfo-249.17-150400.8.49.2 * systemd-debuginfo-249.17-150400.8.49.2 * libsystemd0-249.17-150400.8.49.2 * systemd-container-249.17-150400.8.49.2 * libudev1-debuginfo-249.17-150400.8.49.2 * systemd-doc-249.17-150400.8.49.2 * libudev1-249.17-150400.8.49.2 * libsystemd0-debuginfo-249.17-150400.8.49.2 * systemd-debugsource-249.17-150400.8.49.2 * systemd-sysvinit-249.17-150400.8.49.2 * udev-249.17-150400.8.49.2 * systemd-coredump-249.17-150400.8.49.2 * systemd-container-debuginfo-249.17-150400.8.49.2 * systemd-devel-249.17-150400.8.49.2 * udev-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * systemd-lang-249.17-150400.8.49.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * systemd-32bit-249.17-150400.8.49.2 * libsystemd0-32bit-249.17-150400.8.49.2 * systemd-32bit-debuginfo-249.17-150400.8.49.2 * libudev1-32bit-249.17-150400.8.49.2 * libsystemd0-32bit-debuginfo-249.17-150400.8.49.2 * libudev1-32bit-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * systemd-249.17-150400.8.49.2 * systemd-coredump-debuginfo-249.17-150400.8.49.2 * systemd-debuginfo-249.17-150400.8.49.2 * libsystemd0-249.17-150400.8.49.2 * systemd-container-249.17-150400.8.49.2 * libudev1-debuginfo-249.17-150400.8.49.2 * systemd-doc-249.17-150400.8.49.2 * libudev1-249.17-150400.8.49.2 * libsystemd0-debuginfo-249.17-150400.8.49.2 * systemd-debugsource-249.17-150400.8.49.2 * systemd-sysvinit-249.17-150400.8.49.2 * udev-249.17-150400.8.49.2 * systemd-coredump-249.17-150400.8.49.2 * systemd-container-debuginfo-249.17-150400.8.49.2 * systemd-devel-249.17-150400.8.49.2 * udev-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * systemd-lang-249.17-150400.8.49.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * systemd-32bit-249.17-150400.8.49.2 * libsystemd0-32bit-249.17-150400.8.49.2 * systemd-32bit-debuginfo-249.17-150400.8.49.2 * libudev1-32bit-249.17-150400.8.49.2 * libsystemd0-32bit-debuginfo-249.17-150400.8.49.2 * libudev1-32bit-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * systemd-249.17-150400.8.49.2 * systemd-coredump-debuginfo-249.17-150400.8.49.2 * systemd-debuginfo-249.17-150400.8.49.2 * libsystemd0-249.17-150400.8.49.2 * systemd-container-249.17-150400.8.49.2 * libudev1-debuginfo-249.17-150400.8.49.2 * systemd-doc-249.17-150400.8.49.2 * libudev1-249.17-150400.8.49.2 * libsystemd0-debuginfo-249.17-150400.8.49.2 * systemd-debugsource-249.17-150400.8.49.2 * systemd-sysvinit-249.17-150400.8.49.2 * udev-249.17-150400.8.49.2 * systemd-coredump-249.17-150400.8.49.2 * systemd-container-debuginfo-249.17-150400.8.49.2 * systemd-devel-249.17-150400.8.49.2 * udev-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * systemd-lang-249.17-150400.8.49.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * systemd-32bit-249.17-150400.8.49.2 * libsystemd0-32bit-debuginfo-249.17-150400.8.49.2 * libsystemd0-32bit-249.17-150400.8.49.2 * systemd-32bit-debuginfo-249.17-150400.8.49.2 * libudev1-32bit-249.17-150400.8.49.2 * libudev1-32bit-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * systemd-249.17-150400.8.49.2 * systemd-coredump-debuginfo-249.17-150400.8.49.2 * systemd-debuginfo-249.17-150400.8.49.2 * libsystemd0-249.17-150400.8.49.2 * systemd-container-249.17-150400.8.49.2 * libudev1-debuginfo-249.17-150400.8.49.2 * systemd-doc-249.17-150400.8.49.2 * libudev1-249.17-150400.8.49.2 * libsystemd0-debuginfo-249.17-150400.8.49.2 * systemd-debugsource-249.17-150400.8.49.2 * systemd-sysvinit-249.17-150400.8.49.2 * udev-249.17-150400.8.49.2 * systemd-coredump-249.17-150400.8.49.2 * systemd-container-debuginfo-249.17-150400.8.49.2 * systemd-devel-249.17-150400.8.49.2 * udev-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * systemd-lang-249.17-150400.8.49.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * systemd-32bit-249.17-150400.8.49.2 * libsystemd0-32bit-249.17-150400.8.49.2 * systemd-32bit-debuginfo-249.17-150400.8.49.2 * libudev1-32bit-249.17-150400.8.49.2 * libsystemd0-32bit-debuginfo-249.17-150400.8.49.2 * libudev1-32bit-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * systemd-249.17-150400.8.49.2 * systemd-coredump-debuginfo-249.17-150400.8.49.2 * systemd-debuginfo-249.17-150400.8.49.2 * libsystemd0-249.17-150400.8.49.2 * systemd-container-249.17-150400.8.49.2 * libudev1-debuginfo-249.17-150400.8.49.2 * systemd-doc-249.17-150400.8.49.2 * libudev1-249.17-150400.8.49.2 * libsystemd0-debuginfo-249.17-150400.8.49.2 * systemd-debugsource-249.17-150400.8.49.2 * systemd-sysvinit-249.17-150400.8.49.2 * udev-249.17-150400.8.49.2 * systemd-coredump-249.17-150400.8.49.2 * systemd-container-debuginfo-249.17-150400.8.49.2 * systemd-devel-249.17-150400.8.49.2 * udev-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * systemd-lang-249.17-150400.8.49.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * systemd-32bit-249.17-150400.8.49.2 * libsystemd0-32bit-debuginfo-249.17-150400.8.49.2 * libsystemd0-32bit-249.17-150400.8.49.2 * systemd-32bit-debuginfo-249.17-150400.8.49.2 * libudev1-32bit-249.17-150400.8.49.2 * libudev1-32bit-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * systemd-249.17-150400.8.49.2 * systemd-coredump-debuginfo-249.17-150400.8.49.2 * systemd-debuginfo-249.17-150400.8.49.2 * libsystemd0-249.17-150400.8.49.2 * systemd-container-249.17-150400.8.49.2 * libudev1-debuginfo-249.17-150400.8.49.2 * systemd-doc-249.17-150400.8.49.2 * libudev1-249.17-150400.8.49.2 * libsystemd0-debuginfo-249.17-150400.8.49.2 * systemd-debugsource-249.17-150400.8.49.2 * systemd-sysvinit-249.17-150400.8.49.2 * udev-249.17-150400.8.49.2 * systemd-coredump-249.17-150400.8.49.2 * systemd-container-debuginfo-249.17-150400.8.49.2 * systemd-devel-249.17-150400.8.49.2 * udev-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * systemd-lang-249.17-150400.8.49.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * systemd-32bit-249.17-150400.8.49.2 * libsystemd0-32bit-249.17-150400.8.49.2 * systemd-32bit-debuginfo-249.17-150400.8.49.2 * libudev1-32bit-249.17-150400.8.49.2 * libsystemd0-32bit-debuginfo-249.17-150400.8.49.2 * libudev1-32bit-debuginfo-249.17-150400.8.49.2 * SUSE Manager Proxy 4.3 (x86_64) * systemd-debuginfo-249.17-150400.8.49.2 * libudev1-debuginfo-249.17-150400.8.49.2 * libsystemd0-32bit-debuginfo-249.17-150400.8.49.2 * libudev1-32bit-debuginfo-249.17-150400.8.49.2 * udev-249.17-150400.8.49.2 * systemd-249.17-150400.8.49.2 * libsystemd0-249.17-150400.8.49.2 * libudev1-249.17-150400.8.49.2 * systemd-debugsource-249.17-150400.8.49.2 * systemd-doc-249.17-150400.8.49.2 * systemd-container-debuginfo-249.17-150400.8.49.2 * libsystemd0-32bit-249.17-150400.8.49.2 * libsystemd0-debuginfo-249.17-150400.8.49.2 * systemd-sysvinit-249.17-150400.8.49.2 * systemd-32bit-debuginfo-249.17-150400.8.49.2 * systemd-coredump-249.17-150400.8.49.2 * libudev1-32bit-249.17-150400.8.49.2 * systemd-devel-249.17-150400.8.49.2 * udev-debuginfo-249.17-150400.8.49.2 * systemd-32bit-249.17-150400.8.49.2 * systemd-coredump-debuginfo-249.17-150400.8.49.2 * systemd-container-249.17-150400.8.49.2 * SUSE Manager Proxy 4.3 (noarch) * systemd-lang-249.17-150400.8.49.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * systemd-debuginfo-249.17-150400.8.49.2 * libudev1-debuginfo-249.17-150400.8.49.2 * libsystemd0-32bit-debuginfo-249.17-150400.8.49.2 * libudev1-32bit-debuginfo-249.17-150400.8.49.2 * udev-249.17-150400.8.49.2 * systemd-249.17-150400.8.49.2 * libsystemd0-249.17-150400.8.49.2 * libudev1-249.17-150400.8.49.2 * systemd-debugsource-249.17-150400.8.49.2 * systemd-doc-249.17-150400.8.49.2 * systemd-container-debuginfo-249.17-150400.8.49.2 * libsystemd0-32bit-249.17-150400.8.49.2 * libsystemd0-debuginfo-249.17-150400.8.49.2 * systemd-sysvinit-249.17-150400.8.49.2 * systemd-32bit-debuginfo-249.17-150400.8.49.2 * systemd-coredump-249.17-150400.8.49.2 * libudev1-32bit-249.17-150400.8.49.2 * systemd-devel-249.17-150400.8.49.2 * udev-debuginfo-249.17-150400.8.49.2 * systemd-32bit-249.17-150400.8.49.2 * systemd-coredump-debuginfo-249.17-150400.8.49.2 * systemd-container-249.17-150400.8.49.2 * SUSE Manager Retail Branch Server 4.3 (noarch) * systemd-lang-249.17-150400.8.49.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * systemd-249.17-150400.8.49.2 * systemd-coredump-debuginfo-249.17-150400.8.49.2 * systemd-debuginfo-249.17-150400.8.49.2 * libsystemd0-249.17-150400.8.49.2 * systemd-container-249.17-150400.8.49.2 * libudev1-debuginfo-249.17-150400.8.49.2 * systemd-doc-249.17-150400.8.49.2 * libudev1-249.17-150400.8.49.2 * libsystemd0-debuginfo-249.17-150400.8.49.2 * systemd-debugsource-249.17-150400.8.49.2 * systemd-sysvinit-249.17-150400.8.49.2 * udev-249.17-150400.8.49.2 * systemd-coredump-249.17-150400.8.49.2 * systemd-container-debuginfo-249.17-150400.8.49.2 * systemd-devel-249.17-150400.8.49.2 * udev-debuginfo-249.17-150400.8.49.2 * SUSE Manager Server 4.3 (noarch) * systemd-lang-249.17-150400.8.49.2 * SUSE Manager Server 4.3 (x86_64) * systemd-32bit-249.17-150400.8.49.2 * libsystemd0-32bit-debuginfo-249.17-150400.8.49.2 * libsystemd0-32bit-249.17-150400.8.49.2 * systemd-32bit-debuginfo-249.17-150400.8.49.2 * libudev1-32bit-249.17-150400.8.49.2 * libudev1-32bit-debuginfo-249.17-150400.8.49.2 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * systemd-testsuite-debuginfo-249.17-150400.8.49.2 * nss-myhostname-249.17-150400.8.49.2 * systemd-mini-devel-249.17-150400.8.49.1 * systemd-debuginfo-249.17-150400.8.49.2 * systemd-testsuite-249.17-150400.8.49.2 * libudev1-debuginfo-249.17-150400.8.49.2 * systemd-experimental-249.17-150400.8.49.2 * systemd-mini-doc-249.17-150400.8.49.1 * systemd-mini-debugsource-249.17-150400.8.49.1 * udev-mini-249.17-150400.8.49.1 * udev-249.17-150400.8.49.2 * systemd-portable-249.17-150400.8.49.2 * libudev-mini1-249.17-150400.8.49.1 * systemd-249.17-150400.8.49.2 * libsystemd0-249.17-150400.8.49.2 * libudev1-249.17-150400.8.49.2 * systemd-debugsource-249.17-150400.8.49.2 * systemd-journal-remote-249.17-150400.8.49.2 * libudev-mini1-debuginfo-249.17-150400.8.49.1 * systemd-doc-249.17-150400.8.49.2 * systemd-journal-remote-debuginfo-249.17-150400.8.49.2 * systemd-container-debuginfo-249.17-150400.8.49.2 * nss-systemd-249.17-150400.8.49.2 * systemd-network-249.17-150400.8.49.2 * systemd-mini-container-debuginfo-249.17-150400.8.49.1 * systemd-portable-debuginfo-249.17-150400.8.49.2 * systemd-mini-debuginfo-249.17-150400.8.49.1 * libsystemd0-debuginfo-249.17-150400.8.49.2 * systemd-sysvinit-249.17-150400.8.49.2 * libsystemd0-mini-debuginfo-249.17-150400.8.49.1 * systemd-coredump-249.17-150400.8.49.2 * systemd-mini-container-249.17-150400.8.49.1 * systemd-devel-249.17-150400.8.49.2 * udev-debuginfo-249.17-150400.8.49.2 * nss-myhostname-debuginfo-249.17-150400.8.49.2 * systemd-mini-249.17-150400.8.49.1 * systemd-coredump-debuginfo-249.17-150400.8.49.2 * systemd-container-249.17-150400.8.49.2 * systemd-mini-sysvinit-249.17-150400.8.49.1 * udev-mini-debuginfo-249.17-150400.8.49.1 * nss-systemd-debuginfo-249.17-150400.8.49.2 * systemd-network-debuginfo-249.17-150400.8.49.2 * systemd-experimental-debuginfo-249.17-150400.8.49.2 * libsystemd0-mini-249.17-150400.8.49.1 * openSUSE Leap 15.4 (x86_64) * nss-myhostname-32bit-debuginfo-249.17-150400.8.49.2 * systemd-32bit-249.17-150400.8.49.2 * libsystemd0-32bit-249.17-150400.8.49.2 * systemd-32bit-debuginfo-249.17-150400.8.49.2 * libudev1-32bit-249.17-150400.8.49.2 * libsystemd0-32bit-debuginfo-249.17-150400.8.49.2 * libudev1-32bit-debuginfo-249.17-150400.8.49.2 * nss-myhostname-32bit-249.17-150400.8.49.2 * openSUSE Leap 15.4 (noarch) * systemd-lang-249.17-150400.8.49.2 * openSUSE Leap 15.4 (aarch64_ilp32) * libsystemd0-64bit-debuginfo-249.17-150400.8.49.2 * libudev1-64bit-debuginfo-249.17-150400.8.49.2 * nss-myhostname-64bit-249.17-150400.8.49.2 * systemd-64bit-debuginfo-249.17-150400.8.49.2 * nss-myhostname-64bit-debuginfo-249.17-150400.8.49.2 * libsystemd0-64bit-249.17-150400.8.49.2 * systemd-64bit-249.17-150400.8.49.2 * libudev1-64bit-249.17-150400.8.49.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * systemd-249.17-150400.8.49.2 * systemd-debuginfo-249.17-150400.8.49.2 * libsystemd0-249.17-150400.8.49.2 * systemd-container-249.17-150400.8.49.2 * libudev1-debuginfo-249.17-150400.8.49.2 * libudev1-249.17-150400.8.49.2 * libsystemd0-debuginfo-249.17-150400.8.49.2 * systemd-debugsource-249.17-150400.8.49.2 * systemd-journal-remote-249.17-150400.8.49.2 * systemd-sysvinit-249.17-150400.8.49.2 * systemd-journal-remote-debuginfo-249.17-150400.8.49.2 * systemd-container-debuginfo-249.17-150400.8.49.2 * udev-249.17-150400.8.49.2 * udev-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * systemd-249.17-150400.8.49.2 * systemd-debuginfo-249.17-150400.8.49.2 * libsystemd0-249.17-150400.8.49.2 * systemd-container-249.17-150400.8.49.2 * libudev1-debuginfo-249.17-150400.8.49.2 * libudev1-249.17-150400.8.49.2 * libsystemd0-debuginfo-249.17-150400.8.49.2 * systemd-debugsource-249.17-150400.8.49.2 * systemd-journal-remote-249.17-150400.8.49.2 * systemd-sysvinit-249.17-150400.8.49.2 * systemd-journal-remote-debuginfo-249.17-150400.8.49.2 * systemd-container-debuginfo-249.17-150400.8.49.2 * udev-249.17-150400.8.49.2 * udev-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * systemd-249.17-150400.8.49.2 * systemd-debuginfo-249.17-150400.8.49.2 * libsystemd0-249.17-150400.8.49.2 * systemd-container-249.17-150400.8.49.2 * libudev1-debuginfo-249.17-150400.8.49.2 * libudev1-249.17-150400.8.49.2 * libsystemd0-debuginfo-249.17-150400.8.49.2 * systemd-debugsource-249.17-150400.8.49.2 * systemd-journal-remote-249.17-150400.8.49.2 * systemd-sysvinit-249.17-150400.8.49.2 * systemd-journal-remote-debuginfo-249.17-150400.8.49.2 * systemd-container-debuginfo-249.17-150400.8.49.2 * udev-249.17-150400.8.49.2 * udev-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * systemd-249.17-150400.8.49.2 * systemd-debuginfo-249.17-150400.8.49.2 * libsystemd0-249.17-150400.8.49.2 * systemd-container-249.17-150400.8.49.2 * libudev1-debuginfo-249.17-150400.8.49.2 * libudev1-249.17-150400.8.49.2 * libsystemd0-debuginfo-249.17-150400.8.49.2 * systemd-debugsource-249.17-150400.8.49.2 * systemd-journal-remote-249.17-150400.8.49.2 * systemd-sysvinit-249.17-150400.8.49.2 * systemd-journal-remote-debuginfo-249.17-150400.8.49.2 * systemd-container-debuginfo-249.17-150400.8.49.2 * udev-249.17-150400.8.49.2 * udev-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * systemd-249.17-150400.8.49.2 * systemd-debuginfo-249.17-150400.8.49.2 * libsystemd0-249.17-150400.8.49.2 * systemd-container-249.17-150400.8.49.2 * libudev1-debuginfo-249.17-150400.8.49.2 * libudev1-249.17-150400.8.49.2 * libsystemd0-debuginfo-249.17-150400.8.49.2 * systemd-debugsource-249.17-150400.8.49.2 * systemd-journal-remote-249.17-150400.8.49.2 * systemd-sysvinit-249.17-150400.8.49.2 * systemd-journal-remote-debuginfo-249.17-150400.8.49.2 * systemd-container-debuginfo-249.17-150400.8.49.2 * udev-249.17-150400.8.49.2 * udev-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * systemd-249.17-150400.8.49.2 * systemd-coredump-debuginfo-249.17-150400.8.49.2 * systemd-debuginfo-249.17-150400.8.49.2 * libsystemd0-249.17-150400.8.49.2 * systemd-container-249.17-150400.8.49.2 * libudev1-debuginfo-249.17-150400.8.49.2 * systemd-doc-249.17-150400.8.49.2 * libudev1-249.17-150400.8.49.2 * libsystemd0-debuginfo-249.17-150400.8.49.2 * systemd-debugsource-249.17-150400.8.49.2 * systemd-sysvinit-249.17-150400.8.49.2 * udev-249.17-150400.8.49.2 * systemd-coredump-249.17-150400.8.49.2 * systemd-container-debuginfo-249.17-150400.8.49.2 * systemd-devel-249.17-150400.8.49.2 * udev-debuginfo-249.17-150400.8.49.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * systemd-lang-249.17-150400.8.49.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * systemd-32bit-249.17-150400.8.49.2 * libsystemd0-32bit-debuginfo-249.17-150400.8.49.2 * libsystemd0-32bit-249.17-150400.8.49.2 * systemd-32bit-debuginfo-249.17-150400.8.49.2 * libudev1-32bit-249.17-150400.8.49.2 * libudev1-32bit-debuginfo-249.17-150400.8.49.2 ## References: * https://www.suse.com/security/cve/CVE-2025-4598.html * https://bugzilla.suse.com/show_bug.cgi?id=1243935 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 16:31:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 16:31:28 -0000 Subject: SUSE-SU-2025:02575-2: important: Security update for nvidia-open-driver-G06-signed Message-ID: <175432508846.10450.17603412156321853610@smelt2.prg2.suse.org> # Security update for nvidia-open-driver-G06-signed Announcement ID: SUSE-SU-2025:02575-2 Release Date: 2025-08-04T13:08:24Z Rating: important References: * bsc#1234675 * bsc#1235461 * bsc#1235871 Cross-References: * CVE-2024-0131 * CVE-2024-0147 * CVE-2024-0149 * CVE-2024-0150 * CVE-2024-53869 CVSS scores: * CVE-2024-0131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-0131 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0147 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0149 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-0149 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-0150 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-53869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53869 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Public Cloud Module 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities can now be installed. ## Description: This update for nvidia-open-driver-G06-signed fixes the following issues: This update was retracted to fix dependency issues. * Update to 550.144.03 (bsc#1235461, bsc#1235871) * fixes CVE-2024-0131, CVE-2024-0147, CVE-2024-0149, CVE-2024-0150, CVE-2024-53869 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2575=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2575=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2575=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2575=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-2575=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2575=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2575=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2575=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2575=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2575=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-2575=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2575=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * Public Cloud Module 15-SP4 (x86_64) * nvidia-open-driver-G06-signed-cuda-kmp-azure-debuginfo-560.35.03_k5.14.21_150400.14.75-150400.9.74.1 * nvidia-open-driver-G06-signed-azure-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-azure-debuginfo-550.127.05_k5.14.21_150400.14.75-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-azure-550.127.05_k5.14.21_150400.14.75-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-azure-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-azure-560.35.03_k5.14.21_150400.14.75-150400.9.74.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-default-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-default-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-64kb-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-64kb-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-default-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-default-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-64kb-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-64kb-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-default-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-default-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64) * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-64kb-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-64kb-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-default-devel-550.127.05-150400.9.74.1 * SUSE Manager Proxy 4.3 (x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-default-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-default-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-default-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-default-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * SUSE Manager Server 4.3 (x86_64) * nvidia-open-driver-G06-signed-debugsource-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 * nv-prefer-signed-open-driver-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-560.35.03_k5.14.21_150400.24.167-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-default-devel-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-default-devel-550.127.05-150400.9.74.1 * nvidia-open-driver-G06-signed-cuda-debugsource-560.35.03-150400.9.74.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.127.05_k5.14.21_150400.24.167-150400.9.74.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0131.html * https://www.suse.com/security/cve/CVE-2024-0147.html * https://www.suse.com/security/cve/CVE-2024-0149.html * https://www.suse.com/security/cve/CVE-2024-0150.html * https://www.suse.com/security/cve/CVE-2024-53869.html * https://bugzilla.suse.com/show_bug.cgi?id=1234675 * https://bugzilla.suse.com/show_bug.cgi?id=1235461 * https://bugzilla.suse.com/show_bug.cgi?id=1235871 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 16:31:33 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 16:31:33 -0000 Subject: SUSE-SU-2025:02165-2: important: Security update for nvidia-open-driver-G06-signed Message-ID: <175432509332.10450.12227490720540715278@smelt2.prg2.suse.org> # Security update for nvidia-open-driver-G06-signed Announcement ID: SUSE-SU-2025:02165-2 Release Date: 2025-08-04T13:08:06Z Rating: important References: * bsc#1234675 * bsc#1235461 * bsc#1235871 * bsc#1236191 Cross-References: * CVE-2024-0131 * CVE-2024-0147 * CVE-2024-0149 * CVE-2024-0150 * CVE-2024-53869 CVSS scores: * CVE-2024-0131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-0131 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0147 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0149 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-0149 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-0150 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-53869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53869 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Public Cloud Module 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities can now be installed. ## Description: This update for nvidia-open-driver-G06-signed fixes the following issues: This update was retracted due to dependency problems with the CUDA Kmp. Update to 550.144.03 (bsc#1235461, bsc#1235871): * fixes CVE-2024-0131, CVE-2024-0147, CVE-2024-0149, CVE-2024-0150, CVE-2024-53869 * let -cuda KMP conflict with no-cuda variants < 550.135 (bsc#1236191) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2165=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2165=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2165=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2165=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-2165=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2165=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2165=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2165=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2165=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2165=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-2165=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2165=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nv-prefer-signed-open-driver-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.22-150400.9.86.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nv-prefer-signed-open-driver-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.22-150400.9.86.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nv-prefer-signed-open-driver-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.22-150400.9.86.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nv-prefer-signed-open-driver-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.22-150400.9.86.1 * Public Cloud Module 15-SP4 (x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-azure-debuginfo-565.57.01_k5.14.21_150400.12-150400.9.86.1 * nvidia-open-driver-G06-signed-azure-devel-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-azure-550.144.03_k5.14.21_150400.12-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-azure-devel-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-azure-debuginfo-550.144.03_k5.14.21_150400.12-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-azure-565.57.01_k5.14.21_150400.12-150400.9.86.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nv-prefer-signed-open-driver-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.22-150400.9.86.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * nvidia-open-driver-G06-signed-64kb-devel-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-565.57.01_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-565.57.01_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-64kb-devel-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.144.03_k5.14.21_150400.22-150400.9.86.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nv-prefer-signed-open-driver-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.22-150400.9.86.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * nvidia-open-driver-G06-signed-64kb-devel-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-565.57.01_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-565.57.01_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-64kb-devel-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.144.03_k5.14.21_150400.22-150400.9.86.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nv-prefer-signed-open-driver-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.22-150400.9.86.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64) * nvidia-open-driver-G06-signed-64kb-devel-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-565.57.01_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-565.57.01_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-64kb-devel-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.144.03_k5.14.21_150400.22-150400.9.86.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.22-150400.9.86.1 * SUSE Manager Proxy 4.3 (x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nv-prefer-signed-open-driver-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.22-150400.9.86.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nv-prefer-signed-open-driver-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.22-150400.9.86.1 * SUSE Manager Server 4.3 (x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-debugsource-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-default-devel-550.144.03-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nv-prefer-signed-open-driver-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-default-devel-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-debugsource-565.57.01-150400.9.86.1 * nvidia-open-driver-G06-signed-kmp-default-550.144.03_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-565.57.01_k5.14.21_150400.22-150400.9.86.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-565.57.01_k5.14.21_150400.22-150400.9.86.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0131.html * https://www.suse.com/security/cve/CVE-2024-0147.html * https://www.suse.com/security/cve/CVE-2024-0149.html * https://www.suse.com/security/cve/CVE-2024-0150.html * https://www.suse.com/security/cve/CVE-2024-53869.html * https://bugzilla.suse.com/show_bug.cgi?id=1234675 * https://bugzilla.suse.com/show_bug.cgi?id=1235461 * https://bugzilla.suse.com/show_bug.cgi?id=1235871 * https://bugzilla.suse.com/show_bug.cgi?id=1236191 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 16:31:39 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 16:31:39 -0000 Subject: SUSE-SU-2025:02672-1: important: Security update for sqlite3 Message-ID: <175432509992.10450.9865086563889753338@smelt2.prg2.suse.org> # Security update for sqlite3 Announcement ID: SUSE-SU-2025:02672-1 Release Date: 2025-08-04T13:07:46Z Rating: important References: * bsc#1246597 Cross-References: * CVE-2025-6965 CVSS scores: * CVE-2025-6965 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L * CVE-2025-6965 ( NVD ): 7.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green * CVE-2025-6965 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS An update that solves one vulnerability can now be installed. ## Description: This update for sqlite3 fixes the following issues: * Update to version 3.50.2 * CVE-2025-6965: Fixed an integer truncation to avoid assertion faults. (bsc#1246597) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2672=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2672=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2672=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2672=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2672=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2672=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2672=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2672=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2672=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2672=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2672=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2672=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2672=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2672=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2672=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2672=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2672=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2672=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2672=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-2672=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-2672=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-2672=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2672=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2672=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2672=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2672=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-devel-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-tcl-debuginfo-3.50.2-150000.3.33.1 * sqlite3-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * openSUSE Leap 15.6 (x86_64) * libsqlite3-0-32bit-debuginfo-3.50.2-150000.3.33.1 * libsqlite3-0-32bit-3.50.2-150000.3.33.1 * openSUSE Leap 15.6 (noarch) * sqlite3-doc-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-tcl-debuginfo-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-tcl-debuginfo-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-tcl-debuginfo-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-devel-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-tcl-debuginfo-3.50.2-150000.3.33.1 * sqlite3-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * Basesystem Module 15-SP6 (x86_64) * libsqlite3-0-32bit-debuginfo-3.50.2-150000.3.33.1 * libsqlite3-0-32bit-3.50.2-150000.3.33.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-devel-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-tcl-debuginfo-3.50.2-150000.3.33.1 * sqlite3-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * Basesystem Module 15-SP7 (x86_64) * libsqlite3-0-32bit-debuginfo-3.50.2-150000.3.33.1 * libsqlite3-0-32bit-3.50.2-150000.3.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-devel-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * libsqlite3-0-32bit-debuginfo-3.50.2-150000.3.33.1 * libsqlite3-0-32bit-3.50.2-150000.3.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-devel-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libsqlite3-0-32bit-debuginfo-3.50.2-150000.3.33.1 * libsqlite3-0-32bit-3.50.2-150000.3.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-devel-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libsqlite3-0-32bit-debuginfo-3.50.2-150000.3.33.1 * libsqlite3-0-32bit-3.50.2-150000.3.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-devel-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-tcl-debuginfo-3.50.2-150000.3.33.1 * sqlite3-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libsqlite3-0-32bit-debuginfo-3.50.2-150000.3.33.1 * libsqlite3-0-32bit-3.50.2-150000.3.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-devel-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-tcl-debuginfo-3.50.2-150000.3.33.1 * sqlite3-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libsqlite3-0-32bit-debuginfo-3.50.2-150000.3.33.1 * libsqlite3-0-32bit-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-devel-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64) * libsqlite3-0-32bit-debuginfo-3.50.2-150000.3.33.1 * libsqlite3-0-32bit-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-devel-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libsqlite3-0-32bit-debuginfo-3.50.2-150000.3.33.1 * libsqlite3-0-32bit-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-devel-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-tcl-debuginfo-3.50.2-150000.3.33.1 * sqlite3-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libsqlite3-0-32bit-debuginfo-3.50.2-150000.3.33.1 * libsqlite3-0-32bit-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-devel-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * libsqlite3-0-32bit-debuginfo-3.50.2-150000.3.33.1 * libsqlite3-0-32bit-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-devel-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libsqlite3-0-32bit-debuginfo-3.50.2-150000.3.33.1 * libsqlite3-0-32bit-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-devel-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-tcl-debuginfo-3.50.2-150000.3.33.1 * sqlite3-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libsqlite3-0-32bit-debuginfo-3.50.2-150000.3.33.1 * libsqlite3-0-32bit-3.50.2-150000.3.33.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * libsqlite3-0-32bit-debuginfo-3.50.2-150000.3.33.1 * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * libsqlite3-0-32bit-3.50.2-150000.3.33.1 * sqlite3-devel-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * libsqlite3-0-32bit-debuginfo-3.50.2-150000.3.33.1 * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * libsqlite3-0-32bit-3.50.2-150000.3.33.1 * sqlite3-devel-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-devel-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Manager Server 4.3 LTS (x86_64) * libsqlite3-0-32bit-debuginfo-3.50.2-150000.3.33.1 * libsqlite3-0-32bit-3.50.2-150000.3.33.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * sqlite3-tcl-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-devel-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * sqlite3-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * SUSE Enterprise Storage 7.1 (x86_64) * libsqlite3-0-32bit-debuginfo-3.50.2-150000.3.33.1 * libsqlite3-0-32bit-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libsqlite3-0-3.50.2-150000.3.33.1 * sqlite3-debuginfo-3.50.2-150000.3.33.1 * sqlite3-debugsource-3.50.2-150000.3.33.1 * libsqlite3-0-debuginfo-3.50.2-150000.3.33.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6965.html * https://bugzilla.suse.com/show_bug.cgi?id=1246597 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 16:31:47 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 16:31:47 -0000 Subject: SUSE-SU-2025:02667-1: important: Security update for java-17-openjdk Message-ID: <175432510716.10450.13486600370782707656@smelt2.prg2.suse.org> # Security update for java-17-openjdk Announcement ID: SUSE-SU-2025:02667-1 Release Date: 2025-08-04T12:38:11Z Rating: important References: * bsc#1246575 * bsc#1246584 * bsc#1246595 * bsc#1246598 Cross-References: * CVE-2025-30749 * CVE-2025-30754 * CVE-2025-50059 * CVE-2025-50106 CVSS scores: * CVE-2025-30749 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-30749 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-30749 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-30754 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-30754 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-30754 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-50059 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-50059 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-50106 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-50106 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Legacy Module 15-SP6 * Legacy Module 15-SP7 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities can now be installed. ## Description: This update for java-17-openjdk fixes the following issues: Upgrade to upstream tag jdk-17.0.16+8 (July 2025 CPU): * CVE-2025-30749: several scenarios can lead to heap corruption (bsc#1246595) * CVE-2025-30754: incomplete handshake may lead to weakening TLS protections (bsc#1246598) * CVE-2025-50059: Improve HTTP client header handling (bsc#1246575) * CVE-2025-50106: Glyph out-of-memory access and crash (bsc#1246584) Changelog: + JDK-4850101: Setting mnemonic to VK_F4 underlines the letter S in a button. + JDK-5074006: Swing JOptionPane shows </html> tag as a string after newline + JDK-6956385: URLConnection.getLastModified() leaks file handles for jar:file and file: URLs + JDK-8024624: [TEST_BUG] [macosx] CTRL+RIGHT(LEFT) doesn't move selection on next cell in JTable on Aqua L&F + JDK-8042134: JOptionPane bungles HTML messages + JDK-8051591: Test javax/swing/JTabbedPane/8007563/Test8007563.java fails + JDK-8077371: Binary files in JAXP test should be removed + JDK-8183348: Better cleanup for jdk/test/sun/security/pkcs12/P12SecretKey.java + JDK-8196465: javax/swing/JComboBox/8182031/ComboPopupTest.java fails on Linux + JDK-8202100: Merge vm/share/InMemoryJavaCompiler w/ jdk/test/lib/compiler/InMemoryJavaCompiler + JDK-8211400: nsk.share.gc.Memory::getArrayLength returns wrong value + JDK-8218474: JComboBox display issue with GTKLookAndFeel + JDK-8224267: JOptionPane message string with 5000+ newlines produces StackOverflowError + JDK-8249831: Test sun/security/mscapi/nonUniqueAliases/ /NonUniqueAliases.java is marked with @ignore + JDK-8251505: Use of types in compiler shared code should be consistent. + JDK-8253440: serviceability/sa/TestJhsdbJstackLineNumbers.java failed with "Didn't find enough line numbers" + JDK-8254786: java/net/httpclient/CancelRequestTest.java failing intermittently + JDK-8256211: assert fired in java/net/httpclient/DependentPromiseActionsTest (infrequent) + JDK-8258483: [TESTBUG] gtest CollectorPolicy.young_scaled_initial_ergo_vm fails if heap is too small + JDK-8269516: AArch64: Assembler cleanups + JDK-8271419: Refactor test code for modifying CDS archive contents + JDK-8276995: Bug in jdk.jfr.event.gc.collection.TestSystemGC + JDK-8277983: Remove unused fields from sun.net.www.protocol.jar.JarURLConnection + JDK-8279884: Use better file for cygwin source permission check + JDK-8279894: javax/swing/JInternalFrame/8020708/bug8020708.java timeouts on Windows 11 + JDK-8280468: Crashes in getConfigColormap, getConfigVisualId, XVisualIDFromVisual on Linux + JDK-8280820: Clean up bug8033699 and bug8075609.java tests: regtesthelpers aren't used + JDK-8280991: [XWayland] No displayChanged event after setDisplayMode call + JDK-8281511: java/net/ipv6tests/UdpTest.java fails with checkTime failed + JDK-8282863: java/awt/FullScreen/FullscreenWindowProps/ /FullscreenWindowProps.java fails on Windows 10 with HiDPI screen + JDK-8286204: [Accessibility,macOS,VoiceOver] VoiceOver reads the spinner value 10 as 1 when user iterates to 10 for the first time on macOS + JDK-8286789: Test forceEarlyReturn002.java timed out + JDK-8286875: ProgrammableUpcallHandler::on_entry/on_exit access thread fields from native + JDK-8286925: Move JSON parser used in JFR tests to test library + JDK-8287352: DockerTestUtils::execute shows incorrect elapsed time + JDK-8287801: Fix test-bugs related to stress flags + JDK-8288707: javax/swing/JToolBar/4529206/bug4529206.java: setFloating does not work correctly + JDK-8290162: Reset recursion counter missed in fix of JDK-8224267 + JDK-8292064: Convert java/lang/management/MemoryMXBean shell tests to java version + JDK-8293503: gc/metaspace/TestMetaspacePerfCounters.java #Epsilon-64 failed assertGreaterThanOrEqual: expected MMM >= NNN + JDK-8294038: Remove "Classpath" exception from javax/swing tests + JDK-8294155: Exception thrown before awaitAndCheck hangs PassFailJFrame + JDK-8295470: Update openjdk.java.net => openjdk.org URLs in test code + JDK-8295670: Remove duplication in java/util/Formatter/Basic*.java + JDK-8295804: javax/swing/JFileChooser/JFileChooserSetLocationTest.java failed with "setLocation() is not working properly" + JDK-8296072: CertAttrSet::encode and DerEncoder::derEncode should write into DerOutputStream + JDK-8296167: test/langtools/tools/jdeps/jdkinternals/ /ShowReplacement.java failing after JDK-8296072 + JDK-8296920: Regression Test DialogOrient.java fails on MacOS + JDK-8297173: usageTicks and totalTicks should be volatile to ensure that different threads get the latest ticks + JDK-8297242: Use-after-free during library unloading on Linux + JDK-8298061: vmTestbase/nsk/sysdict/vm/stress/btree/btree012/ /btree012.java failed with "fatal error: refcount has gone to zero" + JDK-8298147: Clang warns about pointless comparisons + JDK-8298248: Limit sscanf output width in cgroup file parsers + JDK-8298709: Fix typos in src/java.desktop/ and various test classes of client component + JDK-8298730: Refactor subsystem_file_line_contents and add docs and tests + JDK-8300645: Handle julong values in logging of GET_CONTAINER_INFO macros + JDK-8300658: memory_and_swap_limit() reporting wrong values on systems with swapaccount=0 + JDK-8302226: failure_handler native.core should wait for coredump to finish + JDK-8303549: [AIX] TestNativeStack.java is failing with exit value 1 + JDK-8303770: Remove Baltimore root certificate expiring in May 2025 + JDK-8305010: Test vmTestbase/nsk/jvmti/scenarios/sampling/ /SP05/sp05t003/TestDescription.java timed out: thread not suspended + JDK-8305578: X11GraphicsDevice.pGetBounds() is slow in remote X11 sessions + JDK-8306997: C2: "malformed control flow" assert due to missing safepoint on backedge with a switch + JDK-8307318: Test serviceability/sa/ClhsdbCDSJstackPrintAll.java failed: ArrayIndexOutOfBoundsException + JDK-8308875: java/awt/Toolkit/GetScreenInsetsCustomGC/ /GetScreenInsetsCustomGC.java failed with 'Cannot invoke "sun.awt.X11GraphicsDevice.getInsets()" because "device" is null' + JDK-8309841: Jarsigner should print a warning if an entry is removed + JDK-8310525: DynamicLauncher for JDP test needs to try harder to find a free port + JDK-8312246: NPE when HSDB visits bad oop + JDK-8314120: Add tests for FileDescriptor.sync + JDK-8314236: Overflow in Collections.rotate + JDK-8314246: javax/swing/JToolBar/4529206/bug4529206.java fails intermittently on Linux + JDK-8314320: Mark runtime/CommandLine/ tests as flagless + JDK-8314828: Mark 3 jcmd command-line options test as vm.flagless + JDK-8315484: java/awt/dnd/RejectDragDropActionTest.java timed out + JDK-8315669: Open source several Swing PopupMenu related tests + JDK-8315721: CloseRace.java#id0 fails transiently on libgraal + JDK-8315742: Open source several Swing Scroll related tests + JDK-8315871: Opensource five more Swing regression tests + JDK-8315876: Open source several Swing CSS related tests + JDK-8315951: Open source several Swing HTMLEditorKit related tests + JDK-8315981: Opensource five more random Swing tests + JDK-8316061: Open source several Swing RootPane and Slider related tests + JDK-8316156: ByteArrayInputStream.transferTo causes MaxDirectMemorySize overflow + JDK-8316228: jcmd tests are broken by 8314828 + JDK-8316324: Opensource five miscellaneous Swing tests + JDK-8316388: Opensource five Swing component related regression tests + JDK-8316451: 6 java/lang/instrument/PremainClass tests ignore VM flags + JDK-8316452: java/lang/instrument/modules/ /AppendToClassPathModuleTest.java ignores VM flags + JDK-8316460: 4 javax/management tests ignore VM flags + JDK-8316497: ColorConvertOp - typo for non-ICC conversions needs one-line fix + JDK-8316629: j.text.DateFormatSymbols setZoneStrings() exception is unhelpful + JDK-8318700: MacOS Zero cannot run gtests due to wrong JVM path + JDK-8318915: Enhance checks in BigDecimal.toPlainString() + JDK-8318962: Update ProcessTools javadoc with suggestions in 8315097 + JDK-8319572: Test jdk/incubator/vector/LoadJsvmlTest.java ignores VM flags + JDK-8319578: Few java/lang/instrument ignore test.java.opts and accept test.vm.opts only + JDK-8319690: [AArch64] C2 compilation hits offset_ok_for_immed: assert "c2 compiler bug" + JDK-8320682: [AArch64] C1 compilation fails with "Field too big for insn" + JDK-8320687: sun.jvmstat.monitor.MonitoredHost .getMonitoredHost() throws unexpected exceptions when invoked concurrently + JDK-8321204: C2: assert(false) failed: node should be in igvn hash table + JDK-8321479: java -D-D crashes + JDK-8321509: False positive in get_trampoline fast path causes crash + JDK-8321713: Harmonize executeTestJvm with create[Limited]TestJavaProcessBuilder + JDK-8321718: ProcessTools.executeProcess calls waitFor before logging + JDK-8321931: memory_swap_current_in_bytes reports 0 as "unlimited" + JDK-8325435: [macos] Menu or JPopupMenu not closed when main window is resized + JDK-8325680: Uninitialised memory in deleteGSSCB of GSSLibStub.c:179 + JDK-8325682: Rename nsk_strace.h + JDK-8326389: [test] improve assertEquals failure output + JDK-8328301: Convert Applet test ManualHTMLDataFlavorTest.java to main program + JDK-8328482: Convert and Open source few manual applet test to main based + JDK-8328484: Convert and Opensource few JFileChooser applet test to main + JDK-8328648: Remove applet usage from JFileChooser tests bug4150029 + JDK-8328670: Automate and open source few closed manual applet test + JDK-8328673: Convert closed text/html/CSS manual applet test to main + JDK-8329261: G1: interpreter post-barrier x86 code asserts index size of wrong buffer + JDK-8330534: Update nsk/jdwp tests to use driver instead of othervm + JDK-8330598: java/net/httpclient/Http1ChunkedTest.java fails with java.util.MissingFormatArgumentException: Format specifier '%s' + JDK-8331735: UpcallLinker::on_exit races with GC when copying frame anchor + JDK-8333117: Remove support of remote and manual debuggee launchers + JDK-8333680: com/sun/tools/attach/BasicTests.java fails with "SocketException: Permission denied: connect" + JDK-8334560: [PPC64]: postalloc_expand_java_dynamic_call_sched does not copy all fields + JDK-8334644: Automate javax/print/attribute/PageRangesException.java + JDK-8334780: Crash: assert(h_array_list.not_null()) failed: invariant + JDK-8334895: OpenJDK fails to configure on linux aarch64 when CDS is disabled after JDK-8331942 + JDK-8335662: [AArch64] C1: guarantee(val < (1ULL << nbits)) failed: Field too big for insn + JDK-8335684: Test ThreadCpuTime.java should pause like ThreadCpuTimeArray.java + JDK-8335836: serviceability/jvmti/StartPhase/AllowedFunctions/ /AllowedFunctions.java fails with unexpected exit code: 112 + JDK-8336587: failure_handler lldb command times out on macosx-aarch64 core file + JDK-8337221: CompileFramework: test library to conveniently compile java and jasm sources for fuzzing + JDK-8337299: vmTestbase/nsk/jdb/stop_at/stop_at002/ /stop_at002.java failure goes undetected + JDK-8338154: Fix -Wzero-as-null-pointer-constant warnings in gtest framework + JDK-8339148: Make os::Linux::active_processor_count() public + JDK-8339300: CollectorPolicy.young_scaled_initial_ergo_vm gtest fails on ppc64 based platforms + JDK-8339639: Opensource few AWT PopupMenu tests + JDK-8339678: Update runtime/condy tests to be executed with VM flags + JDK-8339727: Open source several AWT focus tests - series 1 + JDK-8339794: Open source closed choice tests #1 + JDK-8339810: Clean up the code in sun.tools.jar.Main to properly close resources and use ZipFile during extract + JDK-8339836: Open source several AWT Mouse tests - Batch 1 + JDK-8339842: Open source several AWT focus tests - series 2 + JDK-8339895: Open source several AWT focus tests - series 3 + JDK-8339906: Open source several AWT focus tests - series 4 + JDK-8339935: Open source several AWT focus tests - series 5 + JDK-8339982: Open source several AWT Mouse tests - Batch 2 + JDK-8339984: Open source AWT MenuItem related tests + JDK-8339995: Open source several AWT focus tests - series 6 + JDK-8340077: Open source few Checkbox tests - Set2 + JDK-8340084: Open source AWT Frame related tests + JDK-8340143: Open source several Java2D rendering loop tests. + JDK-8340164: Open source few Component tests - Set1 + JDK-8340173: Open source some Component/Panel/EventQueue tests - Set2 + JDK-8340176: Replace usage of -noclassgc with -Xnoclassgc in test/jdk/java/lang/management/MemoryMXBean/LowMemoryTest2.java + JDK-8340193: Open source several AWT Dialog tests - Batch 1 + JDK-8340228: Open source couple more miscellaneous AWT tests + JDK-8340271: Open source several AWT Robot tests + JDK-8340279: Open source several AWT Dialog tests - Batch 2 + JDK-8340332: Open source mixed AWT tests - Set3 + JDK-8340366: Open source several AWT Dialog tests - Batch 3 + JDK-8340367: Opensource few AWT image tests + JDK-8340393: Open source closed choice tests #2 + JDK-8340407: Open source a few more Component related tests + JDK-8340417: Open source some MenuBar tests - Set1 + JDK-8340432: Open source some MenuBar tests - Set2 + JDK-8340433: Open source closed choice tests #3 + JDK-8340437: Open source few more AWT Frame related tests + JDK-8340458: Open source additional Component tests (part 2) + JDK-8340555: Open source DnD tests - Set4 + JDK-8340560: Open Source several AWT/2D font and rendering tests + JDK-8340605: Open source several AWT PopupMenu tests + JDK-8340621: Open source several AWT List tests + JDK-8340625: Open source additional Component tests (part 3) + JDK-8340639: Open source few more AWT List tests + JDK-8340713: Open source DnD tests - Set5 + JDK-8340784: Remove PassFailJFrame constructor with screenshots + JDK-8340790: Open source several AWT Dialog tests - Batch 4 + JDK-8340809: Open source few more AWT PopupMenu tests + JDK-8340874: Open source some of the AWT Geometry/Button tests + JDK-8340907: Open source closed frame tests # 2 + JDK-8340966: Open source few Checkbox and Cursor tests - Set1 + JDK-8340967: Open source few Cursor tests - Set2 + JDK-8340978: Open source few DnD tests - Set6 + JDK-8340985: Open source some Desktop related tests + JDK-8341000: Open source some of the AWT Window tests + JDK-8341004: Open source AWT FileDialog related tests + JDK-8341072: Open source several AWT Canvas and Rectangle related tests + JDK-8341128: open source some 2d graphics tests + JDK-8341148: Open source several Choice related tests + JDK-8341162: Open source some of the AWT window test + JDK-8341170: Open source several Choice related tests (part 2) + JDK-8341177: Opensource few List and a Window test + JDK-8341191: Open source few more AWT FileDialog tests + JDK-8341239: Open source closed frame tests # 3 + JDK-8341257: Open source few DND tests - Set1 + JDK-8341258: Open source few various AWT tests - Set1 + JDK-8341278: Open source few TrayIcon tests - Set7 + JDK-8341298: Open source more AWT window tests + JDK-8341373: Open source closed frame tests # 4 + JDK-8341378: Open source few TrayIcon tests - Set8 + JDK-8341447: Open source closed frame tests # 5 + JDK-8341535: sun/awt/font/TestDevTransform.java fails with RuntimeException: Different rendering + JDK-8341637: java/net/Socket/UdpSocket.java fails with "java.net.BindException: Address already in use" (macos-aarch64) + JDK-8341972: java/awt/dnd/DnDRemoveFocusOwnerCrashTest.java timed out after JDK-8341257 + JDK-8342376: More reliable OOM handling in ExceptionDuringDumpAtObjectsInitPhase test + JDK-8342524: Use latch in AbstractButton/bug6298940.java instead of delay + JDK-8342633: javax/management/security/ /HashedPasswordFileTest.java creates tmp file in src dir + JDK-8343037: Missing @since tag on JColorChooser.showDialog overload + JDK-8343103: Enable debug logging for vmTestbase/nsk/jvmti/ /scenarios/sampling/SP05/sp05t003/TestDescription.java + JDK-8343124: Tests fails with java.lang.IllegalAccessException: class com.sun.javatest.regtest.agent.MainWrapper$MainTask cannot access + JDK-8343170: java/awt/Cursor/JPanelCursorTest/ /JPanelCursorTest.java does not show the default cursor + JDK-8343205: CompileBroker::possibly_add_compiler_threads excessively polls available memory + JDK-8343529: serviceability/sa/ClhsdbWhere.java fails AssertionFailure: Corrupted constant pool + JDK-8343891: Test javax/swing/JTabbedPane/ /TestJTabbedPaneBackgroundColor.java failed + JDK-8343936: Adjust timeout in test javax/management/monitor/DerivedGaugeMonitorTest.java + JDK-8344316: security/auth/callback/TextCallbackHandler/ /Password.java make runnable with JTReg and add the UI + JDK-8344361: Restore null return for invalid services from legacy providers + JDK-8345133: Test sun/security/tools/jarsigner/ /TsacertOptionTest.java failed: Warning found in stdout + JDK-8345134: Test sun/security/tools/jarsigner/ /ConciseJarsigner.java failed: unable to find valid certification path to requested target + JDK-8345357: test/jdk/javax/swing/JRadioButton/8033699/ /bug8033699.java fails in ubuntu22.04 + JDK-8345447: test/jdk/javax/swing/JToolBar/4529206/ /bug4529206.java fails in ubuntu22.04 + JDK-8345547: test/jdk/javax/swing/text/DefaultEditorKit/ /4278839/bug4278839.java fails in ubuntu22.04 + JDK-8345598: Upgrade NSS binaries for interop tests + JDK-8345625: Better HTTP connections + JDK-8345728: [Accessibility,macOS,Screen Magnifier]: JCheckbox unchecked state does not magnify but works for checked tate + JDK-8345838: Remove the appcds/javaldr/AnonVmClassesDuringDump.java test + JDK-8346049: jdk/test/lib/security/timestamp/TsaServer.java warnings + JDK-8346581: JRadioButton/ButtonGroupFocusTest.java fails in CI on Linux + JDK-8347000: Bug in com/sun/net/httpserver/bugs/B6361557.java test + JDK-8347019: Test javax/swing/JRadioButton/8033699/ /bug8033699.java still fails: Focus is not on Radio Button Single as Expected + JDK-8347083: Incomplete logging in nsk/jvmti/ResourceExhausted/resexhausted00* tests + JDK-8347126: gc/stress/TestStressG1Uncommit.java gets OOM-killed + JDK-8347267: [macOS]: UnixOperatingSystem.c:67:40: runtime error: division by zero + JDK-8347286: (fs) Remove some extensions from java/nio/file/Files/probeContentType/Basic.java + JDK-8347576: Error output in libjsound has non matching format strings + JDK-8347629: Test FailOverDirectExecutionControlTest.java fails with -Xcomp + JDK-8347911: Limit the length of inflated text chunks + JDK-8347995: Race condition in jdk/java/net/httpclient/ /offline/FixedResponseHttpClient.java + JDK-8348107: test/jdk/java/net/httpclient/ /HttpsTunnelAuthTest.java fails intermittently + JDK-8348110: Update LCMS to 2.17 + JDK-8348299: Update List/ItemEventTest/ItemEventTest.java + JDK-8348596: Update FreeType to 2.13.3 + JDK-8348597: Update HarfBuzz to 10.4.0 + JDK-8348598: Update Libpng to 1.6.47 + JDK-8348600: Update PipeWire to 1.3.81 + JDK-8348865: JButton/bug4796987.java never runs because Windows XP is unavailable + JDK-8348936: [Accessibility,macOS,VoiceOver] VoiceOver doesn't announce untick on toggling the checkbox with "space" key on macOS + JDK-8348989: Better Glyph drawing + JDK-8349039: Adjust exception No type named <ThreadType> in database + JDK-8349111: Enhance Swing supports + JDK-8349200: [JMH] time.format.ZonedDateTimeFormatterBenchmark fails + JDK-8349348: Refactor ClassLoaderDeadlock.sh and Deadlock.sh to run fully in java + JDK-8349492: Update sun/security/pkcs12/ /KeytoolOpensslInteropTest.java to use a recent Openssl version + JDK-8349501: Relocate supporting classes in security/testlibrary to test/lib/jdk tree + JDK-8349594: Enhance TLS protocol support + JDK-8349751: AIX build failure after upgrade pipewire to 1.3.81 + JDK-8349974: [JMH,17u] MaskQueryOperationsBenchmark fails java.lang.NoClassDefFoundError + JDK-8350211: CTW: Attempt to preload all classes in constant pool + JDK-8350224: Test javax/swing/JComboBox/ /TestComboBoxComponentRendering.java fails in ubuntu 23.x and later + JDK-8350260: Improve HTML instruction formatting in PassFailJFrame + JDK-8350383: Test: add more test case for string compare (UL case) + JDK-8350386: Test TestCodeCacheFull.java fails with option -XX:-UseCodeCacheFlushing + JDK-8350412: [21u] AArch64: Ambiguous frame layout leads to incorrect traces in JFR + JDK-8350498: Remove two Camerfirma root CA certificates + JDK-8350540: [17u,11u] B8312065.java fails Network is unreachable + JDK-8350546: Several java/net/InetAddress tests fails UnknownHostException + JDK-8350616: Skip ValidateHazardPtrsClosure in non-debug builds + JDK-8350651: Bump update version for OpenJDK: jdk-17.0.16 + JDK-8350924: javax/swing/JMenu/4213634/bug4213634.java fails + JDK-8350991: Improve HTTP client header handling + JDK-8351086: (fc) Make java/nio/channels/FileChannel/BlockDeviceSize.java test manual + JDK-8352076: [21u] Problem list tests that fail in 21 and would be fixed by 8309622 + JDK-8352109: java/awt/Desktop/MailTest.java fails in platforms where Action.MAIL is not supported + JDK-8352302: Test sun/security/tools/jarsigner/TimestampCheck.java is failing + JDK-8352649: [17u] guarantee(is_result_safe || is_in_asgct()) failed inside AsyncGetCallTrace + JDK-8352676: Opensource JMenu tests - series1 + JDK-8352680: Opensource few misc swing tests + JDK-8352684: Opensource JInternalFrame tests - series1 + JDK-8352706: httpclient HeadTest does not run on HTTP2 + JDK-8352716: (tz) Update Timezone Data to 2025b + JDK-8352908: Open source several swing tests batch1 + JDK-8352942: jdk/jfr/startupargs/TestMemoryOptions.java fails with 32-bit build + JDK-8353070: Clean up and open source couple AWT Graphics related tests (Part 1) + JDK-8353138: Screen capture for test TaskbarPositionTest.java, failure case + JDK-8353320: Open source more Swing text tests + JDK-8353446: Open source several AWT Menu tests - Batch 2 + JDK-8353475: Open source two Swing DefaultCaret tests + JDK-8353685: Open some JComboBox bugs 4 + JDK-8353709: Debug symbols bundle should contain full debug files when building --with-external-symbols-in-bundles=public + JDK-8353714: [17u] Backport of 8347740 incomplete + JDK-8353942: Open source Swing Tests - Set 5 + JDK-8354554: Open source several clipboard tests batch1 + JDK-8356053: Test java/awt/Toolkit/Headless/ /HeadlessToolkit.java fails by timeout + JDK-8356096: ISO 4217 Amendment 179 Update + JDK-8356571: Re-enable -Wtype-limits for GCC in LCMS + JDK-8357105: C2: compilation fails with "assert(false) failed: empty program detected during loop optimization" + JDK-8357193: [VS 2022 17.14] Warning C5287 in debugInit.c: enum type mismatch during build + JDK-8359170: Add 2 TLS and 2 CS Sectigo roots + JDK-8360147: Better Glyph drawing redux + JDK-8361674: [17u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.16 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2667=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-2667=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2667=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2667=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2667=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2667=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-2667=1 * Legacy Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2025-2667=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2667=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2667=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2667=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2667=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2667=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2667=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2667=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2667=1 ## Package List: * SUSE Manager Proxy 4.3 (x86_64) * java-17-openjdk-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-17.0.16.0-150400.3.57.1 * java-17-openjdk-demo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-debugsource-17.0.16.0-150400.3.57.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * java-17-openjdk-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-17.0.16.0-150400.3.57.1 * java-17-openjdk-demo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-debugsource-17.0.16.0-150400.3.57.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * java-17-openjdk-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-17.0.16.0-150400.3.57.1 * java-17-openjdk-demo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-debugsource-17.0.16.0-150400.3.57.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * java-17-openjdk-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-src-17.0.16.0-150400.3.57.1 * java-17-openjdk-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-17.0.16.0-150400.3.57.1 * java-17-openjdk-jmods-17.0.16.0-150400.3.57.1 * java-17-openjdk-demo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-debugsource-17.0.16.0-150400.3.57.1 * openSUSE Leap 15.4 (noarch) * java-17-openjdk-javadoc-17.0.16.0-150400.3.57.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-src-17.0.16.0-150400.3.57.1 * java-17-openjdk-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-17.0.16.0-150400.3.57.1 * java-17-openjdk-jmods-17.0.16.0-150400.3.57.1 * java-17-openjdk-demo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-debugsource-17.0.16.0-150400.3.57.1 * openSUSE Leap 15.6 (noarch) * java-17-openjdk-javadoc-17.0.16.0-150400.3.57.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-debugsource-17.0.16.0-150400.3.57.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-demo-17.0.16.0-150400.3.57.1 * java-17-openjdk-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-debugsource-17.0.16.0-150400.3.57.1 * Legacy Module 15-SP7 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-17.0.16.0-150400.3.57.1 * java-17-openjdk-demo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-debugsource-17.0.16.0-150400.3.57.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * java-17-openjdk-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-17.0.16.0-150400.3.57.1 * java-17-openjdk-demo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-debugsource-17.0.16.0-150400.3.57.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * java-17-openjdk-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-17.0.16.0-150400.3.57.1 * java-17-openjdk-demo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-debugsource-17.0.16.0-150400.3.57.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * java-17-openjdk-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-17.0.16.0-150400.3.57.1 * java-17-openjdk-demo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-debugsource-17.0.16.0-150400.3.57.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * java-17-openjdk-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-17.0.16.0-150400.3.57.1 * java-17-openjdk-demo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-debugsource-17.0.16.0-150400.3.57.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * java-17-openjdk-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-17.0.16.0-150400.3.57.1 * java-17-openjdk-demo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-debugsource-17.0.16.0-150400.3.57.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * java-17-openjdk-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-17.0.16.0-150400.3.57.1 * java-17-openjdk-demo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-debugsource-17.0.16.0-150400.3.57.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-17-openjdk-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-17.0.16.0-150400.3.57.1 * java-17-openjdk-demo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-debugsource-17.0.16.0-150400.3.57.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * java-17-openjdk-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-17.0.16.0-150400.3.57.1 * java-17-openjdk-demo-17.0.16.0-150400.3.57.1 * java-17-openjdk-headless-17.0.16.0-150400.3.57.1 * java-17-openjdk-devel-debuginfo-17.0.16.0-150400.3.57.1 * java-17-openjdk-debugsource-17.0.16.0-150400.3.57.1 ## References: * https://www.suse.com/security/cve/CVE-2025-30749.html * https://www.suse.com/security/cve/CVE-2025-30754.html * https://www.suse.com/security/cve/CVE-2025-50059.html * https://www.suse.com/security/cve/CVE-2025-50106.html * https://bugzilla.suse.com/show_bug.cgi?id=1246575 * https://bugzilla.suse.com/show_bug.cgi?id=1246584 * https://bugzilla.suse.com/show_bug.cgi?id=1246595 * https://bugzilla.suse.com/show_bug.cgi?id=1246598 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 16:31:56 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 16:31:56 -0000 Subject: SUSE-SU-2025:02666-1: important: Security update for java-11-openjdk Message-ID: <175432511645.10450.15616196879678324599@smelt2.prg2.suse.org> # Security update for java-11-openjdk Announcement ID: SUSE-SU-2025:02666-1 Release Date: 2025-08-04T12:36:38Z Rating: important References: * bsc#1246575 * bsc#1246580 * bsc#1246584 * bsc#1246595 * bsc#1246598 Cross-References: * CVE-2025-30749 * CVE-2025-30754 * CVE-2025-30761 * CVE-2025-50059 * CVE-2025-50106 CVSS scores: * CVE-2025-30749 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-30749 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-30749 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-30754 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-30754 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-30754 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-30761 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-30761 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-50059 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-50059 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2025-50106 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-50106 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Legacy Module 15-SP6 * Legacy Module 15-SP7 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves five vulnerabilities can now be installed. ## Description: This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.28+6 (July 2025 CPU): Security fixes: * CVE-2025-30749: several scenarios can lead to heap corruption (bsc#1246595) * CVE-2025-30754: incomplete handshake may lead to weakening TLS protections (bsc#1246598) * CVE-2025-30761: Improve scripting supports (bsc#1246580) * CVE-2025-50059: Improve HTTP client header handling (bsc#1246575) * CVE-2025-50106: Glyph out-of-memory access and crash (bsc#1246584) Changelog: + JDK-8026976: ECParameters, Point does not match field size + JDK-8211400: nsk.share.gc.Memory::getArrayLength returns wrong value + JDK-8231058: VerifyOops crashes with assert(_offset >= 0) failed: offset for non comment? + JDK-8232625: HttpClient redirect policy should be more conservative + JDK-8258483: [TESTBUG] gtest CollectorPolicy.young_scaled_initial_ergo_vm fails if heap is too small + JDK-8293345: SunPKCS11 provider checks on PKCS11 Mechanism are problematic + JDK-8296631: NSS tests failing on OL9 linux-aarch64 hosts + JDK-8301753: AppendFile/WriteFile has differences between make 3.81 and 4+ + JDK-8303770: Remove Baltimore root certificate expiring in May 2025 + JDK-8315380: AsyncGetCallTrace crash in frame::safe_for_sender + JDK-8327476: Upgrade JLine to 3.26.1 + JDK-8328957: Update PKCS11Test.java to not use hardcoded path + JDK-8331959: Update PKCS#11 Cryptographic Token Interface to v3.1 + JDK-8339300: CollectorPolicy.young_scaled_initial_ergo_vm gtest fails on ppc64 based platforms + JDK-8339728: [Accessibility,Windows,JAWS] Bug in the getKeyChar method of the AccessBridge class + JDK-8345133: Test sun/security/tools/jarsigner/ /TsacertOptionTest.java failed: Warning found in stdout + JDK-8345625: Better HTTP connections + JDK-8346887: DrawFocusRect() may cause an assertion failure + JDK-8347629: Test FailOverDirectExecutionControlTest.java fails with -Xcomp + JDK-8348110: Update LCMS to 2.17 + JDK-8348596: Update FreeType to 2.13.3 + JDK-8348598: Update Libpng to 1.6.47 + JDK-8348989: Better Glyph drawing + JDK-8349111: Enhance Swing supports + JDK-8349594: Enhance TLS protocol support + JDK-8350469: [11u] Test AbsPathsInImage.java fails - JDK-8239429 public clone + JDK-8350498: Remove two Camerfirma root CA certificates + JDK-8350991: Improve HTTP client header handling + JDK-8351099: Bump update version of OpenJDK: 11.0.28 + JDK-8351422: Improve scripting supports + JDK-8352302: Test sun/security/tools/jarsigner/ /TimestampCheck.java is failing + JDK-8352716: (tz) Update Timezone Data to 2025b + JDK-8356096: ISO 4217 Amendment 179 Update + JDK-8356571: Re-enable -Wtype-limits for GCC in LCMS + JDK-8359170: Add 2 TLS and 2 CS Sectigo roots + JDK-8360147: Better Glyph drawing redux ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-2666=1 * Legacy Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2025-2666=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2666=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2666=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2666=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2666=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2666=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2666=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2666=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2666=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2666=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2666=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2666=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2666=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2666=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2666=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-2666=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2666=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2666=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2666=1 ## Package List: * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-devel-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-debuginfo-11.0.28.0-150000.3.129.2 * java-11-openjdk-debugsource-11.0.28.0-150000.3.129.2 * java-11-openjdk-11.0.28.0-150000.3.129.2 * java-11-openjdk-devel-debuginfo-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-11.0.28.0-150000.3.129.2 * java-11-openjdk-debuginfo-11.0.28.0-150000.3.129.2 * java-11-openjdk-demo-11.0.28.0-150000.3.129.2 * Legacy Module 15-SP7 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-devel-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-debuginfo-11.0.28.0-150000.3.129.2 * java-11-openjdk-debugsource-11.0.28.0-150000.3.129.2 * java-11-openjdk-11.0.28.0-150000.3.129.2 * java-11-openjdk-devel-debuginfo-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-11.0.28.0-150000.3.129.2 * java-11-openjdk-debuginfo-11.0.28.0-150000.3.129.2 * java-11-openjdk-demo-11.0.28.0-150000.3.129.2 * SUSE Package Hub 15 15-SP6 (noarch) * java-11-openjdk-javadoc-11.0.28.0-150000.3.129.2 * SUSE Package Hub 15 15-SP7 (noarch) * java-11-openjdk-javadoc-11.0.28.0-150000.3.129.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * java-11-openjdk-devel-11.0.28.0-150000.3.129.2 * java-11-openjdk-debugsource-11.0.28.0-150000.3.129.2 * java-11-openjdk-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-11.0.28.0-150000.3.129.2 * java-11-openjdk-debuginfo-11.0.28.0-150000.3.129.2 * java-11-openjdk-demo-11.0.28.0-150000.3.129.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * java-11-openjdk-devel-11.0.28.0-150000.3.129.2 * java-11-openjdk-debugsource-11.0.28.0-150000.3.129.2 * java-11-openjdk-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-11.0.28.0-150000.3.129.2 * java-11-openjdk-demo-11.0.28.0-150000.3.129.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * java-11-openjdk-devel-11.0.28.0-150000.3.129.2 * java-11-openjdk-debugsource-11.0.28.0-150000.3.129.2 * java-11-openjdk-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-11.0.28.0-150000.3.129.2 * java-11-openjdk-demo-11.0.28.0-150000.3.129.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * java-11-openjdk-devel-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-11.0.28.0-150000.3.129.2 * java-11-openjdk-demo-11.0.28.0-150000.3.129.2 * java-11-openjdk-11.0.28.0-150000.3.129.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * java-11-openjdk-devel-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-11.0.28.0-150000.3.129.2 * java-11-openjdk-demo-11.0.28.0-150000.3.129.2 * java-11-openjdk-11.0.28.0-150000.3.129.2 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * java-11-openjdk-devel-11.0.28.0-150000.3.129.2 * java-11-openjdk-debugsource-11.0.28.0-150000.3.129.2 * java-11-openjdk-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-11.0.28.0-150000.3.129.2 * java-11-openjdk-debuginfo-11.0.28.0-150000.3.129.2 * java-11-openjdk-demo-11.0.28.0-150000.3.129.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * java-11-openjdk-devel-11.0.28.0-150000.3.129.2 * java-11-openjdk-debugsource-11.0.28.0-150000.3.129.2 * java-11-openjdk-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-11.0.28.0-150000.3.129.2 * java-11-openjdk-demo-11.0.28.0-150000.3.129.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * java-11-openjdk-devel-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-11.0.28.0-150000.3.129.2 * java-11-openjdk-demo-11.0.28.0-150000.3.129.2 * java-11-openjdk-11.0.28.0-150000.3.129.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * java-11-openjdk-devel-11.0.28.0-150000.3.129.2 * java-11-openjdk-debugsource-11.0.28.0-150000.3.129.2 * java-11-openjdk-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-11.0.28.0-150000.3.129.2 * java-11-openjdk-debuginfo-11.0.28.0-150000.3.129.2 * java-11-openjdk-demo-11.0.28.0-150000.3.129.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-11-openjdk-devel-11.0.28.0-150000.3.129.2 * java-11-openjdk-debugsource-11.0.28.0-150000.3.129.2 * java-11-openjdk-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-11.0.28.0-150000.3.129.2 * java-11-openjdk-demo-11.0.28.0-150000.3.129.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * java-11-openjdk-devel-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-11.0.28.0-150000.3.129.2 * java-11-openjdk-demo-11.0.28.0-150000.3.129.2 * java-11-openjdk-11.0.28.0-150000.3.129.2 * SUSE Manager Proxy 4.3 (x86_64) * java-11-openjdk-devel-11.0.28.0-150000.3.129.2 * java-11-openjdk-debugsource-11.0.28.0-150000.3.129.2 * java-11-openjdk-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-11.0.28.0-150000.3.129.2 * java-11-openjdk-demo-11.0.28.0-150000.3.129.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * java-11-openjdk-devel-11.0.28.0-150000.3.129.2 * java-11-openjdk-debugsource-11.0.28.0-150000.3.129.2 * java-11-openjdk-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-11.0.28.0-150000.3.129.2 * java-11-openjdk-demo-11.0.28.0-150000.3.129.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * java-11-openjdk-devel-11.0.28.0-150000.3.129.2 * java-11-openjdk-debugsource-11.0.28.0-150000.3.129.2 * java-11-openjdk-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-11.0.28.0-150000.3.129.2 * java-11-openjdk-demo-11.0.28.0-150000.3.129.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * java-11-openjdk-devel-11.0.28.0-150000.3.129.2 * java-11-openjdk-debugsource-11.0.28.0-150000.3.129.2 * java-11-openjdk-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-11.0.28.0-150000.3.129.2 * java-11-openjdk-debuginfo-11.0.28.0-150000.3.129.2 * java-11-openjdk-demo-11.0.28.0-150000.3.129.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-devel-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-debuginfo-11.0.28.0-150000.3.129.2 * java-11-openjdk-debugsource-11.0.28.0-150000.3.129.2 * java-11-openjdk-jmods-11.0.28.0-150000.3.129.2 * java-11-openjdk-src-11.0.28.0-150000.3.129.2 * java-11-openjdk-11.0.28.0-150000.3.129.2 * java-11-openjdk-devel-debuginfo-11.0.28.0-150000.3.129.2 * java-11-openjdk-headless-11.0.28.0-150000.3.129.2 * java-11-openjdk-debuginfo-11.0.28.0-150000.3.129.2 * java-11-openjdk-demo-11.0.28.0-150000.3.129.2 * openSUSE Leap 15.6 (noarch) * java-11-openjdk-javadoc-11.0.28.0-150000.3.129.2 ## References: * https://www.suse.com/security/cve/CVE-2025-30749.html * https://www.suse.com/security/cve/CVE-2025-30754.html * https://www.suse.com/security/cve/CVE-2025-30761.html * https://www.suse.com/security/cve/CVE-2025-50059.html * https://www.suse.com/security/cve/CVE-2025-50106.html * https://bugzilla.suse.com/show_bug.cgi?id=1246575 * https://bugzilla.suse.com/show_bug.cgi?id=1246580 * https://bugzilla.suse.com/show_bug.cgi?id=1246584 * https://bugzilla.suse.com/show_bug.cgi?id=1246595 * https://bugzilla.suse.com/show_bug.cgi?id=1246598 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 4 20:30:06 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Aug 2025 20:30:06 -0000 Subject: SUSE-SU-2025:02687-1: important: Security update for the Linux Kernel (Live Patch 54 for SLE 15 SP3) Message-ID: <175433940633.654.14336397360477302753@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 54 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:02687-1 Release Date: 2025-08-04T17:04:20Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_195 fixes several issues. The following security issues were fixed: * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2687=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2687=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_195-default-5-150300.2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_54-debugsource-5-150300.2.1 * kernel-livepatch-5_3_18-150300_59_195-default-debuginfo-5-150300.2.1 * kernel-livepatch-5_3_18-150300_59_195-default-5-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_195-preempt-debuginfo-5-150300.2.1 * kernel-livepatch-5_3_18-150300_59_195-preempt-5-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 08:30:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 08:30:14 -0000 Subject: SUSE-SU-2025:02693-1: important: Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP6) Message-ID: <175438261442.405.11792468213323887598@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02693-1 Release Date: 2025-08-05T07:34:43Z Rating: important References: * bsc#1244337 * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_50 fixes several issues. The following security issues were fixed: * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2693=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2693=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_50-default-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_50-default-debuginfo-2-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_11-debugsource-2-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_50-default-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_50-default-debuginfo-2-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_11-debugsource-2-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 08:30:22 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 08:30:22 -0000 Subject: SUSE-SU-2025:02691-1: important: Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6) Message-ID: <175438262212.405.13215628668995197917@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02691-1 Release Date: 2025-08-05T06:33:59Z Rating: important References: * bsc#1228645 * bsc#1235250 * bsc#1245771 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-26809 * CVE-2024-41069 * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-26809 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26809 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41069 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41069 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves seven vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_14 fixes several issues. The following security issues were fixed: * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). * CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228645). * CVE-2024-26809: netfilter: nft_set_pipapo: release elements in clone only from destroy path (bsc#1245771). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2691=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2691=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_2-debugsource-18-150600.2.1 * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-18-150600.2.1 * kernel-livepatch-6_4_0-150600_23_14-default-18-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_2-debugsource-18-150600.2.1 * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-18-150600.2.1 * kernel-livepatch-6_4_0-150600_23_14-default-18-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26809.html * https://www.suse.com/security/cve/CVE-2024-41069.html * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1228645 * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245771 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 08:30:26 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 08:30:26 -0000 Subject: SUSE-SU-2025:02689-1: important: Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP6) Message-ID: <175438262655.405.16822351819104478985@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02689-1 Release Date: 2025-08-05T07:34:36Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_42 fixes several issues. The following security issues were fixed: * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2692=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-2689=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2689=1 SUSE-2025-2692=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_42-default-debuginfo-4-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_8-debugsource-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_38-default-4-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_9-debugsource-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_42-default-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_38-default-debuginfo-4-150600.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_42-default-debuginfo-4-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_8-debugsource-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_38-default-4-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_9-debugsource-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_38-default-debuginfo-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_42-default-4-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 08:30:31 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 08:30:31 -0000 Subject: SUSE-SU-2025:02688-1: important: Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP6) Message-ID: <175438263172.405.14918588979286719034@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02688-1 Release Date: 2025-08-05T05:34:32Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_30 fixes several issues. The following security issues were fixed: * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2688=1 SUSE-2025-2690=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2688=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-2690=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_30-default-9-150600.2.1 * kernel-livepatch-6_4_0-150600_23_30-default-debuginfo-9-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_4-debugsource-14-150600.2.1 * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-14-150600.2.1 * kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_6-debugsource-9-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_30-default-9-150600.2.1 * kernel-livepatch-6_4_0-150600_23_30-default-debuginfo-9-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_4-debugsource-14-150600.2.1 * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-14-150600.2.1 * kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_6-debugsource-9-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 12:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 12:30:07 -0000 Subject: SUSE-SU-2025:02708-1: important: Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP4) Message-ID: <175439700714.405.248837116807894708@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:02708-1 Release Date: 2025-08-05T11:34:16Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-53125 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_167 fixes several issues. The following security issues were fixed: * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2708=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-2708=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_167-default-debuginfo-2-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_41-debugsource-2-150400.2.1 * kernel-livepatch-5_14_21-150400_24_167-default-2-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_167-default-debuginfo-2-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_41-debugsource-2-150400.2.1 * kernel-livepatch-5_14_21-150400_24_167-default-2-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 12:30:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 12:30:12 -0000 Subject: SUSE-SU-2025:02707-1: important: Security update for the Linux Kernel (Live Patch 59 for SLE 15 SP3) Message-ID: <175439701268.405.468742429510659918@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 59 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:02707-1 Release Date: 2025-08-05T10:34:35Z Rating: important References: * bsc#1245793 Cross-References: * CVE-2025-37797 CVSS scores: * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_211 fixes one issue. The following security issue was fixed: * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2707=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2707=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_59-debugsource-2-150300.2.1 * kernel-livepatch-5_3_18-150300_59_211-default-2-150300.2.1 * kernel-livepatch-5_3_18-150300_59_211-default-debuginfo-2-150300.2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_59-debugsource-2-150300.2.1 * kernel-livepatch-5_3_18-150300_59_211-default-2-150300.2.1 * kernel-livepatch-5_3_18-150300_59_211-default-debuginfo-2-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_211-preempt-2-150300.2.1 * kernel-livepatch-5_3_18-150300_59_211-preempt-debuginfo-2-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245793 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 12:30:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 12:30:16 -0000 Subject: SUSE-SU-2025:02704-1: important: Security update for the Linux Kernel (Live Patch 58 for SLE 15 SP3) Message-ID: <175439701663.405.2441681209733500006@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 58 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:02704-1 Release Date: 2025-08-05T10:04:26Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_207 fixes several issues. The following security issues were fixed: * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2704=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2704=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_207-default-2-150300.2.1 * kernel-livepatch-5_3_18-150300_59_207-default-debuginfo-2-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_58-debugsource-2-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_207-preempt-debuginfo-2-150300.2.1 * kernel-livepatch-5_3_18-150300_59_207-preempt-2-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_207-default-2-150300.2.1 * kernel-livepatch-5_3_18-150300_59_207-default-debuginfo-2-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_58-debugsource-2-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 12:30:32 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 12:30:32 -0000 Subject: SUSE-SU-2025:02699-1: important: Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP6) Message-ID: <175439703214.405.13179986644135893253@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02699-1 Release Date: 2025-08-05T09:04:57Z Rating: important References: * bsc#1244337 * bsc#1245776 Cross-References: * CVE-2025-37752 CVSS scores: * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_53 fixes several issues. The following security issue was fixed: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2699=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2699=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_53-default-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_53-default-debuginfo-2-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_12-debugsource-2-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_53-default-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_53-default-debuginfo-2-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_12-debugsource-2-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-37752.html * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 12:30:41 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 12:30:41 -0000 Subject: SUSE-SU-2025:02698-1: important: Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP5) Message-ID: <175439704144.405.16154851241677886903@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:02698-1 Release Date: 2025-08-05T09:04:48Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_88 fixes several issues. The following security issues were fixed: * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2698=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-2698=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_21-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_88-default-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_88-default-8-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_21-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_88-default-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_88-default-8-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 12:30:46 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 12:30:46 -0000 Subject: SUSE-SU-2025:02697-1: important: Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP3) Message-ID: <175439704666.405.868206914798812816@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:02697-1 Release Date: 2025-08-05T09:04:38Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_182 fixes several issues. The following security issues were fixed: * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2697=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2697=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_182-default-11-150300.2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_182-default-debuginfo-11-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_50-debugsource-11-150300.2.1 * kernel-livepatch-5_3_18-150300_59_182-default-11-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_182-preempt-11-150300.2.1 * kernel-livepatch-5_3_18-150300_59_182-preempt-debuginfo-11-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 12:30:49 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 12:30:49 -0000 Subject: SUSE-SU-2025:02706-1: moderate: Security update for grub2 Message-ID: <175439704983.405.11723933245132619282@smelt2.prg2.suse.org> # Security update for grub2 Announcement ID: SUSE-SU-2025:02706-1 Release Date: 2025-08-05T10:08:33Z Rating: moderate References: * bsc#1234959 Cross-References: * CVE-2024-56738 CVSS scores: * CVE-2024-56738 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-56738 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-56738 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for grub2 fixes the following issues: * CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grub_crypto_memcmp (bsc#1234959) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2706=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2706=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * grub2-branding-upstream-2.06-150500.29.53.1 * grub2-2.06-150500.29.53.1 * grub2-debuginfo-2.06-150500.29.53.1 * openSUSE Leap 15.5 (aarch64 s390x x86_64 i586) * grub2-debugsource-2.06-150500.29.53.1 * openSUSE Leap 15.5 (noarch) * grub2-x86_64-xen-extras-2.06-150500.29.53.1 * grub2-arm64-efi-extras-2.06-150500.29.53.1 * grub2-i386-pc-2.06-150500.29.53.1 * grub2-x86_64-xen-2.06-150500.29.53.1 * grub2-x86_64-efi-2.06-150500.29.53.1 * grub2-x86_64-xen-debug-2.06-150500.29.53.1 * grub2-s390x-emu-extras-2.06-150500.29.53.1 * grub2-x86_64-efi-extras-2.06-150500.29.53.1 * grub2-powerpc-ieee1275-2.06-150500.29.53.1 * grub2-i386-efi-2.06-150500.29.53.1 * grub2-snapper-plugin-2.06-150500.29.53.1 * grub2-powerpc-ieee1275-extras-2.06-150500.29.53.1 * grub2-i386-pc-debug-2.06-150500.29.53.1 * grub2-systemd-sleep-plugin-2.06-150500.29.53.1 * grub2-i386-efi-debug-2.06-150500.29.53.1 * grub2-i386-pc-extras-2.06-150500.29.53.1 * grub2-i386-xen-2.06-150500.29.53.1 * grub2-i386-xen-extras-2.06-150500.29.53.1 * grub2-i386-xen-debug-2.06-150500.29.53.1 * grub2-x86_64-efi-debug-2.06-150500.29.53.1 * grub2-i386-efi-extras-2.06-150500.29.53.1 * grub2-arm64-efi-debug-2.06-150500.29.53.1 * grub2-arm64-efi-2.06-150500.29.53.1 * grub2-powerpc-ieee1275-debug-2.06-150500.29.53.1 * openSUSE Leap 15.5 (s390x) * grub2-s390x-emu-debug-2.06-150500.29.53.1 * grub2-s390x-emu-2.06-150500.29.53.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * grub2-2.06-150500.29.53.1 * grub2-debuginfo-2.06-150500.29.53.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * grub2-x86_64-efi-2.06-150500.29.53.1 * grub2-powerpc-ieee1275-2.06-150500.29.53.1 * grub2-snapper-plugin-2.06-150500.29.53.1 * grub2-i386-pc-2.06-150500.29.53.1 * grub2-arm64-efi-2.06-150500.29.53.1 * grub2-x86_64-xen-2.06-150500.29.53.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * grub2-debugsource-2.06-150500.29.53.1 * SUSE Linux Enterprise Micro 5.5 (s390x) * grub2-s390x-emu-2.06-150500.29.53.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56738.html * https://bugzilla.suse.com/show_bug.cgi?id=1234959 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 12:30:52 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 12:30:52 -0000 Subject: SUSE-SU-2025:02705-1: moderate: Security update for grub2 Message-ID: <175439705216.405.7747463487373357707@smelt2.prg2.suse.org> # Security update for grub2 Announcement ID: SUSE-SU-2025:02705-1 Release Date: 2025-08-05T10:08:15Z Rating: moderate References: * bsc#1234959 Cross-References: * CVE-2024-56738 CVSS scores: * CVE-2024-56738 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-56738 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-56738 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for grub2 fixes the following issues: * CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grub_crypto_memcmp (bsc#1234959) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2705=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2705=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2705=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * grub2-2.04-150300.22.58.1 * grub2-debuginfo-2.04-150300.22.58.1 * grub2-branding-upstream-2.04-150300.22.58.1 * openSUSE Leap 15.3 (aarch64 s390x x86_64 i586) * grub2-debugsource-2.04-150300.22.58.1 * openSUSE Leap 15.3 (noarch) * grub2-i386-pc-2.04-150300.22.58.1 * grub2-snapper-plugin-2.04-150300.22.58.1 * grub2-powerpc-ieee1275-debug-2.04-150300.22.58.1 * grub2-i386-pc-debug-2.04-150300.22.58.1 * grub2-arm64-efi-extras-2.04-150300.22.58.1 * grub2-x86_64-xen-extras-2.04-150300.22.58.1 * grub2-i386-xen-2.04-150300.22.58.1 * grub2-i386-efi-debug-2.04-150300.22.58.1 * grub2-s390x-emu-extras-2.04-150300.22.58.1 * grub2-i386-efi-2.04-150300.22.58.1 * grub2-x86_64-xen-2.04-150300.22.58.1 * grub2-powerpc-ieee1275-extras-2.04-150300.22.58.1 * grub2-x86_64-efi-2.04-150300.22.58.1 * grub2-i386-efi-extras-2.04-150300.22.58.1 * grub2-arm64-efi-2.04-150300.22.58.1 * grub2-systemd-sleep-plugin-2.04-150300.22.58.1 * grub2-arm64-efi-debug-2.04-150300.22.58.1 * grub2-i386-pc-extras-2.04-150300.22.58.1 * grub2-powerpc-ieee1275-2.04-150300.22.58.1 * grub2-i386-xen-extras-2.04-150300.22.58.1 * grub2-x86_64-efi-extras-2.04-150300.22.58.1 * grub2-x86_64-efi-debug-2.04-150300.22.58.1 * openSUSE Leap 15.3 (s390x) * grub2-s390x-emu-debug-2.04-150300.22.58.1 * grub2-s390x-emu-2.04-150300.22.58.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * grub2-debugsource-2.04-150300.22.58.1 * grub2-2.04-150300.22.58.1 * grub2-debuginfo-2.04-150300.22.58.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * grub2-i386-pc-2.04-150300.22.58.1 * grub2-x86_64-xen-2.04-150300.22.58.1 * grub2-snapper-plugin-2.04-150300.22.58.1 * grub2-x86_64-efi-2.04-150300.22.58.1 * grub2-arm64-efi-2.04-150300.22.58.1 * SUSE Linux Enterprise Micro 5.2 (s390x) * grub2-s390x-emu-2.04-150300.22.58.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * grub2-debugsource-2.04-150300.22.58.1 * grub2-2.04-150300.22.58.1 * grub2-debuginfo-2.04-150300.22.58.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * grub2-i386-pc-2.04-150300.22.58.1 * grub2-x86_64-xen-2.04-150300.22.58.1 * grub2-snapper-plugin-2.04-150300.22.58.1 * grub2-x86_64-efi-2.04-150300.22.58.1 * grub2-arm64-efi-2.04-150300.22.58.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (s390x) * grub2-s390x-emu-2.04-150300.22.58.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56738.html * https://bugzilla.suse.com/show_bug.cgi?id=1234959 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 12:30:54 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 12:30:54 -0000 Subject: SUSE-SU-2025:02703-1: moderate: Security update for djvulibre Message-ID: <175439705467.405.4401095138344633249@smelt2.prg2.suse.org> # Security update for djvulibre Announcement ID: SUSE-SU-2025:02703-1 Release Date: 2025-08-05T09:33:28Z Rating: moderate References: * bsc#1245773 Cross-References: * CVE-2025-53367 CVSS scores: * CVE-2025-53367 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-53367 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2025-53367 ( NVD ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Desktop Applications Module 15-SP6 * Desktop Applications Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for djvulibre fixes the following issues: * CVE-2025-53367: Fixed a bug where a crafted document may lead to an out of bound write. (bsc#1245773) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-2703=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2703=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2703=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2703=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-2703=1 ## Package List: * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * djvulibre-debuginfo-3.5.27-150200.11.17.1 * libdjvulibre21-3.5.27-150200.11.17.1 * djvulibre-debugsource-3.5.27-150200.11.17.1 * libdjvulibre-devel-3.5.27-150200.11.17.1 * libdjvulibre21-debuginfo-3.5.27-150200.11.17.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * djvulibre-debuginfo-3.5.27-150200.11.17.1 * djvulibre-3.5.27-150200.11.17.1 * djvulibre-debugsource-3.5.27-150200.11.17.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * djvulibre-debuginfo-3.5.27-150200.11.17.1 * djvulibre-3.5.27-150200.11.17.1 * djvulibre-debugsource-3.5.27-150200.11.17.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * djvulibre-debuginfo-3.5.27-150200.11.17.1 * libdjvulibre21-3.5.27-150200.11.17.1 * djvulibre-debugsource-3.5.27-150200.11.17.1 * libdjvulibre-devel-3.5.27-150200.11.17.1 * djvulibre-3.5.27-150200.11.17.1 * libdjvulibre21-debuginfo-3.5.27-150200.11.17.1 * openSUSE Leap 15.6 (noarch) * djvulibre-doc-3.5.27-150200.11.17.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * djvulibre-debuginfo-3.5.27-150200.11.17.1 * libdjvulibre21-3.5.27-150200.11.17.1 * djvulibre-debugsource-3.5.27-150200.11.17.1 * libdjvulibre-devel-3.5.27-150200.11.17.1 * libdjvulibre21-debuginfo-3.5.27-150200.11.17.1 ## References: * https://www.suse.com/security/cve/CVE-2025-53367.html * https://bugzilla.suse.com/show_bug.cgi?id=1245773 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 12:30:59 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 12:30:59 -0000 Subject: SUSE-SU-2025:02701-1: moderate: Security update for python Message-ID: <175439705929.405.2200064273732593133@smelt2.prg2.suse.org> # Security update for python Announcement ID: SUSE-SU-2025:02701-1 Release Date: 2025-08-05T09:32:17Z Rating: moderate References: * bsc#1247249 Cross-References: * CVE-2025-8194 CVSS scores: * CVE-2025-8194 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-8194 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-8194 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for python fixes the following issues: * CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets (bsc#1247249). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2701=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2701=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2701=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python-curses-2.7.18-150000.83.1 * python-2.7.18-150000.83.1 * python-xml-debuginfo-2.7.18-150000.83.1 * python-demo-2.7.18-150000.83.1 * python-base-debuginfo-2.7.18-150000.83.1 * python-debuginfo-2.7.18-150000.83.1 * python-gdbm-2.7.18-150000.83.1 * python-curses-debuginfo-2.7.18-150000.83.1 * python-gdbm-debuginfo-2.7.18-150000.83.1 * python-debugsource-2.7.18-150000.83.1 * python-tk-debuginfo-2.7.18-150000.83.1 * python-tk-2.7.18-150000.83.1 * libpython2_7-1_0-debuginfo-2.7.18-150000.83.1 * python-idle-2.7.18-150000.83.1 * libpython2_7-1_0-2.7.18-150000.83.1 * python-base-debugsource-2.7.18-150000.83.1 * python-xml-2.7.18-150000.83.1 * python-devel-2.7.18-150000.83.1 * python-base-2.7.18-150000.83.1 * openSUSE Leap 15.6 (x86_64) * python-base-32bit-2.7.18-150000.83.1 * libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.83.1 * python-32bit-debuginfo-2.7.18-150000.83.1 * python-base-32bit-debuginfo-2.7.18-150000.83.1 * python-32bit-2.7.18-150000.83.1 * libpython2_7-1_0-32bit-2.7.18-150000.83.1 * openSUSE Leap 15.6 (noarch) * python-doc-pdf-2.7.18-150000.83.1 * python-doc-2.7.18-150000.83.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * python-curses-2.7.18-150000.83.1 * python-2.7.18-150000.83.1 * python-xml-debuginfo-2.7.18-150000.83.1 * python-base-debuginfo-2.7.18-150000.83.1 * python-debuginfo-2.7.18-150000.83.1 * python-gdbm-2.7.18-150000.83.1 * python-curses-debuginfo-2.7.18-150000.83.1 * python-gdbm-debuginfo-2.7.18-150000.83.1 * python-debugsource-2.7.18-150000.83.1 * libpython2_7-1_0-debuginfo-2.7.18-150000.83.1 * libpython2_7-1_0-2.7.18-150000.83.1 * python-base-debugsource-2.7.18-150000.83.1 * python-xml-2.7.18-150000.83.1 * python-base-2.7.18-150000.83.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * python-curses-2.7.18-150000.83.1 * python-2.7.18-150000.83.1 * python-xml-debuginfo-2.7.18-150000.83.1 * python-base-debuginfo-2.7.18-150000.83.1 * python-debuginfo-2.7.18-150000.83.1 * python-gdbm-2.7.18-150000.83.1 * python-curses-debuginfo-2.7.18-150000.83.1 * python-gdbm-debuginfo-2.7.18-150000.83.1 * python-debugsource-2.7.18-150000.83.1 * libpython2_7-1_0-debuginfo-2.7.18-150000.83.1 * libpython2_7-1_0-2.7.18-150000.83.1 * python-base-debugsource-2.7.18-150000.83.1 * python-xml-2.7.18-150000.83.1 * python-base-2.7.18-150000.83.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8194.html * https://bugzilla.suse.com/show_bug.cgi?id=1247249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 12:30:56 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 12:30:56 -0000 Subject: SUSE-SU-2025:02702-1: moderate: Security update for govulncheck-vulndb Message-ID: <175439705678.405.7189246867534050252@smelt2.prg2.suse.org> # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2025:02702-1 Release Date: 2025-08-05T09:32:34Z Rating: moderate References: * jsc#PED-11136 Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: * Update to version 0.0.20250730T213748 2025-07-30T21:37:48Z. (jsc#PED-11136) * GO-2025-3758 GHSA-rx97-6c62-55mf * GO-2025-3762 GHSA-g8qw-mgjx-rwjr * GO-2025-3763 GHSA-8cqv-pj7f-pwpc * GO-2025-3764 GHSA-6xp3-p59p-q4fj * GO-2025-3765 GHSA-h4h6-vccr-44h2 * GO-2025-3766 GHSA-crvv-6w6h-cv34 * GO-2025-3767 GHSA-2hcm-q3f4-fjgw * GO-2025-3768 GHSA-gpfc-mph4-qm24 * GO-2025-3769 GHSA-qh58-9v3j-wcjc * GO-2025-3770 GHSA-vrw8-fxc6-2r93 * GO-2025-3771 GHSA-4578-6gjh-f2jm * GO-2025-3772 GHSA-qwwm-c582-82rx * GO-2025-3773 GHSA-w6p4-84vc-qc2w * GO-2025-3774 GHSA-hj2p-8wj8-pfq4 * GO-2025-3776 GHSA-wj44-9vcg-wjq7 * GO-2025-3777 GHSA-65gg-3w2w-hr4h * GO-2025-3778 GHSA-xh32-cx6c-cp4v * GO-2025-3779 GHSA-h3qp-hwvr-9xcq * GO-2025-3780 GHSA-8f5r-8cmq-7fmq * GO-2025-3781 GHSA-9q7c-qmhm-jv86 * GO-2025-3782 GHSA-p7fw-vjjm-2rwp * GO-2025-3783 GHSA-prpj-rchp-9j5h * GO-2025-3784 GHSA-4wx8-5gm2-2j97 * GO-2025-3785 GHSA-jj2r-455p-5gvf * GO-2025-3786 GHSA-3q2w-42mv-cph4 * GO-2025-3787 GHSA-fv92-fjc5-jj9h * GO-2025-3788 GHSA-fhc2-8qx8-6vj7 * GO-2025-3789 GHSA-6hwc-9h8r-3vmf * GO-2025-3790 GHSA-3v48-283x-f2w4 * GO-2025-3791 GHSA-56j4-446m-qrf6 * GO-2025-3792 GHSA-cm2r-rg7r-p7gg * GO-2025-3793 GHSA-hc8f-m8g5-8362 * GO-2025-3794 GHSA-rmwh-g367-mj4x * GO-2025-3795 GHSA-w7qc-6grj-w7r8 * GO-2025-3796 GHSA-v8fr-vxmw-6mf6 * GO-2025-3797 GHSA-wgvp-jj4w-88hf * GO-2025-3798 GHSA-h34r-jxqm-qgpr * GO-2025-3799 GHSA-fv2p-qj5p-wqq4 * GO-2025-3800 GHSA-gj54-gwj9-x2c6 * GO-2025-3801 GHSA-rj53-j6jw-7f7g * GO-2025-3802 GHSA-557j-xg8c-q2mm * GO-2025-3803 GHSA-p22h-3m2v-cmgh * GO-2025-3804 GHSA-24ch-w38v-xmh8 * GO-2025-3805 GHSA-4vc8-wvhw-m5gv * GO-2025-3806 GHSA-r64v-82fh-xc63 * GO-2025-3807 GHSA-phhq-63jg-fp7r * GO-2025-3808 GHSA-3gv2-v3jx-r9fh * GO-2025-3809 GHSA-ggmv-j932-q89q * GO-2025-3810 GHSA-r7fm-3pqm-ww5w * GO-2025-3811 GHSA-7xqm-7738-642x * GO-2025-3812 GHSA-7xwp-2cpp-p8r7 * GO-2025-3814 GHSA-46m5-8hpj-p5p5 * GO-2025-3815 GHSA-5662-cv6m-63wh * GO-2025-3816 GHSA-x6ph-r535-3vjw * GO-2025-3817 GHSA-vqph-p5vc-g644 * GO-2025-3818 GHSA-4fwj-8595-wp25 * GO-2025-3819 GHSA-7h34-9chr-58qh * GO-2025-3820 GHSA-wvw2-3jh4-4c39 * GO-2025-3823 GHSA-r5p3-955p-5ggq * GO-2025-3824 GHSA-x9hg-5q6g-q3jr * GO-2025-3825 GHSA-f9vc-vf3r-pqqq * GO-2025-3826 GHSA-h27m-3qw8-3pw8 * GO-2025-3827 GHSA-526j-mv3p-f4vv * GO-2025-3828 * Update to version 0.0.20250616T200841 2025-06-16T20:08:41Z. (jsc#PED-11136) * GO-2025-3749 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2702=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2702=1 ## Package List: * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20250730T213748-150000.1.92.1 * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20250730T213748-150000.1.92.1 ## References: * https://jira.suse.com/browse/PED-11136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 12:31:01 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 12:31:01 -0000 Subject: SUSE-SU-2025:02700-1: moderate: Security update for python39 Message-ID: <175439706179.405.12985854686314483191@smelt2.prg2.suse.org> # Security update for python39 Announcement ID: SUSE-SU-2025:02700-1 Release Date: 2025-08-05T09:31:42Z Rating: moderate References: * bsc#1247249 Cross-References: * CVE-2025-8194 CVSS scores: * CVE-2025-8194 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-8194 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-8194 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for python39 fixes the following issues: * CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets (bsc#1247249). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2700=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2700=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python39-debuginfo-3.9.23-150300.4.81.1 * python39-tk-3.9.23-150300.4.81.1 * python39-doc-3.9.23-150300.4.81.1 * libpython3_9-1_0-3.9.23-150300.4.81.1 * python39-devel-3.9.23-150300.4.81.1 * python39-3.9.23-150300.4.81.1 * python39-doc-devhelp-3.9.23-150300.4.81.1 * python39-tk-debuginfo-3.9.23-150300.4.81.1 * python39-core-debugsource-3.9.23-150300.4.81.1 * python39-curses-debuginfo-3.9.23-150300.4.81.1 * python39-base-debuginfo-3.9.23-150300.4.81.1 * python39-base-3.9.23-150300.4.81.1 * python39-testsuite-debuginfo-3.9.23-150300.4.81.1 * python39-testsuite-3.9.23-150300.4.81.1 * python39-tools-3.9.23-150300.4.81.1 * python39-debugsource-3.9.23-150300.4.81.1 * python39-curses-3.9.23-150300.4.81.1 * libpython3_9-1_0-debuginfo-3.9.23-150300.4.81.1 * python39-dbm-3.9.23-150300.4.81.1 * python39-idle-3.9.23-150300.4.81.1 * python39-dbm-debuginfo-3.9.23-150300.4.81.1 * openSUSE Leap 15.6 (x86_64) * python39-base-32bit-debuginfo-3.9.23-150300.4.81.1 * libpython3_9-1_0-32bit-debuginfo-3.9.23-150300.4.81.1 * python39-base-32bit-3.9.23-150300.4.81.1 * libpython3_9-1_0-32bit-3.9.23-150300.4.81.1 * python39-32bit-3.9.23-150300.4.81.1 * python39-32bit-debuginfo-3.9.23-150300.4.81.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python39-debuginfo-3.9.23-150300.4.81.1 * python39-tk-3.9.23-150300.4.81.1 * python39-doc-3.9.23-150300.4.81.1 * libpython3_9-1_0-3.9.23-150300.4.81.1 * python39-devel-3.9.23-150300.4.81.1 * python39-3.9.23-150300.4.81.1 * python39-tk-debuginfo-3.9.23-150300.4.81.1 * python39-doc-devhelp-3.9.23-150300.4.81.1 * python39-core-debugsource-3.9.23-150300.4.81.1 * python39-curses-debuginfo-3.9.23-150300.4.81.1 * python39-base-debuginfo-3.9.23-150300.4.81.1 * python39-base-3.9.23-150300.4.81.1 * python39-testsuite-debuginfo-3.9.23-150300.4.81.1 * python39-testsuite-3.9.23-150300.4.81.1 * python39-tools-3.9.23-150300.4.81.1 * python39-debugsource-3.9.23-150300.4.81.1 * python39-curses-3.9.23-150300.4.81.1 * libpython3_9-1_0-debuginfo-3.9.23-150300.4.81.1 * python39-dbm-3.9.23-150300.4.81.1 * python39-idle-3.9.23-150300.4.81.1 * python39-dbm-debuginfo-3.9.23-150300.4.81.1 * openSUSE Leap 15.3 (x86_64) * python39-base-32bit-debuginfo-3.9.23-150300.4.81.1 * libpython3_9-1_0-32bit-debuginfo-3.9.23-150300.4.81.1 * python39-base-32bit-3.9.23-150300.4.81.1 * libpython3_9-1_0-32bit-3.9.23-150300.4.81.1 * python39-32bit-3.9.23-150300.4.81.1 * python39-32bit-debuginfo-3.9.23-150300.4.81.1 * openSUSE Leap 15.3 (aarch64_ilp32) * python39-64bit-3.9.23-150300.4.81.1 * python39-64bit-debuginfo-3.9.23-150300.4.81.1 * libpython3_9-1_0-64bit-3.9.23-150300.4.81.1 * python39-base-64bit-debuginfo-3.9.23-150300.4.81.1 * libpython3_9-1_0-64bit-debuginfo-3.9.23-150300.4.81.1 * python39-base-64bit-3.9.23-150300.4.81.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8194.html * https://bugzilla.suse.com/show_bug.cgi?id=1247249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 12:31:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 12:31:07 -0000 Subject: SUSE-SU-2025:02695-1: moderate: Security update for djvulibre Message-ID: <175439706762.405.9335011904378598685@smelt2.prg2.suse.org> # Security update for djvulibre Announcement ID: SUSE-SU-2025:02695-1 Release Date: 2025-08-05T08:08:58Z Rating: moderate References: * bsc#1245773 Cross-References: * CVE-2025-53367 CVSS scores: * CVE-2025-53367 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-53367 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2025-53367 ( NVD ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for djvulibre fixes the following issues: * CVE-2025-53367: Fixed a bug where a crafted document may lead to an out of bound write. (bsc#1245773) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2695=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * djvulibre-debugsource-3.5.25.3-5.25.1 * libdjvulibre21-3.5.25.3-5.25.1 * libdjvulibre21-debuginfo-3.5.25.3-5.25.1 * libdjvulibre-devel-3.5.25.3-5.25.1 * djvulibre-debuginfo-3.5.25.3-5.25.1 ## References: * https://www.suse.com/security/cve/CVE-2025-53367.html * https://bugzilla.suse.com/show_bug.cgi?id=1245773 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 16:30:17 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 16:30:17 -0000 Subject: SUSE-SU-2025:02710-1: important: Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP6) Message-ID: <175441141750.654.4959779074774439978@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02710-1 Release Date: 2025-08-05T15:04:52Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_47 fixes several issues. The following security issues were fixed: * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2710=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2710=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_10-debugsource-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_47-default-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_47-default-debuginfo-3-150600.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_10-debugsource-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_47-default-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_47-default-debuginfo-3-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 16:30:24 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 16:30:24 -0000 Subject: SUSE-SU-2025:20548-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 Message-ID: <175441142421.654.11713607082420017978@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 Announcement ID: SUSE-SU-2025:20548-1 Release Date: 2025-08-01T07:30:37Z Rating: important References: * bsc#1241579 * bsc#1244337 Cross-References: * CVE-2025-22115 CVSS scores: * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues: * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-65=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-28-rt-debuginfo-2-3.1 * kernel-livepatch-6_4_0-28-rt-2-3.1 * kernel-livepatch-MICRO-6-0-RT_Update_6-debugsource-2-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 16:30:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 16:30:28 -0000 Subject: SUSE-SU-2025:20547-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 Message-ID: <175441142824.654.16824855964367503093@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 Announcement ID: SUSE-SU-2025:20547-1 Release Date: 2025-07-30T16:17:29Z Rating: important References: * bsc#1241579 * bsc#1244337 Cross-References: * CVE-2025-22115 CVSS scores: * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues: * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-59=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-30-rt-debuginfo-2-1.3 * kernel-livepatch-MICRO-6-0-RT_Update_7-debugsource-2-1.3 * kernel-livepatch-6_4_0-30-rt-2-1.3 ## References: * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 16:30:32 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 16:30:32 -0000 Subject: SUSE-SU-2025:20546-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 Message-ID: <175441143266.654.12473104189276556339@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 Announcement ID: SUSE-SU-2025:20546-1 Release Date: 2025-07-30T16:17:29Z Rating: important References: * bsc#1238912 * bsc#1241579 * bsc#1244337 Cross-References: * CVE-2025-21772 * CVE-2025-22115 CVSS scores: * CVE-2025-21772 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21772 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves two vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues: * CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912) * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-58=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_5-debugsource-4-1.1 * kernel-livepatch-6_4_0-25-rt-debuginfo-4-1.1 * kernel-livepatch-6_4_0-25-rt-4-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21772.html * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1238912 * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 16:30:42 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 16:30:42 -0000 Subject: SUSE-SU-2025:20545-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 Message-ID: <175441144203.654.258197215114733058@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 Announcement ID: SUSE-SU-2025:20545-1 Release Date: 2025-07-30T16:17:29Z Rating: important References: * bsc#1234854 * bsc#1234885 * bsc#1234892 * bsc#1235005 * bsc#1235769 * bsc#1235921 * bsc#1238912 * bsc#1241579 * bsc#1243648 * bsc#1244337 Cross-References: * CVE-2024-53146 * CVE-2024-53166 * CVE-2024-53173 * CVE-2024-53214 * CVE-2024-56558 * CVE-2024-57793 * CVE-2024-57893 * CVE-2025-21772 * CVE-2025-22115 CVSS scores: * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53166 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53166 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56558 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56558 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56558 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57793 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-57793 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H * CVE-2024-57893 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57893 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21772 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21772 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves nine vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues: * CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854) * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885) * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892) * CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005) * CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769) * CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921) * CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912) * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) * CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-57=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_4-debugsource-5-1.1 * kernel-livepatch-6_4_0-22-rt-5-1.1 * kernel-livepatch-6_4_0-22-rt-debuginfo-5-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53166.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-56558.html * https://www.suse.com/security/cve/CVE-2024-57793.html * https://www.suse.com/security/cve/CVE-2024-57893.html * https://www.suse.com/security/cve/CVE-2025-21772.html * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1234854 * https://bugzilla.suse.com/show_bug.cgi?id=1234885 * https://bugzilla.suse.com/show_bug.cgi?id=1234892 * https://bugzilla.suse.com/show_bug.cgi?id=1235005 * https://bugzilla.suse.com/show_bug.cgi?id=1235769 * https://bugzilla.suse.com/show_bug.cgi?id=1235921 * https://bugzilla.suse.com/show_bug.cgi?id=1238912 * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1243648 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 16:30:51 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 16:30:51 -0000 Subject: SUSE-SU-2025:20544-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 Message-ID: <175441145140.654.7212157421570129689@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 Announcement ID: SUSE-SU-2025:20544-1 Release Date: 2025-07-30T16:17:29Z Rating: important References: * bsc#1233118 * bsc#1233227 * bsc#1234854 * bsc#1234885 * bsc#1234892 * bsc#1235005 * bsc#1235769 * bsc#1235921 * bsc#1238912 * bsc#1241579 * bsc#1243648 * bsc#1244337 Cross-References: * CVE-2024-50208 * CVE-2024-50250 * CVE-2024-53146 * CVE-2024-53166 * CVE-2024-53173 * CVE-2024-53214 * CVE-2024-56558 * CVE-2024-57793 * CVE-2024-57893 * CVE-2025-21772 * CVE-2025-22115 CVSS scores: * CVE-2024-50208 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50208 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50208 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50250 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-50250 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-50250 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53166 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53166 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56558 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56558 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56558 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57793 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-57793 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H * CVE-2024-57893 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57893 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21772 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21772 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves 11 vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues: * CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233118) * CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233227) * CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854) * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885) * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892) * CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005) * CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769) * CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921) * CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912) * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) * CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-54=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-10-rt-8-1.1 * kernel-livepatch-6_4_0-10-rt-debuginfo-8-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_2-debugsource-8-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50208.html * https://www.suse.com/security/cve/CVE-2024-50250.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53166.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-56558.html * https://www.suse.com/security/cve/CVE-2024-57793.html * https://www.suse.com/security/cve/CVE-2024-57893.html * https://www.suse.com/security/cve/CVE-2025-21772.html * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1233118 * https://bugzilla.suse.com/show_bug.cgi?id=1233227 * https://bugzilla.suse.com/show_bug.cgi?id=1234854 * https://bugzilla.suse.com/show_bug.cgi?id=1234885 * https://bugzilla.suse.com/show_bug.cgi?id=1234892 * https://bugzilla.suse.com/show_bug.cgi?id=1235005 * https://bugzilla.suse.com/show_bug.cgi?id=1235769 * https://bugzilla.suse.com/show_bug.cgi?id=1235921 * https://bugzilla.suse.com/show_bug.cgi?id=1238912 * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1243648 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 16:30:54 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 16:30:54 -0000 Subject: SUSE-SU-2025:20543-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_6 Message-ID: <175441145424.654.16903371299399497646@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_6 Announcement ID: SUSE-SU-2025:20543-1 Release Date: 2025-08-01T08:37:43Z Rating: important References: * bsc#1241579 * bsc#1244337 Cross-References: * CVE-2025-22115 CVSS scores: * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues: * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-64=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-28-default-debuginfo-2-3.1 * kernel-livepatch-6_4_0-28-default-2-3.1 * kernel-livepatch-MICRO-6-0_Update_6-debugsource-2-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 16:31:01 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 16:31:01 -0000 Subject: SUSE-SU-2025:20542-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_5 Message-ID: <175441146108.654.8987834962283483323@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_5 Announcement ID: SUSE-SU-2025:20542-1 Release Date: 2025-08-01T08:37:43Z Rating: important References: * bsc#1238912 * bsc#1241579 * bsc#1244337 Cross-References: * CVE-2025-21772 * CVE-2025-22115 CVSS scores: * CVE-2025-21772 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21772 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves two vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues: * CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912) * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-63=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_5-debugsource-4-1.2 * kernel-livepatch-6_4_0-25-default-debuginfo-4-1.2 * kernel-livepatch-6_4_0-25-default-4-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-21772.html * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1238912 * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 16:31:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 16:31:09 -0000 Subject: SUSE-SU-2025:20541-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_4 Message-ID: <175441146943.654.13777769090111091941@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_4 Announcement ID: SUSE-SU-2025:20541-1 Release Date: 2025-08-01T08:37:43Z Rating: important References: * bsc#1234854 * bsc#1234885 * bsc#1234892 * bsc#1235005 * bsc#1235769 * bsc#1235921 * bsc#1238912 * bsc#1241579 * bsc#1243648 * bsc#1244337 Cross-References: * CVE-2024-53146 * CVE-2024-53166 * CVE-2024-53173 * CVE-2024-53214 * CVE-2024-56558 * CVE-2024-57793 * CVE-2024-57893 * CVE-2025-21772 * CVE-2025-22115 CVSS scores: * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53166 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53166 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56558 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56558 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56558 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57793 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-57793 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H * CVE-2024-57893 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57893 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21772 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21772 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves nine vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues: * CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854) * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885) * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892) * CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005) * CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769) * CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921) * CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912) * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) * CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-62=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-24-default-6-1.2 * kernel-livepatch-6_4_0-24-default-debuginfo-6-1.2 * kernel-livepatch-MICRO-6-0_Update_4-debugsource-6-1.2 ## References: * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53166.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-56558.html * https://www.suse.com/security/cve/CVE-2024-57793.html * https://www.suse.com/security/cve/CVE-2024-57893.html * https://www.suse.com/security/cve/CVE-2025-21772.html * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1234854 * https://bugzilla.suse.com/show_bug.cgi?id=1234885 * https://bugzilla.suse.com/show_bug.cgi?id=1234892 * https://bugzilla.suse.com/show_bug.cgi?id=1235005 * https://bugzilla.suse.com/show_bug.cgi?id=1235769 * https://bugzilla.suse.com/show_bug.cgi?id=1235921 * https://bugzilla.suse.com/show_bug.cgi?id=1238912 * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1243648 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 16:31:19 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 16:31:19 -0000 Subject: SUSE-SU-2025:20540-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_2 Message-ID: <175441147977.654.7764675827011525319@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_2 Announcement ID: SUSE-SU-2025:20540-1 Release Date: 2025-08-01T08:37:39Z Rating: important References: * bsc#1233118 * bsc#1233227 * bsc#1234854 * bsc#1234885 * bsc#1234892 * bsc#1235005 * bsc#1235769 * bsc#1235921 * bsc#1238912 * bsc#1241579 * bsc#1243648 * bsc#1244337 Cross-References: * CVE-2024-50208 * CVE-2024-50250 * CVE-2024-53146 * CVE-2024-53166 * CVE-2024-53173 * CVE-2024-53214 * CVE-2024-56558 * CVE-2024-57793 * CVE-2024-57893 * CVE-2025-21772 * CVE-2025-22115 CVSS scores: * CVE-2024-50208 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50208 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50208 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50250 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-50250 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-50250 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53166 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53166 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56558 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56558 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56558 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57793 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-57793 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H * CVE-2024-57893 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57893 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21772 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21772 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22115 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22115 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves 11 vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues: * CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233118) * CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233227) * CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854) * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885) * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892) * CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005) * CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769) * CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921) * CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912) * CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579) * CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-60=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-19-default-8-1.1 * kernel-livepatch-6_4_0-19-default-debuginfo-8-1.1 * kernel-livepatch-MICRO-6-0_Update_2-debugsource-8-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50208.html * https://www.suse.com/security/cve/CVE-2024-50250.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53166.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-56558.html * https://www.suse.com/security/cve/CVE-2024-57793.html * https://www.suse.com/security/cve/CVE-2024-57893.html * https://www.suse.com/security/cve/CVE-2025-21772.html * https://www.suse.com/security/cve/CVE-2025-22115.html * https://bugzilla.suse.com/show_bug.cgi?id=1233118 * https://bugzilla.suse.com/show_bug.cgi?id=1233227 * https://bugzilla.suse.com/show_bug.cgi?id=1234854 * https://bugzilla.suse.com/show_bug.cgi?id=1234885 * https://bugzilla.suse.com/show_bug.cgi?id=1234892 * https://bugzilla.suse.com/show_bug.cgi?id=1235005 * https://bugzilla.suse.com/show_bug.cgi?id=1235769 * https://bugzilla.suse.com/show_bug.cgi?id=1235921 * https://bugzilla.suse.com/show_bug.cgi?id=1238912 * https://bugzilla.suse.com/show_bug.cgi?id=1241579 * https://bugzilla.suse.com/show_bug.cgi?id=1243648 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 16:31:26 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 16:31:26 -0000 Subject: SUSE-SU-2025:20539-1: important: Security update for python311 Message-ID: <175441148660.654.9277136946968788633@smelt2.prg2.suse.org> # Security update for python311 Announcement ID: SUSE-SU-2025:20539-1 Release Date: 2025-08-01T10:15:51Z Rating: important References: * bsc#1243155 * bsc#1243273 * bsc#1244032 * bsc#1244056 * bsc#1244059 * bsc#1244060 * bsc#1244061 * bsc#1244705 Cross-References: * CVE-2024-12718 * CVE-2025-4138 * CVE-2025-4330 * CVE-2025-4435 * CVE-2025-4516 * CVE-2025-4517 * CVE-2025-6069 CVSS scores: * CVE-2024-12718 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-12718 ( NVD ): 10.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-12718 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-4138 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2025-4138 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-4330 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2025-4330 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-4435 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2025-4435 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-4516 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-4516 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4516 ( NVD ): 5.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-4517 ( SUSE ): 7.5 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-4517 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-4517 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L * CVE-2025-6069 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H * CVE-2025-6069 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H * CVE-2025-6069 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Micro 6.1 An update that solves seven vulnerabilities and has one fix can now be installed. ## Description: This update for python311 fixes the following issues: * CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser (bsc#1244705). Update to 3.11.13: * Security * gh-135034: Fixes multiple issues that allowed tarfile extraction filters (filter="data" and filter="tar") to be bypassed using crafted symlinks and hard links. Addresses CVE-2024-12718 (bsc#1244056), CVE-2025-4138 (bsc#1244059), CVE-2025-4330 (bsc#1244060), and CVE-2025-4517 (bsc#1244032). Also addresses CVE-2025-4435 (gh#135034, bsc#1244061). * gh-133767: Fix use-after-free in the ?unicode-escape? decoder with a non-?strict? error handler (CVE-2025-4516, bsc#1243273). * gh-128840: Short-circuit the processing of long IPv6 addresses early in ipaddress to prevent excessive memory consumption and a minor denial-of-service. * Library * gh-128840: Fix parsing long IPv6 addresses with embedded IPv4 address. * gh-134062: ipaddress: fix collisions in **hash** () for IPv4Network and IPv6Network objects. * gh-123409: Fix ipaddress.IPv6Address.reverse_pointer output according to RFC 3596, ?2.5. Patch by B?n?dikt Tran. * bpo-43633: Improve the textual representation of IPv4-mapped IPv6 addresses (RFC 4291 Sections 2.2, 2.5.5.2) in ipaddress. Patch by Oleksandr Pavliuk. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-198=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * python311-3.11.13-slfo.1.1_1.1 * python311-debugsource-3.11.13-slfo.1.1_1.1 * python311-base-3.11.13-slfo.1.1_1.1 * libpython3_11-1_0-debuginfo-3.11.13-slfo.1.1_1.1 * python311-curses-3.11.13-slfo.1.1_1.1 * libpython3_11-1_0-3.11.13-slfo.1.1_1.1 * python311-base-debuginfo-3.11.13-slfo.1.1_1.1 * python311-debuginfo-3.11.13-slfo.1.1_1.1 * python311-core-debugsource-3.11.13-slfo.1.1_1.1 * python311-curses-debuginfo-3.11.13-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12718.html * https://www.suse.com/security/cve/CVE-2025-4138.html * https://www.suse.com/security/cve/CVE-2025-4330.html * https://www.suse.com/security/cve/CVE-2025-4435.html * https://www.suse.com/security/cve/CVE-2025-4516.html * https://www.suse.com/security/cve/CVE-2025-4517.html * https://www.suse.com/security/cve/CVE-2025-6069.html * https://bugzilla.suse.com/show_bug.cgi?id=1243155 * https://bugzilla.suse.com/show_bug.cgi?id=1243273 * https://bugzilla.suse.com/show_bug.cgi?id=1244032 * https://bugzilla.suse.com/show_bug.cgi?id=1244056 * https://bugzilla.suse.com/show_bug.cgi?id=1244059 * https://bugzilla.suse.com/show_bug.cgi?id=1244060 * https://bugzilla.suse.com/show_bug.cgi?id=1244061 * https://bugzilla.suse.com/show_bug.cgi?id=1244705 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 16:31:32 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 16:31:32 -0000 Subject: SUSE-SU-2025:20538-1: moderate: Security update for libgcrypt Message-ID: <175441149297.654.15038373843583050620@smelt2.prg2.suse.org> # Security update for libgcrypt Announcement ID: SUSE-SU-2025:20538-1 Release Date: 2025-07-31T12:00:30Z Rating: moderate References: * bsc#1221107 Cross-References: * CVE-2024-2236 CVSS scores: * CVE-2024-2236 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-2236 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for libgcrypt fixes the following issues: * CVE-2024-2236: Fixed timing based side-channel in RSA implementation (bsc#1221107) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-196=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * libgcrypt20-1.10.3-slfo.1.1_2.1 * libgcrypt20-debuginfo-1.10.3-slfo.1.1_2.1 * libgcrypt-debugsource-1.10.3-slfo.1.1_2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2236.html * https://bugzilla.suse.com/show_bug.cgi?id=1221107 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 16:31:51 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 16:31:51 -0000 Subject: SUSE-SU-2025:20535-1: moderate: Security update for docker Message-ID: <175441151193.654.13014566294563151200@smelt2.prg2.suse.org> # Security update for docker Announcement ID: SUSE-SU-2025:20535-1 Release Date: 2025-07-29T14:01:53Z Rating: moderate References: * bsc#1240150 * bsc#1241830 * bsc#1242114 * bsc#1243833 * bsc#1244035 * bsc#1246556 Cross-References: * CVE-2025-22872 CVSS scores: * CVE-2025-22872 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-22872 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability and has five fixes can now be installed. ## Description: This update for docker fixes the following issues: * Update to Go 1.24 for builds, to match upstream. * Update to Docker 28.3.2-ce. See upstream changelog online at * Update to Docker 28.3.1-ce. See upstream changelog online at * Update to Docker 28.3.0-ce. See upstream changelog online at bsc#1246556 * Update to docker-buildx v0.25.0. Upstream changelog: * CVE-2025-22872: golang.org/x/net/html: Fixed incorrectly interpreted tags causing content to be placed wrong scope during DOM construction (bsc#1241830) * Do not try to inject SUSEConnect secrets when in Rootless Docker mode, as Docker does not have permission to access the host zypper credentials in this mode (and unprivileged users cannot disable the feature using /etc/docker/suse-secrets-enable.) bsc#1240150 * Always clear SUSEConnect suse_* secrets when starting containers regardless of whether the daemon was built with SUSEConnect support. Not doing this causes containers from SUSEConnect-enabled daemons to fail to start when running with SUSEConnect-disabled (i.e. upstream) daemons. This was a long-standing issue with our secrets support but until recently this would've required migrating from SLE packages to openSUSE packages (which wasn't supported). However, as SLE Micro 6.x and SLES 16 will move away from in-built SUSEConnect support, this is now a practical issue users will run into. bsc#1244035 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-195=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * docker-28.3.2_ce-slfo.1.1_5.1 * docker-buildx-0.25.0-slfo.1.1_5.1 * docker-buildx-debuginfo-0.25.0-slfo.1.1_5.1 * docker-debuginfo-28.3.2_ce-slfo.1.1_5.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22872.html * https://bugzilla.suse.com/show_bug.cgi?id=1240150 * https://bugzilla.suse.com/show_bug.cgi?id=1241830 * https://bugzilla.suse.com/show_bug.cgi?id=1242114 * https://bugzilla.suse.com/show_bug.cgi?id=1243833 * https://bugzilla.suse.com/show_bug.cgi?id=1244035 * https://bugzilla.suse.com/show_bug.cgi?id=1246556 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 16:31:57 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 16:31:57 -0000 Subject: SUSE-SU-2025:20533-1: important: Security update for pam-config Message-ID: <175441151785.654.17281822620395687467@smelt2.prg2.suse.org> # Security update for pam-config Announcement ID: SUSE-SU-2025:20533-1 Release Date: 2025-07-28T14:36:18Z Rating: important References: * bsc#1243226 Cross-References: * CVE-2025-6018 CVSS scores: * CVE-2025-6018 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-6018 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-6018 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for pam-config fixes the following issues: * CVE-2025-6018: Stop adding pam_env in AUTH stack, and be sure to put this module at the really end of the SESSION stack. (bsc#1243226) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-192=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * pam-config-2.11+git.20240906-slfo.1.1_2.1 * pam-config-debugsource-2.11+git.20240906-slfo.1.1_2.1 * pam-config-debuginfo-2.11+git.20240906-slfo.1.1_2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6018.html * https://bugzilla.suse.com/show_bug.cgi?id=1243226 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 16:32:01 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 16:32:01 -0000 Subject: SUSE-SU-2025:20532-1: important: Security update for perl Message-ID: <175441152151.654.16960417585618748925@smelt2.prg2.suse.org> # Security update for perl Announcement ID: SUSE-SU-2025:20532-1 Release Date: 2025-07-28T14:35:09Z Rating: important References: * bsc#1241083 * bsc#1244079 Cross-References: * CVE-2024-56406 * CVE-2025-40909 CVSS scores: * CVE-2024-56406 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56406 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56406 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-40909 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L * CVE-2025-40909 ( NVD ): 5.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Micro 6.1 An update that solves two vulnerabilities can now be installed. ## Description: This update for perl fixes the following issues: * CVE-2024-56406: Fixed heap buffer overflow when transliterating non-ASCII bytes (bsc#1241083) * CVE-2025-40909: Fixed a working directory race condition causing file operations to target unintended paths (bsc#1244079) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-191=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * perl-base-debuginfo-5.38.2-slfo.1.1_2.1 * perl-debuginfo-5.38.2-slfo.1.1_2.1 * perl-5.38.2-slfo.1.1_2.1 * perl-debugsource-5.38.2-slfo.1.1_2.1 * perl-base-5.38.2-slfo.1.1_2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56406.html * https://www.suse.com/security/cve/CVE-2025-40909.html * https://bugzilla.suse.com/show_bug.cgi?id=1241083 * https://bugzilla.suse.com/show_bug.cgi?id=1244079 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 5 16:32:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Aug 2025 16:32:07 -0000 Subject: SUSE-SU-2025:20531-1: important: Security update for python-requests Message-ID: <175441152735.654.16491131938981655536@smelt2.prg2.suse.org> # Security update for python-requests Announcement ID: SUSE-SU-2025:20531-1 Release Date: 2025-07-24T11:31:28Z Rating: important References: * bsc#1244039 * bsc#1246104 Cross-References: * CVE-2024-47081 CVSS scores: * CVE-2024-47081 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-47081 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47081 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability and has one fix can now be installed. ## Description: This update for python-requests fixes the following issues: * Avoid problems with certificate caching in sslcontext. (bsc#1246104, gh#psf/requests#6767) Update to 2.32.4: * CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong hostname/machine from a netrc file (gh#psf/requests#6965, bsc#1244039) * Numerous documentation improvements * Added support for pypy 3.11 for Linux and macOS. * Dropped support for pypy 3.9 following its end of support. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-189=1 ## Package List: * SUSE Linux Micro 6.1 (noarch) * python311-requests-2.32.4-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47081.html * https://bugzilla.suse.com/show_bug.cgi?id=1244039 * https://bugzilla.suse.com/show_bug.cgi?id=1246104 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 6 16:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 06 Aug 2025 16:30:08 -0000 Subject: SUSE-SU-2025:02718-1: moderate: Security update for libarchive Message-ID: <175449780824.654.9335840067972786172@smelt2.prg2.suse.org> # Security update for libarchive Announcement ID: SUSE-SU-2025:02718-1 Release Date: 2025-08-06T13:55:10Z Rating: moderate References: * bsc#1244270 * bsc#1244272 * bsc#1244273 * bsc#1244279 * bsc#1244336 Cross-References: * CVE-2025-5914 * CVE-2025-5915 * CVE-2025-5916 * CVE-2025-5917 * CVE-2025-5918 CVSS scores: * CVE-2025-5914 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-5914 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2025-5914 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-5914 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5915 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-5915 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5915 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5916 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-5916 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5916 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5917 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-5917 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2025-5917 ( NVD ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2025-5918 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-5918 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5918 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves five vulnerabilities can now be installed. ## Description: This update for libarchive fixes the following issues: * CVE-2025-5914: Fixed double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272) * CVE-2025-5915: Fixed heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c (bsc#1244273) * CVE-2025-5916: Fixed integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270) * CVE-2025-5917: Fixed off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c (bsc#1244336) * CVE-2025-5918: Fixed reading past EOF may be triggered for piped file streams (bsc#1244279) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2718=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2718=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2718=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2718=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2718=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2718=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libarchive13-debuginfo-3.5.1-150400.3.21.1 * libarchive13-3.5.1-150400.3.21.1 * libarchive-debugsource-3.5.1-150400.3.21.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libarchive13-debuginfo-3.5.1-150400.3.21.1 * libarchive13-3.5.1-150400.3.21.1 * libarchive-debugsource-3.5.1-150400.3.21.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libarchive13-debuginfo-3.5.1-150400.3.21.1 * libarchive13-3.5.1-150400.3.21.1 * libarchive-debugsource-3.5.1-150400.3.21.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libarchive13-debuginfo-3.5.1-150400.3.21.1 * libarchive13-3.5.1-150400.3.21.1 * libarchive-debugsource-3.5.1-150400.3.21.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libarchive13-debuginfo-3.5.1-150400.3.21.1 * libarchive13-3.5.1-150400.3.21.1 * libarchive-debugsource-3.5.1-150400.3.21.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * bsdtar-3.5.1-150400.3.21.1 * bsdtar-debuginfo-3.5.1-150400.3.21.1 * libarchive-devel-3.5.1-150400.3.21.1 * libarchive-debugsource-3.5.1-150400.3.21.1 * libarchive13-debuginfo-3.5.1-150400.3.21.1 * libarchive13-3.5.1-150400.3.21.1 * openSUSE Leap 15.4 (x86_64) * libarchive13-32bit-debuginfo-3.5.1-150400.3.21.1 * libarchive13-32bit-3.5.1-150400.3.21.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libarchive13-64bit-3.5.1-150400.3.21.1 * libarchive13-64bit-debuginfo-3.5.1-150400.3.21.1 ## References: * https://www.suse.com/security/cve/CVE-2025-5914.html * https://www.suse.com/security/cve/CVE-2025-5915.html * https://www.suse.com/security/cve/CVE-2025-5916.html * https://www.suse.com/security/cve/CVE-2025-5917.html * https://www.suse.com/security/cve/CVE-2025-5918.html * https://bugzilla.suse.com/show_bug.cgi?id=1244270 * https://bugzilla.suse.com/show_bug.cgi?id=1244272 * https://bugzilla.suse.com/show_bug.cgi?id=1244273 * https://bugzilla.suse.com/show_bug.cgi?id=1244279 * https://bugzilla.suse.com/show_bug.cgi?id=1244336 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 6 16:30:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 06 Aug 2025 16:30:13 -0000 Subject: SUSE-SU-2025:02717-1: important: Security update for python311 Message-ID: <175449781361.654.2479586971535775390@smelt2.prg2.suse.org> # Security update for python311 Announcement ID: SUSE-SU-2025:02717-1 Release Date: 2025-08-06T13:40:11Z Rating: important References: * bsc#1244061 * bsc#1244705 * bsc#1247249 Cross-References: * CVE-2025-4435 * CVE-2025-6069 * CVE-2025-8194 CVSS scores: * CVE-2025-4435 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2025-4435 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-6069 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H * CVE-2025-6069 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H * CVE-2025-6069 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-8194 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-8194 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-8194 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for python311 fixes the following issues: * CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets (bsc#1247249). * CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser (bsc#1244705). * CVE-2025-4435: Fixed Tarfile extracting filtered members when errorlevel=0 (bsc#1244061). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2717=1 openSUSE-SLE-15.6-2025-2717=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2717=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2717=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-2717=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2025-2717=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python311-tk-3.11.13-150600.3.35.2 * python311-tk-debuginfo-3.11.13-150600.3.35.2 * python311-debugsource-3.11.13-150600.3.35.2 * python311-base-3.11.13-150600.3.35.1 * python311-testsuite-3.11.13-150600.3.35.1 * python311-dbm-3.11.13-150600.3.35.2 * python311-idle-3.11.13-150600.3.35.2 * python311-doc-3.11.13-150600.3.35.1 * python311-dbm-debuginfo-3.11.13-150600.3.35.2 * python311-core-debugsource-3.11.13-150600.3.35.1 * python311-devel-3.11.13-150600.3.35.1 * python311-tools-3.11.13-150600.3.35.1 * python311-doc-devhelp-3.11.13-150600.3.35.1 * python311-curses-debuginfo-3.11.13-150600.3.35.2 * python311-curses-3.11.13-150600.3.35.2 * libpython3_11-1_0-debuginfo-3.11.13-150600.3.35.1 * python311-testsuite-debuginfo-3.11.13-150600.3.35.1 * python311-base-debuginfo-3.11.13-150600.3.35.1 * python311-debuginfo-3.11.13-150600.3.35.2 * python311-3.11.13-150600.3.35.2 * libpython3_11-1_0-3.11.13-150600.3.35.1 * openSUSE Leap 15.6 (x86_64) * python311-32bit-debuginfo-3.11.13-150600.3.35.2 * python311-base-32bit-3.11.13-150600.3.35.1 * libpython3_11-1_0-32bit-debuginfo-3.11.13-150600.3.35.1 * libpython3_11-1_0-32bit-3.11.13-150600.3.35.1 * python311-32bit-3.11.13-150600.3.35.2 * python311-base-32bit-debuginfo-3.11.13-150600.3.35.1 * openSUSE Leap 15.6 (aarch64_ilp32) * python311-base-64bit-3.11.13-150600.3.35.1 * python311-64bit-3.11.13-150600.3.35.2 * python311-base-64bit-debuginfo-3.11.13-150600.3.35.1 * libpython3_11-1_0-64bit-debuginfo-3.11.13-150600.3.35.1 * python311-64bit-debuginfo-3.11.13-150600.3.35.2 * libpython3_11-1_0-64bit-3.11.13-150600.3.35.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libpython3_11-1_0-debuginfo-3.11.13-150600.3.35.1 * python311-core-debugsource-3.11.13-150600.3.35.1 * python311-base-debuginfo-3.11.13-150600.3.35.1 * python311-base-3.11.13-150600.3.35.1 * libpython3_11-1_0-3.11.13-150600.3.35.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libpython3_11-1_0-debuginfo-3.11.13-150600.3.35.1 * python311-core-debugsource-3.11.13-150600.3.35.1 * python311-base-debuginfo-3.11.13-150600.3.35.1 * python311-base-3.11.13-150600.3.35.1 * libpython3_11-1_0-3.11.13-150600.3.35.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-tk-3.11.13-150600.3.35.2 * python311-tk-debuginfo-3.11.13-150600.3.35.2 * python311-core-debugsource-3.11.13-150600.3.35.1 * python311-dbm-debuginfo-3.11.13-150600.3.35.2 * python311-devel-3.11.13-150600.3.35.1 * python311-tools-3.11.13-150600.3.35.1 * python311-debuginfo-3.11.13-150600.3.35.2 * python311-dbm-3.11.13-150600.3.35.2 * python311-debugsource-3.11.13-150600.3.35.2 * python311-curses-debuginfo-3.11.13-150600.3.35.2 * python311-curses-3.11.13-150600.3.35.2 * python311-3.11.13-150600.3.35.2 * python311-idle-3.11.13-150600.3.35.2 * Python 3 Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python311-tk-3.11.13-150600.3.35.2 * python311-tk-debuginfo-3.11.13-150600.3.35.2 * python311-core-debugsource-3.11.13-150600.3.35.1 * python311-dbm-debuginfo-3.11.13-150600.3.35.2 * python311-devel-3.11.13-150600.3.35.1 * python311-tools-3.11.13-150600.3.35.1 * python311-debuginfo-3.11.13-150600.3.35.2 * python311-dbm-3.11.13-150600.3.35.2 * python311-debugsource-3.11.13-150600.3.35.2 * python311-curses-debuginfo-3.11.13-150600.3.35.2 * python311-curses-3.11.13-150600.3.35.2 * python311-3.11.13-150600.3.35.2 * python311-idle-3.11.13-150600.3.35.2 ## References: * https://www.suse.com/security/cve/CVE-2025-4435.html * https://www.suse.com/security/cve/CVE-2025-6069.html * https://www.suse.com/security/cve/CVE-2025-8194.html * https://bugzilla.suse.com/show_bug.cgi?id=1244061 * https://bugzilla.suse.com/show_bug.cgi?id=1244705 * https://bugzilla.suse.com/show_bug.cgi?id=1247249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 7 08:30:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 07 Aug 2025 08:30:21 -0000 Subject: SUSE-SU-2025:02719-1: moderate: Security update for libgcrypt Message-ID: <175455542155.7047.1824606590347205872@smelt2.prg2.suse.org> # Security update for libgcrypt Announcement ID: SUSE-SU-2025:02719-1 Release Date: 2025-08-07T03:38:37Z Rating: moderate References: * bsc#1221107 * bsc#1246934 Cross-References: * CVE-2024-2236 CVSS scores: * CVE-2024-2236 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-2236 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for libgcrypt fixes the following issues: * CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2719=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libgcrypt20-debuginfo-1.11.0-150700.5.7.1 * libgcrypt-debugsource-1.11.0-150700.5.7.1 * libgcrypt-devel-1.11.0-150700.5.7.1 * libgcrypt20-1.11.0-150700.5.7.1 * libgcrypt-devel-debuginfo-1.11.0-150700.5.7.1 * Basesystem Module 15-SP7 (x86_64) * libgcrypt20-32bit-debuginfo-1.11.0-150700.5.7.1 * libgcrypt20-32bit-1.11.0-150700.5.7.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2236.html * https://bugzilla.suse.com/show_bug.cgi?id=1221107 * https://bugzilla.suse.com/show_bug.cgi?id=1246934 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 7 12:30:06 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 07 Aug 2025 12:30:06 -0000 Subject: SUSE-SU-2025:02727-1: moderate: Security update for grub2 Message-ID: <175456980631.17758.11812190373271629051@smelt2.prg2.suse.org> # Security update for grub2 Announcement ID: SUSE-SU-2025:02727-1 Release Date: 2025-08-07T09:02:12Z Rating: moderate References: * bsc#1234959 Cross-References: * CVE-2024-56738 CVSS scores: * CVE-2024-56738 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-56738 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-56738 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for grub2 fixes the following issues: * CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grub_crypto_memcmp (bsc#1234959) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2727=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2727=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2727=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2727=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2727=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * grub2-debuginfo-2.06-150400.11.63.1 * grub2-2.06-150400.11.63.1 * grub2-branding-upstream-2.06-150400.11.63.1 * openSUSE Leap 15.4 (aarch64 s390x x86_64 i586) * grub2-debugsource-2.06-150400.11.63.1 * openSUSE Leap 15.4 (noarch) * grub2-x86_64-xen-2.06-150400.11.63.1 * grub2-systemd-sleep-plugin-2.06-150400.11.63.1 * grub2-i386-pc-debug-2.06-150400.11.63.1 * grub2-i386-efi-extras-2.06-150400.11.63.1 * grub2-i386-pc-2.06-150400.11.63.1 * grub2-powerpc-ieee1275-2.06-150400.11.63.1 * grub2-arm64-efi-debug-2.06-150400.11.63.1 * grub2-powerpc-ieee1275-extras-2.06-150400.11.63.1 * grub2-x86_64-efi-debug-2.06-150400.11.63.1 * grub2-x86_64-xen-extras-2.06-150400.11.63.1 * grub2-i386-efi-debug-2.06-150400.11.63.1 * grub2-powerpc-ieee1275-debug-2.06-150400.11.63.1 * grub2-s390x-emu-extras-2.06-150400.11.63.1 * grub2-arm64-efi-2.06-150400.11.63.1 * grub2-i386-xen-extras-2.06-150400.11.63.1 * grub2-i386-pc-extras-2.06-150400.11.63.1 * grub2-arm64-efi-extras-2.06-150400.11.63.1 * grub2-x86_64-efi-extras-2.06-150400.11.63.1 * grub2-snapper-plugin-2.06-150400.11.63.1 * grub2-i386-xen-2.06-150400.11.63.1 * grub2-x86_64-efi-2.06-150400.11.63.1 * grub2-i386-efi-2.06-150400.11.63.1 * openSUSE Leap 15.4 (s390x) * grub2-s390x-emu-2.06-150400.11.63.1 * grub2-s390x-emu-debug-2.06-150400.11.63.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * grub2-debugsource-2.06-150400.11.63.1 * grub2-debuginfo-2.06-150400.11.63.1 * grub2-2.06-150400.11.63.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * grub2-x86_64-xen-2.06-150400.11.63.1 * grub2-snapper-plugin-2.06-150400.11.63.1 * grub2-i386-pc-2.06-150400.11.63.1 * grub2-x86_64-efi-2.06-150400.11.63.1 * grub2-arm64-efi-2.06-150400.11.63.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (s390x) * grub2-s390x-emu-2.06-150400.11.63.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * grub2-debugsource-2.06-150400.11.63.1 * grub2-debuginfo-2.06-150400.11.63.1 * grub2-2.06-150400.11.63.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * grub2-x86_64-xen-2.06-150400.11.63.1 * grub2-snapper-plugin-2.06-150400.11.63.1 * grub2-i386-pc-2.06-150400.11.63.1 * grub2-x86_64-efi-2.06-150400.11.63.1 * grub2-arm64-efi-2.06-150400.11.63.1 * SUSE Linux Enterprise Micro 5.3 (s390x) * grub2-s390x-emu-2.06-150400.11.63.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * grub2-debugsource-2.06-150400.11.63.1 * grub2-debuginfo-2.06-150400.11.63.1 * grub2-2.06-150400.11.63.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * grub2-x86_64-xen-2.06-150400.11.63.1 * grub2-snapper-plugin-2.06-150400.11.63.1 * grub2-i386-pc-2.06-150400.11.63.1 * grub2-x86_64-efi-2.06-150400.11.63.1 * grub2-arm64-efi-2.06-150400.11.63.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (s390x) * grub2-s390x-emu-2.06-150400.11.63.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * grub2-debugsource-2.06-150400.11.63.1 * grub2-debuginfo-2.06-150400.11.63.1 * grub2-2.06-150400.11.63.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * grub2-x86_64-xen-2.06-150400.11.63.1 * grub2-snapper-plugin-2.06-150400.11.63.1 * grub2-i386-pc-2.06-150400.11.63.1 * grub2-x86_64-efi-2.06-150400.11.63.1 * grub2-arm64-efi-2.06-150400.11.63.1 * SUSE Linux Enterprise Micro 5.4 (s390x) * grub2-s390x-emu-2.06-150400.11.63.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56738.html * https://bugzilla.suse.com/show_bug.cgi?id=1234959 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 7 12:30:10 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 07 Aug 2025 12:30:10 -0000 Subject: SUSE-SU-2025:02725-1: moderate: Security update for grub2 Message-ID: <175456981093.17758.18015976598843259243@smelt2.prg2.suse.org> # Security update for grub2 Announcement ID: SUSE-SU-2025:02725-1 Release Date: 2025-08-07T09:01:46Z Rating: moderate References: * bsc#1234959 Cross-References: * CVE-2024-56738 CVSS scores: * CVE-2024-56738 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-56738 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-56738 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for grub2 fixes the following issues: * CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grub_crypto_memcmp (bsc#1234959) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2725=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * grub2-x86_64-efi-2.02-190.1 * grub2-debugsource-2.02-190.1 * grub2-i386-pc-2.02-190.1 * grub2-2.02-190.1 * grub2-debuginfo-2.02-190.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * grub2-systemd-sleep-plugin-2.02-190.1 * grub2-snapper-plugin-2.02-190.1 * grub2-x86_64-xen-2.02-190.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56738.html * https://bugzilla.suse.com/show_bug.cgi?id=1234959 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 7 12:30:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 07 Aug 2025 12:30:13 -0000 Subject: SUSE-SU-2025:02724-1: moderate: Security update for grub2 Message-ID: <175456981388.17758.5278251347459679305@smelt2.prg2.suse.org> # Security update for grub2 Announcement ID: SUSE-SU-2025:02724-1 Release Date: 2025-08-07T09:01:39Z Rating: moderate References: * bsc#1234959 Cross-References: * CVE-2024-56738 CVSS scores: * CVE-2024-56738 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-56738 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-56738 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * SUSE Linux Enterprise Micro 5.1 An update that solves one vulnerability can now be installed. ## Description: This update for grub2 fixes the following issues: * CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grub_crypto_memcmp (bsc#1234959) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2724=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * grub2-2.04-150300.3.14.2 * grub2-debugsource-2.04-150300.3.14.2 * grub2-debuginfo-2.04-150300.3.14.2 * SUSE Linux Enterprise Micro 5.1 (noarch) * grub2-snapper-plugin-2.04-150300.3.14.2 * grub2-x86_64-efi-2.04-150300.3.14.2 * grub2-i386-pc-2.04-150300.3.14.2 * grub2-x86_64-xen-2.04-150300.3.14.2 * grub2-arm64-efi-2.04-150300.3.14.2 * SUSE Linux Enterprise Micro 5.1 (s390x) * grub2-s390x-emu-2.04-150300.3.14.2 ## References: * https://www.suse.com/security/cve/CVE-2024-56738.html * https://bugzilla.suse.com/show_bug.cgi?id=1234959 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 8 12:30:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 08 Aug 2025 12:30:16 -0000 Subject: SUSE-SU-2025:02740-1: moderate: Security update for tgt Message-ID: <175465621688.615.1594075307140635272@smelt2.prg2.suse.org> # Security update for tgt Announcement ID: SUSE-SU-2025:02740-1 Release Date: 2025-08-08T09:12:01Z Rating: moderate References: * bsc#1230360 Cross-References: * CVE-2024-45751 CVSS scores: * CVE-2024-45751 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-45751 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for tgt fixes the following issues: * CVE-2024-45751: Fixed CHAP authentication bypass in user-space Linux target framework (bsc#1230360) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2740=1 openSUSE-SLE-15.6-2025-2740=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2740=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2740=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * tgt-debugsource-1.0.85-150600.10.3.1 * tgt-1.0.85-150600.10.3.1 * tgt-debuginfo-1.0.85-150600.10.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * tgt-debugsource-1.0.85-150600.10.3.1 * tgt-1.0.85-150600.10.3.1 * tgt-debuginfo-1.0.85-150600.10.3.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * tgt-debugsource-1.0.85-150600.10.3.1 * tgt-1.0.85-150600.10.3.1 * tgt-debuginfo-1.0.85-150600.10.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45751.html * https://bugzilla.suse.com/show_bug.cgi?id=1230360 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 8 12:30:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 08 Aug 2025 12:30:21 -0000 Subject: SUSE-SU-2025:02739-1: moderate: Security update for ruby2.5 Message-ID: <175465622191.615.5066018157299237557@smelt2.prg2.suse.org> # Security update for ruby2.5 Announcement ID: SUSE-SU-2025:02739-1 Release Date: 2025-08-08T09:11:30Z Rating: moderate References: * bsc#1237805 * bsc#1245254 Cross-References: * CVE-2025-27221 * CVE-2025-6442 CVSS scores: * CVE-2025-27221 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-27221 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-27221 ( NVD ): 3.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N * CVE-2025-27221 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-6442 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2025-6442 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for ruby2.5 fixes the following issues: * CVE-2025-6442: Fixed read_header HTTP Request Smuggling Vulnerability in WEBrick (bsc#1245254) * CVE-2025-27221: Fixed userinfo leakage in URI#join, URI#merge and URI#+ (bsc#1237805) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2739=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2739=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libruby2_5-2_5-debuginfo-2.5.9-150000.4.46.1 * ruby2.5-stdlib-2.5.9-150000.4.46.1 * ruby2.5-2.5.9-150000.4.46.1 * ruby2.5-devel-2.5.9-150000.4.46.1 * ruby2.5-devel-extra-2.5.9-150000.4.46.1 * ruby2.5-debuginfo-2.5.9-150000.4.46.1 * ruby2.5-doc-2.5.9-150000.4.46.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.46.1 * libruby2_5-2_5-2.5.9-150000.4.46.1 * ruby2.5-debugsource-2.5.9-150000.4.46.1 * openSUSE Leap 15.6 (noarch) * ruby2.5-doc-ri-2.5.9-150000.4.46.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libruby2_5-2_5-debuginfo-2.5.9-150000.4.46.1 * ruby2.5-stdlib-2.5.9-150000.4.46.1 * ruby2.5-2.5.9-150000.4.46.1 * ruby2.5-devel-2.5.9-150000.4.46.1 * ruby2.5-devel-extra-2.5.9-150000.4.46.1 * ruby2.5-debuginfo-2.5.9-150000.4.46.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.46.1 * libruby2_5-2_5-2.5.9-150000.4.46.1 * ruby2.5-debugsource-2.5.9-150000.4.46.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27221.html * https://www.suse.com/security/cve/CVE-2025-6442.html * https://bugzilla.suse.com/show_bug.cgi?id=1237805 * https://bugzilla.suse.com/show_bug.cgi?id=1245254 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 8 12:30:26 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 08 Aug 2025 12:30:26 -0000 Subject: SUSE-SU-2025:02737-1: low: Security update for libsoup Message-ID: <175465622631.615.3985507579301069765@smelt2.prg2.suse.org> # Security update for libsoup Announcement ID: SUSE-SU-2025:02737-1 Release Date: 2025-08-08T08:06:35Z Rating: low References: * bsc#1243314 Cross-References: * CVE-2025-4945 CVSS scores: * CVE-2025-4945 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-4945 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-4945 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.4 An update that solves one vulnerability can now be installed. ## Description: This update for libsoup fixes the following issues: * CVE-2025-4945: Add value checks for date/time parsing (bsc#1243314). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2737=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libsoup-devel-3.0.4-150400.3.13.1 * typelib-1_0-Soup-3_0-3.0.4-150400.3.13.1 * libsoup-debugsource-3.0.4-150400.3.13.1 * libsoup-3_0-0-3.0.4-150400.3.13.1 * libsoup-3_0-0-debuginfo-3.0.4-150400.3.13.1 * openSUSE Leap 15.4 (x86_64) * libsoup-3_0-0-32bit-3.0.4-150400.3.13.1 * libsoup-devel-32bit-3.0.4-150400.3.13.1 * libsoup-3_0-0-32bit-debuginfo-3.0.4-150400.3.13.1 * openSUSE Leap 15.4 (noarch) * libsoup-lang-3.0.4-150400.3.13.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libsoup-3_0-0-64bit-debuginfo-3.0.4-150400.3.13.1 * libsoup-devel-64bit-3.0.4-150400.3.13.1 * libsoup-3_0-0-64bit-3.0.4-150400.3.13.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4945.html * https://bugzilla.suse.com/show_bug.cgi?id=1243314 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 8 12:30:30 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 08 Aug 2025 12:30:30 -0000 Subject: SUSE-SU-2025:02736-1: moderate: Security update for python-urllib3 Message-ID: <175465623079.615.8145367036142443522@smelt2.prg2.suse.org> # Security update for python-urllib3 Announcement ID: SUSE-SU-2025:02736-1 Release Date: 2025-08-08T08:06:30Z Rating: moderate References: * bsc#1244925 Cross-References: * CVE-2025-50181 CVSS scores: * CVE-2025-50181 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-50181 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-50181 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python-urllib3 fixes the following issues: * CVE-2025-50181: Pool managers now properly control redirects when retries is passed. (bsc#1244925) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-2736=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2736=1 ## Package List: * Public Cloud Module 12 (noarch) * python-urllib3-1.25.10-3.43.1 * python3-urllib3-1.25.10-3.43.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * python-urllib3-1.25.10-3.43.1 * python3-urllib3-1.25.10-3.43.1 ## References: * https://www.suse.com/security/cve/CVE-2025-50181.html * https://bugzilla.suse.com/show_bug.cgi?id=1244925 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 8 12:30:35 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 08 Aug 2025 12:30:35 -0000 Subject: SUSE-SU-2025:02735-1: moderate: Security update for python-urllib3 Message-ID: <175465623516.615.2101613945740102296@smelt2.prg2.suse.org> # Security update for python-urllib3 Announcement ID: SUSE-SU-2025:02735-1 Release Date: 2025-08-08T08:06:18Z Rating: moderate References: * bsc#1244925 Cross-References: * CVE-2025-50181 CVSS scores: * CVE-2025-50181 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-50181 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-50181 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP6 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-urllib3 fixes the following issues: * CVE-2025-50181: Pool managers now properly control redirects when retries is passed. (bsc#1244925) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2735=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2735=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-2735=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-2735=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2025-2735=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-urllib3-2.0.7-150400.7.21.1 * openSUSE Leap 15.6 (noarch) * python311-urllib3-2.0.7-150400.7.21.1 * Public Cloud Module 15-SP4 (noarch) * python311-urllib3-2.0.7-150400.7.21.1 * Python 3 Module 15-SP6 (noarch) * python311-urllib3-2.0.7-150400.7.21.1 * Python 3 Module 15-SP7 (noarch) * python311-urllib3-2.0.7-150400.7.21.1 ## References: * https://www.suse.com/security/cve/CVE-2025-50181.html * https://bugzilla.suse.com/show_bug.cgi?id=1244925 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 8 12:30:37 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 08 Aug 2025 12:30:37 -0000 Subject: SUSE-SU-2025:02734-1: moderate: Security update for dpkg Message-ID: <175465623766.615.18433398978464259328@smelt2.prg2.suse.org> # Security update for dpkg Announcement ID: SUSE-SU-2025:02734-1 Release Date: 2025-08-08T08:05:56Z Rating: moderate References: * bsc#1245573 Cross-References: * CVE-2025-6297 CVSS scores: * CVE-2025-6297 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-6297 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-6297 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for dpkg fixes the following issues: * CVE-2025-6297: Fixed an improper sanitization of directory permissions that could lead to DoS. (bsc#1245573) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2734=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2734=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2734=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2734=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2734=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2734=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2734=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2734=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-2734=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-2734=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2734=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2734=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2734=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * update-alternatives-debugsource-1.19.0.4-150000.4.7.1 * update-alternatives-debuginfo-1.19.0.4-150000.4.7.1 * dpkg-debugsource-1.19.0.4-150000.4.7.1 * update-alternatives-1.19.0.4-150000.4.7.1 * dpkg-debuginfo-1.19.0.4-150000.4.7.1 * dpkg-1.19.0.4-150000.4.7.1 * dpkg-devel-1.19.0.4-150000.4.7.1 * openSUSE Leap 15.6 (noarch) * dpkg-lang-1.19.0.4-150000.4.7.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * update-alternatives-debugsource-1.19.0.4-150000.4.7.1 * update-alternatives-debuginfo-1.19.0.4-150000.4.7.1 * update-alternatives-1.19.0.4-150000.4.7.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * update-alternatives-debugsource-1.19.0.4-150000.4.7.1 * update-alternatives-debuginfo-1.19.0.4-150000.4.7.1 * update-alternatives-1.19.0.4-150000.4.7.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * update-alternatives-debugsource-1.19.0.4-150000.4.7.1 * update-alternatives-debuginfo-1.19.0.4-150000.4.7.1 * update-alternatives-1.19.0.4-150000.4.7.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * update-alternatives-debugsource-1.19.0.4-150000.4.7.1 * update-alternatives-debuginfo-1.19.0.4-150000.4.7.1 * update-alternatives-1.19.0.4-150000.4.7.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * update-alternatives-debugsource-1.19.0.4-150000.4.7.1 * update-alternatives-debuginfo-1.19.0.4-150000.4.7.1 * update-alternatives-1.19.0.4-150000.4.7.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * update-alternatives-debugsource-1.19.0.4-150000.4.7.1 * update-alternatives-debuginfo-1.19.0.4-150000.4.7.1 * update-alternatives-1.19.0.4-150000.4.7.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * update-alternatives-debugsource-1.19.0.4-150000.4.7.1 * update-alternatives-debuginfo-1.19.0.4-150000.4.7.1 * update-alternatives-1.19.0.4-150000.4.7.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * dpkg-debuginfo-1.19.0.4-150000.4.7.1 * dpkg-debugsource-1.19.0.4-150000.4.7.1 * dpkg-1.19.0.4-150000.4.7.1 * dpkg-devel-1.19.0.4-150000.4.7.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * dpkg-debuginfo-1.19.0.4-150000.4.7.1 * dpkg-debugsource-1.19.0.4-150000.4.7.1 * dpkg-1.19.0.4-150000.4.7.1 * dpkg-devel-1.19.0.4-150000.4.7.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * update-alternatives-debugsource-1.19.0.4-150000.4.7.1 * update-alternatives-debuginfo-1.19.0.4-150000.4.7.1 * update-alternatives-1.19.0.4-150000.4.7.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * update-alternatives-debugsource-1.19.0.4-150000.4.7.1 * update-alternatives-debuginfo-1.19.0.4-150000.4.7.1 * update-alternatives-1.19.0.4-150000.4.7.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * update-alternatives-debugsource-1.19.0.4-150000.4.7.1 * update-alternatives-debuginfo-1.19.0.4-150000.4.7.1 * update-alternatives-1.19.0.4-150000.4.7.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6297.html * https://bugzilla.suse.com/show_bug.cgi?id=1245573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 8 12:30:40 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 08 Aug 2025 12:30:40 -0000 Subject: SUSE-SU-2025:02733-1: moderate: Security update for nginx Message-ID: <175465624049.615.14931224169025665444@smelt2.prg2.suse.org> # Security update for nginx Announcement ID: SUSE-SU-2025:02733-1 Release Date: 2025-08-08T08:04:13Z Rating: moderate References: * bsc#1246090 Affected Products: * openSUSE Leap 15.4 An update that has one security fix can now be installed. ## Description: This update for nginx fixes the following issues: Security hardening: \- Drop root priviledges while running logrotatei. (bsc#1246090) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2733=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * nginx-1.21.5-150400.3.9.1 * nginx-debugsource-1.21.5-150400.3.9.1 * nginx-debuginfo-1.21.5-150400.3.9.1 * openSUSE Leap 15.4 (noarch) * nginx-source-1.21.5-150400.3.9.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1246090 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 8 16:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 08 Aug 2025 16:30:07 -0000 Subject: SUSE-SU-2025:02744-1: important: Security update for sqlite3 Message-ID: <175467060740.421.3344320077885507469@smelt2.prg2.suse.org> # Security update for sqlite3 Announcement ID: SUSE-SU-2025:02744-1 Release Date: 2025-08-08T12:41:43Z Rating: important References: * bsc#1246597 Cross-References: * CVE-2025-6965 CVSS scores: * CVE-2025-6965 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L * CVE-2025-6965 ( NVD ): 7.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green * CVE-2025-6965 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for sqlite3 fixes the following issues: * Update to version 3.50.2 * CVE-2025-6965: Fixed an integer truncation to avoid assertion faults. (bsc#1246597) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-2744=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2744=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * sqlite3-debugsource-3.50.2-9.41.1 * sqlite3-devel-3.50.2-9.41.1 * sqlite3-3.50.2-9.41.1 * sqlite3-debuginfo-3.50.2-9.41.1 * libsqlite3-0-debuginfo-3.50.2-9.41.1 * libsqlite3-0-3.50.2-9.41.1 * sqlite3-tcl-3.50.2-9.41.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libsqlite3-0-32bit-3.50.2-9.41.1 * libsqlite3-0-debuginfo-32bit-3.50.2-9.41.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * sqlite3-debugsource-3.50.2-9.41.1 * sqlite3-devel-3.50.2-9.41.1 * sqlite3-3.50.2-9.41.1 * libsqlite3-0-32bit-3.50.2-9.41.1 * libsqlite3-0-debuginfo-32bit-3.50.2-9.41.1 * sqlite3-debuginfo-3.50.2-9.41.1 * libsqlite3-0-debuginfo-3.50.2-9.41.1 * libsqlite3-0-3.50.2-9.41.1 * sqlite3-tcl-3.50.2-9.41.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6965.html * https://bugzilla.suse.com/show_bug.cgi?id=1246597 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 11 08:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 11 Aug 2025 08:30:08 -0000 Subject: SUSE-SU-2025:02749-1: important: Security update for iperf Message-ID: <175490100862.615.2846371607175048713@smelt2.prg2.suse.org> # Security update for iperf Announcement ID: SUSE-SU-2025:02749-1 Release Date: 2025-08-11T07:06:51Z Rating: important References: * bsc#1247519 * bsc#1247520 * bsc#1247522 Cross-References: * CVE-2025-54349 * CVE-2025-54350 * CVE-2025-54351 CVSS scores: * CVE-2025-54349 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-54349 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-54349 ( NVD ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2025-54350 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-54350 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-54350 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-54351 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-54351 ( NVD ): 8.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L * CVE-2025-54351 ( NVD ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for iperf fixes the following issues: * update to 3.19.1: * CVE-2025-54351: Fixed buffer overflow in net.c (bsc#1247522) * CVE-2025-54350: Fixed Base64Decode assertion failure and application exit upon a malformed authentication attempt (bsc#1247520) * CVE-2025-54349: Fixed off-by-one error and resultant heap-based buffer overflow (bsc#1247519) * update to 3.19: * iperf3 now supports the use of Multi-Path TCP (MPTCPv1) on Linux with the use of the `-m` or `--mptcp` flag. (PR #1661) * iperf3 now supports a `--cntl-ka` option to enable TCP keepalives on the control connection. (#812, #835, PR #1423) * iperf3 now supports the `MSG_TRUNC` receive option, specified by the `--skip-rx-copy`. This theoretically improves the rated throughput of tests at high bitrates by not delivering network payload data to userspace. (#1678, PR #1717) * A bug that caused the bitrate setting to be ignored when bursts are set, has been fixed. (#1773, #1820, PR #1821, PR #1848) * The congestion control protocol setting, if used, is now properly reset between tests. (PR #1812) * iperf3 now exits with a non-error 0 exit code if exiting via a `SIGTERM`, `SIGHUP`, or `SIGINT`. (#1009, PR# 1829) * The current behavior of iperf3 with respect to the `-n` and `-k` options is now documented as correct. (#1768, #1775, #596, PR #1800) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2749=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2749=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2749=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2749=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * iperf-3.19.1-150000.3.15.1 * libiperf0-debuginfo-3.19.1-150000.3.15.1 * iperf-devel-3.19.1-150000.3.15.1 * iperf-debuginfo-3.19.1-150000.3.15.1 * libiperf0-3.19.1-150000.3.15.1 * iperf-debugsource-3.19.1-150000.3.15.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * iperf-3.19.1-150000.3.15.1 * libiperf0-debuginfo-3.19.1-150000.3.15.1 * iperf-debuginfo-3.19.1-150000.3.15.1 * libiperf0-3.19.1-150000.3.15.1 * iperf-debugsource-3.19.1-150000.3.15.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * iperf-3.19.1-150000.3.15.1 * libiperf0-debuginfo-3.19.1-150000.3.15.1 * iperf-devel-3.19.1-150000.3.15.1 * iperf-debuginfo-3.19.1-150000.3.15.1 * libiperf0-3.19.1-150000.3.15.1 * iperf-debugsource-3.19.1-150000.3.15.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * iperf-3.19.1-150000.3.15.1 * libiperf0-debuginfo-3.19.1-150000.3.15.1 * iperf-devel-3.19.1-150000.3.15.1 * iperf-debuginfo-3.19.1-150000.3.15.1 * libiperf0-3.19.1-150000.3.15.1 * iperf-debugsource-3.19.1-150000.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54349.html * https://www.suse.com/security/cve/CVE-2025-54350.html * https://www.suse.com/security/cve/CVE-2025-54351.html * https://bugzilla.suse.com/show_bug.cgi?id=1247519 * https://bugzilla.suse.com/show_bug.cgi?id=1247520 * https://bugzilla.suse.com/show_bug.cgi?id=1247522 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 11 08:30:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 11 Aug 2025 08:30:12 -0000 Subject: SUSE-SU-2025:02746-1: moderate: Security update for zabbix Message-ID: <175490101287.615.17145323963107445537@smelt2.prg2.suse.org> # Security update for zabbix Announcement ID: SUSE-SU-2025:02746-1 Release Date: 2025-08-11T06:20:26Z Rating: moderate References: * bsc#1233791 * bsc#1233834 Cross-References: * CVE-2024-22117 * CVE-2024-42333 CVSS scores: * CVE-2024-22117 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-22117 ( SUSE ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2024-22117 ( NVD ): 2.2 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2024-42333 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42333 ( SUSE ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42333 ( NVD ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for zabbix fixes the following issues: * CVE-2024-42333: Fixed buffer over-read for broken UTF8 mail data injection. (bsc#1233834) * CVE-2024-22117: Fixed a bug that can cause the map element to crash when new URLs are added. (bsc#1233791) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2746=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * zabbix-agent-debuginfo-4.0.12-4.32.1 * zabbix-agent-4.0.12-4.32.1 * zabbix-debugsource-4.0.12-4.32.1 ## References: * https://www.suse.com/security/cve/CVE-2024-22117.html * https://www.suse.com/security/cve/CVE-2024-42333.html * https://bugzilla.suse.com/show_bug.cgi?id=1233791 * https://bugzilla.suse.com/show_bug.cgi?id=1233834 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 11 08:30:19 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 11 Aug 2025 08:30:19 -0000 Subject: SUSE-SU-2025:02745-1: moderate: Security update for tomcat Message-ID: <175490101911.615.13292509962711437869@smelt2.prg2.suse.org> # Security update for tomcat Announcement ID: SUSE-SU-2025:02745-1 Release Date: 2025-08-11T06:20:12Z Rating: moderate References: * bsc#1246318 * bsc#1246388 Cross-References: * CVE-2025-52520 * CVE-2025-53506 CVSS scores: * CVE-2025-52520 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-52520 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-52520 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-53506 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-53506 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-53506 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for tomcat fixes the following issues: * CVE-2025-52520: Fixed integer overflow can lead to DoS for some unlikely configurations of multipart upload (bsc#1246388) * CVE-2025-53506: Fixed uncontrolled resource HTTP/2 client consumption vulnerability (bsc#1246318) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2745=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * tomcat-lib-9.0.36-3.148.1 * tomcat-javadoc-9.0.36-3.148.1 * tomcat-webapps-9.0.36-3.148.1 * tomcat-admin-webapps-9.0.36-3.148.1 * tomcat-servlet-4_0-api-9.0.36-3.148.1 * tomcat-docs-webapp-9.0.36-3.148.1 * tomcat-el-3_0-api-9.0.36-3.148.1 * tomcat-jsp-2_3-api-9.0.36-3.148.1 * tomcat-9.0.36-3.148.1 ## References: * https://www.suse.com/security/cve/CVE-2025-52520.html * https://www.suse.com/security/cve/CVE-2025-53506.html * https://bugzilla.suse.com/show_bug.cgi?id=1246318 * https://bugzilla.suse.com/show_bug.cgi?id=1246388 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 11 16:30:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 11 Aug 2025 16:30:05 -0000 Subject: SUSE-SU-2025:02752-1: moderate: Security update for libgcrypt Message-ID: <175492980594.405.10500696738672147580@smelt2.prg2.suse.org> # Security update for libgcrypt Announcement ID: SUSE-SU-2025:02752-1 Release Date: 2025-08-11T13:15:26Z Rating: moderate References: * bsc#1221107 Cross-References: * CVE-2024-2236 CVSS scores: * CVE-2024-2236 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-2236 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for libgcrypt fixes the following issues: * CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2752=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2752=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2752=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2752=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2752=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2752=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2752=1 ## Package List: * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libgcrypt-debugsource-1.8.2-150100.8.45.1 * libgcrypt20-1.8.2-150100.8.45.1 * libgcrypt-devel-debuginfo-1.8.2-150100.8.45.1 * libgcrypt20-hmac-1.8.2-150100.8.45.1 * libgcrypt-devel-1.8.2-150100.8.45.1 * libgcrypt20-debuginfo-1.8.2-150100.8.45.1 * SUSE Enterprise Storage 7.1 (x86_64) * libgcrypt-devel-32bit-1.8.2-150100.8.45.1 * libgcrypt20-32bit-1.8.2-150100.8.45.1 * libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1 * libgcrypt-devel-32bit-debuginfo-1.8.2-150100.8.45.1 * libgcrypt20-32bit-debuginfo-1.8.2-150100.8.45.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libgcrypt-debugsource-1.8.2-150100.8.45.1 * libgcrypt20-hmac-1.8.2-150100.8.45.1 * libgcrypt20-1.8.2-150100.8.45.1 * libgcrypt20-debuginfo-1.8.2-150100.8.45.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libgcrypt-debugsource-1.8.2-150100.8.45.1 * libgcrypt20-hmac-1.8.2-150100.8.45.1 * libgcrypt20-1.8.2-150100.8.45.1 * libgcrypt20-debuginfo-1.8.2-150100.8.45.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libgcrypt-debugsource-1.8.2-150100.8.45.1 * libgcrypt20-hmac-1.8.2-150100.8.45.1 * libgcrypt20-1.8.2-150100.8.45.1 * libgcrypt20-debuginfo-1.8.2-150100.8.45.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libgcrypt-debugsource-1.8.2-150100.8.45.1 * libgcrypt20-1.8.2-150100.8.45.1 * libgcrypt-devel-debuginfo-1.8.2-150100.8.45.1 * libgcrypt20-hmac-1.8.2-150100.8.45.1 * libgcrypt-devel-1.8.2-150100.8.45.1 * libgcrypt20-debuginfo-1.8.2-150100.8.45.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * libgcrypt-devel-32bit-1.8.2-150100.8.45.1 * libgcrypt20-32bit-1.8.2-150100.8.45.1 * libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1 * libgcrypt-devel-32bit-debuginfo-1.8.2-150100.8.45.1 * libgcrypt20-32bit-debuginfo-1.8.2-150100.8.45.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * libgcrypt-debugsource-1.8.2-150100.8.45.1 * libgcrypt20-1.8.2-150100.8.45.1 * libgcrypt-devel-debuginfo-1.8.2-150100.8.45.1 * libgcrypt20-hmac-1.8.2-150100.8.45.1 * libgcrypt-devel-1.8.2-150100.8.45.1 * libgcrypt20-debuginfo-1.8.2-150100.8.45.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64) * libgcrypt-devel-32bit-1.8.2-150100.8.45.1 * libgcrypt20-32bit-1.8.2-150100.8.45.1 * libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1 * libgcrypt-devel-32bit-debuginfo-1.8.2-150100.8.45.1 * libgcrypt20-32bit-debuginfo-1.8.2-150100.8.45.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libgcrypt-debugsource-1.8.2-150100.8.45.1 * libgcrypt20-1.8.2-150100.8.45.1 * libgcrypt-devel-debuginfo-1.8.2-150100.8.45.1 * libgcrypt20-hmac-1.8.2-150100.8.45.1 * libgcrypt-devel-1.8.2-150100.8.45.1 * libgcrypt20-debuginfo-1.8.2-150100.8.45.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * libgcrypt-devel-32bit-1.8.2-150100.8.45.1 * libgcrypt20-32bit-1.8.2-150100.8.45.1 * libgcrypt20-hmac-32bit-1.8.2-150100.8.45.1 * libgcrypt-devel-32bit-debuginfo-1.8.2-150100.8.45.1 * libgcrypt20-32bit-debuginfo-1.8.2-150100.8.45.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2236.html * https://bugzilla.suse.com/show_bug.cgi?id=1221107 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 11 16:30:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 11 Aug 2025 16:30:11 -0000 Subject: SUSE-SU-2025:02751-1: moderate: Security update for ImageMagick Message-ID: <175492981138.405.9578781017203200316@smelt2.prg2.suse.org> # Security update for ImageMagick Announcement ID: SUSE-SU-2025:02751-1 Release Date: 2025-08-11T13:14:12Z Rating: moderate References: * bsc#1246530 * bsc#1246534 Cross-References: * CVE-2025-53014 * CVE-2025-53019 CVSS scores: * CVE-2025-53014 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-53014 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-53014 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-53019 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-53019 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-53019 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for ImageMagick fixes the following issues: * CVE-2025-53014: Fixed an off-by-one error may cause an out-of-bounds memory access (bsc#1246530) * CVE-2025-53019: Fixed format specifiers in a filename template may cause a memory leak (bsc#1246534) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2751=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.207.1 * libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.207.1 * ImageMagick-debuginfo-6.8.8.1-71.207.1 * ImageMagick-config-6-SUSE-6.8.8.1-71.207.1 * libMagick++-devel-6.8.8.1-71.207.1 * libMagickCore-6_Q16-1-6.8.8.1-71.207.1 * ImageMagick-debugsource-6.8.8.1-71.207.1 * ImageMagick-config-6-upstream-6.8.8.1-71.207.1 * libMagickWand-6_Q16-1-6.8.8.1-71.207.1 * ImageMagick-devel-6.8.8.1-71.207.1 ## References: * https://www.suse.com/security/cve/CVE-2025-53014.html * https://www.suse.com/security/cve/CVE-2025-53019.html * https://bugzilla.suse.com/show_bug.cgi?id=1246530 * https://bugzilla.suse.com/show_bug.cgi?id=1246534 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 11 16:30:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 11 Aug 2025 16:30:13 -0000 Subject: SUSE-SU-2025:01786-2: moderate: Security update for postgresql14 Message-ID: <175492981396.405.5184857371481777974@smelt2.prg2.suse.org> # Security update for postgresql14 Announcement ID: SUSE-SU-2025:01786-2 Release Date: 2025-08-11T12:43:59Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP3 * SUSE Package Hub 15 15-SP4 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql14 fixes the following issues: Upgrade to 14.18: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP3 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2025-1786=1 * SUSE Package Hub 15 15-SP4 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2025-1786=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2025-1786=1 ## Package List: * SUSE Package Hub 15 15-SP3 (aarch64 ppc64le s390x x86_64) * postgresql14-llvmjit-debuginfo-14.18-150200.5.58.1 * postgresql14-llvmjit-14.18-150200.5.58.1 * SUSE Package Hub 15 15-SP3 (x86_64) * postgresql14-test-14.18-150200.5.58.1 * SUSE Package Hub 15 15-SP4 (aarch64 ppc64le s390x x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-llvmjit-debuginfo-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-llvmjit-14.18-150200.5.58.1 * postgresql14-test-14.18-150200.5.58.1 * postgresql14-llvmjit-devel-14.18-150200.5.58.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql14-debuginfo-14.18-150200.5.58.1 * postgresql14-llvmjit-debuginfo-14.18-150200.5.58.1 * postgresql14-debugsource-14.18-150200.5.58.1 * postgresql14-llvmjit-14.18-150200.5.58.1 * postgresql14-test-14.18-150200.5.58.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 11 16:30:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 11 Aug 2025 16:30:16 -0000 Subject: SUSE-SU-2025:01782-2: moderate: Security update for postgresql16 Message-ID: <175492981698.405.16169956803274499170@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2025:01782-2 Release Date: 2025-08-11T12:42:58Z Rating: moderate References: * bsc#1242931 Cross-References: * CVE-2025-4207 CVSS scores: * CVE-2025-4207 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4207 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP4 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: Upgrade to 16.9: * CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931) Changelog: https://www.postgresql.org/docs/release/16.9/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2025-1782=1 * SUSE Package Hub 15 15-SP4 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2025-1782=1 ## Package List: * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql16-test-16.9-150200.5.29.1 * postgresql16-llvmjit-devel-16.9-150200.5.29.1 * postgresql16-llvmjit-16.9-150200.5.29.1 * postgresql16-llvmjit-debuginfo-16.9-150200.5.29.1 * SUSE Package Hub 15 15-SP4 (aarch64 ppc64le s390x x86_64) * postgresql16-test-16.9-150200.5.29.1 * postgresql16-llvmjit-devel-16.9-150200.5.29.1 * postgresql16-llvmjit-16.9-150200.5.29.1 * postgresql16-llvmjit-debuginfo-16.9-150200.5.29.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4207.html * https://bugzilla.suse.com/show_bug.cgi?id=1242931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 12 08:30:10 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Aug 2025 08:30:10 -0000 Subject: SUSE-SU-2025:02755-1: moderate: Security update for libssh Message-ID: <175498741056.22063.7083539939846173671@smelt2.prg2.suse.org> # Security update for libssh Announcement ID: SUSE-SU-2025:02755-1 Release Date: 2025-08-12T07:35:26Z Rating: moderate References: * bsc#1245309 * bsc#1245310 * bsc#1245311 Cross-References: * CVE-2025-4877 * CVE-2025-4878 * CVE-2025-5318 CVSS scores: * CVE-2025-4877 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-4877 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-4878 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-4878 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-4878 ( NVD ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-5318 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-5318 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-5318 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for libssh fixes the following issues: * CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions (bsc#1245309). * CVE-2025-4878: Fixed use of uninitialized variable in privatekey_from_file() (bsc#1245310). * CVE-2025-5318: Fixed likely read beyond bounds in sftp server handle management (bsc#1245311). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-2755=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2755=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libssh-devel-doc-0.6.3-12.15.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libssh-devel-doc-0.6.3-12.15.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4877.html * https://www.suse.com/security/cve/CVE-2025-4878.html * https://www.suse.com/security/cve/CVE-2025-5318.html * https://bugzilla.suse.com/show_bug.cgi?id=1245309 * https://bugzilla.suse.com/show_bug.cgi?id=1245310 * https://bugzilla.suse.com/show_bug.cgi?id=1245311 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 12 08:30:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Aug 2025 08:30:13 -0000 Subject: SUSE-SU-2025:02754-1: moderate: Security update for opensc Message-ID: <175498741307.22063.7934481586444042625@smelt2.prg2.suse.org> # Security update for opensc Announcement ID: SUSE-SU-2025:02754-1 Release Date: 2025-08-12T07:35:15Z Rating: moderate References: * bsc#1219386 Cross-References: * CVE-2023-5992 CVSS scores: * CVE-2023-5992 ( SUSE ): 4.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2023-5992 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N * CVE-2023-5992 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-5992 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for opensc fixes the following issues: * CVE-2023-5992: Fixed side-channel leaks while stripping encryption PKCS#1 padding (bsc#1219386). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2754=1 openSUSE-SLE-15.6-2025-2754=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2754=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2754=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * opensc-debugsource-0.22.0-150600.11.6.1 * opensc-debuginfo-0.22.0-150600.11.6.1 * opensc-0.22.0-150600.11.6.1 * openSUSE Leap 15.6 (x86_64) * opensc-32bit-debuginfo-0.22.0-150600.11.6.1 * opensc-32bit-0.22.0-150600.11.6.1 * openSUSE Leap 15.6 (aarch64_ilp32) * opensc-64bit-0.22.0-150600.11.6.1 * opensc-64bit-debuginfo-0.22.0-150600.11.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * opensc-debugsource-0.22.0-150600.11.6.1 * opensc-debuginfo-0.22.0-150600.11.6.1 * opensc-0.22.0-150600.11.6.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * opensc-debugsource-0.22.0-150600.11.6.1 * opensc-debuginfo-0.22.0-150600.11.6.1 * opensc-0.22.0-150600.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5992.html * https://bugzilla.suse.com/show_bug.cgi?id=1219386 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 12 12:30:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Aug 2025 12:30:05 -0000 Subject: SUSE-SU-2025:02758-1: important: Security update for libxml2 Message-ID: <175500180543.22066.5616593420641846834@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2025:02758-1 Release Date: 2025-08-12T10:05:47Z Rating: important References: * bsc#1246296 Cross-References: * CVE-2025-7425 CVSS scores: * CVE-2025-7425 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-7425 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2025-7425 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2025-7425: Fixed heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr (bsc#1246296) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2758=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2758=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2758=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2758=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-2758=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2758=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2758=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2758=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2758=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * python3-libxml2-debuginfo-2.10.3-150500.5.32.1 * libxml2-devel-2.10.3-150500.5.32.1 * libxml2-tools-2.10.3-150500.5.32.1 * python311-libxml2-debuginfo-2.10.3-150500.5.32.1 * libxml2-debugsource-2.10.3-150500.5.32.1 * libxml2-2-2.10.3-150500.5.32.1 * python311-libxml2-2.10.3-150500.5.32.1 * libxml2-tools-debuginfo-2.10.3-150500.5.32.1 * libxml2-python-debugsource-2.10.3-150500.5.32.1 * libxml2-2-debuginfo-2.10.3-150500.5.32.1 * python3-libxml2-2.10.3-150500.5.32.1 * openSUSE Leap 15.5 (x86_64) * libxml2-2-32bit-2.10.3-150500.5.32.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.32.1 * libxml2-devel-32bit-2.10.3-150500.5.32.1 * openSUSE Leap 15.5 (noarch) * libxml2-doc-2.10.3-150500.5.32.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libxml2-2-64bit-debuginfo-2.10.3-150500.5.32.1 * libxml2-devel-64bit-2.10.3-150500.5.32.1 * libxml2-2-64bit-2.10.3-150500.5.32.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python3-libxml2-debuginfo-2.10.3-150500.5.32.1 * libxml2-devel-2.10.3-150500.5.32.1 * libxml2-tools-2.10.3-150500.5.32.1 * python311-libxml2-debuginfo-2.10.3-150500.5.32.1 * libxml2-debugsource-2.10.3-150500.5.32.1 * libxml2-2-2.10.3-150500.5.32.1 * python311-libxml2-2.10.3-150500.5.32.1 * libxml2-tools-debuginfo-2.10.3-150500.5.32.1 * libxml2-python-debugsource-2.10.3-150500.5.32.1 * libxml2-2-debuginfo-2.10.3-150500.5.32.1 * python3-libxml2-2.10.3-150500.5.32.1 * openSUSE Leap 15.6 (x86_64) * libxml2-2-32bit-2.10.3-150500.5.32.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.32.1 * libxml2-devel-32bit-2.10.3-150500.5.32.1 * openSUSE Leap 15.6 (noarch) * libxml2-doc-2.10.3-150500.5.32.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * python3-libxml2-debuginfo-2.10.3-150500.5.32.1 * libxml2-tools-2.10.3-150500.5.32.1 * libxml2-debugsource-2.10.3-150500.5.32.1 * libxml2-2-2.10.3-150500.5.32.1 * libxml2-tools-debuginfo-2.10.3-150500.5.32.1 * libxml2-python-debugsource-2.10.3-150500.5.32.1 * libxml2-2-debuginfo-2.10.3-150500.5.32.1 * python3-libxml2-2.10.3-150500.5.32.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python3-libxml2-debuginfo-2.10.3-150500.5.32.1 * libxml2-devel-2.10.3-150500.5.32.1 * libxml2-tools-2.10.3-150500.5.32.1 * libxml2-debugsource-2.10.3-150500.5.32.1 * libxml2-2-2.10.3-150500.5.32.1 * libxml2-tools-debuginfo-2.10.3-150500.5.32.1 * libxml2-python-debugsource-2.10.3-150500.5.32.1 * libxml2-2-debuginfo-2.10.3-150500.5.32.1 * python3-libxml2-2.10.3-150500.5.32.1 * Basesystem Module 15-SP6 (x86_64) * libxml2-2-32bit-2.10.3-150500.5.32.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.32.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-libxml2-debuginfo-2.10.3-150500.5.32.1 * python311-libxml2-2.10.3-150500.5.32.1 * libxml2-python-debugsource-2.10.3-150500.5.32.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * python3-libxml2-debuginfo-2.10.3-150500.5.32.1 * libxml2-devel-2.10.3-150500.5.32.1 * libxml2-tools-2.10.3-150500.5.32.1 * python311-libxml2-debuginfo-2.10.3-150500.5.32.1 * libxml2-debugsource-2.10.3-150500.5.32.1 * libxml2-2-2.10.3-150500.5.32.1 * python311-libxml2-2.10.3-150500.5.32.1 * libxml2-tools-debuginfo-2.10.3-150500.5.32.1 * libxml2-python-debugsource-2.10.3-150500.5.32.1 * libxml2-2-debuginfo-2.10.3-150500.5.32.1 * python3-libxml2-2.10.3-150500.5.32.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libxml2-2-32bit-2.10.3-150500.5.32.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.32.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * python3-libxml2-debuginfo-2.10.3-150500.5.32.1 * libxml2-devel-2.10.3-150500.5.32.1 * libxml2-tools-2.10.3-150500.5.32.1 * python311-libxml2-debuginfo-2.10.3-150500.5.32.1 * libxml2-debugsource-2.10.3-150500.5.32.1 * libxml2-2-2.10.3-150500.5.32.1 * python311-libxml2-2.10.3-150500.5.32.1 * libxml2-tools-debuginfo-2.10.3-150500.5.32.1 * libxml2-python-debugsource-2.10.3-150500.5.32.1 * libxml2-2-debuginfo-2.10.3-150500.5.32.1 * python3-libxml2-2.10.3-150500.5.32.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libxml2-2-32bit-2.10.3-150500.5.32.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.32.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * python3-libxml2-debuginfo-2.10.3-150500.5.32.1 * libxml2-devel-2.10.3-150500.5.32.1 * libxml2-tools-2.10.3-150500.5.32.1 * python311-libxml2-debuginfo-2.10.3-150500.5.32.1 * libxml2-debugsource-2.10.3-150500.5.32.1 * libxml2-2-2.10.3-150500.5.32.1 * python311-libxml2-2.10.3-150500.5.32.1 * libxml2-tools-debuginfo-2.10.3-150500.5.32.1 * libxml2-python-debugsource-2.10.3-150500.5.32.1 * libxml2-2-debuginfo-2.10.3-150500.5.32.1 * python3-libxml2-2.10.3-150500.5.32.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libxml2-2-32bit-2.10.3-150500.5.32.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * python3-libxml2-debuginfo-2.10.3-150500.5.32.1 * libxml2-devel-2.10.3-150500.5.32.1 * libxml2-tools-2.10.3-150500.5.32.1 * python311-libxml2-debuginfo-2.10.3-150500.5.32.1 * libxml2-debugsource-2.10.3-150500.5.32.1 * libxml2-2-2.10.3-150500.5.32.1 * python311-libxml2-2.10.3-150500.5.32.1 * libxml2-tools-debuginfo-2.10.3-150500.5.32.1 * libxml2-python-debugsource-2.10.3-150500.5.32.1 * libxml2-2-debuginfo-2.10.3-150500.5.32.1 * python3-libxml2-2.10.3-150500.5.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libxml2-2-32bit-2.10.3-150500.5.32.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.32.1 ## References: * https://www.suse.com/security/cve/CVE-2025-7425.html * https://bugzilla.suse.com/show_bug.cgi?id=1246296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 12 12:30:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Aug 2025 12:30:16 -0000 Subject: SUSE-SU-2025:02756-1: moderate: Security update for libgcrypt Message-ID: <175500181610.22066.2232447720199040888@smelt2.prg2.suse.org> # Security update for libgcrypt Announcement ID: SUSE-SU-2025:02756-1 Release Date: 2025-08-12T08:23:11Z Rating: moderate References: * bsc#1221107 Cross-References: * CVE-2024-2236 CVSS scores: * CVE-2024-2236 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-2236 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libgcrypt fixes the following issues: * CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-2756=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2756=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libgcrypt-devel-debuginfo-1.6.1-16.86.1 * libgcrypt-devel-1.6.1-16.86.1 * libgcrypt20-1.6.1-16.86.1 * libgcrypt20-debuginfo-1.6.1-16.86.1 * libgcrypt-debugsource-1.6.1-16.86.1 * libgcrypt20-hmac-1.6.1-16.86.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libgcrypt20-32bit-1.6.1-16.86.1 * libgcrypt20-hmac-32bit-1.6.1-16.86.1 * libgcrypt20-debuginfo-32bit-1.6.1-16.86.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libgcrypt20-debuginfo-32bit-1.6.1-16.86.1 * libgcrypt-devel-debuginfo-1.6.1-16.86.1 * libgcrypt-devel-1.6.1-16.86.1 * libgcrypt20-1.6.1-16.86.1 * libgcrypt20-hmac-32bit-1.6.1-16.86.1 * libgcrypt20-debuginfo-1.6.1-16.86.1 * libgcrypt-debugsource-1.6.1-16.86.1 * libgcrypt20-hmac-1.6.1-16.86.1 * libgcrypt20-32bit-1.6.1-16.86.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2236.html * https://bugzilla.suse.com/show_bug.cgi?id=1221107 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 12 16:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Aug 2025 16:30:07 -0000 Subject: SUSE-SU-2025:02771-1: important: Security update for tiff Message-ID: <175501620717.22063.3184833871642560497@smelt2.prg2.suse.org> # Security update for tiff Announcement ID: SUSE-SU-2025:02771-1 Release Date: 2025-08-12T13:50:57Z Rating: important References: * bsc#1247106 * bsc#1247108 Cross-References: * CVE-2025-8176 * CVE-2025-8177 CVSS scores: * CVE-2025-8176 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-8176 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L * CVE-2025-8176 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8176 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-8177 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-8177 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-8177 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8177 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for tiff fixes the following issues: * CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c (bsc#1247108) * CVE-2025-8177: Fixed possible buffer overflow in tools/thumbnail.c:setrow() when processing malformed TIFF files (bsc#1247106) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-2771=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2771=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libtiff-devel-4.0.9-44.89.1 * tiff-4.0.9-44.89.1 * libtiff5-debuginfo-4.0.9-44.89.1 * libtiff5-4.0.9-44.89.1 * tiff-debuginfo-4.0.9-44.89.1 * tiff-debugsource-4.0.9-44.89.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libtiff5-32bit-4.0.9-44.89.1 * libtiff5-debuginfo-32bit-4.0.9-44.89.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libtiff-devel-4.0.9-44.89.1 * libtiff5-debuginfo-4.0.9-44.89.1 * tiff-4.0.9-44.89.1 * libtiff5-32bit-4.0.9-44.89.1 * libtiff5-4.0.9-44.89.1 * tiff-debuginfo-4.0.9-44.89.1 * libtiff5-debuginfo-32bit-4.0.9-44.89.1 * tiff-debugsource-4.0.9-44.89.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8176.html * https://www.suse.com/security/cve/CVE-2025-8177.html * https://bugzilla.suse.com/show_bug.cgi?id=1247106 * https://bugzilla.suse.com/show_bug.cgi?id=1247108 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 12 16:30:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Aug 2025 16:30:12 -0000 Subject: SUSE-SU-2025:02770-1: important: Security update for tiff Message-ID: <175501621241.22063.1509985080509494384@smelt2.prg2.suse.org> # Security update for tiff Announcement ID: SUSE-SU-2025:02770-1 Release Date: 2025-08-12T13:50:41Z Rating: important References: * bsc#1243503 * bsc#1247106 * bsc#1247108 Cross-References: * CVE-2025-8176 * CVE-2025-8177 CVSS scores: * CVE-2025-8176 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-8176 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L * CVE-2025-8176 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8176 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-8177 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-8177 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-8177 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8177 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for tiff fixes the following issues: * Updated TIFFMergeFieldInfo() with read_count=write_count=0 for FIELD_IGNORE (bsc#1243503) * CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c (bsc#1247108) * CVE-2025-8177: Fixed possible buffer overflow in tools/thumbnail.c:setrow() when processing malformed TIFF files (bsc#1247106) * Add -DCMAKE_POLICY_VERSION_MINIMUM=3.5 to fix FTBFS with cmake4 * Add %check section * Remove Group: declarations, no longer used ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2770=1 openSUSE-SLE-15.6-2025-2770=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2770=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2770=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2770=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2770=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * libtiff6-32bit-debuginfo-4.7.0-150600.3.13.1 * libtiff-devel-32bit-4.7.0-150600.3.13.1 * libtiff6-32bit-4.7.0-150600.3.13.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libtiff6-4.7.0-150600.3.13.1 * tiff-debuginfo-4.7.0-150600.3.13.1 * libtiff-devel-4.7.0-150600.3.13.1 * libtiff6-debuginfo-4.7.0-150600.3.13.1 * tiff-debugsource-4.7.0-150600.3.13.1 * tiff-4.7.0-150600.3.13.1 * openSUSE Leap 15.6 (noarch) * tiff-docs-4.7.0-150600.3.13.1 * libtiff-devel-docs-4.7.0-150600.3.13.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libtiff-devel-64bit-4.7.0-150600.3.13.1 * libtiff6-64bit-debuginfo-4.7.0-150600.3.13.1 * libtiff6-64bit-4.7.0-150600.3.13.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libtiff6-4.7.0-150600.3.13.1 * tiff-debuginfo-4.7.0-150600.3.13.1 * libtiff-devel-4.7.0-150600.3.13.1 * libtiff6-debuginfo-4.7.0-150600.3.13.1 * tiff-debugsource-4.7.0-150600.3.13.1 * Basesystem Module 15-SP6 (x86_64) * libtiff6-32bit-debuginfo-4.7.0-150600.3.13.1 * libtiff6-32bit-4.7.0-150600.3.13.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libtiff6-4.7.0-150600.3.13.1 * tiff-debuginfo-4.7.0-150600.3.13.1 * libtiff-devel-4.7.0-150600.3.13.1 * libtiff6-debuginfo-4.7.0-150600.3.13.1 * tiff-debugsource-4.7.0-150600.3.13.1 * Basesystem Module 15-SP7 (x86_64) * libtiff6-32bit-debuginfo-4.7.0-150600.3.13.1 * libtiff6-32bit-4.7.0-150600.3.13.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * tiff-debuginfo-4.7.0-150600.3.13.1 * tiff-debugsource-4.7.0-150600.3.13.1 * tiff-4.7.0-150600.3.13.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * tiff-debuginfo-4.7.0-150600.3.13.1 * tiff-debugsource-4.7.0-150600.3.13.1 * tiff-4.7.0-150600.3.13.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8176.html * https://www.suse.com/security/cve/CVE-2025-8177.html * https://bugzilla.suse.com/show_bug.cgi?id=1243503 * https://bugzilla.suse.com/show_bug.cgi?id=1247106 * https://bugzilla.suse.com/show_bug.cgi?id=1247108 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 12 16:30:15 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Aug 2025 16:30:15 -0000 Subject: SUSE-SU-2025:02769-1: important: Security update for amber-cli Message-ID: <175501621558.22063.16578577913538662895@smelt2.prg2.suse.org> # Security update for amber-cli Announcement ID: SUSE-SU-2025:02769-1 Release Date: 2025-08-12T13:49:39Z Rating: important References: * bsc#1047218 * bsc#1240511 Cross-References: * CVE-2025-30204 CVSS scores: * CVE-2025-30204 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-30204 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-30204 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for amber-cli fixes the following issues: * Update to version 1.13.1+git20250329.c2e3bb8: * CVE-2025-30204: Fixed jwt-go excessive memory allocation during header parsing (bsc#1240511) * jwt version upgrade (#174) * Update policy size limit to 20k (#173) * Update tenant user model with latest changes (#172) * Fix/workflow (#171) * Upgrade GO version to 1.23.6 (#170) * Update golang jwt dependency (#169) * Update TMS roles struct (#167) * Update jwt dependency version (#165) * Add changes to support JWT (#163) * Update roles struct to be in sync with TMS (#164) * go upgrade to 1.22.7 (#162) * CASSINI-22266: Added permissions in ci workflow files (#153) * Add check for missing Security.md file (#150) * Go version upgrade to 1.22.5 (#148) * CLI changes (#140) * Bump github.com/hashicorp/go-retryablehttp from 0.7.4 to 0.7.7 (#147) * Update product model to include multiple plan IDs (#146) * Updated the help section (#145) * Mark policy type field as not required (#144) * Upgrade/goversion 1.22.3 (#143) * Remove policy type and attestation type check for policy creation (#142) * Go version upgrade 1.22.2 (#141) * Fix error message to include the correct set of characters (#138) * UT coverage 80.9% (#137) * Fix push installer workflow (#136) * 3rd party versions upgrade (#133) * GO version upgrade to 1.22.0 (#132) * Fix/go version 1.21.6 (#127) * Update API key validation regex as per latest changes (#125) * Update API key validation regex as per latest changes (#124) * dependency version upgrade (#123) * Update tag create model (#121) * CASSINI-10113: Add scans in CI (#99) * corrected minor check condition (#120) * Add check to validate env variable before setting (#119) * Add version-check script (#118) * Add file path check for invalid characters (#116) * Update compoenent version (#117) * Update README as per suggestions (#113) (#115) * Added HTTP scheme validation to avoid API Key leakage (#108) * CASSINI-10987 Golang version upgrade to 1.21.4 (#114) * Update policy model as per the latest changes (#109) * Remove branch info from on schedule (#106) * Add BDBA scan to CI (#104) * Update CLI URL (#105) * updated licenses (#102) * Updated version of all components to v1.0.0 for GA (#100) * Validate the email id input before requesting list of users (#98) * Remove redundant print statements (#97) * Request ID and trace ID should be visible on the console for errors as well (#96) * Update sample policy as per token profile update changes (#95) * Update CLI name from tenantclt to inteltrustauthority (#93) * Update the headers for request and trace id (#94) * cassini-9466-Go version update to 1.20.6 (#91) * Add retry logic to client in tenant CLI (#92) * Add request-id optional parameter for each command (#90) * Override build date with SOURCE_DATE_EPOCH (bsc#1047218) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2769=1 openSUSE-SLE-15.6-2025-2769=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-2769=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-2769=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * amber-cli-1.13.1+git20250329.c2e3bb8-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-30204.html * https://bugzilla.suse.com/show_bug.cgi?id=1047218 * https://bugzilla.suse.com/show_bug.cgi?id=1240511 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 12 16:30:19 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Aug 2025 16:30:19 -0000 Subject: SUSE-SU-2025:02768-1: moderate: Security update for sccache Message-ID: <175501621913.22063.7839126255491184484@smelt2.prg2.suse.org> # Security update for sccache Announcement ID: SUSE-SU-2025:02768-1 Release Date: 2025-08-12T13:01:21Z Rating: moderate References: * bsc#1243868 Cross-References: * CVE-2024-12224 CVSS scores: * CVE-2024-12224 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-12224 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-12224 ( NVD ): 5.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for sccache fixes the following issues: * Update to version 0.4.2~4: * CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode. (bsc#1243868) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2768=1 openSUSE-SLE-15.6-2025-2768=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-2768=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-2768=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * sccache-debuginfo-0.4.2~4-150600.10.3.1 * sccache-0.4.2~4-150600.10.3.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * sccache-debuginfo-0.4.2~4-150600.10.3.1 * sccache-0.4.2~4-150600.10.3.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * sccache-debuginfo-0.4.2~4-150600.10.3.1 * sccache-0.4.2~4-150600.10.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12224.html * https://bugzilla.suse.com/show_bug.cgi?id=1243868 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 12 16:30:24 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Aug 2025 16:30:24 -0000 Subject: SUSE-SU-2025:02767-1: important: Security update for python313 Message-ID: <175501622447.22063.6604014501977041449@smelt2.prg2.suse.org> # Security update for python313 Announcement ID: SUSE-SU-2025:02767-1 Release Date: 2025-08-12T13:01:01Z Rating: important References: * bsc#1243155 * bsc#1244061 * bsc#1244705 * bsc#1246229 * bsc#1247249 Cross-References: * CVE-2025-4435 * CVE-2025-6069 * CVE-2025-8194 CVSS scores: * CVE-2025-4435 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2025-4435 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-6069 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H * CVE-2025-6069 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H * CVE-2025-6069 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-8194 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-8194 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-8194 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities and has two security fixes can now be installed. ## Description: This update for python313 fixes the following issues: * CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets (bsc#1247249). * CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser (bsc#1244705). * CVE-2025-4435: Fixed Tarfile extracting filtered members when errorlevel=0 (bsc#1244061). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2025-2767=1 ## Package List: * Python 3 Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python313-base-3.13.5-150700.4.20.1 * python313-tk-debuginfo-3.13.5-150700.4.20.1 * python313-dbm-3.13.5-150700.4.20.1 * python313-tk-3.13.5-150700.4.20.1 * python313-tools-3.13.5-150700.4.20.1 * python313-idle-3.13.5-150700.4.20.1 * python313-3.13.5-150700.4.20.1 * libpython3_13-1_0-3.13.5-150700.4.20.1 * python313-base-debuginfo-3.13.5-150700.4.20.1 * python313-debuginfo-3.13.5-150700.4.20.1 * python313-devel-3.13.5-150700.4.20.1 * python313-curses-3.13.5-150700.4.20.1 * python313-debugsource-3.13.5-150700.4.20.1 * libpython3_13-1_0-debuginfo-3.13.5-150700.4.20.1 * python313-curses-debuginfo-3.13.5-150700.4.20.1 * python313-dbm-debuginfo-3.13.5-150700.4.20.1 * python313-core-debugsource-3.13.5-150700.4.20.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4435.html * https://www.suse.com/security/cve/CVE-2025-6069.html * https://www.suse.com/security/cve/CVE-2025-8194.html * https://bugzilla.suse.com/show_bug.cgi?id=1243155 * https://bugzilla.suse.com/show_bug.cgi?id=1244061 * https://bugzilla.suse.com/show_bug.cgi?id=1244705 * https://bugzilla.suse.com/show_bug.cgi?id=1246229 * https://bugzilla.suse.com/show_bug.cgi?id=1247249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 12 16:30:33 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Aug 2025 16:30:33 -0000 Subject: SUSE-SU-2025:02766-1: important: Security update for webkit2gtk3 Message-ID: <175501623326.22063.11100004375921402680@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:02766-1 Release Date: 2025-08-12T13:00:43Z Rating: important References: * bsc#1247562 * bsc#1247563 * bsc#1247564 * bsc#1247595 * bsc#1247596 * bsc#1247597 * bsc#1247598 * bsc#1247599 * bsc#1247600 * bsc#1247742 Cross-References: * CVE-2024-44192 * CVE-2024-54467 * CVE-2025-24189 * CVE-2025-24201 * CVE-2025-31273 * CVE-2025-31278 * CVE-2025-43211 * CVE-2025-43212 * CVE-2025-43216 * CVE-2025-43227 * CVE-2025-43228 * CVE-2025-43240 * CVE-2025-43265 * CVE-2025-6558 CVSS scores: * CVE-2024-44192 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44192 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44192 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44192 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54467 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-54467 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-54467 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-54467 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-24189 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-24189 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24189 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31273 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-31273 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31273 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31278 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-31278 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31278 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-43211 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-43211 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43211 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-43212 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43212 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43216 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43216 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43227 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-43227 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-43228 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-43228 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-43240 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-43240 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-43265 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-43265 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-6558 ( SUSE ): 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2025-6558 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves 14 vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Updated to version 2.48.5: \- CVE-2025-31273: Fixed a vulnerability where processing maliciously crafted web content could lead to memory corruption. (bsc#1247564) \- CVE-2025-31278: Fixed a vulnerability where processing maliciously crafted web content may lead to memory corruption. (bsc#1247563) \- CVE-2025-43211: Fixed a vulnerability where processing web content may lead to a denial-of-service. (bsc#1247562) \- CVE-2025-43212: Fixed a vulnerability where processing maliciously crafted web content may lead to an unexpected Safari crash. (bsc#1247595) \- CVE-2025-43216: Fixed a vulnerability where processing maliciously crafted web content may lead to an unexpected Safari crash. (bsc#1247596) \- CVE-2025-43227: Fixed a vulnerability where processing maliciously crafted web content may disclose sensitive user information. (bsc#1247597) \- CVE-2025-43228: Fixed a vulnerability where visiting a malicious website may lead to address bar spoofing. (bsc#1247598) \- CVE-2025-43240: Fixed a vulnerability where a download's origin may be incorrectly associated. (bsc#1247599) \- CVE-2025-43265: Fixed a vulnerability where processing maliciously crafted web content may disclose internal states of the app. (bsc#1247600) \- CVE-2025-6558: Fixed a vulnerability where processing maliciously crafted web content may lead to an unexpected Safari crash. (bsc#1247742) Other fixes: \- Improve emoji font selection with USE_SKIA=ON. \- Improve playback of multimedia streams from blob URLs. \- Fix the build with USE_SKIA_OPENTYPE_SVG=ON and USE_SYSPROF_CAPTURE=ON. \- Fix crash when using a WebKitWebView widget in an offscreen window. \- Fix several crashes and rendering issues. \- Fix a crash introduced by the new threaded rendering implementation using Skia API. \- Improve rendering performance by recording layers once and replaying every dirty region in different worker threads. \- Fix a crash when setting WEBKIT_SKIA_GPU_PAINTING_THREADS=0. \- Fix a reference cycle in webkitmediastreamsrc preventing its disposal. \- Increase mem_per_process again to avoid running out of memory. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2766=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2766=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2766=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2766=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libwebkit2gtk-4_0-37-2.48.5-150200.150.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150200.150.1 * webkit2gtk3-debugsource-2.48.5-150200.150.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150200.150.1 * typelib-1_0-JavaScriptCore-4_0-2.48.5-150200.150.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150200.150.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150200.150.1 * webkit2gtk3-devel-2.48.5-150200.150.1 * typelib-1_0-WebKit2-4_0-2.48.5-150200.150.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150200.150.1 * libjavascriptcoregtk-4_0-18-2.48.5-150200.150.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * libwebkit2gtk3-lang-2.48.5-150200.150.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * libwebkit2gtk-4_0-37-2.48.5-150200.150.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150200.150.1 * webkit2gtk3-debugsource-2.48.5-150200.150.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150200.150.1 * typelib-1_0-JavaScriptCore-4_0-2.48.5-150200.150.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150200.150.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150200.150.1 * webkit2gtk3-devel-2.48.5-150200.150.1 * typelib-1_0-WebKit2-4_0-2.48.5-150200.150.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150200.150.1 * libjavascriptcoregtk-4_0-18-2.48.5-150200.150.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * libwebkit2gtk3-lang-2.48.5-150200.150.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libwebkit2gtk-4_0-37-2.48.5-150200.150.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150200.150.1 * webkit2gtk3-debugsource-2.48.5-150200.150.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150200.150.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150200.150.1 * typelib-1_0-JavaScriptCore-4_0-2.48.5-150200.150.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150200.150.1 * webkit2gtk3-devel-2.48.5-150200.150.1 * typelib-1_0-WebKit2-4_0-2.48.5-150200.150.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150200.150.1 * libjavascriptcoregtk-4_0-18-2.48.5-150200.150.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * libwebkit2gtk3-lang-2.48.5-150200.150.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libwebkit2gtk-4_0-37-2.48.5-150200.150.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150200.150.1 * webkit2gtk3-debugsource-2.48.5-150200.150.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150200.150.1 * typelib-1_0-JavaScriptCore-4_0-2.48.5-150200.150.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150200.150.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150200.150.1 * webkit2gtk3-devel-2.48.5-150200.150.1 * typelib-1_0-WebKit2-4_0-2.48.5-150200.150.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150200.150.1 * libjavascriptcoregtk-4_0-18-2.48.5-150200.150.1 * SUSE Enterprise Storage 7.1 (noarch) * libwebkit2gtk3-lang-2.48.5-150200.150.1 ## References: * https://www.suse.com/security/cve/CVE-2024-44192.html * https://www.suse.com/security/cve/CVE-2024-54467.html * https://www.suse.com/security/cve/CVE-2025-24189.html * https://www.suse.com/security/cve/CVE-2025-24201.html * https://www.suse.com/security/cve/CVE-2025-31273.html * https://www.suse.com/security/cve/CVE-2025-31278.html * https://www.suse.com/security/cve/CVE-2025-43211.html * https://www.suse.com/security/cve/CVE-2025-43212.html * https://www.suse.com/security/cve/CVE-2025-43216.html * https://www.suse.com/security/cve/CVE-2025-43227.html * https://www.suse.com/security/cve/CVE-2025-43228.html * https://www.suse.com/security/cve/CVE-2025-43240.html * https://www.suse.com/security/cve/CVE-2025-43265.html * https://www.suse.com/security/cve/CVE-2025-6558.html * https://bugzilla.suse.com/show_bug.cgi?id=1247562 * https://bugzilla.suse.com/show_bug.cgi?id=1247563 * https://bugzilla.suse.com/show_bug.cgi?id=1247564 * https://bugzilla.suse.com/show_bug.cgi?id=1247595 * https://bugzilla.suse.com/show_bug.cgi?id=1247596 * https://bugzilla.suse.com/show_bug.cgi?id=1247597 * https://bugzilla.suse.com/show_bug.cgi?id=1247598 * https://bugzilla.suse.com/show_bug.cgi?id=1247599 * https://bugzilla.suse.com/show_bug.cgi?id=1247600 * https://bugzilla.suse.com/show_bug.cgi?id=1247742 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 12 16:30:41 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Aug 2025 16:30:41 -0000 Subject: SUSE-SU-2025:02765-1: important: Security update for webkit2gtk3 Message-ID: <175501624140.22063.11285148899304952958@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:02765-1 Release Date: 2025-08-12T13:00:05Z Rating: important References: * bsc#1247562 * bsc#1247563 * bsc#1247564 * bsc#1247595 * bsc#1247596 * bsc#1247597 * bsc#1247598 * bsc#1247599 * bsc#1247600 * bsc#1247742 Cross-References: * CVE-2024-44192 * CVE-2024-54467 * CVE-2025-24189 * CVE-2025-24201 * CVE-2025-31273 * CVE-2025-31278 * CVE-2025-43211 * CVE-2025-43212 * CVE-2025-43216 * CVE-2025-43227 * CVE-2025-43228 * CVE-2025-43240 * CVE-2025-43265 * CVE-2025-6558 CVSS scores: * CVE-2024-44192 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44192 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44192 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44192 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54467 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-54467 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-54467 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-54467 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-24189 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-24189 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24189 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31273 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-31273 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31273 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31278 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-31278 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31278 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-43211 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-43211 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43211 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-43212 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43212 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43216 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43216 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43227 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-43227 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-43228 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-43228 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-43240 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-43240 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-43265 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-43265 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-6558 ( SUSE ): 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2025-6558 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * Desktop Applications Module 15-SP6 * Desktop Applications Module 15-SP7 * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves 14 vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Updated to version 2.48.5: \- CVE-2025-31273: Fixed a vulnerability where processing maliciously crafted web content could lead to memory corruption. (bsc#1247564) \- CVE-2025-31278: Fixed a vulnerability where processing maliciously crafted web content may lead to memory corruption. (bsc#1247563) \- CVE-2025-43211: Fixed a vulnerability where processing web content may lead to a denial-of-service. (bsc#1247562) \- CVE-2025-43212: Fixed a vulnerability where processing maliciously crafted web content may lead to an unexpected Safari crash. (bsc#1247595) \- CVE-2025-43216: Fixed a vulnerability where processing maliciously crafted web content may lead to an unexpected Safari crash. (bsc#1247596) \- CVE-2025-43227: Fixed a vulnerability where processing maliciously crafted web content may disclose sensitive user information. (bsc#1247597) \- CVE-2025-43228: Fixed a vulnerability where visiting a malicious website may lead to address bar spoofing. (bsc#1247598) \- CVE-2025-43240: Fixed a vulnerability where a download's origin may be incorrectly associated. (bsc#1247599) \- CVE-2025-43265: Fixed a vulnerability where processing maliciously crafted web content may disclose internal states of the app. (bsc#1247600) \- CVE-2025-6558: Fixed a vulnerability where processing maliciously crafted web content may lead to an unexpected Safari crash. (bsc#1247742) Other fixes: \- Improve emoji font selection with USE_SKIA=ON. \- Improve playback of multimedia streams from blob URLs. \- Fix the build with USE_SKIA_OPENTYPE_SVG=ON and USE_SYSPROF_CAPTURE=ON. \- Fix crash when using a WebKitWebView widget in an offscreen window. \- Fix several crashes and rendering issues. \- Fix a crash introduced by the new threaded rendering implementation using Skia API. \- Improve rendering performance by recording layers once and replaying every dirty region in different worker threads. \- Fix a crash when setting WEBKIT_SKIA_GPU_PAINTING_THREADS=0. \- Fix a reference cycle in webkitmediastreamsrc preventing its disposal. \- Increase mem_per_process again to avoid running out of memory. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2765=1 openSUSE-SLE-15.6-2025-2765=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2765=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2765=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-2765=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-2765=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-2765=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-2765=1 ## Package List: * openSUSE Leap 15.6 (noarch) * WebKitGTK-4.0-lang-2.48.5-150600.12.43.1 * WebKitGTK-6.0-lang-2.48.5-150600.12.43.1 * WebKitGTK-4.1-lang-2.48.5-150600.12.43.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * typelib-1_0-WebKit-6_0-2.48.5-150600.12.43.1 * typelib-1_0-WebKit2-4_1-2.48.5-150600.12.43.1 * webkit2gtk3-soup2-minibrowser-2.48.5-150600.12.43.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.48.5-150600.12.43.1 * webkit-jsc-4.1-debuginfo-2.48.5-150600.12.43.1 * libjavascriptcoregtk-6_0-1-2.48.5-150600.12.43.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.5-150600.12.43.1 * webkit2gtk3-soup2-devel-2.48.5-150600.12.43.1 * libjavascriptcoregtk-4_1-0-2.48.5-150600.12.43.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.5-150600.12.43.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150600.12.43.1 * webkitgtk-6_0-injected-bundles-2.48.5-150600.12.43.1 * webkit2gtk3-minibrowser-debuginfo-2.48.5-150600.12.43.1 * libwebkit2gtk-4_0-37-2.48.5-150600.12.43.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150600.12.43.1 * webkit-jsc-4-debuginfo-2.48.5-150600.12.43.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.5-150600.12.43.1 * typelib-1_0-JavaScriptCore-4_1-2.48.5-150600.12.43.1 * webkit-jsc-6.0-debuginfo-2.48.5-150600.12.43.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.48.5-150600.12.43.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150600.12.43.1 * webkit2gtk4-minibrowser-debuginfo-2.48.5-150600.12.43.1 * webkit2gtk4-minibrowser-2.48.5-150600.12.43.1 * webkit2gtk3-devel-2.48.5-150600.12.43.1 * webkit-jsc-6.0-2.48.5-150600.12.43.1 * libwebkit2gtk-4_1-0-2.48.5-150600.12.43.1 * webkit2gtk3-minibrowser-2.48.5-150600.12.43.1 * webkit-jsc-4-2.48.5-150600.12.43.1 * typelib-1_0-JavaScriptCore-4_0-2.48.5-150600.12.43.1 * webkit2gtk-4_1-injected-bundles-2.48.5-150600.12.43.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150600.12.43.1 * webkit2gtk3-debugsource-2.48.5-150600.12.43.1 * libwebkitgtk-6_0-4-2.48.5-150600.12.43.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.48.5-150600.12.43.1 * typelib-1_0-WebKit2-4_0-2.48.5-150600.12.43.1 * webkit2gtk4-devel-2.48.5-150600.12.43.1 * libwebkitgtk-6_0-4-debuginfo-2.48.5-150600.12.43.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.5-150600.12.43.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.5-150600.12.43.1 * webkit-jsc-4.1-2.48.5-150600.12.43.1 * typelib-1_0-JavaScriptCore-6_0-2.48.5-150600.12.43.1 * webkit2gtk3-soup2-debugsource-2.48.5-150600.12.43.1 * libjavascriptcoregtk-4_0-18-2.48.5-150600.12.43.1 * webkit2gtk4-debugsource-2.48.5-150600.12.43.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150600.12.43.1 * openSUSE Leap 15.6 (x86_64) * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.48.5-150600.12.43.1 * libjavascriptcoregtk-4_0-18-32bit-2.48.5-150600.12.43.1 * libwebkit2gtk-4_1-0-32bit-2.48.5-150600.12.43.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.48.5-150600.12.43.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.48.5-150600.12.43.1 * libwebkit2gtk-4_0-37-32bit-2.48.5-150600.12.43.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.48.5-150600.12.43.1 * libjavascriptcoregtk-4_1-0-32bit-2.48.5-150600.12.43.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.48.5-150600.12.43.1 * libwebkit2gtk-4_0-37-64bit-2.48.5-150600.12.43.1 * libjavascriptcoregtk-4_1-0-64bit-2.48.5-150600.12.43.1 * libjavascriptcoregtk-4_0-18-64bit-2.48.5-150600.12.43.1 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.48.5-150600.12.43.1 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.48.5-150600.12.43.1 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.48.5-150600.12.43.1 * libwebkit2gtk-4_1-0-64bit-2.48.5-150600.12.43.1 * Basesystem Module 15-SP6 (noarch) * WebKitGTK-4.0-lang-2.48.5-150600.12.43.1 * WebKitGTK-6.0-lang-2.48.5-150600.12.43.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-6_0-1-debuginfo-2.48.5-150600.12.43.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150600.12.43.1 * typelib-1_0-JavaScriptCore-4_0-2.48.5-150600.12.43.1 * libjavascriptcoregtk-6_0-1-2.48.5-150600.12.43.1 * webkit2gtk3-soup2-devel-2.48.5-150600.12.43.1 * libwebkitgtk-6_0-4-2.48.5-150600.12.43.1 * libjavascriptcoregtk-4_0-18-2.48.5-150600.12.43.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150600.12.43.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150600.12.43.1 * webkit2gtk3-soup2-debugsource-2.48.5-150600.12.43.1 * libwebkit2gtk-4_0-37-2.48.5-150600.12.43.1 * typelib-1_0-WebKit2-4_0-2.48.5-150600.12.43.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150600.12.43.1 * webkit2gtk4-debugsource-2.48.5-150600.12.43.1 * libwebkitgtk-6_0-4-debuginfo-2.48.5-150600.12.43.1 * webkitgtk-6_0-injected-bundles-2.48.5-150600.12.43.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.48.5-150600.12.43.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150600.12.43.1 * Basesystem Module 15-SP7 (noarch) * WebKitGTK-4.0-lang-2.48.5-150600.12.43.1 * WebKitGTK-6.0-lang-2.48.5-150600.12.43.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-6_0-1-debuginfo-2.48.5-150600.12.43.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150600.12.43.1 * typelib-1_0-JavaScriptCore-4_0-2.48.5-150600.12.43.1 * libjavascriptcoregtk-6_0-1-2.48.5-150600.12.43.1 * webkit2gtk3-soup2-devel-2.48.5-150600.12.43.1 * libwebkitgtk-6_0-4-2.48.5-150600.12.43.1 * libjavascriptcoregtk-4_0-18-2.48.5-150600.12.43.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150600.12.43.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150600.12.43.1 * webkit2gtk3-soup2-debugsource-2.48.5-150600.12.43.1 * libwebkit2gtk-4_0-37-2.48.5-150600.12.43.1 * typelib-1_0-WebKit2-4_0-2.48.5-150600.12.43.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150600.12.43.1 * webkit2gtk4-debugsource-2.48.5-150600.12.43.1 * libwebkitgtk-6_0-4-debuginfo-2.48.5-150600.12.43.1 * webkitgtk-6_0-injected-bundles-2.48.5-150600.12.43.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.48.5-150600.12.43.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150600.12.43.1 * Desktop Applications Module 15-SP6 (noarch) * WebKitGTK-4.1-lang-2.48.5-150600.12.43.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * typelib-1_0-WebKit2-4_1-2.48.5-150600.12.43.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.5-150600.12.43.1 * typelib-1_0-JavaScriptCore-4_1-2.48.5-150600.12.43.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.5-150600.12.43.1 * webkit2gtk-4_1-injected-bundles-2.48.5-150600.12.43.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.5-150600.12.43.1 * webkit2gtk3-debugsource-2.48.5-150600.12.43.1 * libjavascriptcoregtk-4_1-0-2.48.5-150600.12.43.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.5-150600.12.43.1 * webkit2gtk3-devel-2.48.5-150600.12.43.1 * libwebkit2gtk-4_1-0-2.48.5-150600.12.43.1 * Desktop Applications Module 15-SP7 (noarch) * WebKitGTK-4.1-lang-2.48.5-150600.12.43.1 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * typelib-1_0-WebKit2-4_1-2.48.5-150600.12.43.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.5-150600.12.43.1 * typelib-1_0-JavaScriptCore-4_1-2.48.5-150600.12.43.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.5-150600.12.43.1 * webkit2gtk-4_1-injected-bundles-2.48.5-150600.12.43.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.5-150600.12.43.1 * webkit2gtk3-debugsource-2.48.5-150600.12.43.1 * libjavascriptcoregtk-4_1-0-2.48.5-150600.12.43.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.5-150600.12.43.1 * webkit2gtk3-devel-2.48.5-150600.12.43.1 * libwebkit2gtk-4_1-0-2.48.5-150600.12.43.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * typelib-1_0-WebKit-6_0-2.48.5-150600.12.43.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.48.5-150600.12.43.1 * typelib-1_0-JavaScriptCore-6_0-2.48.5-150600.12.43.1 * webkit2gtk4-devel-2.48.5-150600.12.43.1 * webkit2gtk4-debugsource-2.48.5-150600.12.43.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * typelib-1_0-WebKit-6_0-2.48.5-150600.12.43.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.48.5-150600.12.43.1 * typelib-1_0-JavaScriptCore-6_0-2.48.5-150600.12.43.1 * webkit2gtk4-devel-2.48.5-150600.12.43.1 * webkit2gtk4-debugsource-2.48.5-150600.12.43.1 ## References: * https://www.suse.com/security/cve/CVE-2024-44192.html * https://www.suse.com/security/cve/CVE-2024-54467.html * https://www.suse.com/security/cve/CVE-2025-24189.html * https://www.suse.com/security/cve/CVE-2025-24201.html * https://www.suse.com/security/cve/CVE-2025-31273.html * https://www.suse.com/security/cve/CVE-2025-31278.html * https://www.suse.com/security/cve/CVE-2025-43211.html * https://www.suse.com/security/cve/CVE-2025-43212.html * https://www.suse.com/security/cve/CVE-2025-43216.html * https://www.suse.com/security/cve/CVE-2025-43227.html * https://www.suse.com/security/cve/CVE-2025-43228.html * https://www.suse.com/security/cve/CVE-2025-43240.html * https://www.suse.com/security/cve/CVE-2025-43265.html * https://www.suse.com/security/cve/CVE-2025-6558.html * https://bugzilla.suse.com/show_bug.cgi?id=1247562 * https://bugzilla.suse.com/show_bug.cgi?id=1247563 * https://bugzilla.suse.com/show_bug.cgi?id=1247564 * https://bugzilla.suse.com/show_bug.cgi?id=1247595 * https://bugzilla.suse.com/show_bug.cgi?id=1247596 * https://bugzilla.suse.com/show_bug.cgi?id=1247597 * https://bugzilla.suse.com/show_bug.cgi?id=1247598 * https://bugzilla.suse.com/show_bug.cgi?id=1247599 * https://bugzilla.suse.com/show_bug.cgi?id=1247600 * https://bugzilla.suse.com/show_bug.cgi?id=1247742 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 12 16:30:43 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Aug 2025 16:30:43 -0000 Subject: SUSE-SU-2025:02764-1: moderate: Security update for govulncheck-vulndb Message-ID: <175501624345.22063.5538472928767254543@smelt2.prg2.suse.org> # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2025:02764-1 Release Date: 2025-08-12T12:58:54Z Rating: moderate References: * jsc#PED-11136 Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: * Update to version 0.0.20250806T202249 2025-08-06T20:22:49Z (jsc#PED-11136) * GO-2022-0392 GHSA-m6gx-rhvj-fh52 * GO-2022-0396 GHSA-g54h-m393-cpwq * GO-2022-0452 GHSA-f3fp-gc8g-vw66 * GO-2022-0456 GHSA-wjxw-gh3m-7pm5 * GO-2022-0617 GHSA-qh36-44jv-c8xj * GO-2022-0703 GHSA-pmqp-h87c-mr78 * GO-2022-0771 GHSA-69v6-xc2j-r2jf * GO-2022-0775 GHSA-v592-xf75-856p * GO-2022-0782 GHSA-34jx-wx69-9x8v * GO-2022-0802 GHSA-6qfg-8799-r575 * GO-2022-0814 GHSA-9h4h-8w5p-f28w * GO-2022-0835 GHSA-gp4j-w3vj-7299 * GO-2022-0867 GHSA-qhm4-jxv7-j9pq * GO-2022-0871 GHSA-qr2j-wrhx-4829 * GO-2022-0885 GHSA-wqv3-8cm6-h6wg * GO-2022-0886 GHSA-wqwf-x5cj-rg56 * GO-2022-0890 GHSA-x6mj-w4jf-jmgw * GO-2022-0907 GHSA-g42g-737j-qx6j * GO-2022-0908 GHSA-mfv7-gq43-w965 * GO-2022-0910 GHSA-f5f7-6478-qm6p * GO-2022-0914 GHSA-c3xm-pvg7-gh7r * GO-2022-0983 GHSA-f9jg-8p32-2f55 * GO-2023-1492 GHSA-2jx2-76rc-2v7v * GO-2023-1627 GHSA-vpvm-3wq2-2wvm * GO-2023-1628 GHSA-2394-5535-8j88 * GO-2023-1629 GHSA-jh36-q97c-9928 * GO-2023-1682 GHSA-m8cg-xc2p-r3fc * GO-2023-1683 GHSA-g2j6-57v7-gm8c * GO-2023-1864 GHSA-xc8m-28vv-4pjc * GO-2023-1891 GHSA-qc2g-gmh6-95p4 * GO-2023-1892 GHSA-cgcv-5272-97pr * GO-2023-1946 GHSA-q4rr-64r9-fwgf * GO-2023-1959 GHSA-2jq6-ffph-p4h8 * GO-2023-1977 GHSA-mm7g-f2gg-cw8g * GO-2023-1985 GHSA-2h9c-34v6-3qmr * GO-2023-2159 GHSA-35c7-w35f-xwgh * GO-2023-2341 GHSA-hq6q-c2x6-hmch * GO-2024-2528 GHSA-j86v-2vjr-fg8f * GO-2024-2529 GHSA-pm3m-32r3-7mfh * GO-2024-2530 GHSA-vjg6-93fv-qv64 * GO-2024-2753 GHSA-55qj-gj3x-jq9r * GO-2024-2754 GHSA-5x96-j797-5qqw * GO-2024-2755 GHSA-5xfg-wv98-264m * GO-2024-2780 GHSA-r76g-g87f-vw8f * GO-2024-2883 GHSA-mh55-gqvf-xfwm * GO-2024-2994 GHSA-82m2-cv7p-4m75 * GO-2024-3110 GHSA-jfvp-7x6p-h2pv * GO-2024-3277 GHSA-h7wq-jj8r-qm7p * GO-2025-3436 GHSA-q26p-9cq4-7fc2 * GO-2025-3465 GHSA-jgfp-53c3-624w * GO-2025-3507 GHSA-6wxf-7784-62fp * GO-2025-3521 GHSA-3wgm-2gw2-vh5m * GO-2025-3522 GHSA-vv39-3w5q-974q * GO-2025-3547 GHSA-r56h-j38w-hrqq * GO-2025-3605 GHSA-7vpp-9cxj-q8gv * GO-2025-3645 GHSA-gc2p-g4fg-29vh * GO-2025-3774 GHSA-hj2p-8wj8-pfq4 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2764=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2764=1 ## Package List: * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20250806T202249-150000.1.95.1 * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20250806T202249-150000.1.95.1 ## References: * https://jira.suse.com/browse/PED-11136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 12 16:30:47 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Aug 2025 16:30:47 -0000 Subject: SUSE-SU-2025:02762-1: moderate: Security update for eclipse-jgit Message-ID: <175501624780.22063.8644435474454985957@smelt2.prg2.suse.org> # Security update for eclipse-jgit Announcement ID: SUSE-SU-2025:02762-1 Release Date: 2025-08-12T12:45:19Z Rating: moderate References: * bsc#1243647 Cross-References: * CVE-2025-4949 CVSS scores: * CVE-2025-4949 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N * CVE-2025-4949 ( NVD ): 6.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:D/RE:L/U:Green * CVE-2025-4949 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for eclipse-jgit fixes the following issues: * CVE-2025-4949: Fixed the XXE vulnerability in ManifestParser and AmazonS3 class (bsc#1243647). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-2762=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2762=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-2762=1 ## Package List: * Development Tools Module 15-SP7 (noarch) * jgit-5.11.0-150200.3.23.1 * openSUSE Leap 15.6 (noarch) * eclipse-jgit-5.11.0-150200.3.23.1 * Development Tools Module 15-SP6 (noarch) * jgit-5.11.0-150200.3.23.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4949.html * https://bugzilla.suse.com/show_bug.cgi?id=1243647 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 12 16:30:55 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Aug 2025 16:30:55 -0000 Subject: SUSE-SU-2025:02760-1: moderate: Security update for go1.24 Message-ID: <175501625533.22063.6302003801535046058@smelt2.prg2.suse.org> # Security update for go1.24 Announcement ID: SUSE-SU-2025:02760-1 Release Date: 2025-08-12T12:09:45Z Rating: moderate References: * bsc#1236217 * bsc#1247719 * bsc#1247720 Cross-References: * CVE-2025-47906 * CVE-2025-47907 CVSS scores: * CVE-2025-47906 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-47906 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-47907 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-47907 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2025-47907 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L Affected Products: * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for go1.24 fixes the following issues: * Update to go1.24.6: * CVE-2025-47906: Fixed LookPath returning unexpected paths (bsc#1247719) * CVE-2025-47907: Fixed incorrect results returned from Rows.Scan (bsc#1247720) * go#73800 runtime: RSS seems to have increased in Go 1.24 while the runtime accounting has not * go#74416 runtime: use-after-free of allpSnapshot in findRunnable * go#74694 runtime: segfaults in runtime.(*unwinder).next * go#74760 os/user:nolibgcc: TestGroupIdsTestUser failures ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2760=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-2760=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-2760=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2760=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2760=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2760=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2760=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2760=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2760=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2760=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2760=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2760=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2760=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2760=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2760=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.24-1.24.6-150000.1.32.1 * go1.24-race-1.24.6-150000.1.32.1 * go1.24-doc-1.24.6-150000.1.32.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.24-1.24.6-150000.1.32.1 * go1.24-race-1.24.6-150000.1.32.1 * go1.24-doc-1.24.6-150000.1.32.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * go1.24-1.24.6-150000.1.32.1 * go1.24-race-1.24.6-150000.1.32.1 * go1.24-doc-1.24.6-150000.1.32.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.24-1.24.6-150000.1.32.1 * go1.24-race-1.24.6-150000.1.32.1 * go1.24-doc-1.24.6-150000.1.32.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.24-1.24.6-150000.1.32.1 * go1.24-race-1.24.6-150000.1.32.1 * go1.24-doc-1.24.6-150000.1.32.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.24-1.24.6-150000.1.32.1 * go1.24-race-1.24.6-150000.1.32.1 * go1.24-doc-1.24.6-150000.1.32.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.24-1.24.6-150000.1.32.1 * go1.24-race-1.24.6-150000.1.32.1 * go1.24-doc-1.24.6-150000.1.32.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.24-1.24.6-150000.1.32.1 * go1.24-race-1.24.6-150000.1.32.1 * go1.24-doc-1.24.6-150000.1.32.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-1.24.6-150000.1.32.1 * go1.24-race-1.24.6-150000.1.32.1 * go1.24-doc-1.24.6-150000.1.32.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-1.24.6-150000.1.32.1 * go1.24-race-1.24.6-150000.1.32.1 * go1.24-doc-1.24.6-150000.1.32.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-1.24.6-150000.1.32.1 * go1.24-race-1.24.6-150000.1.32.1 * go1.24-doc-1.24.6-150000.1.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.24-1.24.6-150000.1.32.1 * go1.24-race-1.24.6-150000.1.32.1 * go1.24-doc-1.24.6-150000.1.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.24-1.24.6-150000.1.32.1 * go1.24-race-1.24.6-150000.1.32.1 * go1.24-doc-1.24.6-150000.1.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.24-1.24.6-150000.1.32.1 * go1.24-race-1.24.6-150000.1.32.1 * go1.24-doc-1.24.6-150000.1.32.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.24-1.24.6-150000.1.32.1 * go1.24-race-1.24.6-150000.1.32.1 * go1.24-doc-1.24.6-150000.1.32.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47906.html * https://www.suse.com/security/cve/CVE-2025-47907.html * https://bugzilla.suse.com/show_bug.cgi?id=1236217 * https://bugzilla.suse.com/show_bug.cgi?id=1247719 * https://bugzilla.suse.com/show_bug.cgi?id=1247720 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 12 16:31:01 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Aug 2025 16:31:01 -0000 Subject: SUSE-SU-2025:02759-1: moderate: Security update for go1.23 Message-ID: <175501626104.22063.10968592036288585145@smelt2.prg2.suse.org> # Security update for go1.23 Announcement ID: SUSE-SU-2025:02759-1 Release Date: 2025-08-12T12:07:40Z Rating: moderate References: * bsc#1229122 * bsc#1247719 * bsc#1247720 Cross-References: * CVE-2025-47906 * CVE-2025-47907 CVSS scores: * CVE-2025-47906 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-47906 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-47907 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-47907 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2025-47907 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L Affected Products: * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for go1.23 fixes the following issues: * Update to go1.23.12: * CVE-2025-47906: Fixed LookPath returning unexpected paths (bsc#1247719) * CVE-2025-47907: Fixed incorrect results returned from Rows.Scan (bsc#1247720) * go#74415 runtime: use-after-free of allpSnapshot in findRunnable * go#74693 runtime: segfaults in runtime.(*unwinder).next * go#74721 cmd/go: TestScript/build_trimpath_cgo fails to decode dwarf on release-branch.go1.23 * go#74726 cmd/cgo/internal/testsanitizers: failures with signal: segmentation fault or exit status 66 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2759=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2759=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2759=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2759=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2759=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2759=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2759=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2759=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2759=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2759=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-2759=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-2759=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2759=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2759=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2759=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.23-doc-1.23.12-150000.1.40.1 * go1.23-race-1.23.12-150000.1.40.1 * go1.23-1.23.12-150000.1.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.23-doc-1.23.12-150000.1.40.1 * go1.23-race-1.23.12-150000.1.40.1 * go1.23-1.23.12-150000.1.40.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.23-doc-1.23.12-150000.1.40.1 * go1.23-race-1.23.12-150000.1.40.1 * go1.23-1.23.12-150000.1.40.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.23-doc-1.23.12-150000.1.40.1 * go1.23-race-1.23.12-150000.1.40.1 * go1.23-1.23.12-150000.1.40.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.23-doc-1.23.12-150000.1.40.1 * go1.23-race-1.23.12-150000.1.40.1 * go1.23-1.23.12-150000.1.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.23-doc-1.23.12-150000.1.40.1 * go1.23-race-1.23.12-150000.1.40.1 * go1.23-1.23.12-150000.1.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.23-doc-1.23.12-150000.1.40.1 * go1.23-race-1.23.12-150000.1.40.1 * go1.23-1.23.12-150000.1.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.23-doc-1.23.12-150000.1.40.1 * go1.23-race-1.23.12-150000.1.40.1 * go1.23-1.23.12-150000.1.40.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.23-doc-1.23.12-150000.1.40.1 * go1.23-race-1.23.12-150000.1.40.1 * go1.23-1.23.12-150000.1.40.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.23-doc-1.23.12-150000.1.40.1 * go1.23-race-1.23.12-150000.1.40.1 * go1.23-1.23.12-150000.1.40.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.23-doc-1.23.12-150000.1.40.1 * go1.23-race-1.23.12-150000.1.40.1 * go1.23-1.23.12-150000.1.40.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * go1.23-doc-1.23.12-150000.1.40.1 * go1.23-race-1.23.12-150000.1.40.1 * go1.23-1.23.12-150000.1.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.23-doc-1.23.12-150000.1.40.1 * go1.23-race-1.23.12-150000.1.40.1 * go1.23-1.23.12-150000.1.40.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.23-doc-1.23.12-150000.1.40.1 * go1.23-race-1.23.12-150000.1.40.1 * go1.23-1.23.12-150000.1.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.23-doc-1.23.12-150000.1.40.1 * go1.23-race-1.23.12-150000.1.40.1 * go1.23-1.23.12-150000.1.40.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47906.html * https://www.suse.com/security/cve/CVE-2025-47907.html * https://bugzilla.suse.com/show_bug.cgi?id=1229122 * https://bugzilla.suse.com/show_bug.cgi?id=1247719 * https://bugzilla.suse.com/show_bug.cgi?id=1247720 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 12 20:30:06 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Aug 2025 20:30:06 -0000 Subject: SUSE-SU-2025:02772-1: moderate: Recommended update for grub2 Message-ID: <175503060672.22066.10647704925582178996@smelt2.prg2.suse.org> # Recommended update for grub2 Announcement ID: SUSE-SU-2025:02772-1 Release Date: 2025-08-12T17:39:25Z Rating: moderate References: * bsc#1234959 * bsc#1246157 * bsc#1246231 * bsc#1246237 Cross-References: * CVE-2024-56738 CVSS scores: * CVE-2024-56738 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-56738 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-56738 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has three security fixes can now be installed. ## Description: This update for grub2 fixes the following issues: * CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grub_crypto_memcmp (bsc#1234959) Other fixes: \- Fix test -f and -s do not work properly over the network files served via tftp and http (bsc#1246157, bsc#1246237) \- Skip mount point in grub_find_device function (bsc#1246231) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2772=1 openSUSE-SLE-15.6-2025-2772=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2772=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-2772=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * grub2-debuginfo-2.12-150600.8.34.1 * grub2-2.12-150600.8.34.1 * grub2-branding-upstream-2.12-150600.8.34.1 * openSUSE Leap 15.6 (aarch64 s390x x86_64 i586) * grub2-debugsource-2.12-150600.8.34.1 * openSUSE Leap 15.6 (noarch) * grub2-i386-pc-2.12-150600.8.34.1 * grub2-x86_64-xen-debug-2.12-150600.8.34.1 * grub2-snapper-plugin-2.12-150600.8.34.1 * grub2-i386-xen-debug-2.12-150600.8.34.1 * grub2-s390x-emu-extras-2.12-150600.8.34.1 * grub2-x86_64-xen-extras-2.12-150600.8.34.1 * grub2-arm64-efi-debug-2.12-150600.8.34.1 * grub2-x86_64-efi-extras-2.12-150600.8.34.1 * grub2-x86_64-xen-2.12-150600.8.34.1 * grub2-x86_64-efi-debug-2.12-150600.8.34.1 * grub2-i386-pc-debug-2.12-150600.8.34.1 * grub2-i386-xen-2.12-150600.8.34.1 * grub2-i386-xen-extras-2.12-150600.8.34.1 * grub2-i386-efi-extras-2.12-150600.8.34.1 * grub2-powerpc-ieee1275-extras-2.12-150600.8.34.1 * grub2-systemd-sleep-plugin-2.12-150600.8.34.1 * grub2-i386-efi-debug-2.12-150600.8.34.1 * grub2-arm64-efi-extras-2.12-150600.8.34.1 * grub2-powerpc-ieee1275-2.12-150600.8.34.1 * grub2-powerpc-ieee1275-debug-2.12-150600.8.34.1 * grub2-arm64-efi-2.12-150600.8.34.1 * grub2-i386-efi-2.12-150600.8.34.1 * grub2-i386-pc-extras-2.12-150600.8.34.1 * grub2-x86_64-efi-2.12-150600.8.34.1 * openSUSE Leap 15.6 (s390x) * grub2-s390x-emu-debug-2.12-150600.8.34.1 * grub2-s390x-emu-2.12-150600.8.34.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * grub2-debuginfo-2.12-150600.8.34.1 * grub2-2.12-150600.8.34.1 * Basesystem Module 15-SP6 (noarch) * grub2-i386-pc-2.12-150600.8.34.1 * grub2-systemd-sleep-plugin-2.12-150600.8.34.1 * grub2-powerpc-ieee1275-2.12-150600.8.34.1 * grub2-arm64-efi-2.12-150600.8.34.1 * grub2-snapper-plugin-2.12-150600.8.34.1 * grub2-x86_64-efi-2.12-150600.8.34.1 * Basesystem Module 15-SP6 (aarch64 s390x x86_64) * grub2-debugsource-2.12-150600.8.34.1 * Basesystem Module 15-SP6 (s390x) * grub2-s390x-emu-2.12-150600.8.34.1 * Server Applications Module 15-SP6 (noarch) * grub2-x86_64-xen-2.12-150600.8.34.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56738.html * https://bugzilla.suse.com/show_bug.cgi?id=1234959 * https://bugzilla.suse.com/show_bug.cgi?id=1246157 * https://bugzilla.suse.com/show_bug.cgi?id=1246231 * https://bugzilla.suse.com/show_bug.cgi?id=1246237 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 13 08:30:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 13 Aug 2025 08:30:04 -0000 Subject: SUSE-SU-2025:02779-1: important: Security update for slurm Message-ID: <175507380450.7464.13702886767790898301@smelt2.prg2.suse.org> # Security update for slurm Announcement ID: SUSE-SU-2025:02779-1 Release Date: 2025-08-13T06:57:35Z Rating: important References: * bsc#1243666 Cross-References: * CVE-2025-43904 CVSS scores: * CVE-2025-43904 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43904 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for slurm fixes the following issues: * CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator (bsc#1243666). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2779=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2779=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2779=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2779=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2779=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * slurm-20.11.9-150400.3.6.2 * slurm-seff-20.11.9-150400.3.6.2 * slurm-torque-debuginfo-20.11.9-150400.3.6.2 * slurm-config-20.11.9-150400.3.6.2 * slurm-testsuite-20.11.9-150400.3.6.2 * libpmi0-debuginfo-20.11.9-150400.3.6.2 * slurm-torque-20.11.9-150400.3.6.2 * slurm-webdoc-20.11.9-150400.3.6.2 * slurm-openlava-20.11.9-150400.3.6.2 * libslurm36-debuginfo-20.11.9-150400.3.6.2 * slurm-sjstat-20.11.9-150400.3.6.2 * slurm-slurmdbd-debuginfo-20.11.9-150400.3.6.2 * slurm-pam_slurm-20.11.9-150400.3.6.2 * slurm-sview-debuginfo-20.11.9-150400.3.6.2 * slurm-doc-20.11.9-150400.3.6.2 * slurm-sql-debuginfo-20.11.9-150400.3.6.2 * slurm-rest-debuginfo-20.11.9-150400.3.6.2 * slurm-config-man-20.11.9-150400.3.6.2 * libslurm36-20.11.9-150400.3.6.2 * slurm-plugins-20.11.9-150400.3.6.2 * slurm-pam_slurm-debuginfo-20.11.9-150400.3.6.2 * slurm-rest-20.11.9-150400.3.6.2 * slurm-debuginfo-20.11.9-150400.3.6.2 * slurm-devel-20.11.9-150400.3.6.2 * libnss_slurm2-20.11.9-150400.3.6.2 * slurm-node-20.11.9-150400.3.6.2 * slurm-plugins-debuginfo-20.11.9-150400.3.6.2 * slurm-munge-20.11.9-150400.3.6.2 * slurm-cray-20.11.9-150400.3.6.2 * slurm-lua-debuginfo-20.11.9-150400.3.6.2 * slurm-sview-20.11.9-150400.3.6.2 * perl-slurm-debuginfo-20.11.9-150400.3.6.2 * slurm-hdf5-20.11.9-150400.3.6.2 * slurm-debugsource-20.11.9-150400.3.6.2 * libpmi0-20.11.9-150400.3.6.2 * slurm-sql-20.11.9-150400.3.6.2 * slurm-auth-none-debuginfo-20.11.9-150400.3.6.2 * slurm-cray-debuginfo-20.11.9-150400.3.6.2 * slurm-node-debuginfo-20.11.9-150400.3.6.2 * slurm-munge-debuginfo-20.11.9-150400.3.6.2 * slurm-hdf5-debuginfo-20.11.9-150400.3.6.2 * slurm-lua-20.11.9-150400.3.6.2 * slurm-auth-none-20.11.9-150400.3.6.2 * slurm-slurmdbd-20.11.9-150400.3.6.2 * libnss_slurm2-debuginfo-20.11.9-150400.3.6.2 * perl-slurm-20.11.9-150400.3.6.2 * SUSE Package Hub 15 15-SP6 (ppc64le) * libslurm36-20.11.9-150400.3.6.2 * libslurm36-debuginfo-20.11.9-150400.3.6.2 * slurm-debuginfo-20.11.9-150400.3.6.2 * slurm-debugsource-20.11.9-150400.3.6.2 * SUSE Package Hub 15 15-SP7 (ppc64le) * libslurm36-20.11.9-150400.3.6.2 * libslurm36-debuginfo-20.11.9-150400.3.6.2 * slurm-debuginfo-20.11.9-150400.3.6.2 * slurm-debugsource-20.11.9-150400.3.6.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * slurm-20.11.9-150400.3.6.2 * slurm-torque-debuginfo-20.11.9-150400.3.6.2 * slurm-config-20.11.9-150400.3.6.2 * libpmi0-debuginfo-20.11.9-150400.3.6.2 * slurm-torque-20.11.9-150400.3.6.2 * slurm-webdoc-20.11.9-150400.3.6.2 * libslurm36-debuginfo-20.11.9-150400.3.6.2 * slurm-slurmdbd-debuginfo-20.11.9-150400.3.6.2 * slurm-pam_slurm-20.11.9-150400.3.6.2 * slurm-sview-debuginfo-20.11.9-150400.3.6.2 * slurm-doc-20.11.9-150400.3.6.2 * slurm-sql-debuginfo-20.11.9-150400.3.6.2 * slurm-rest-debuginfo-20.11.9-150400.3.6.2 * slurm-config-man-20.11.9-150400.3.6.2 * libslurm36-20.11.9-150400.3.6.2 * slurm-plugins-20.11.9-150400.3.6.2 * slurm-pam_slurm-debuginfo-20.11.9-150400.3.6.2 * slurm-rest-20.11.9-150400.3.6.2 * slurm-debuginfo-20.11.9-150400.3.6.2 * slurm-devel-20.11.9-150400.3.6.2 * libnss_slurm2-20.11.9-150400.3.6.2 * slurm-node-20.11.9-150400.3.6.2 * slurm-plugins-debuginfo-20.11.9-150400.3.6.2 * slurm-munge-20.11.9-150400.3.6.2 * slurm-cray-20.11.9-150400.3.6.2 * slurm-lua-debuginfo-20.11.9-150400.3.6.2 * slurm-sview-20.11.9-150400.3.6.2 * perl-slurm-debuginfo-20.11.9-150400.3.6.2 * slurm-debugsource-20.11.9-150400.3.6.2 * libpmi0-20.11.9-150400.3.6.2 * slurm-sql-20.11.9-150400.3.6.2 * slurm-auth-none-debuginfo-20.11.9-150400.3.6.2 * slurm-cray-debuginfo-20.11.9-150400.3.6.2 * slurm-node-debuginfo-20.11.9-150400.3.6.2 * slurm-munge-debuginfo-20.11.9-150400.3.6.2 * slurm-lua-20.11.9-150400.3.6.2 * slurm-auth-none-20.11.9-150400.3.6.2 * slurm-slurmdbd-20.11.9-150400.3.6.2 * libnss_slurm2-debuginfo-20.11.9-150400.3.6.2 * perl-slurm-20.11.9-150400.3.6.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * slurm-20.11.9-150400.3.6.2 * slurm-torque-debuginfo-20.11.9-150400.3.6.2 * slurm-config-20.11.9-150400.3.6.2 * libpmi0-debuginfo-20.11.9-150400.3.6.2 * slurm-torque-20.11.9-150400.3.6.2 * slurm-webdoc-20.11.9-150400.3.6.2 * libslurm36-debuginfo-20.11.9-150400.3.6.2 * slurm-slurmdbd-debuginfo-20.11.9-150400.3.6.2 * slurm-pam_slurm-20.11.9-150400.3.6.2 * slurm-sview-debuginfo-20.11.9-150400.3.6.2 * slurm-doc-20.11.9-150400.3.6.2 * slurm-sql-debuginfo-20.11.9-150400.3.6.2 * slurm-rest-debuginfo-20.11.9-150400.3.6.2 * slurm-config-man-20.11.9-150400.3.6.2 * libslurm36-20.11.9-150400.3.6.2 * slurm-plugins-20.11.9-150400.3.6.2 * slurm-pam_slurm-debuginfo-20.11.9-150400.3.6.2 * slurm-rest-20.11.9-150400.3.6.2 * slurm-debuginfo-20.11.9-150400.3.6.2 * slurm-devel-20.11.9-150400.3.6.2 * libnss_slurm2-20.11.9-150400.3.6.2 * slurm-node-20.11.9-150400.3.6.2 * slurm-plugins-debuginfo-20.11.9-150400.3.6.2 * slurm-munge-20.11.9-150400.3.6.2 * slurm-cray-20.11.9-150400.3.6.2 * slurm-lua-debuginfo-20.11.9-150400.3.6.2 * slurm-sview-20.11.9-150400.3.6.2 * perl-slurm-debuginfo-20.11.9-150400.3.6.2 * slurm-debugsource-20.11.9-150400.3.6.2 * libpmi0-20.11.9-150400.3.6.2 * slurm-sql-20.11.9-150400.3.6.2 * slurm-auth-none-debuginfo-20.11.9-150400.3.6.2 * slurm-cray-debuginfo-20.11.9-150400.3.6.2 * slurm-node-debuginfo-20.11.9-150400.3.6.2 * slurm-munge-debuginfo-20.11.9-150400.3.6.2 * slurm-lua-20.11.9-150400.3.6.2 * slurm-auth-none-20.11.9-150400.3.6.2 * slurm-slurmdbd-20.11.9-150400.3.6.2 * libnss_slurm2-debuginfo-20.11.9-150400.3.6.2 * perl-slurm-20.11.9-150400.3.6.2 ## References: * https://www.suse.com/security/cve/CVE-2025-43904.html * https://bugzilla.suse.com/show_bug.cgi?id=1243666 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 13 08:30:18 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 13 Aug 2025 08:30:18 -0000 Subject: SUSE-SU-2025:02778-1: important: Security update for python3 Message-ID: <175507381819.7464.11086951625409216017@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2025:02778-1 Release Date: 2025-08-13T06:47:26Z Rating: important References: * bsc#1233012 * bsc#1243273 * bsc#1244032 * bsc#1244056 * bsc#1244059 * bsc#1244060 * bsc#1244061 * bsc#1244401 * bsc#1244705 * bsc#1247249 * bsc#831629 Cross-References: * CVE-2024-12718 * CVE-2025-4138 * CVE-2025-4330 * CVE-2025-4435 * CVE-2025-4516 * CVE-2025-4517 * CVE-2025-6069 * CVE-2025-8194 CVSS scores: * CVE-2024-12718 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-12718 ( NVD ): 10.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-12718 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-4138 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2025-4138 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-4330 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2025-4330 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-4435 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2025-4435 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-4516 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-4516 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4516 ( NVD ): 5.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-4517 ( SUSE ): 7.5 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-4517 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-4517 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L * CVE-2025-6069 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H * CVE-2025-6069 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H * CVE-2025-6069 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-8194 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-8194 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-8194 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.3 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves eight vulnerabilities and has three security fixes can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2025-4516: use-after-free in the unicode-escape decoder when using the error handler (bsc#1243273). * CVE-2024-12718: Fixed extraction filter bypass that allowed file metadata modification outside extraction directory (bsc#1244056) * CVE-2025-4138: Fixed issue that might allow symlink targets to point outside the destination directory, and the modification of some file metadata (bsc#1244059) * CVE-2025-4330: Fixed extraction filter bypass that allowed linking outside extraction directory (bsc#1244060) * CVE-2025-4435: Fixed Tarfile extracts filtered members when errorlevel=0 (bsc#1244061) * CVE-2025-4517: Fixed arbitrary filesystem writes outside the extraction directory during extraction with filter="data" (bsc#1244032) * CVE-2025-6069: Fixed worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser (bsc#1244705) * CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets (bsc#1247249) Other fixes: \- Limit buffer size for IPv6 address parsing (bsc#1244401). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2778=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2778=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2778=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2778=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2778=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2778=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2778=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2778=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2778=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-2778=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-2778=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2778=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2778=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2778=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2778=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2778=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2778=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2778=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2778=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2778=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2778=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2778=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2778=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-2778=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2778=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2778=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2778=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2778=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-base-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-debuginfo-3.6.15-150300.10.97.2 * python3-testsuite-debuginfo-3.6.15-150300.10.97.1 * python3-devel-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-doc-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-testsuite-3.6.15-150300.10.97.1 * python3-tools-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-doc-devhelp-3.6.15-150300.10.97.1 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * openSUSE Leap 15.3 (x86_64) * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-32bit-3.6.15-150300.10.97.1 * openSUSE Leap 15.3 (aarch64_ilp32) * libpython3_6m1_0-64bit-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-64bit-3.6.15-150300.10.97.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-debuginfo-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-testsuite-debuginfo-3.6.15-150300.10.97.1 * python3-devel-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-doc-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-testsuite-3.6.15-150300.10.97.1 * python3-tools-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-doc-devhelp-3.6.15-150300.10.97.1 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * openSUSE Leap 15.6 (x86_64) * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-32bit-3.6.15-150300.10.97.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-devel-3.6.15-150300.10.97.1 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-devel-3.6.15-150300.10.97.1 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python3-tools-3.6.15-150300.10.97.1 * python3-core-debugsource-3.6.15-150300.10.97.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python3-tools-3.6.15-150300.10.97.1 * python3-core-debugsource-3.6.15-150300.10.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-tools-3.6.15-150300.10.97.1 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-devel-3.6.15-150300.10.97.1 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-tools-3.6.15-150300.10.97.1 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-devel-3.6.15-150300.10.97.1 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-tools-3.6.15-150300.10.97.1 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-devel-3.6.15-150300.10.97.1 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-tools-3.6.15-150300.10.97.1 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-devel-3.6.15-150300.10.97.1 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-tools-3.6.15-150300.10.97.1 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-devel-3.6.15-150300.10.97.1 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-tools-3.6.15-150300.10.97.1 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-devel-3.6.15-150300.10.97.1 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-tools-3.6.15-150300.10.97.1 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-devel-3.6.15-150300.10.97.1 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-tools-3.6.15-150300.10.97.1 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-devel-3.6.15-150300.10.97.1 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-tools-3.6.15-150300.10.97.1 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-devel-3.6.15-150300.10.97.1 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-tools-3.6.15-150300.10.97.1 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-devel-3.6.15-150300.10.97.1 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-tools-3.6.15-150300.10.97.1 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-devel-3.6.15-150300.10.97.1 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * SUSE Manager Proxy 4.3 (x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-devel-3.6.15-150300.10.97.1 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-devel-3.6.15-150300.10.97.1 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-devel-3.6.15-150300.10.97.1 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.97.2 * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-tools-3.6.15-150300.10.97.1 * python3-curses-debuginfo-3.6.15-150300.10.97.2 * python3-devel-3.6.15-150300.10.97.1 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-curses-3.6.15-150300.10.97.2 * python3-tk-debuginfo-3.6.15-150300.10.97.2 * python3-idle-3.6.15-150300.10.97.2 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * python3-devel-debuginfo-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * python3-tk-3.6.15-150300.10.97.2 * python3-dbm-3.6.15-150300.10.97.2 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * python3-debuginfo-3.6.15-150300.10.97.2 * python3-core-debugsource-3.6.15-150300.10.97.1 * python3-debugsource-3.6.15-150300.10.97.2 * python3-base-debuginfo-3.6.15-150300.10.97.1 * python3-3.6.15-150300.10.97.2 * libpython3_6m1_0-3.6.15-150300.10.97.1 * python3-base-3.6.15-150300.10.97.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.97.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12718.html * https://www.suse.com/security/cve/CVE-2025-4138.html * https://www.suse.com/security/cve/CVE-2025-4330.html * https://www.suse.com/security/cve/CVE-2025-4435.html * https://www.suse.com/security/cve/CVE-2025-4516.html * https://www.suse.com/security/cve/CVE-2025-4517.html * https://www.suse.com/security/cve/CVE-2025-6069.html * https://www.suse.com/security/cve/CVE-2025-8194.html * https://bugzilla.suse.com/show_bug.cgi?id=1233012 * https://bugzilla.suse.com/show_bug.cgi?id=1243273 * https://bugzilla.suse.com/show_bug.cgi?id=1244032 * https://bugzilla.suse.com/show_bug.cgi?id=1244056 * https://bugzilla.suse.com/show_bug.cgi?id=1244059 * https://bugzilla.suse.com/show_bug.cgi?id=1244060 * https://bugzilla.suse.com/show_bug.cgi?id=1244061 * https://bugzilla.suse.com/show_bug.cgi?id=1244401 * https://bugzilla.suse.com/show_bug.cgi?id=1244705 * https://bugzilla.suse.com/show_bug.cgi?id=1247249 * https://bugzilla.suse.com/show_bug.cgi?id=831629 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 13 08:30:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 13 Aug 2025 08:30:28 -0000 Subject: SUSE-SU-2025:02777-1: important: Security update for webkit2gtk3 Message-ID: <175507382801.7464.2834581762395871343@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:02777-1 Release Date: 2025-08-13T06:44:05Z Rating: important References: * bsc#1247562 * bsc#1247563 * bsc#1247564 * bsc#1247595 * bsc#1247596 * bsc#1247597 * bsc#1247598 * bsc#1247599 * bsc#1247600 * bsc#1247742 Cross-References: * CVE-2024-44192 * CVE-2024-54467 * CVE-2025-24189 * CVE-2025-24201 * CVE-2025-31273 * CVE-2025-31278 * CVE-2025-43211 * CVE-2025-43212 * CVE-2025-43216 * CVE-2025-43227 * CVE-2025-43228 * CVE-2025-43240 * CVE-2025-43265 * CVE-2025-6558 CVSS scores: * CVE-2024-44192 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44192 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44192 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44192 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54467 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-54467 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-54467 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-54467 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-24189 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-24189 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24189 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31273 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-31273 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31273 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31278 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-31278 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31278 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-43211 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-43211 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43211 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-43212 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43212 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43216 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43216 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43227 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-43227 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-43228 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-43228 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-43240 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-43240 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-43265 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-43265 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-6558 ( SUSE ): 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2025-6558 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS An update that solves 14 vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Updated to version 2.48.5: \- CVE-2025-31273: Fixed a vulnerability where processing maliciously crafted web content could lead to memory corruption. (bsc#1247564) \- CVE-2025-31278: Fixed a vulnerability where processing maliciously crafted web content may lead to memory corruption. (bsc#1247563) \- CVE-2025-43211: Fixed a vulnerability where processing web content may lead to a denial-of-service. (bsc#1247562) \- CVE-2025-43212: Fixed a vulnerability where processing maliciously crafted web content may lead to an unexpected Safari crash. (bsc#1247595) \- CVE-2025-43216: Fixed a vulnerability where processing maliciously crafted web content may lead to an unexpected Safari crash. (bsc#1247596) \- CVE-2025-43227: Fixed a vulnerability where processing maliciously crafted web content may disclose sensitive user information. (bsc#1247597) \- CVE-2025-43228: Fixed a vulnerability where visiting a malicious website may lead to address bar spoofing. (bsc#1247598) \- CVE-2025-43240: Fixed a vulnerability where a download's origin may be incorrectly associated. (bsc#1247599) \- CVE-2025-43265: Fixed a vulnerability where processing maliciously crafted web content may disclose internal states of the app. (bsc#1247600) \- CVE-2025-6558: Fixed a vulnerability where processing maliciously crafted web content may lead to an unexpected Safari crash. (bsc#1247742) Other fixes: \- Improve emoji font selection with USE_SKIA=ON. \- Improve playback of multimedia streams from blob URLs. \- Fix the build with USE_SKIA_OPENTYPE_SVG=ON and USE_SYSPROF_CAPTURE=ON. \- Fix crash when using a WebKitWebView widget in an offscreen window. \- Fix several crashes and rendering issues. \- Fix a crash introduced by the new threaded rendering implementation using Skia API. \- Improve rendering performance by recording layers once and replaying every dirty region in different worker threads. \- Fix a crash when setting WEBKIT_SKIA_GPU_PAINTING_THREADS=0. \- Fix a reference cycle in webkitmediastreamsrc preventing its disposal. \- Increase mem_per_process again to avoid running out of memory. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2777=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2777=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2777=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2777=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2777=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2777=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2777=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2777=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2777=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-2777=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-2777=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-2777=1 ## Package List: * openSUSE Leap 15.4 (noarch) * WebKitGTK-4.0-lang-2.48.5-150400.4.122.1 * WebKitGTK-6.0-lang-2.48.5-150400.4.122.1 * WebKitGTK-4.1-lang-2.48.5-150400.4.122.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * webkit2gtk3-devel-2.48.5-150400.4.122.1 * libwebkitgtk-6_0-4-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk3-debugsource-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-2.48.5-150400.4.122.1 * webkit2gtk-4_1-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk4-minibrowser-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-debugsource-2.48.5-150400.4.122.1 * webkit-jsc-6.0-2.48.5-150400.4.122.1 * webkit2gtk4-debugsource-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-minibrowser-2.48.5-150400.4.122.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * webkit-jsc-4.1-debuginfo-2.48.5-150400.4.122.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-4_1-2.48.5-150400.4.122.1 * libjavascriptcoregtk-6_0-1-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.5-150400.4.122.1 * webkit-jsc-6.0-debuginfo-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-6_0-2.48.5-150400.4.122.1 * webkit2gtk3-minibrowser-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_0-2.48.5-150400.4.122.1 * webkit2gtk4-minibrowser-2.48.5-150400.4.122.1 * webkit2gtk4-devel-2.48.5-150400.4.122.1 * webkit-jsc-4-debuginfo-2.48.5-150400.4.122.1 * webkit-jsc-4-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.5-150400.4.122.1 * webkitgtk-6_0-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk3-minibrowser-debuginfo-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-4_0-2.48.5-150400.4.122.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.48.5-150400.4.122.1 * webkit-jsc-4.1-2.48.5-150400.4.122.1 * typelib-1_0-WebKit-6_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-devel-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_1-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.48.5-150400.4.122.1 * libwebkitgtk-6_0-4-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-2.48.5-150400.4.122.1 * openSUSE Leap 15.4 (x86_64) * libwebkit2gtk-4_1-0-32bit-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-32bit-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-32bit-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-32bit-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.48.5-150400.4.122.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libjavascriptcoregtk-4_1-0-64bit-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-64bit-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-64bit-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-64bit-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.48.5-150400.4.122.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.48.5-150400.4.122.1 * WebKitGTK-6.0-lang-2.48.5-150400.4.122.1 * WebKitGTK-4.1-lang-2.48.5-150400.4.122.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * webkit2gtk3-devel-2.48.5-150400.4.122.1 * libwebkitgtk-6_0-4-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk3-debugsource-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-2.48.5-150400.4.122.1 * webkit2gtk-4_1-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-debugsource-2.48.5-150400.4.122.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-4_1-2.48.5-150400.4.122.1 * libjavascriptcoregtk-6_0-1-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.5-150400.4.122.1 * webkitgtk-6_0-injected-bundles-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-devel-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_1-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150400.4.122.1 * libwebkitgtk-6_0-4-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk4-debugsource-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-2.48.5-150400.4.122.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.48.5-150400.4.122.1 * WebKitGTK-6.0-lang-2.48.5-150400.4.122.1 * WebKitGTK-4.1-lang-2.48.5-150400.4.122.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * webkit2gtk3-devel-2.48.5-150400.4.122.1 * libwebkitgtk-6_0-4-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk3-debugsource-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-2.48.5-150400.4.122.1 * webkit2gtk-4_1-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-debugsource-2.48.5-150400.4.122.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-4_1-2.48.5-150400.4.122.1 * libjavascriptcoregtk-6_0-1-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.5-150400.4.122.1 * webkitgtk-6_0-injected-bundles-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-devel-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_1-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150400.4.122.1 * libwebkitgtk-6_0-4-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk4-debugsource-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-2.48.5-150400.4.122.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * WebKitGTK-4.0-lang-2.48.5-150400.4.122.1 * WebKitGTK-6.0-lang-2.48.5-150400.4.122.1 * WebKitGTK-4.1-lang-2.48.5-150400.4.122.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * webkit2gtk3-devel-2.48.5-150400.4.122.1 * libwebkitgtk-6_0-4-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk3-debugsource-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-2.48.5-150400.4.122.1 * webkit2gtk-4_1-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-debugsource-2.48.5-150400.4.122.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-4_1-2.48.5-150400.4.122.1 * libjavascriptcoregtk-6_0-1-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.5-150400.4.122.1 * webkitgtk-6_0-injected-bundles-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-devel-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_1-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150400.4.122.1 * libwebkitgtk-6_0-4-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk4-debugsource-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-2.48.5-150400.4.122.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * WebKitGTK-4.0-lang-2.48.5-150400.4.122.1 * WebKitGTK-6.0-lang-2.48.5-150400.4.122.1 * WebKitGTK-4.1-lang-2.48.5-150400.4.122.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * webkit2gtk3-devel-2.48.5-150400.4.122.1 * libwebkitgtk-6_0-4-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk3-debugsource-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-2.48.5-150400.4.122.1 * webkit2gtk-4_1-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-debugsource-2.48.5-150400.4.122.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-4_1-2.48.5-150400.4.122.1 * libjavascriptcoregtk-6_0-1-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.5-150400.4.122.1 * webkitgtk-6_0-injected-bundles-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-devel-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_1-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150400.4.122.1 * libwebkitgtk-6_0-4-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk4-debugsource-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-2.48.5-150400.4.122.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * WebKitGTK-4.0-lang-2.48.5-150400.4.122.1 * WebKitGTK-6.0-lang-2.48.5-150400.4.122.1 * WebKitGTK-4.1-lang-2.48.5-150400.4.122.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * webkit2gtk3-devel-2.48.5-150400.4.122.1 * libwebkitgtk-6_0-4-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk3-debugsource-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-2.48.5-150400.4.122.1 * webkit2gtk-4_1-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-debugsource-2.48.5-150400.4.122.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-4_1-2.48.5-150400.4.122.1 * libjavascriptcoregtk-6_0-1-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.5-150400.4.122.1 * webkitgtk-6_0-injected-bundles-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-devel-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_1-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150400.4.122.1 * libwebkitgtk-6_0-4-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk4-debugsource-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-2.48.5-150400.4.122.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * WebKitGTK-4.0-lang-2.48.5-150400.4.122.1 * WebKitGTK-6.0-lang-2.48.5-150400.4.122.1 * WebKitGTK-4.1-lang-2.48.5-150400.4.122.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * webkit2gtk3-devel-2.48.5-150400.4.122.1 * libwebkitgtk-6_0-4-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk3-debugsource-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-2.48.5-150400.4.122.1 * webkit2gtk-4_1-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-debugsource-2.48.5-150400.4.122.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-4_1-2.48.5-150400.4.122.1 * libjavascriptcoregtk-6_0-1-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.5-150400.4.122.1 * webkitgtk-6_0-injected-bundles-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-devel-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_1-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150400.4.122.1 * libwebkitgtk-6_0-4-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk4-debugsource-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-2.48.5-150400.4.122.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.48.5-150400.4.122.1 * WebKitGTK-6.0-lang-2.48.5-150400.4.122.1 * WebKitGTK-4.1-lang-2.48.5-150400.4.122.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * webkit2gtk3-devel-2.48.5-150400.4.122.1 * libwebkitgtk-6_0-4-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk3-debugsource-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-2.48.5-150400.4.122.1 * webkit2gtk-4_1-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-debugsource-2.48.5-150400.4.122.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-4_1-2.48.5-150400.4.122.1 * libjavascriptcoregtk-6_0-1-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.5-150400.4.122.1 * webkitgtk-6_0-injected-bundles-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-devel-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_1-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150400.4.122.1 * libwebkitgtk-6_0-4-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk4-debugsource-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-2.48.5-150400.4.122.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * WebKitGTK-4.0-lang-2.48.5-150400.4.122.1 * WebKitGTK-6.0-lang-2.48.5-150400.4.122.1 * WebKitGTK-4.1-lang-2.48.5-150400.4.122.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * webkit2gtk3-devel-2.48.5-150400.4.122.1 * libwebkitgtk-6_0-4-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk3-debugsource-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-2.48.5-150400.4.122.1 * webkit2gtk-4_1-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-debugsource-2.48.5-150400.4.122.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-4_1-2.48.5-150400.4.122.1 * libjavascriptcoregtk-6_0-1-2.48.5-150400.4.122.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.5-150400.4.122.1 * webkitgtk-6_0-injected-bundles-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_1-0-2.48.5-150400.4.122.1 * typelib-1_0-JavaScriptCore-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-devel-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_1-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150400.4.122.1 * libwebkitgtk-6_0-4-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk4-debugsource-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-2.48.5-150400.4.122.1 * SUSE Manager Proxy 4.3 LTS (noarch) * WebKitGTK-4.0-lang-2.48.5-150400.4.122.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * typelib-1_0-JavaScriptCore-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-devel-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_0-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-debugsource-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-2.48.5-150400.4.122.1 * SUSE Manager Retail Branch Server 4.3 LTS (noarch) * WebKitGTK-4.0-lang-2.48.5-150400.4.122.1 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * typelib-1_0-JavaScriptCore-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-devel-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_0-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-debugsource-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-2.48.5-150400.4.122.1 * SUSE Manager Server 4.3 LTS (noarch) * WebKitGTK-4.0-lang-2.48.5-150400.4.122.1 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * typelib-1_0-JavaScriptCore-4_0-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-devel-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-2.48.5-150400.4.122.1 * typelib-1_0-WebKit2-4_0-2.48.5-150400.4.122.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-150400.4.122.1 * webkit2gtk-4_0-injected-bundles-2.48.5-150400.4.122.1 * webkit2gtk3-soup2-debugsource-2.48.5-150400.4.122.1 * libjavascriptcoregtk-4_0-18-2.48.5-150400.4.122.1 ## References: * https://www.suse.com/security/cve/CVE-2024-44192.html * https://www.suse.com/security/cve/CVE-2024-54467.html * https://www.suse.com/security/cve/CVE-2025-24189.html * https://www.suse.com/security/cve/CVE-2025-24201.html * https://www.suse.com/security/cve/CVE-2025-31273.html * https://www.suse.com/security/cve/CVE-2025-31278.html * https://www.suse.com/security/cve/CVE-2025-43211.html * https://www.suse.com/security/cve/CVE-2025-43212.html * https://www.suse.com/security/cve/CVE-2025-43216.html * https://www.suse.com/security/cve/CVE-2025-43227.html * https://www.suse.com/security/cve/CVE-2025-43228.html * https://www.suse.com/security/cve/CVE-2025-43240.html * https://www.suse.com/security/cve/CVE-2025-43265.html * https://www.suse.com/security/cve/CVE-2025-6558.html * https://bugzilla.suse.com/show_bug.cgi?id=1247562 * https://bugzilla.suse.com/show_bug.cgi?id=1247563 * https://bugzilla.suse.com/show_bug.cgi?id=1247564 * https://bugzilla.suse.com/show_bug.cgi?id=1247595 * https://bugzilla.suse.com/show_bug.cgi?id=1247596 * https://bugzilla.suse.com/show_bug.cgi?id=1247597 * https://bugzilla.suse.com/show_bug.cgi?id=1247598 * https://bugzilla.suse.com/show_bug.cgi?id=1247599 * https://bugzilla.suse.com/show_bug.cgi?id=1247600 * https://bugzilla.suse.com/show_bug.cgi?id=1247742 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 13 08:30:42 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 13 Aug 2025 08:30:42 -0000 Subject: SUSE-SU-2025:02423-2: moderate: Security update for kubernetes1.23 Message-ID: <175507384231.7464.350050330199054375@smelt2.prg2.suse.org> # Security update for kubernetes1.23 Announcement ID: SUSE-SU-2025:02423-2 Release Date: 2025-08-13T00:11:01Z Rating: moderate References: * bsc#1194400 * bsc#1212493 * bsc#1219964 * bsc#1222539 * bsc#1229008 * bsc#1241865 Cross-References: * CVE-2021-25743 * CVE-2023-2431 * CVE-2024-0793 * CVE-2024-3177 * CVE-2025-22872 CVSS scores: * CVE-2021-25743 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2021-25743 ( NVD ): 3.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N * CVE-2023-2431 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N * CVE-2023-2431 ( NVD ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N * CVE-2023-2431 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-0793 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0793 ( NVD ): 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-3177 ( SUSE ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2024-3177 ( NVD ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2025-22872 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-22872 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for kubernetes1.23 fixes the following issues: * CVE-2021-25743: Escape terminal special characters in kubectl output (bsc#1194400). * CVE-2023-2431: Prevent pods to bypass the seccomp profile enforcement (bsc#1212493). * CVE-2024-0793: Advance autoscaling v2 as the preferred API version (bsc#1219964). * CVE-2024-3177: Prevent bypassing mountable secrets policy imposed by the ServiceAccount admission plugin (bsc#1222539). * CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2423=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2423=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2423=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2423=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2423=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2423=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2423=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2423=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * kubernetes1.23-client-1.23.17-150300.7.12.1 * kubernetes1.23-client-common-1.23.17-150300.7.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.23-client-1.23.17-150300.7.12.1 * kubernetes1.23-client-common-1.23.17-150300.7.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.23-client-1.23.17-150300.7.12.1 * kubernetes1.23-client-common-1.23.17-150300.7.12.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.23-client-1.23.17-150300.7.12.1 * kubernetes1.23-client-common-1.23.17-150300.7.12.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (ppc64le) * kubernetes1.23-client-debuginfo-1.23.17-150300.7.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.23-client-1.23.17-150300.7.12.1 * kubernetes1.23-client-common-1.23.17-150300.7.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (ppc64le) * kubernetes1.23-client-debuginfo-1.23.17-150300.7.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * kubernetes1.23-client-1.23.17-150300.7.12.1 * kubernetes1.23-client-common-1.23.17-150300.7.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le) * kubernetes1.23-client-debuginfo-1.23.17-150300.7.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.23-client-1.23.17-150300.7.12.1 * kubernetes1.23-client-common-1.23.17-150300.7.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le) * kubernetes1.23-client-debuginfo-1.23.17-150300.7.12.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * kubernetes1.23-client-1.23.17-150300.7.12.1 * kubernetes1.23-client-common-1.23.17-150300.7.12.1 ## References: * https://www.suse.com/security/cve/CVE-2021-25743.html * https://www.suse.com/security/cve/CVE-2023-2431.html * https://www.suse.com/security/cve/CVE-2024-0793.html * https://www.suse.com/security/cve/CVE-2024-3177.html * https://www.suse.com/security/cve/CVE-2025-22872.html * https://bugzilla.suse.com/show_bug.cgi?id=1194400 * https://bugzilla.suse.com/show_bug.cgi?id=1212493 * https://bugzilla.suse.com/show_bug.cgi?id=1219964 * https://bugzilla.suse.com/show_bug.cgi?id=1222539 * https://bugzilla.suse.com/show_bug.cgi?id=1229008 * https://bugzilla.suse.com/show_bug.cgi?id=1241865 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 13 08:30:46 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 13 Aug 2025 08:30:46 -0000 Subject: SUSE-SU-2025:02773-1: moderate: Security update for libgcrypt Message-ID: <175507384691.7464.6431022308066111084@smelt2.prg2.suse.org> # Security update for libgcrypt Announcement ID: SUSE-SU-2025:02773-1 Release Date: 2025-08-13T00:10:27Z Rating: moderate References: * bsc#1221107 Cross-References: * CVE-2024-2236 CVSS scores: * CVE-2024-2236 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-2236 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libgcrypt fixes the following issues: * CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2773=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2773=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2773=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2773=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2773=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2773=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libgcrypt-cavs-1.9.4-150500.12.3.3 * libgcrypt-devel-debuginfo-1.9.4-150500.12.3.3 * libgcrypt20-hmac-1.9.4-150500.12.3.3 * libgcrypt-devel-1.9.4-150500.12.3.3 * libgcrypt20-1.9.4-150500.12.3.3 * libgcrypt-debugsource-1.9.4-150500.12.3.3 * libgcrypt-cavs-debuginfo-1.9.4-150500.12.3.3 * libgcrypt20-debuginfo-1.9.4-150500.12.3.3 * openSUSE Leap 15.5 (x86_64) * libgcrypt20-32bit-debuginfo-1.9.4-150500.12.3.3 * libgcrypt-devel-32bit-1.9.4-150500.12.3.3 * libgcrypt-devel-32bit-debuginfo-1.9.4-150500.12.3.3 * libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3 * libgcrypt20-32bit-1.9.4-150500.12.3.3 * openSUSE Leap 15.5 (aarch64_ilp32) * libgcrypt-devel-64bit-1.9.4-150500.12.3.3 * libgcrypt20-64bit-debuginfo-1.9.4-150500.12.3.3 * libgcrypt-devel-64bit-debuginfo-1.9.4-150500.12.3.3 * libgcrypt20-64bit-1.9.4-150500.12.3.3 * libgcrypt20-hmac-64bit-1.9.4-150500.12.3.3 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libgcrypt20-hmac-1.9.4-150500.12.3.3 * libgcrypt20-1.9.4-150500.12.3.3 * libgcrypt20-debuginfo-1.9.4-150500.12.3.3 * libgcrypt-debugsource-1.9.4-150500.12.3.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64) * libgcrypt-cavs-1.9.4-150500.12.3.3 * libgcrypt-cavs-debuginfo-1.9.4-150500.12.3.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libgcrypt-devel-debuginfo-1.9.4-150500.12.3.3 * libgcrypt20-hmac-1.9.4-150500.12.3.3 * libgcrypt-devel-1.9.4-150500.12.3.3 * libgcrypt20-1.9.4-150500.12.3.3 * libgcrypt-debugsource-1.9.4-150500.12.3.3 * libgcrypt20-debuginfo-1.9.4-150500.12.3.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3 * libgcrypt20-32bit-1.9.4-150500.12.3.3 * libgcrypt20-32bit-debuginfo-1.9.4-150500.12.3.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64) * libgcrypt-cavs-1.9.4-150500.12.3.3 * libgcrypt-cavs-debuginfo-1.9.4-150500.12.3.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libgcrypt-devel-debuginfo-1.9.4-150500.12.3.3 * libgcrypt20-hmac-1.9.4-150500.12.3.3 * libgcrypt-devel-1.9.4-150500.12.3.3 * libgcrypt20-1.9.4-150500.12.3.3 * libgcrypt-debugsource-1.9.4-150500.12.3.3 * libgcrypt20-debuginfo-1.9.4-150500.12.3.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3 * libgcrypt20-32bit-1.9.4-150500.12.3.3 * libgcrypt20-32bit-debuginfo-1.9.4-150500.12.3.3 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64) * libgcrypt-cavs-1.9.4-150500.12.3.3 * libgcrypt-cavs-debuginfo-1.9.4-150500.12.3.3 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libgcrypt-devel-debuginfo-1.9.4-150500.12.3.3 * libgcrypt20-hmac-1.9.4-150500.12.3.3 * libgcrypt-devel-1.9.4-150500.12.3.3 * libgcrypt20-1.9.4-150500.12.3.3 * libgcrypt-debugsource-1.9.4-150500.12.3.3 * libgcrypt20-debuginfo-1.9.4-150500.12.3.3 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3 * libgcrypt20-32bit-1.9.4-150500.12.3.3 * libgcrypt20-32bit-debuginfo-1.9.4-150500.12.3.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libgcrypt-devel-debuginfo-1.9.4-150500.12.3.3 * libgcrypt20-hmac-1.9.4-150500.12.3.3 * libgcrypt-devel-1.9.4-150500.12.3.3 * libgcrypt20-1.9.4-150500.12.3.3 * libgcrypt-debugsource-1.9.4-150500.12.3.3 * libgcrypt20-debuginfo-1.9.4-150500.12.3.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libgcrypt20-hmac-32bit-1.9.4-150500.12.3.3 * libgcrypt20-32bit-1.9.4-150500.12.3.3 * libgcrypt20-32bit-debuginfo-1.9.4-150500.12.3.3 ## References: * https://www.suse.com/security/cve/CVE-2024-2236.html * https://bugzilla.suse.com/show_bug.cgi?id=1221107 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 13 12:30:06 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 13 Aug 2025 12:30:06 -0000 Subject: SUSE-SU-2025:02787-1: moderate: Security update for python3 Message-ID: <175508820685.13587.8144701374714874290@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2025:02787-1 Release Date: 2025-08-13T11:51:31Z Rating: moderate References: * bsc#1247249 Cross-References: * CVE-2025-8194 CVSS scores: * CVE-2025-8194 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-8194 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-8194 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.1 An update that solves one vulnerability can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets (bsc#1247249). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2787=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libpython3_6m1_0-debuginfo-3.6.15-150000.3.185.1 * python3-base-3.6.15-150000.3.185.1 * libpython3_6m1_0-3.6.15-150000.3.185.1 * python3-debuginfo-3.6.15-150000.3.185.2 * python3-core-debugsource-3.6.15-150000.3.185.1 * python3-base-debuginfo-3.6.15-150000.3.185.1 * python3-debugsource-3.6.15-150000.3.185.2 * python3-3.6.15-150000.3.185.2 ## References: * https://www.suse.com/security/cve/CVE-2025-8194.html * https://bugzilla.suse.com/show_bug.cgi?id=1247249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 13 12:30:15 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 13 Aug 2025 12:30:15 -0000 Subject: SUSE-SU-2025:02786-1: moderate: Security update for apache-commons-lang3 Message-ID: <175508821509.13587.14290398607717631288@smelt2.prg2.suse.org> # Security update for apache-commons-lang3 Announcement ID: SUSE-SU-2025:02786-1 Release Date: 2025-08-13T11:51:16Z Rating: moderate References: * bsc#1085999 * bsc#1246397 Cross-References: * CVE-2025-48924 CVSS scores: * CVE-2025-48924 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-48924 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-48924 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for apache-commons-lang3 fixes the following issues: * CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. (bsc#1246397) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2786=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * apache-commons-lang-2.6-5.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-48924.html * https://bugzilla.suse.com/show_bug.cgi?id=1085999 * https://bugzilla.suse.com/show_bug.cgi?id=1246397 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 13 12:30:17 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 13 Aug 2025 12:30:17 -0000 Subject: SUSE-SU-2025:02785-1: moderate: Security update for apache-commons-lang3 Message-ID: <175508821752.13587.14893652435112446984@smelt2.prg2.suse.org> # Security update for apache-commons-lang3 Announcement ID: SUSE-SU-2025:02785-1 Release Date: 2025-08-13T11:51:09Z Rating: moderate References: * bsc#1246397 Cross-References: * CVE-2025-48924 CVSS scores: * CVE-2025-48924 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-48924 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-48924 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for apache-commons-lang3 fixes the following issues: * CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. (bsc#1246397) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2785=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2785=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2785=1 ## Package List: * Basesystem Module 15-SP6 (noarch) * apache-commons-lang-2.6-150200.14.3.1 * Basesystem Module 15-SP7 (noarch) * apache-commons-lang-2.6-150200.14.3.1 * openSUSE Leap 15.6 (noarch) * apache-commons-lang-2.6-150200.14.3.1 * apache-commons-lang-javadoc-2.6-150200.14.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-48924.html * https://bugzilla.suse.com/show_bug.cgi?id=1246397 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 13 12:30:23 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 13 Aug 2025 12:30:23 -0000 Subject: SUSE-SU-2025:02783-1: important: Security update for icinga2 Message-ID: <175508822355.13587.13382695456738716476@smelt2.prg2.suse.org> # Security update for icinga2 Announcement ID: SUSE-SU-2025:02783-1 Release Date: 2025-08-13T08:53:45Z Rating: important References: * bsc#1243747 Cross-References: * CVE-2025-48057 CVSS scores: * CVE-2025-48057 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L * CVE-2025-48057 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-48057 ( NVD ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * HPC Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for icinga2 fixes the following issues: * CVE-2025-48057: A certificate incorrectly treated as valid can allow an attacker to impersonate a trusted node (bsc#1243747). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * HPC Module 12 zypper in -t patch SUSE-SLE-Module-HPC-12-2025-2783=1 ## Package List: * HPC Module 12 (aarch64 x86_64) * icinga2-libs-2.8.2-3.11.2 * icinga2-ido-mysql-debuginfo-2.8.2-3.11.2 * icinga2-common-2.8.2-3.11.2 * icinga2-bin-debuginfo-2.8.2-3.11.2 * icinga2-debugsource-2.8.2-3.11.2 * icinga2-libs-debuginfo-2.8.2-3.11.2 * icinga2-doc-2.8.2-3.11.2 * icinga2-bin-2.8.2-3.11.2 * icinga2-ido-pgsql-debuginfo-2.8.2-3.11.2 * icinga2-ido-pgsql-2.8.2-3.11.2 * vim-icinga2-2.8.2-3.11.2 * icinga2-2.8.2-3.11.2 * icinga2-ido-mysql-2.8.2-3.11.2 ## References: * https://www.suse.com/security/cve/CVE-2025-48057.html * https://bugzilla.suse.com/show_bug.cgi?id=1243747 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 13 16:30:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 13 Aug 2025 16:30:04 -0000 Subject: SUSE-SU-2025:02791-1: important: Security update for poppler Message-ID: <175510260457.674.8026893993163857605@smelt2.prg2.suse.org> # Security update for poppler Announcement ID: SUSE-SU-2025:02791-1 Release Date: 2025-08-13T12:54:33Z Rating: important References: * bsc#1247590 Cross-References: * CVE-2025-50420 CVSS scores: * CVE-2025-50420 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-50420 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for poppler fixes the following issues: * CVE-2025-50420: Fixed Denial of Service in pdfseparate utility (bsc#1247590) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2791=1 openSUSE-SLE-15.6-2025-2791=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2791=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2791=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2791=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2791=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libpoppler-qt6-devel-24.03.0-150600.3.19.1 * libpoppler-qt5-1-24.03.0-150600.3.19.1 * libpoppler-cpp0-24.03.0-150600.3.19.1 * typelib-1_0-Poppler-0_18-24.03.0-150600.3.19.1 * poppler-tools-debuginfo-24.03.0-150600.3.19.1 * libpoppler-glib8-24.03.0-150600.3.19.1 * libpoppler-qt5-devel-24.03.0-150600.3.19.1 * libpoppler-qt6-3-24.03.0-150600.3.19.1 * libpoppler-cpp0-debuginfo-24.03.0-150600.3.19.1 * poppler-tools-24.03.0-150600.3.19.1 * poppler-debugsource-24.03.0-150600.3.19.1 * libpoppler-qt5-1-debuginfo-24.03.0-150600.3.19.1 * libpoppler135-debuginfo-24.03.0-150600.3.19.1 * poppler-qt5-debugsource-24.03.0-150600.3.19.1 * libpoppler135-24.03.0-150600.3.19.1 * libpoppler-qt6-3-debuginfo-24.03.0-150600.3.19.1 * libpoppler-glib-devel-24.03.0-150600.3.19.1 * poppler-qt6-debugsource-24.03.0-150600.3.19.1 * libpoppler-glib8-debuginfo-24.03.0-150600.3.19.1 * libpoppler-devel-24.03.0-150600.3.19.1 * openSUSE Leap 15.6 (x86_64) * libpoppler135-32bit-24.03.0-150600.3.19.1 * libpoppler-cpp0-32bit-debuginfo-24.03.0-150600.3.19.1 * libpoppler135-32bit-debuginfo-24.03.0-150600.3.19.1 * libpoppler-cpp0-32bit-24.03.0-150600.3.19.1 * libpoppler-glib8-32bit-24.03.0-150600.3.19.1 * libpoppler-qt5-1-32bit-debuginfo-24.03.0-150600.3.19.1 * libpoppler-qt5-1-32bit-24.03.0-150600.3.19.1 * libpoppler-glib8-32bit-debuginfo-24.03.0-150600.3.19.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libpoppler-glib8-64bit-debuginfo-24.03.0-150600.3.19.1 * libpoppler-qt5-1-64bit-debuginfo-24.03.0-150600.3.19.1 * libpoppler135-64bit-debuginfo-24.03.0-150600.3.19.1 * libpoppler-qt5-1-64bit-24.03.0-150600.3.19.1 * libpoppler-glib8-64bit-24.03.0-150600.3.19.1 * libpoppler-cpp0-64bit-24.03.0-150600.3.19.1 * libpoppler135-64bit-24.03.0-150600.3.19.1 * libpoppler-cpp0-64bit-debuginfo-24.03.0-150600.3.19.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libpoppler-cpp0-24.03.0-150600.3.19.1 * typelib-1_0-Poppler-0_18-24.03.0-150600.3.19.1 * poppler-tools-debuginfo-24.03.0-150600.3.19.1 * libpoppler-glib8-24.03.0-150600.3.19.1 * libpoppler-cpp0-debuginfo-24.03.0-150600.3.19.1 * poppler-tools-24.03.0-150600.3.19.1 * poppler-debugsource-24.03.0-150600.3.19.1 * libpoppler135-debuginfo-24.03.0-150600.3.19.1 * libpoppler135-24.03.0-150600.3.19.1 * libpoppler-glib-devel-24.03.0-150600.3.19.1 * libpoppler-glib8-debuginfo-24.03.0-150600.3.19.1 * libpoppler-devel-24.03.0-150600.3.19.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libpoppler-cpp0-24.03.0-150600.3.19.1 * typelib-1_0-Poppler-0_18-24.03.0-150600.3.19.1 * poppler-tools-debuginfo-24.03.0-150600.3.19.1 * libpoppler-glib8-24.03.0-150600.3.19.1 * libpoppler-cpp0-debuginfo-24.03.0-150600.3.19.1 * poppler-tools-24.03.0-150600.3.19.1 * poppler-debugsource-24.03.0-150600.3.19.1 * libpoppler135-debuginfo-24.03.0-150600.3.19.1 * libpoppler135-24.03.0-150600.3.19.1 * libpoppler-glib-devel-24.03.0-150600.3.19.1 * libpoppler-glib8-debuginfo-24.03.0-150600.3.19.1 * libpoppler-devel-24.03.0-150600.3.19.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * libpoppler-qt6-devel-24.03.0-150600.3.19.1 * libpoppler-qt5-1-24.03.0-150600.3.19.1 * libpoppler-cpp0-24.03.0-150600.3.19.1 * libpoppler-qt6-3-24.03.0-150600.3.19.1 * libpoppler-qt5-devel-24.03.0-150600.3.19.1 * libpoppler-qt5-1-debuginfo-24.03.0-150600.3.19.1 * libpoppler-cpp0-debuginfo-24.03.0-150600.3.19.1 * poppler-debugsource-24.03.0-150600.3.19.1 * poppler-qt5-debugsource-24.03.0-150600.3.19.1 * libpoppler-qt6-3-debuginfo-24.03.0-150600.3.19.1 * poppler-qt6-debugsource-24.03.0-150600.3.19.1 * libpoppler-devel-24.03.0-150600.3.19.1 * SUSE Package Hub 15 15-SP6 (x86_64) * libpoppler-glib8-32bit-24.03.0-150600.3.19.1 * libpoppler135-32bit-debuginfo-24.03.0-150600.3.19.1 * libpoppler135-32bit-24.03.0-150600.3.19.1 * libpoppler-glib8-32bit-debuginfo-24.03.0-150600.3.19.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * libpoppler-qt6-devel-24.03.0-150600.3.19.1 * libpoppler-qt5-1-24.03.0-150600.3.19.1 * libpoppler-cpp0-24.03.0-150600.3.19.1 * libpoppler-qt6-3-24.03.0-150600.3.19.1 * libpoppler-qt5-devel-24.03.0-150600.3.19.1 * libpoppler-qt5-1-debuginfo-24.03.0-150600.3.19.1 * libpoppler-cpp0-debuginfo-24.03.0-150600.3.19.1 * poppler-debugsource-24.03.0-150600.3.19.1 * poppler-qt5-debugsource-24.03.0-150600.3.19.1 * libpoppler-qt6-3-debuginfo-24.03.0-150600.3.19.1 * poppler-qt6-debugsource-24.03.0-150600.3.19.1 * libpoppler-devel-24.03.0-150600.3.19.1 * SUSE Package Hub 15 15-SP7 (x86_64) * libpoppler-glib8-32bit-24.03.0-150600.3.19.1 * libpoppler135-32bit-debuginfo-24.03.0-150600.3.19.1 * libpoppler135-32bit-24.03.0-150600.3.19.1 * libpoppler-glib8-32bit-debuginfo-24.03.0-150600.3.19.1 ## References: * https://www.suse.com/security/cve/CVE-2025-50420.html * https://bugzilla.suse.com/show_bug.cgi?id=1247590 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 13 16:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 13 Aug 2025 16:30:08 -0000 Subject: SUSE-SU-2025:02790-1: important: Security update for poppler Message-ID: <175510260853.674.6200428118826736682@smelt2.prg2.suse.org> # Security update for poppler Announcement ID: SUSE-SU-2025:02790-1 Release Date: 2025-08-13T12:53:36Z Rating: important References: * bsc#1247590 Cross-References: * CVE-2025-50420 CVSS scores: * CVE-2025-50420 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-50420 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS An update that solves one vulnerability can now be installed. ## Description: This update for poppler fixes the following issues: * CVE-2025-50420: Fixed Denial of Service in pdfseparate utility (bsc#1247590) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2790=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2790=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2790=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2790=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2790=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-2790=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-2790=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-2790=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libpoppler117-22.01.0-150400.3.38.1 * poppler-tools-debuginfo-22.01.0-150400.3.38.1 * libpoppler-qt6-3-22.01.0-150400.3.38.1 * poppler-qt6-debugsource-22.01.0-150400.3.38.1 * libpoppler-cpp0-debuginfo-22.01.0-150400.3.38.1 * poppler-tools-22.01.0-150400.3.38.1 * libpoppler-cpp0-22.01.0-150400.3.38.1 * libpoppler-qt5-1-debuginfo-22.01.0-150400.3.38.1 * typelib-1_0-Poppler-0_18-22.01.0-150400.3.38.1 * libpoppler-glib8-debuginfo-22.01.0-150400.3.38.1 * libpoppler-qt5-1-22.01.0-150400.3.38.1 * libpoppler117-debuginfo-22.01.0-150400.3.38.1 * libpoppler-glib8-22.01.0-150400.3.38.1 * libpoppler-glib-devel-22.01.0-150400.3.38.1 * poppler-debugsource-22.01.0-150400.3.38.1 * poppler-qt5-debugsource-22.01.0-150400.3.38.1 * libpoppler-qt6-devel-22.01.0-150400.3.38.1 * libpoppler-devel-22.01.0-150400.3.38.1 * libpoppler-qt5-devel-22.01.0-150400.3.38.1 * libpoppler-qt6-3-debuginfo-22.01.0-150400.3.38.1 * openSUSE Leap 15.4 (x86_64) * libpoppler117-32bit-debuginfo-22.01.0-150400.3.38.1 * libpoppler-cpp0-32bit-debuginfo-22.01.0-150400.3.38.1 * libpoppler-qt5-1-32bit-22.01.0-150400.3.38.1 * libpoppler-glib8-32bit-debuginfo-22.01.0-150400.3.38.1 * libpoppler117-32bit-22.01.0-150400.3.38.1 * libpoppler-qt5-1-32bit-debuginfo-22.01.0-150400.3.38.1 * libpoppler-cpp0-32bit-22.01.0-150400.3.38.1 * libpoppler-glib8-32bit-22.01.0-150400.3.38.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpoppler-cpp0-64bit-22.01.0-150400.3.38.1 * libpoppler117-64bit-debuginfo-22.01.0-150400.3.38.1 * libpoppler-qt5-1-64bit-debuginfo-22.01.0-150400.3.38.1 * libpoppler-glib8-64bit-debuginfo-22.01.0-150400.3.38.1 * libpoppler-qt5-1-64bit-22.01.0-150400.3.38.1 * libpoppler-glib8-64bit-22.01.0-150400.3.38.1 * libpoppler117-64bit-22.01.0-150400.3.38.1 * libpoppler-cpp0-64bit-debuginfo-22.01.0-150400.3.38.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libpoppler117-22.01.0-150400.3.38.1 * poppler-tools-debuginfo-22.01.0-150400.3.38.1 * libpoppler-cpp0-debuginfo-22.01.0-150400.3.38.1 * poppler-tools-22.01.0-150400.3.38.1 * libpoppler-cpp0-22.01.0-150400.3.38.1 * typelib-1_0-Poppler-0_18-22.01.0-150400.3.38.1 * libpoppler-glib8-debuginfo-22.01.0-150400.3.38.1 * libpoppler117-debuginfo-22.01.0-150400.3.38.1 * libpoppler-glib8-22.01.0-150400.3.38.1 * libpoppler-glib-devel-22.01.0-150400.3.38.1 * poppler-debugsource-22.01.0-150400.3.38.1 * libpoppler-devel-22.01.0-150400.3.38.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libpoppler117-22.01.0-150400.3.38.1 * poppler-tools-debuginfo-22.01.0-150400.3.38.1 * libpoppler-cpp0-debuginfo-22.01.0-150400.3.38.1 * poppler-tools-22.01.0-150400.3.38.1 * libpoppler-cpp0-22.01.0-150400.3.38.1 * typelib-1_0-Poppler-0_18-22.01.0-150400.3.38.1 * libpoppler-glib8-debuginfo-22.01.0-150400.3.38.1 * libpoppler117-debuginfo-22.01.0-150400.3.38.1 * libpoppler-glib8-22.01.0-150400.3.38.1 * libpoppler-glib-devel-22.01.0-150400.3.38.1 * poppler-debugsource-22.01.0-150400.3.38.1 * libpoppler-devel-22.01.0-150400.3.38.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libpoppler117-22.01.0-150400.3.38.1 * poppler-tools-debuginfo-22.01.0-150400.3.38.1 * libpoppler-cpp0-debuginfo-22.01.0-150400.3.38.1 * poppler-tools-22.01.0-150400.3.38.1 * libpoppler-cpp0-22.01.0-150400.3.38.1 * typelib-1_0-Poppler-0_18-22.01.0-150400.3.38.1 * libpoppler-glib8-debuginfo-22.01.0-150400.3.38.1 * libpoppler117-debuginfo-22.01.0-150400.3.38.1 * libpoppler-glib8-22.01.0-150400.3.38.1 * libpoppler-glib-devel-22.01.0-150400.3.38.1 * poppler-debugsource-22.01.0-150400.3.38.1 * libpoppler-devel-22.01.0-150400.3.38.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libpoppler117-22.01.0-150400.3.38.1 * poppler-tools-debuginfo-22.01.0-150400.3.38.1 * libpoppler-cpp0-debuginfo-22.01.0-150400.3.38.1 * poppler-tools-22.01.0-150400.3.38.1 * libpoppler-cpp0-22.01.0-150400.3.38.1 * typelib-1_0-Poppler-0_18-22.01.0-150400.3.38.1 * libpoppler-glib8-debuginfo-22.01.0-150400.3.38.1 * libpoppler117-debuginfo-22.01.0-150400.3.38.1 * libpoppler-glib8-22.01.0-150400.3.38.1 * libpoppler-glib-devel-22.01.0-150400.3.38.1 * poppler-debugsource-22.01.0-150400.3.38.1 * libpoppler-devel-22.01.0-150400.3.38.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * libpoppler117-22.01.0-150400.3.38.1 * poppler-tools-debuginfo-22.01.0-150400.3.38.1 * libpoppler-cpp0-debuginfo-22.01.0-150400.3.38.1 * poppler-tools-22.01.0-150400.3.38.1 * libpoppler-cpp0-22.01.0-150400.3.38.1 * typelib-1_0-Poppler-0_18-22.01.0-150400.3.38.1 * libpoppler-glib8-debuginfo-22.01.0-150400.3.38.1 * libpoppler117-debuginfo-22.01.0-150400.3.38.1 * libpoppler-glib8-22.01.0-150400.3.38.1 * libpoppler-glib-devel-22.01.0-150400.3.38.1 * poppler-debugsource-22.01.0-150400.3.38.1 * libpoppler-devel-22.01.0-150400.3.38.1 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * libpoppler117-22.01.0-150400.3.38.1 * poppler-tools-debuginfo-22.01.0-150400.3.38.1 * libpoppler-cpp0-debuginfo-22.01.0-150400.3.38.1 * poppler-tools-22.01.0-150400.3.38.1 * libpoppler-cpp0-22.01.0-150400.3.38.1 * typelib-1_0-Poppler-0_18-22.01.0-150400.3.38.1 * libpoppler-glib8-debuginfo-22.01.0-150400.3.38.1 * libpoppler117-debuginfo-22.01.0-150400.3.38.1 * libpoppler-glib8-22.01.0-150400.3.38.1 * libpoppler-glib-devel-22.01.0-150400.3.38.1 * poppler-debugsource-22.01.0-150400.3.38.1 * libpoppler-devel-22.01.0-150400.3.38.1 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * libpoppler117-22.01.0-150400.3.38.1 * poppler-tools-debuginfo-22.01.0-150400.3.38.1 * libpoppler-cpp0-debuginfo-22.01.0-150400.3.38.1 * poppler-tools-22.01.0-150400.3.38.1 * libpoppler-cpp0-22.01.0-150400.3.38.1 * typelib-1_0-Poppler-0_18-22.01.0-150400.3.38.1 * libpoppler-glib8-debuginfo-22.01.0-150400.3.38.1 * libpoppler117-debuginfo-22.01.0-150400.3.38.1 * libpoppler-glib8-22.01.0-150400.3.38.1 * libpoppler-glib-devel-22.01.0-150400.3.38.1 * poppler-debugsource-22.01.0-150400.3.38.1 * libpoppler-devel-22.01.0-150400.3.38.1 ## References: * https://www.suse.com/security/cve/CVE-2025-50420.html * https://bugzilla.suse.com/show_bug.cgi?id=1247590 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 13 16:30:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 13 Aug 2025 16:30:11 -0000 Subject: SUSE-SU-2025:02789-1: important: Security update for poppler Message-ID: <175510261143.674.3614812325211332286@smelt2.prg2.suse.org> # Security update for poppler Announcement ID: SUSE-SU-2025:02789-1 Release Date: 2025-08-13T12:52:46Z Rating: important References: * bsc#1247590 Cross-References: * CVE-2025-50420 CVSS scores: * CVE-2025-50420 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-50420 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for poppler fixes the following issues: * CVE-2025-50420: Fixed Denial of Service in pdfseparate utility (bsc#1247590) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2789=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2789=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2789=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2789=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2789=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libpoppler-glib8-23.01.0-150500.3.23.1 * poppler-debugsource-23.01.0-150500.3.23.1 * typelib-1_0-Poppler-0_18-23.01.0-150500.3.23.1 * libpoppler126-debuginfo-23.01.0-150500.3.23.1 * libpoppler-devel-23.01.0-150500.3.23.1 * libpoppler-cpp0-23.01.0-150500.3.23.1 * libpoppler-glib-devel-23.01.0-150500.3.23.1 * libpoppler126-23.01.0-150500.3.23.1 * poppler-tools-23.01.0-150500.3.23.1 * libpoppler-glib8-debuginfo-23.01.0-150500.3.23.1 * libpoppler-cpp0-debuginfo-23.01.0-150500.3.23.1 * poppler-tools-debuginfo-23.01.0-150500.3.23.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libpoppler-glib8-23.01.0-150500.3.23.1 * poppler-debugsource-23.01.0-150500.3.23.1 * typelib-1_0-Poppler-0_18-23.01.0-150500.3.23.1 * libpoppler126-debuginfo-23.01.0-150500.3.23.1 * libpoppler-devel-23.01.0-150500.3.23.1 * libpoppler-cpp0-23.01.0-150500.3.23.1 * libpoppler-glib-devel-23.01.0-150500.3.23.1 * libpoppler126-23.01.0-150500.3.23.1 * poppler-tools-23.01.0-150500.3.23.1 * libpoppler-glib8-debuginfo-23.01.0-150500.3.23.1 * libpoppler-cpp0-debuginfo-23.01.0-150500.3.23.1 * poppler-tools-debuginfo-23.01.0-150500.3.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libpoppler-glib8-23.01.0-150500.3.23.1 * poppler-debugsource-23.01.0-150500.3.23.1 * typelib-1_0-Poppler-0_18-23.01.0-150500.3.23.1 * libpoppler126-debuginfo-23.01.0-150500.3.23.1 * libpoppler-devel-23.01.0-150500.3.23.1 * libpoppler-cpp0-23.01.0-150500.3.23.1 * libpoppler-glib-devel-23.01.0-150500.3.23.1 * libpoppler126-23.01.0-150500.3.23.1 * poppler-tools-23.01.0-150500.3.23.1 * libpoppler-glib8-debuginfo-23.01.0-150500.3.23.1 * libpoppler-cpp0-debuginfo-23.01.0-150500.3.23.1 * poppler-tools-debuginfo-23.01.0-150500.3.23.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libpoppler-glib8-23.01.0-150500.3.23.1 * poppler-debugsource-23.01.0-150500.3.23.1 * typelib-1_0-Poppler-0_18-23.01.0-150500.3.23.1 * libpoppler-qt5-devel-23.01.0-150500.3.23.1 * libpoppler126-debuginfo-23.01.0-150500.3.23.1 * libpoppler-qt6-3-debuginfo-23.01.0-150500.3.23.1 * poppler-qt5-debugsource-23.01.0-150500.3.23.1 * libpoppler-devel-23.01.0-150500.3.23.1 * libpoppler-cpp0-23.01.0-150500.3.23.1 * libpoppler-qt5-1-debuginfo-23.01.0-150500.3.23.1 * libpoppler-glib-devel-23.01.0-150500.3.23.1 * libpoppler126-23.01.0-150500.3.23.1 * libpoppler-qt5-1-23.01.0-150500.3.23.1 * libpoppler-qt6-3-23.01.0-150500.3.23.1 * poppler-tools-23.01.0-150500.3.23.1 * libpoppler-glib8-debuginfo-23.01.0-150500.3.23.1 * libpoppler-qt6-devel-23.01.0-150500.3.23.1 * libpoppler-cpp0-debuginfo-23.01.0-150500.3.23.1 * poppler-qt6-debugsource-23.01.0-150500.3.23.1 * poppler-tools-debuginfo-23.01.0-150500.3.23.1 * openSUSE Leap 15.5 (x86_64) * libpoppler126-32bit-23.01.0-150500.3.23.1 * libpoppler-glib8-32bit-23.01.0-150500.3.23.1 * libpoppler126-32bit-debuginfo-23.01.0-150500.3.23.1 * libpoppler-qt5-1-32bit-debuginfo-23.01.0-150500.3.23.1 * libpoppler-glib8-32bit-debuginfo-23.01.0-150500.3.23.1 * libpoppler-cpp0-32bit-debuginfo-23.01.0-150500.3.23.1 * libpoppler-qt5-1-32bit-23.01.0-150500.3.23.1 * libpoppler-cpp0-32bit-23.01.0-150500.3.23.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libpoppler-glib8-64bit-23.01.0-150500.3.23.1 * libpoppler-cpp0-64bit-debuginfo-23.01.0-150500.3.23.1 * libpoppler-qt5-1-64bit-23.01.0-150500.3.23.1 * libpoppler126-64bit-debuginfo-23.01.0-150500.3.23.1 * libpoppler126-64bit-23.01.0-150500.3.23.1 * libpoppler-qt5-1-64bit-debuginfo-23.01.0-150500.3.23.1 * libpoppler-cpp0-64bit-23.01.0-150500.3.23.1 * libpoppler-glib8-64bit-debuginfo-23.01.0-150500.3.23.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libpoppler-glib8-23.01.0-150500.3.23.1 * poppler-debugsource-23.01.0-150500.3.23.1 * typelib-1_0-Poppler-0_18-23.01.0-150500.3.23.1 * libpoppler126-debuginfo-23.01.0-150500.3.23.1 * libpoppler-devel-23.01.0-150500.3.23.1 * libpoppler-cpp0-23.01.0-150500.3.23.1 * libpoppler-glib-devel-23.01.0-150500.3.23.1 * libpoppler126-23.01.0-150500.3.23.1 * poppler-tools-23.01.0-150500.3.23.1 * libpoppler-glib8-debuginfo-23.01.0-150500.3.23.1 * libpoppler-cpp0-debuginfo-23.01.0-150500.3.23.1 * poppler-tools-debuginfo-23.01.0-150500.3.23.1 ## References: * https://www.suse.com/security/cve/CVE-2025-50420.html * https://bugzilla.suse.com/show_bug.cgi?id=1247590 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 13 16:30:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 13 Aug 2025 16:30:14 -0000 Subject: SUSE-SU-2025:02788-1: important: Security update for poppler Message-ID: <175510261435.674.9355628723111526955@smelt2.prg2.suse.org> # Security update for poppler Announcement ID: SUSE-SU-2025:02788-1 Release Date: 2025-08-13T12:52:15Z Rating: important References: * bsc#1247590 Cross-References: * CVE-2025-50420 CVSS scores: * CVE-2025-50420 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-50420 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for poppler fixes the following issues: * CVE-2025-50420: Fixed Denial of Service in pdfseparate utility (bsc#1247590) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-2788=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2788=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libpoppler60-0.43.0-16.64.1 * poppler-tools-0.43.0-16.64.1 * libpoppler-devel-0.43.0-16.64.1 * libpoppler-glib8-debuginfo-0.43.0-16.64.1 * libpoppler-glib8-0.43.0-16.64.1 * libpoppler60-debuginfo-0.43.0-16.64.1 * libpoppler-qt4-4-0.43.0-16.64.1 * poppler-tools-debuginfo-0.43.0-16.64.1 * poppler-debugsource-0.43.0-16.64.1 * libpoppler-glib-devel-0.43.0-16.64.1 * libpoppler-qt4-devel-0.43.0-16.64.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * libpoppler-qt4-4-debuginfo-0.43.0-16.64.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libpoppler60-0.43.0-16.64.1 * poppler-tools-0.43.0-16.64.1 * libpoppler-devel-0.43.0-16.64.1 * libpoppler-glib8-debuginfo-0.43.0-16.64.1 * libpoppler-glib8-0.43.0-16.64.1 * libpoppler-qt4-4-debuginfo-0.43.0-16.64.1 * libpoppler60-debuginfo-0.43.0-16.64.1 * libpoppler-qt4-4-0.43.0-16.64.1 * poppler-tools-debuginfo-0.43.0-16.64.1 * poppler-debugsource-0.43.0-16.64.1 * libpoppler-glib-devel-0.43.0-16.64.1 * libpoppler-qt4-devel-0.43.0-16.64.1 ## References: * https://www.suse.com/security/cve/CVE-2025-50420.html * https://bugzilla.suse.com/show_bug.cgi?id=1247590 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 14 16:30:10 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 14 Aug 2025 16:30:10 -0000 Subject: SUSE-SU-2025:02802-1: moderate: Security update for python3 Message-ID: <175518901004.674.13042578372811764095@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2025:02802-1 Release Date: 2025-08-14T15:10:00Z Rating: moderate References: * bsc#1244401 * bsc#1244705 * bsc#1247249 Cross-References: * CVE-2024-11168 * CVE-2025-6069 * CVE-2025-8194 CVSS scores: * CVE-2024-11168 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-11168 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-6069 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H * CVE-2025-6069 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H * CVE-2025-6069 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-8194 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-8194 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-8194 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2025-6069: Fixed worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser (bsc#1244705) * CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets (bsc#1247249) Other fixes: \- Limit buffer size for IPv6 address parsing (bsc#1244401). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2802=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * python3-3.4.10-25.158.1 * python3-devel-3.4.10-25.158.1 * python3-base-debuginfo-3.4.10-25.158.1 * python3-debugsource-3.4.10-25.158.1 * python3-tk-3.4.10-25.158.1 * python3-devel-debuginfo-3.4.10-25.158.1 * python3-base-debuginfo-32bit-3.4.10-25.158.1 * libpython3_4m1_0-3.4.10-25.158.1 * python3-base-debugsource-3.4.10-25.158.1 * python3-base-3.4.10-25.158.1 * python3-tk-debuginfo-3.4.10-25.158.1 * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.158.1 * python3-curses-debuginfo-3.4.10-25.158.1 * python3-debuginfo-3.4.10-25.158.1 * libpython3_4m1_0-debuginfo-3.4.10-25.158.1 * python3-curses-3.4.10-25.158.1 * libpython3_4m1_0-32bit-3.4.10-25.158.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11168.html * https://www.suse.com/security/cve/CVE-2025-6069.html * https://www.suse.com/security/cve/CVE-2025-8194.html * https://bugzilla.suse.com/show_bug.cgi?id=1244401 * https://bugzilla.suse.com/show_bug.cgi?id=1244705 * https://bugzilla.suse.com/show_bug.cgi?id=1247249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 14 16:30:17 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 14 Aug 2025 16:30:17 -0000 Subject: SUSE-SU-2025:02801-1: moderate: Security update for ImageMagick Message-ID: <175518901726.674.10578071748897068879@smelt2.prg2.suse.org> # Security update for ImageMagick Announcement ID: SUSE-SU-2025:02801-1 Release Date: 2025-08-14T15:09:29Z Rating: moderate References: * bsc#1246529 * bsc#1246530 * bsc#1246531 * bsc#1246534 * bsc#1247475 Cross-References: * CVE-2025-53014 * CVE-2025-53015 * CVE-2025-53019 * CVE-2025-53101 CVSS scores: * CVE-2025-53014 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-53014 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-53014 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-53015 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-53015 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-53015 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-53019 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-53019 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-53019 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-53101 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-53101 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-53101 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H Affected Products: * Desktop Applications Module 15-SP7 * Development Tools Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for ImageMagick fixes the following issues: * CVE-2025-53014: Fixed an off-by-one error may cause an out-of-bounds memory access (bsc#1246530) * CVE-2025-53015: Fixed specific XMP file conversion may cause an infinite loop (bsc#1246531) * CVE-2025-53019: Fixed format specifiers in a filename template may cause a memory leak (bsc#1246534) * CVE-2025-53101: Fixed input manipulation may lead to an out-of-bound write (bsc#1246529) Other fix: \- Crop filename pattern %03d no longer works in ImageMagick 7 (bsc#1247475) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-2801=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-2801=1 ## Package List: * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * ImageMagick-config-7-SUSE-7.1.1.43-150700.3.8.1 * ImageMagick-7.1.1.43-150700.3.8.1 * ImageMagick-debugsource-7.1.1.43-150700.3.8.1 * libMagickCore-7_Q16HDRI10-7.1.1.43-150700.3.8.1 * libMagick++-7_Q16HDRI5-7.1.1.43-150700.3.8.1 * libMagick++-7_Q16HDRI5-debuginfo-7.1.1.43-150700.3.8.1 * libMagickWand-7_Q16HDRI10-debuginfo-7.1.1.43-150700.3.8.1 * libMagickWand-7_Q16HDRI10-7.1.1.43-150700.3.8.1 * ImageMagick-config-7-upstream-limited-7.1.1.43-150700.3.8.1 * libMagickCore-7_Q16HDRI10-debuginfo-7.1.1.43-150700.3.8.1 * ImageMagick-config-7-upstream-open-7.1.1.43-150700.3.8.1 * ImageMagick-devel-7.1.1.43-150700.3.8.1 * libMagick++-devel-7.1.1.43-150700.3.8.1 * ImageMagick-config-7-upstream-websafe-7.1.1.43-150700.3.8.1 * ImageMagick-config-7-upstream-secure-7.1.1.43-150700.3.8.1 * ImageMagick-debuginfo-7.1.1.43-150700.3.8.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * perl-PerlMagick-7.1.1.43-150700.3.8.1 * ImageMagick-debugsource-7.1.1.43-150700.3.8.1 * perl-PerlMagick-debuginfo-7.1.1.43-150700.3.8.1 * ImageMagick-debuginfo-7.1.1.43-150700.3.8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-53014.html * https://www.suse.com/security/cve/CVE-2025-53015.html * https://www.suse.com/security/cve/CVE-2025-53019.html * https://www.suse.com/security/cve/CVE-2025-53101.html * https://bugzilla.suse.com/show_bug.cgi?id=1246529 * https://bugzilla.suse.com/show_bug.cgi?id=1246530 * https://bugzilla.suse.com/show_bug.cgi?id=1246531 * https://bugzilla.suse.com/show_bug.cgi?id=1246534 * https://bugzilla.suse.com/show_bug.cgi?id=1247475 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 14 16:30:27 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 14 Aug 2025 16:30:27 -0000 Subject: SUSE-SU-2025:02797-1: moderate: Security update for iputils Message-ID: <175518902789.674.18250917472652552943@smelt2.prg2.suse.org> # Security update for iputils Announcement ID: SUSE-SU-2025:02797-1 Release Date: 2025-08-14T14:35:59Z Rating: moderate References: * bsc#1243284 * bsc#1243772 Cross-References: * CVE-2025-48964 CVSS scores: * CVE-2025-48964 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-48964 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2025-48964 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-48964 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for iputils fixes the following issues: * CVE-2025-48964: Fixed integer overflow in ping statistics via zero timestamp (bsc#1243772). Other bugfixes: * Fixed ping on s390x that printed invalid ttl (bsc#1243284). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2797=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2797=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2797=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * iputils-debugsource-s20161105-150000.8.14.1 * iputils-s20161105-150000.8.14.1 * iputils-debuginfo-s20161105-150000.8.14.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * iputils-debugsource-s20161105-150000.8.14.1 * iputils-s20161105-150000.8.14.1 * iputils-debuginfo-s20161105-150000.8.14.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * iputils-debugsource-s20161105-150000.8.14.1 * iputils-s20161105-150000.8.14.1 * iputils-debuginfo-s20161105-150000.8.14.1 ## References: * https://www.suse.com/security/cve/CVE-2025-48964.html * https://bugzilla.suse.com/show_bug.cgi?id=1243284 * https://bugzilla.suse.com/show_bug.cgi?id=1243772 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 14 16:30:31 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 14 Aug 2025 16:30:31 -0000 Subject: SUSE-SU-2025:02796-1: moderate: Security update for gstreamer-plugins-base Message-ID: <175518903145.674.9338270570041949918@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-base Announcement ID: SUSE-SU-2025:02796-1 Release Date: 2025-08-14T14:35:44Z Rating: moderate References: * bsc#1244403 * bsc#1244404 * bsc#1244407 Cross-References: * CVE-2025-47806 * CVE-2025-47807 * CVE-2025-47808 CVSS scores: * CVE-2025-47806 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-47806 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-47806 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-47807 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-47807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-47807 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-47807 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-47808 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-47808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-47808 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves three vulnerabilities can now be installed. ## Description: This update for gstreamer-plugins-base fixes the following issues: * CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser (bsc#1244404). * CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser (bsc#1244403). * CVE-2025-47806: Fixed stack buffer overflow in SubRip subtitle parser (bsc#1244407). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2796=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2796=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libgstrtp-1_0-0-debuginfo-1.22.0-150500.3.14.1 * gstreamer-plugins-base-debuginfo-1.22.0-150500.3.14.1 * libgstfft-1_0-0-1.22.0-150500.3.14.1 * typelib-1_0-GstSdp-1_0-1.22.0-150500.3.14.1 * libgstpbutils-1_0-0-1.22.0-150500.3.14.1 * typelib-1_0-GstAllocators-1_0-1.22.0-150500.3.14.1 * typelib-1_0-GstRtp-1_0-1.22.0-150500.3.14.1 * libgstrtsp-1_0-0-1.22.0-150500.3.14.1 * libgstvideo-1_0-0-debuginfo-1.22.0-150500.3.14.1 * libgstrtp-1_0-0-1.22.0-150500.3.14.1 * libgstriff-1_0-0-1.22.0-150500.3.14.1 * libgsttag-1_0-0-debuginfo-1.22.0-150500.3.14.1 * typelib-1_0-GstGLX11-1_0-1.22.0-150500.3.14.1 * gstreamer-plugins-base-1.22.0-150500.3.14.1 * libgstvideo-1_0-0-1.22.0-150500.3.14.1 * typelib-1_0-GstTag-1_0-1.22.0-150500.3.14.1 * libgstapp-1_0-0-1.22.0-150500.3.14.1 * libgstapp-1_0-0-debuginfo-1.22.0-150500.3.14.1 * libgstpbutils-1_0-0-debuginfo-1.22.0-150500.3.14.1 * typelib-1_0-GstPbutils-1_0-1.22.0-150500.3.14.1 * libgstaudio-1_0-0-1.22.0-150500.3.14.1 * typelib-1_0-GstGLWayland-1_0-1.22.0-150500.3.14.1 * libgstaudio-1_0-0-debuginfo-1.22.0-150500.3.14.1 * libgstsdp-1_0-0-debuginfo-1.22.0-150500.3.14.1 * libgsttag-1_0-0-1.22.0-150500.3.14.1 * libgstriff-1_0-0-debuginfo-1.22.0-150500.3.14.1 * typelib-1_0-GstRtsp-1_0-1.22.0-150500.3.14.1 * libgstfft-1_0-0-debuginfo-1.22.0-150500.3.14.1 * gstreamer-plugins-base-debugsource-1.22.0-150500.3.14.1 * gstreamer-plugins-base-devel-1.22.0-150500.3.14.1 * typelib-1_0-GstVideo-1_0-1.22.0-150500.3.14.1 * typelib-1_0-GstGL-1_0-1.22.0-150500.3.14.1 * libgstallocators-1_0-0-1.22.0-150500.3.14.1 * libgstgl-1_0-0-debuginfo-1.22.0-150500.3.14.1 * typelib-1_0-GstGLEGL-1_0-1.22.0-150500.3.14.1 * typelib-1_0-GstAudio-1_0-1.22.0-150500.3.14.1 * libgstgl-1_0-0-1.22.0-150500.3.14.1 * typelib-1_0-GstApp-1_0-1.22.0-150500.3.14.1 * libgstallocators-1_0-0-debuginfo-1.22.0-150500.3.14.1 * libgstsdp-1_0-0-1.22.0-150500.3.14.1 * libgstrtsp-1_0-0-debuginfo-1.22.0-150500.3.14.1 * openSUSE Leap 15.5 (x86_64) * libgstsdp-1_0-0-32bit-debuginfo-1.22.0-150500.3.14.1 * libgstpbutils-1_0-0-32bit-debuginfo-1.22.0-150500.3.14.1 * libgstsdp-1_0-0-32bit-1.22.0-150500.3.14.1 * libgstrtsp-1_0-0-32bit-debuginfo-1.22.0-150500.3.14.1 * libgstpbutils-1_0-0-32bit-1.22.0-150500.3.14.1 * libgstvideo-1_0-0-32bit-1.22.0-150500.3.14.1 * libgstvideo-1_0-0-32bit-debuginfo-1.22.0-150500.3.14.1 * gstreamer-plugins-base-32bit-1.22.0-150500.3.14.1 * libgstgl-1_0-0-32bit-1.22.0-150500.3.14.1 * libgstallocators-1_0-0-32bit-1.22.0-150500.3.14.1 * libgstrtp-1_0-0-32bit-1.22.0-150500.3.14.1 * gstreamer-plugins-base-32bit-debuginfo-1.22.0-150500.3.14.1 * libgstriff-1_0-0-32bit-1.22.0-150500.3.14.1 * libgstfft-1_0-0-32bit-debuginfo-1.22.0-150500.3.14.1 * libgsttag-1_0-0-32bit-debuginfo-1.22.0-150500.3.14.1 * libgstrtsp-1_0-0-32bit-1.22.0-150500.3.14.1 * libgstrtp-1_0-0-32bit-debuginfo-1.22.0-150500.3.14.1 * libgstfft-1_0-0-32bit-1.22.0-150500.3.14.1 * libgstaudio-1_0-0-32bit-1.22.0-150500.3.14.1 * libgstgl-1_0-0-32bit-debuginfo-1.22.0-150500.3.14.1 * libgstallocators-1_0-0-32bit-debuginfo-1.22.0-150500.3.14.1 * libgstapp-1_0-0-32bit-1.22.0-150500.3.14.1 * libgstaudio-1_0-0-32bit-debuginfo-1.22.0-150500.3.14.1 * libgstapp-1_0-0-32bit-debuginfo-1.22.0-150500.3.14.1 * libgstriff-1_0-0-32bit-debuginfo-1.22.0-150500.3.14.1 * gstreamer-plugins-base-devel-32bit-1.22.0-150500.3.14.1 * libgsttag-1_0-0-32bit-1.22.0-150500.3.14.1 * openSUSE Leap 15.5 (noarch) * gstreamer-plugins-base-lang-1.22.0-150500.3.14.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libgsttag-1_0-0-64bit-1.22.0-150500.3.14.1 * libgstsdp-1_0-0-64bit-debuginfo-1.22.0-150500.3.14.1 * libgstfft-1_0-0-64bit-1.22.0-150500.3.14.1 * libgstapp-1_0-0-64bit-1.22.0-150500.3.14.1 * libgstriff-1_0-0-64bit-debuginfo-1.22.0-150500.3.14.1 * gstreamer-plugins-base-devel-64bit-1.22.0-150500.3.14.1 * libgstapp-1_0-0-64bit-debuginfo-1.22.0-150500.3.14.1 * libgstaudio-1_0-0-64bit-1.22.0-150500.3.14.1 * libgstpbutils-1_0-0-64bit-debuginfo-1.22.0-150500.3.14.1 * libgstgl-1_0-0-64bit-1.22.0-150500.3.14.1 * libgstvideo-1_0-0-64bit-debuginfo-1.22.0-150500.3.14.1 * libgstfft-1_0-0-64bit-debuginfo-1.22.0-150500.3.14.1 * libgstpbutils-1_0-0-64bit-1.22.0-150500.3.14.1 * libgstallocators-1_0-0-64bit-1.22.0-150500.3.14.1 * libgstaudio-1_0-0-64bit-debuginfo-1.22.0-150500.3.14.1 * libgsttag-1_0-0-64bit-debuginfo-1.22.0-150500.3.14.1 * libgstrtp-1_0-0-64bit-debuginfo-1.22.0-150500.3.14.1 * libgstgl-1_0-0-64bit-debuginfo-1.22.0-150500.3.14.1 * libgstrtsp-1_0-0-64bit-debuginfo-1.22.0-150500.3.14.1 * libgstrtp-1_0-0-64bit-1.22.0-150500.3.14.1 * gstreamer-plugins-base-64bit-1.22.0-150500.3.14.1 * gstreamer-plugins-base-64bit-debuginfo-1.22.0-150500.3.14.1 * libgstrtsp-1_0-0-64bit-1.22.0-150500.3.14.1 * libgstvideo-1_0-0-64bit-1.22.0-150500.3.14.1 * libgstallocators-1_0-0-64bit-debuginfo-1.22.0-150500.3.14.1 * libgstriff-1_0-0-64bit-1.22.0-150500.3.14.1 * libgstsdp-1_0-0-64bit-1.22.0-150500.3.14.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libgstvideo-1_0-0-1.22.0-150500.3.14.1 * libgstvideo-1_0-0-debuginfo-1.22.0-150500.3.14.1 * libgstallocators-1_0-0-1.22.0-150500.3.14.1 * libgstapp-1_0-0-1.22.0-150500.3.14.1 * libgstgl-1_0-0-debuginfo-1.22.0-150500.3.14.1 * libgstapp-1_0-0-debuginfo-1.22.0-150500.3.14.1 * libgstpbutils-1_0-0-debuginfo-1.22.0-150500.3.14.1 * gstreamer-plugins-base-debuginfo-1.22.0-150500.3.14.1 * libgstriff-1_0-0-1.22.0-150500.3.14.1 * libgstgl-1_0-0-1.22.0-150500.3.14.1 * libgstpbutils-1_0-0-1.22.0-150500.3.14.1 * libgstaudio-1_0-0-1.22.0-150500.3.14.1 * gstreamer-plugins-base-1.22.0-150500.3.14.1 * libgstallocators-1_0-0-debuginfo-1.22.0-150500.3.14.1 * libgstaudio-1_0-0-debuginfo-1.22.0-150500.3.14.1 * libgsttag-1_0-0-1.22.0-150500.3.14.1 * libgstriff-1_0-0-debuginfo-1.22.0-150500.3.14.1 * libgsttag-1_0-0-debuginfo-1.22.0-150500.3.14.1 * gstreamer-plugins-base-debugsource-1.22.0-150500.3.14.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47806.html * https://www.suse.com/security/cve/CVE-2025-47807.html * https://www.suse.com/security/cve/CVE-2025-47808.html * https://bugzilla.suse.com/show_bug.cgi?id=1244403 * https://bugzilla.suse.com/show_bug.cgi?id=1244404 * https://bugzilla.suse.com/show_bug.cgi?id=1244407 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 14 16:30:37 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 14 Aug 2025 16:30:37 -0000 Subject: SUSE-SU-2025:02795-1: low: Security update for cairo Message-ID: <175518903748.674.4002711300183104383@smelt2.prg2.suse.org> # Security update for cairo Announcement ID: SUSE-SU-2025:02795-1 Release Date: 2025-08-14T14:35:33Z Rating: low References: * bsc#1122321 Cross-References: * CVE-2019-6462 CVSS scores: * CVE-2019-6462 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2019-6462 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2019-6462 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2019-6462 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for cairo fixes the following issues: * CVE-2019-6462: Fixed a potentially infinite loop (bsc#1122321). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2795=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2795=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libcairo-gobject2-debuginfo-1.16.0-150200.5.5.1 * libcairo-gobject2-1.16.0-150200.5.5.1 * libcairo2-1.16.0-150200.5.5.1 * cairo-debugsource-1.16.0-150200.5.5.1 * libcairo2-debuginfo-1.16.0-150200.5.5.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libcairo-gobject2-debuginfo-1.16.0-150200.5.5.1 * libcairo-gobject2-1.16.0-150200.5.5.1 * libcairo2-1.16.0-150200.5.5.1 * cairo-debugsource-1.16.0-150200.5.5.1 * libcairo2-debuginfo-1.16.0-150200.5.5.1 ## References: * https://www.suse.com/security/cve/CVE-2019-6462.html * https://bugzilla.suse.com/show_bug.cgi?id=1122321 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 14 16:30:40 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 14 Aug 2025 16:30:40 -0000 Subject: SUSE-SU-2025:01326-1: important: Security update for pgadmin4 Message-ID: <175518904093.674.12167141963397650309@smelt2.prg2.suse.org> # Security update for pgadmin4 Announcement ID: SUSE-SU-2025:01326-1 Release Date: 2025-08-14T13:03:14Z Rating: important References: * bsc#1224295 * bsc#1234840 * bsc#1239308 Cross-References: * CVE-2023-1907 * CVE-2024-4068 * CVE-2025-27152 CVSS scores: * CVE-2023-1907 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-1907 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2023-1907 ( NVD ): 8.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H * CVE-2023-1907 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-4068 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-4068 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27152 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-27152 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-27152 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for pgadmin4 fixes the following issues: * CVE-2025-27152: Fixed SSRF and creadential leakage due to requests sent to absolute URL even when baseURL is set (bsc#1239308) * CVE-2023-1907: Fixed an issue which could result in users being authenticated in another user's session if two users authenticate simultaneously via ldap (bsc#1234840) * CVE-2024-4068: Fixed a possible memory exhaustion (bsc#1224295) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-1326=1 ## Package List: * Python 3 Module 15-SP6 (noarch) * pgadmin4-doc-4.30-150300.3.18.1 * pgadmin4-web-4.30-150300.3.18.1 * Python 3 Module 15-SP6 (s390x) * pgadmin4-4.30-150300.3.18.1 * pgadmin4-debuginfo-4.30-150300.3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2023-1907.html * https://www.suse.com/security/cve/CVE-2024-4068.html * https://www.suse.com/security/cve/CVE-2025-27152.html * https://bugzilla.suse.com/show_bug.cgi?id=1224295 * https://bugzilla.suse.com/show_bug.cgi?id=1234840 * https://bugzilla.suse.com/show_bug.cgi?id=1239308 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 14 16:30:45 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 14 Aug 2025 16:30:45 -0000 Subject: SUSE-SU-2025:02383-2: moderate: Security update for kubernetes1.26 Message-ID: <175518904531.674.12433493381289579352@smelt2.prg2.suse.org> # Security update for kubernetes1.26 Announcement ID: SUSE-SU-2025:02383-2 Release Date: 2025-08-14T13:03:08Z Rating: moderate References: * bsc#1229008 * bsc#1241865 * bsc#1245087 Cross-References: * CVE-2025-22872 CVSS scores: * CVE-2025-22872 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-22872 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for kubernetes1.26 fixes the following issues: * CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2383=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2383=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2383=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2383=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2383=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2383=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2383=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2383=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.26-client-1.26.15-150400.9.22.1 * kubernetes1.26-client-common-1.26.15-150400.9.22.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.26-client-1.26.15-150400.9.22.1 * kubernetes1.26-client-common-1.26.15-150400.9.22.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kubernetes1.26-client-1.26.15-150400.9.22.1 * kubernetes1.26-client-common-1.26.15-150400.9.22.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kubernetes1.26-client-1.26.15-150400.9.22.1 * kubernetes1.26-client-common-1.26.15-150400.9.22.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-1.26.15-150400.9.22.1 * kubernetes1.26-client-common-1.26.15-150400.9.22.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-1.26.15-150400.9.22.1 * kubernetes1.26-client-common-1.26.15-150400.9.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.26-client-1.26.15-150400.9.22.1 * kubernetes1.26-client-common-1.26.15-150400.9.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * kubernetes1.26-client-1.26.15-150400.9.22.1 * kubernetes1.26-client-common-1.26.15-150400.9.22.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22872.html * https://bugzilla.suse.com/show_bug.cgi?id=1229008 * https://bugzilla.suse.com/show_bug.cgi?id=1241865 * https://bugzilla.suse.com/show_bug.cgi?id=1245087 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 14 16:30:47 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 14 Aug 2025 16:30:47 -0000 Subject: SUSE-SU-2025:01940-2: moderate: Security update for kubernetes1.23 Message-ID: <175518904748.674.1709150073475450525@smelt2.prg2.suse.org> # Security update for kubernetes1.23 Announcement ID: SUSE-SU-2025:01940-2 Release Date: 2025-08-14T13:02:13Z Rating: moderate References: * bsc#1241865 Cross-References: * CVE-2025-22872 CVSS scores: * CVE-2025-22872 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2025-22872 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for kubernetes1.23 fixes the following issues: * CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content (bsc#1241865). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1940=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1940=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1940=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1940=1 ## Package List: * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.23-client-common-1.23.17-150500.3.21.1 * kubernetes1.23-client-1.23.17-150500.3.21.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (ppc64le) * kubernetes1.23-client-debuginfo-1.23.17-150500.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * kubernetes1.23-client-common-1.23.17-150500.3.21.1 * kubernetes1.23-client-1.23.17-150500.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le) * kubernetes1.23-client-debuginfo-1.23.17-150500.3.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kubernetes1.23-client-common-1.23.17-150500.3.21.1 * kubernetes1.23-client-1.23.17-150500.3.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kubernetes1.23-client-common-1.23.17-150500.3.21.1 * kubernetes1.23-client-1.23.17-150500.3.21.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22872.html * https://bugzilla.suse.com/show_bug.cgi?id=1241865 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 14 20:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 14 Aug 2025 20:30:09 -0000 Subject: SUSE-SU-2025:02803-1: moderate: Security update for Mesa Message-ID: <175520340940.13989.10135478443856264263@smelt2.prg2.suse.org> # Security update for Mesa Announcement ID: SUSE-SU-2025:02803-1 Release Date: 2025-08-14T16:33:51Z Rating: moderate References: * bsc#1222040 * bsc#1222041 * bsc#1222042 Cross-References: * CVE-2023-45913 * CVE-2023-45919 * CVE-2023-45922 CVSS scores: * CVE-2023-45913 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H * CVE-2023-45913 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45919 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:H * CVE-2023-45919 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-45922 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H * CVE-2023-45922 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves three vulnerabilities can now be installed. ## Description: This update for Mesa fixes the following issues: * CVE-2023-45913: Fixed NULL pointer dereference via dri2GetGlxDrawableFromXDrawableId() (bsc#1222040) * CVE-2023-45919: Fixed buffer over-read in glXQueryServerString() (bsc#1222041) * CVE-2023-45922: Fixed segmentation violation in __glXGetDrawableAttribute() (bsc#1222042) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2803=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2803=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2803=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * libgbm1-debuginfo-20.2.4-150300.59.9.1 * Mesa-libGL1-20.2.4-150300.59.9.1 * libOSMesa8-20.2.4-150300.59.9.1 * Mesa-libEGL1-debuginfo-20.2.4-150300.59.9.1 * libgbm-devel-20.2.4-150300.59.9.1 * Mesa-libglapi0-debuginfo-20.2.4-150300.59.9.1 * libgbm1-20.2.4-150300.59.9.1 * Mesa-dri-debuginfo-20.2.4-150300.59.9.1 * Mesa-libglapi-devel-20.2.4-150300.59.9.1 * Mesa-libGL1-debuginfo-20.2.4-150300.59.9.1 * Mesa-libEGL-devel-20.2.4-150300.59.9.1 * Mesa-libEGL1-20.2.4-150300.59.9.1 * Mesa-libGL-devel-20.2.4-150300.59.9.1 * Mesa-libGLESv3-devel-20.2.4-150300.59.9.1 * Mesa-drivers-debugsource-20.2.4-150300.59.9.1 * Mesa-dri-20.2.4-150300.59.9.1 * libOSMesa8-debuginfo-20.2.4-150300.59.9.1 * Mesa-libGLESv2-devel-20.2.4-150300.59.9.1 * Mesa-devel-20.2.4-150300.59.9.1 * Mesa-libGLESv1_CM-devel-20.2.4-150300.59.9.1 * Mesa-KHR-devel-20.2.4-150300.59.9.1 * Mesa-20.2.4-150300.59.9.1 * Mesa-dri-devel-20.2.4-150300.59.9.1 * libOSMesa-devel-20.2.4-150300.59.9.1 * Mesa-debugsource-20.2.4-150300.59.9.1 * Mesa-libglapi0-20.2.4-150300.59.9.1 * openSUSE Leap 15.3 (x86_64) * Mesa-libEGL1-32bit-20.2.4-150300.59.9.1 * Mesa-dri-nouveau-32bit-debuginfo-20.2.4-150300.59.9.1 * libOSMesa8-32bit-20.2.4-150300.59.9.1 * libgbm1-32bit-20.2.4-150300.59.9.1 * libvdpau_r600-32bit-20.2.4-150300.59.9.1 * Mesa-libGL1-32bit-debuginfo-20.2.4-150300.59.9.1 * libXvMC_nouveau-32bit-20.2.4-150300.59.9.1 * Mesa-libGLESv2-devel-32bit-20.2.4-150300.59.9.1 * Mesa-libGL-devel-32bit-20.2.4-150300.59.9.1 * Mesa-libEGL1-32bit-debuginfo-20.2.4-150300.59.9.1 * libOSMesa-devel-32bit-20.2.4-150300.59.9.1 * Mesa-libd3d-32bit-debuginfo-20.2.4-150300.59.9.1 * libvulkan_radeon-32bit-20.2.4-150300.59.9.1 * libvulkan_radeon-32bit-debuginfo-20.2.4-150300.59.9.1 * Mesa-32bit-20.2.4-150300.59.9.1 * Mesa-libglapi0-32bit-debuginfo-20.2.4-150300.59.9.1 * libXvMC_r600-32bit-debuginfo-20.2.4-150300.59.9.1 * Mesa-vulkan-device-select-32bit-debuginfo-20.2.4-150300.59.9.1 * libvdpau_nouveau-32bit-20.2.4-150300.59.9.1 * Mesa-dri-32bit-debuginfo-20.2.4-150300.59.9.1 * libvdpau_r300-32bit-20.2.4-150300.59.9.1 * Mesa-libEGL-devel-32bit-20.2.4-150300.59.9.1 * libXvMC_r600-32bit-20.2.4-150300.59.9.1 * Mesa-libglapi0-32bit-20.2.4-150300.59.9.1 * libvulkan_intel-32bit-debuginfo-20.2.4-150300.59.9.1 * Mesa-libglapi-devel-32bit-20.2.4-150300.59.9.1 * Mesa-vulkan-overlay-32bit-debuginfo-20.2.4-150300.59.9.1 * Mesa-libGLESv1_CM-devel-32bit-20.2.4-150300.59.9.1 * libvdpau_r600-32bit-debuginfo-20.2.4-150300.59.9.1 * libvdpau_nouveau-32bit-debuginfo-20.2.4-150300.59.9.1 * libvdpau_radeonsi-32bit-20.2.4-150300.59.9.1 * libgbm1-32bit-debuginfo-20.2.4-150300.59.9.1 * libOSMesa8-32bit-debuginfo-20.2.4-150300.59.9.1 * libvdpau_r300-32bit-debuginfo-20.2.4-150300.59.9.1 * Mesa-vulkan-device-select-32bit-20.2.4-150300.59.9.1 * Mesa-libGL1-32bit-20.2.4-150300.59.9.1 * Mesa-libd3d-32bit-20.2.4-150300.59.9.1 * libXvMC_nouveau-32bit-debuginfo-20.2.4-150300.59.9.1 * Mesa-gallium-32bit-20.2.4-150300.59.9.1 * libgbm-devel-32bit-20.2.4-150300.59.9.1 * libvdpau_radeonsi-32bit-debuginfo-20.2.4-150300.59.9.1 * libvulkan_intel-32bit-20.2.4-150300.59.9.1 * Mesa-dri-nouveau-32bit-20.2.4-150300.59.9.1 * Mesa-libd3d-devel-32bit-20.2.4-150300.59.9.1 * Mesa-vulkan-overlay-32bit-20.2.4-150300.59.9.1 * Mesa-dri-32bit-20.2.4-150300.59.9.1 * Mesa-gallium-32bit-debuginfo-20.2.4-150300.59.9.1 * openSUSE Leap 15.3 (aarch64 ppc64le x86_64 i586) * libvdpau_radeonsi-20.2.4-150300.59.9.1 * Mesa-gallium-20.2.4-150300.59.9.1 * Mesa-libOpenCL-20.2.4-150300.59.9.1 * libXvMC_nouveau-debuginfo-20.2.4-150300.59.9.1 * Mesa-libva-debuginfo-20.2.4-150300.59.9.1 * libvdpau_radeonsi-debuginfo-20.2.4-150300.59.9.1 * libvdpau_r300-20.2.4-150300.59.9.1 * libXvMC_r600-20.2.4-150300.59.9.1 * libvdpau_nouveau-20.2.4-150300.59.9.1 * Mesa-dri-nouveau-debuginfo-20.2.4-150300.59.9.1 * Mesa-gallium-debuginfo-20.2.4-150300.59.9.1 * libvdpau_r600-debuginfo-20.2.4-150300.59.9.1 * libxatracker2-debuginfo-1.0.0-150300.59.9.1 * Mesa-libOpenCL-debuginfo-20.2.4-150300.59.9.1 * libxatracker2-1.0.0-150300.59.9.1 * Mesa-libva-20.2.4-150300.59.9.1 * libXvMC_nouveau-20.2.4-150300.59.9.1 * libvdpau_r600-20.2.4-150300.59.9.1 * libxatracker-devel-1.0.0-150300.59.9.1 * libvdpau_nouveau-debuginfo-20.2.4-150300.59.9.1 * libvdpau_r300-debuginfo-20.2.4-150300.59.9.1 * libXvMC_r600-debuginfo-20.2.4-150300.59.9.1 * Mesa-dri-nouveau-20.2.4-150300.59.9.1 * openSUSE Leap 15.3 (x86_64 i586) * Mesa-vulkan-overlay-20.2.4-150300.59.9.1 * Mesa-vulkan-device-select-20.2.4-150300.59.9.1 * Mesa-vulkan-device-select-debuginfo-20.2.4-150300.59.9.1 * libvulkan_radeon-debuginfo-20.2.4-150300.59.9.1 * Mesa-libVulkan-devel-20.2.4-150300.59.9.1 * Mesa-vulkan-overlay-debuginfo-20.2.4-150300.59.9.1 * libvulkan_intel-debuginfo-20.2.4-150300.59.9.1 * libvulkan_intel-20.2.4-150300.59.9.1 * libvulkan_radeon-20.2.4-150300.59.9.1 * openSUSE Leap 15.3 (aarch64 x86_64 i586) * Mesa-libd3d-devel-20.2.4-150300.59.9.1 * Mesa-libd3d-debuginfo-20.2.4-150300.59.9.1 * Mesa-libd3d-20.2.4-150300.59.9.1 * openSUSE Leap 15.3 (aarch64_ilp32) * Mesa-libGL-devel-64bit-20.2.4-150300.59.9.1 * libvdpau_nouveau-64bit-debuginfo-20.2.4-150300.59.9.1 * libXvMC_r600-64bit-20.2.4-150300.59.9.1 * Mesa-libGLESv2-devel-64bit-20.2.4-150300.59.9.1 * Mesa-dri-64bit-debuginfo-20.2.4-150300.59.9.1 * Mesa-libd3d-64bit-20.2.4-150300.59.9.1 * libXvMC_nouveau-64bit-20.2.4-150300.59.9.1 * Mesa-libGL1-64bit-debuginfo-20.2.4-150300.59.9.1 * Mesa-gallium-64bit-20.2.4-150300.59.9.1 * Mesa-libglapi-devel-64bit-20.2.4-150300.59.9.1 * Mesa-libEGL1-64bit-20.2.4-150300.59.9.1 * Mesa-gallium-64bit-debuginfo-20.2.4-150300.59.9.1 * Mesa-dri-vc4-64bit-debuginfo-20.2.4-150300.59.9.1 * libvdpau_nouveau-64bit-20.2.4-150300.59.9.1 * Mesa-dri-nouveau-64bit-20.2.4-150300.59.9.1 * Mesa-dri-nouveau-64bit-debuginfo-20.2.4-150300.59.9.1 * Mesa-libEGL-devel-64bit-20.2.4-150300.59.9.1 * Mesa-libglapi0-64bit-debuginfo-20.2.4-150300.59.9.1 * libOSMesa-devel-64bit-20.2.4-150300.59.9.1 * libgbm-devel-64bit-20.2.4-150300.59.9.1 * libOSMesa8-64bit-debuginfo-20.2.4-150300.59.9.1 * libXvMC_nouveau-64bit-debuginfo-20.2.4-150300.59.9.1 * Mesa-64bit-20.2.4-150300.59.9.1 * Mesa-libglapi0-64bit-20.2.4-150300.59.9.1 * Mesa-dri-64bit-20.2.4-150300.59.9.1 * libvdpau_radeonsi-64bit-20.2.4-150300.59.9.1 * Mesa-libGLESv1_CM-devel-64bit-20.2.4-150300.59.9.1 * libgbm1-64bit-debuginfo-20.2.4-150300.59.9.1 * libgbm1-64bit-20.2.4-150300.59.9.1 * libvdpau_r300-64bit-debuginfo-20.2.4-150300.59.9.1 * Mesa-libd3d-64bit-debuginfo-20.2.4-150300.59.9.1 * Mesa-libEGL1-64bit-debuginfo-20.2.4-150300.59.9.1 * Mesa-dri-vc4-64bit-20.2.4-150300.59.9.1 * libOSMesa8-64bit-20.2.4-150300.59.9.1 * libvdpau_r600-64bit-20.2.4-150300.59.9.1 * Mesa-libd3d-devel-64bit-20.2.4-150300.59.9.1 * libXvMC_r600-64bit-debuginfo-20.2.4-150300.59.9.1 * Mesa-libGL1-64bit-20.2.4-150300.59.9.1 * libvdpau_r600-64bit-debuginfo-20.2.4-150300.59.9.1 * libvdpau_radeonsi-64bit-debuginfo-20.2.4-150300.59.9.1 * libvdpau_r300-64bit-20.2.4-150300.59.9.1 * openSUSE Leap 15.3 (aarch64) * Mesa-dri-vc4-20.2.4-150300.59.9.1 * Mesa-dri-vc4-debuginfo-20.2.4-150300.59.9.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libgbm1-debuginfo-20.2.4-150300.59.9.1 * libgbm1-20.2.4-150300.59.9.1 * Mesa-debugsource-20.2.4-150300.59.9.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libgbm1-debuginfo-20.2.4-150300.59.9.1 * libgbm1-20.2.4-150300.59.9.1 * Mesa-debugsource-20.2.4-150300.59.9.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45913.html * https://www.suse.com/security/cve/CVE-2023-45919.html * https://www.suse.com/security/cve/CVE-2023-45922.html * https://bugzilla.suse.com/show_bug.cgi?id=1222040 * https://bugzilla.suse.com/show_bug.cgi?id=1222041 * https://bugzilla.suse.com/show_bug.cgi?id=1222042 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 15 16:30:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 15 Aug 2025 16:30:05 -0000 Subject: SUSE-SU-2025:02818-1: moderate: Security update for apache-commons-lang3 Message-ID: <175527540530.679.10182221725628022353@smelt2.prg2.suse.org> # Security update for apache-commons-lang3 Announcement ID: SUSE-SU-2025:02818-1 Release Date: 2025-08-15T12:56:38Z Rating: moderate References: * bsc#1246397 Cross-References: * CVE-2025-48924 CVSS scores: * CVE-2025-48924 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-48924 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-48924 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module An update that solves one vulnerability can now be installed. ## Description: This update for apache-commons-lang3 fixes the following issues: * Update to version 3.18.0 * CVE-2025-48924: Fixed an uncontrolled recursion vulnerability that may lead to a DoS. (bsc#1246397) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2818=1 * SUSE Manager Server 4.3 Module zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2025-2818=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2818=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2818=1 ## Package List: * Basesystem Module 15-SP7 (noarch) * apache-commons-lang3-3.18.0-150200.3.12.1 * SUSE Manager Server 4.3 Module (noarch) * apache-commons-lang3-3.18.0-150200.3.12.1 * openSUSE Leap 15.6 (noarch) * apache-commons-lang3-javadoc-3.18.0-150200.3.12.1 * apache-commons-lang3-3.18.0-150200.3.12.1 * Basesystem Module 15-SP6 (noarch) * apache-commons-lang3-3.18.0-150200.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-48924.html * https://bugzilla.suse.com/show_bug.cgi?id=1246397 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 15 16:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 15 Aug 2025 16:30:08 -0000 Subject: SUSE-SU-2025:02817-1: moderate: Security update for libavif Message-ID: <175527540890.679.12039028023173980988@smelt2.prg2.suse.org> # Security update for libavif Announcement ID: SUSE-SU-2025:02817-1 Release Date: 2025-08-15T12:56:05Z Rating: moderate References: * bsc#1243269 * bsc#1243270 * jsc#PED-13277 Cross-References: * CVE-2025-48174 * CVE-2025-48175 CVSS scores: * CVE-2025-48174 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-48174 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2025-48174 ( NVD ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L * CVE-2025-48174 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2025-48175 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-48175 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2025-48175 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-48175 ( NVD ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities and contains one feature can now be installed. ## Description: This update for libavif fixes the following issues: * update to 1.3.0: * CVE-2025-48175: Fixed an integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes. (bsc#1243270) * CVE-2025-48174: Fixed an integer overflow and resultant buffer overflow in stream->offset+size. (bsc#1243269) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2817=1 openSUSE-SLE-15.6-2025-2817=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2817=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libavif-debugsource-1.3.0-150600.3.5.1 * avif-tools-1.3.0-150600.3.5.1 * libavif-devel-1.3.0-150600.3.5.1 * libavif16-1.3.0-150600.3.5.1 * avif-tools-debuginfo-1.3.0-150600.3.5.1 * gdk-pixbuf-loader-libavif-debuginfo-1.3.0-150600.3.5.1 * gdk-pixbuf-loader-libavif-1.3.0-150600.3.5.1 * libavif16-debuginfo-1.3.0-150600.3.5.1 * openSUSE Leap 15.6 (x86_64) * libavif16-32bit-debuginfo-1.3.0-150600.3.5.1 * libavif16-32bit-1.3.0-150600.3.5.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libavif16-64bit-debuginfo-1.3.0-150600.3.5.1 * libavif16-64bit-1.3.0-150600.3.5.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libavif16-1.3.0-150600.3.5.1 * libavif16-debuginfo-1.3.0-150600.3.5.1 * libavif-debugsource-1.3.0-150600.3.5.1 ## References: * https://www.suse.com/security/cve/CVE-2025-48174.html * https://www.suse.com/security/cve/CVE-2025-48175.html * https://bugzilla.suse.com/show_bug.cgi?id=1243269 * https://bugzilla.suse.com/show_bug.cgi?id=1243270 * https://jira.suse.com/browse/PED-13277 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 15 16:30:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 15 Aug 2025 16:30:11 -0000 Subject: SUSE-SU-2025:02816-1: moderate: Security update for libavif Message-ID: <175527541194.679.4766494931511163855@smelt2.prg2.suse.org> # Security update for libavif Announcement ID: SUSE-SU-2025:02816-1 Release Date: 2025-08-15T12:55:49Z Rating: moderate References: * bsc#1243269 * bsc#1243270 * jsc#PED-13277 Cross-References: * CVE-2025-48174 * CVE-2025-48175 CVSS scores: * CVE-2025-48174 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-48174 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2025-48174 ( NVD ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L * CVE-2025-48174 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2025-48175 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-48175 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L * CVE-2025-48175 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-48175 ( NVD ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities and contains one feature can now be installed. ## Description: This update for libavif fixes the following issues: * update to 1.3.0: * CVE-2025-48175: Fixed an integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes. (bsc#1243270) * CVE-2025-48174: Fixed an integer overflow and resultant buffer overflow in stream->offset+size. (bsc#1243269) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2816=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libavif-debugsource-1.3.0-150700.3.6.1 * libavif16-1.3.0-150700.3.6.1 * libavif16-debuginfo-1.3.0-150700.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-48174.html * https://www.suse.com/security/cve/CVE-2025-48175.html * https://bugzilla.suse.com/show_bug.cgi?id=1243269 * https://bugzilla.suse.com/show_bug.cgi?id=1243270 * https://jira.suse.com/browse/PED-13277 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 15 16:30:15 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 15 Aug 2025 16:30:15 -0000 Subject: SUSE-SU-2025:02815-1: important: Security update for tiff Message-ID: <175527541510.679.15802088874850056011@smelt2.prg2.suse.org> # Security update for tiff Announcement ID: SUSE-SU-2025:02815-1 Release Date: 2025-08-15T12:55:38Z Rating: important References: * bsc#1247106 * bsc#1247108 Cross-References: * CVE-2025-8176 * CVE-2025-8177 CVSS scores: * CVE-2025-8176 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-8176 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L * CVE-2025-8176 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8176 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-8177 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-8177 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-8177 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8177 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS An update that solves two vulnerabilities can now be installed. ## Description: This update for tiff fixes the following issues: * CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c (bsc#1247108) * CVE-2025-8177: Fixed possible buffer overflow in tools/thumbnail.c:setrow() when processing malformed TIFF files (bsc#1247106) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2815=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2815=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2815=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2815=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2815=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2815=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2815=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2815=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2815=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2815=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2815=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2815=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2815=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2815=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2815=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2815=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2815=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2815=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-2815=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-2815=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-2815=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2815=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2815=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2815=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * libtiff5-4.0.9-150000.45.50.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * libtiff5-4.0.9-150000.45.50.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * libtiff5-4.0.9-150000.45.50.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * libtiff5-4.0.9-150000.45.50.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * libtiff5-4.0.9-150000.45.50.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * libtiff5-4.0.9-150000.45.50.1 * Basesystem Module 15-SP6 (x86_64) * libtiff5-32bit-4.0.9-150000.45.50.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.50.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * libtiff5-4.0.9-150000.45.50.1 * Basesystem Module 15-SP7 (x86_64) * libtiff5-32bit-4.0.9-150000.45.50.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libtiff5-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff-devel-4.0.9-150000.45.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * libtiff5-32bit-4.0.9-150000.45.50.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.50.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libtiff5-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff-devel-4.0.9-150000.45.50.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libtiff5-32bit-4.0.9-150000.45.50.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libtiff5-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff-devel-4.0.9-150000.45.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libtiff5-32bit-4.0.9-150000.45.50.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.50.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libtiff5-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff-devel-4.0.9-150000.45.50.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libtiff5-32bit-4.0.9-150000.45.50.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libtiff5-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff-devel-4.0.9-150000.45.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libtiff5-32bit-4.0.9-150000.45.50.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.50.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * libtiff5-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff-devel-4.0.9-150000.45.50.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64) * libtiff5-32bit-4.0.9-150000.45.50.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.50.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libtiff5-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff-devel-4.0.9-150000.45.50.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libtiff5-32bit-4.0.9-150000.45.50.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.50.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libtiff5-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff-devel-4.0.9-150000.45.50.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libtiff5-32bit-4.0.9-150000.45.50.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libtiff5-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff-devel-4.0.9-150000.45.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * libtiff5-32bit-4.0.9-150000.45.50.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libtiff5-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff-devel-4.0.9-150000.45.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libtiff5-32bit-4.0.9-150000.45.50.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libtiff5-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff-devel-4.0.9-150000.45.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libtiff5-32bit-4.0.9-150000.45.50.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.50.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * libtiff5-32bit-4.0.9-150000.45.50.1 * libtiff5-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff-devel-4.0.9-150000.45.50.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.50.1 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * libtiff5-32bit-4.0.9-150000.45.50.1 * libtiff5-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff-devel-4.0.9-150000.45.50.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.50.1 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * libtiff5-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff-devel-4.0.9-150000.45.50.1 * SUSE Manager Server 4.3 LTS (x86_64) * libtiff5-32bit-4.0.9-150000.45.50.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.50.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libtiff5-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff-devel-4.0.9-150000.45.50.1 * SUSE Enterprise Storage 7.1 (x86_64) * libtiff5-32bit-4.0.9-150000.45.50.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.50.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * libtiff5-4.0.9-150000.45.50.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * tiff-debugsource-4.0.9-150000.45.50.1 * tiff-debuginfo-4.0.9-150000.45.50.1 * libtiff5-debuginfo-4.0.9-150000.45.50.1 * libtiff5-4.0.9-150000.45.50.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8176.html * https://www.suse.com/security/cve/CVE-2025-8177.html * https://bugzilla.suse.com/show_bug.cgi?id=1247106 * https://bugzilla.suse.com/show_bug.cgi?id=1247108 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 15 16:30:17 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 15 Aug 2025 16:30:17 -0000 Subject: SUSE-SU-2025:02814-1: moderate: Security update for ruby2.5 Message-ID: <175527541745.679.7479549188235402610@smelt2.prg2.suse.org> # Security update for ruby2.5 Announcement ID: SUSE-SU-2025:02814-1 Release Date: 2025-08-15T12:53:30Z Rating: moderate References: * bsc#1225905 Cross-References: * CVE-2024-35221 CVSS scores: * CVE-2024-35221 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for ruby2.5 fixes the following issues: * CVE-2024-35221: Fixed remote denial of service via YAML manifest (bsc#1225905) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2814=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2814=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.49.1 * libruby2_5-2_5-2.5.9-150000.4.49.1 * ruby2.5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-debugsource-2.5.9-150000.4.49.1 * ruby2.5-stdlib-2.5.9-150000.4.49.1 * ruby2.5-doc-2.5.9-150000.4.49.1 * ruby2.5-devel-2.5.9-150000.4.49.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-2.5.9-150000.4.49.1 * ruby2.5-devel-extra-2.5.9-150000.4.49.1 * openSUSE Leap 15.6 (noarch) * ruby2.5-doc-ri-2.5.9-150000.4.49.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.49.1 * libruby2_5-2_5-2.5.9-150000.4.49.1 * ruby2.5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-debugsource-2.5.9-150000.4.49.1 * ruby2.5-stdlib-2.5.9-150000.4.49.1 * ruby2.5-devel-2.5.9-150000.4.49.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.49.1 * ruby2.5-2.5.9-150000.4.49.1 * ruby2.5-devel-extra-2.5.9-150000.4.49.1 ## References: * https://www.suse.com/security/cve/CVE-2024-35221.html * https://bugzilla.suse.com/show_bug.cgi?id=1225905 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 15 16:30:23 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 15 Aug 2025 16:30:23 -0000 Subject: SUSE-SU-2025:02813-1: moderate: Recommended update for grub2 Message-ID: <175527542347.679.7318691674001408522@smelt2.prg2.suse.org> # Recommended update for grub2 Announcement ID: SUSE-SU-2025:02813-1 Release Date: 2025-08-15T12:53:14Z Rating: moderate References: * bsc#1234959 * bsc#1246157 * bsc#1246231 * bsc#1246237 Cross-References: * CVE-2024-56738 CVSS scores: * CVE-2024-56738 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-56738 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-56738 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * Basesystem Module 15-SP7 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability and has three security fixes can now be installed. ## Description: This update for grub2 fixes the following issues: * CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grub_crypto_memcmp (bsc#1234959) Other fixes: \- Fix test -f and -s do not work properly over the network files served via tftp and http (bsc#1246157, bsc#1246237) \- Skip mount point in grub_find_device function (bsc#1246231) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2813=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-2813=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * grub2-2.12-150700.19.13.2 * grub2-debuginfo-2.12-150700.19.13.2 * Basesystem Module 15-SP7 (noarch) * grub2-i386-pc-2.12-150700.19.13.2 * grub2-x86_64-efi-2.12-150700.19.13.2 * grub2-snapper-plugin-2.12-150700.19.13.2 * grub2-powerpc-ieee1275-2.12-150700.19.13.2 * grub2-arm64-efi-2.12-150700.19.13.2 * grub2-systemd-sleep-plugin-2.12-150700.19.13.2 * Basesystem Module 15-SP7 (aarch64 s390x x86_64) * grub2-debugsource-2.12-150700.19.13.2 * Basesystem Module 15-SP7 (s390x) * grub2-s390x-emu-2.12-150700.19.13.2 * Server Applications Module 15-SP7 (noarch) * grub2-x86_64-xen-2.12-150700.19.13.2 ## References: * https://www.suse.com/security/cve/CVE-2024-56738.html * https://bugzilla.suse.com/show_bug.cgi?id=1234959 * https://bugzilla.suse.com/show_bug.cgi?id=1246157 * https://bugzilla.suse.com/show_bug.cgi?id=1246231 * https://bugzilla.suse.com/show_bug.cgi?id=1246237 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 15 16:30:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 15 Aug 2025 16:30:28 -0000 Subject: SUSE-SU-2025:02812-1: important: Security update for go1.23-openssl Message-ID: <175527542851.679.17421236360516411585@smelt2.prg2.suse.org> # Security update for go1.23-openssl Announcement ID: SUSE-SU-2025:02812-1 Release Date: 2025-08-15T12:52:56Z Rating: important References: * bsc#1229122 * bsc#1246118 * bsc#1247719 * bsc#1247720 * bsc#1247816 * jsc#SLE-18320 Cross-References: * CVE-2025-4674 * CVE-2025-47906 * CVE-2025-47907 CVSS scores: * CVE-2025-4674 ( SUSE ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-4674 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2025-4674 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2025-47906 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-47906 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-47907 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-47907 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2025-47907 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities, contains one feature and has two security fixes can now be installed. ## Description: This update for go1.23-openssl fixes the following issues: Updated to go1.23.12 (released 2025-08-06) (bsc#1229122): \- CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go (bsc#1246118) \- CVE-2025-47906: Fixed incorrect expansion of "", "." and ".." in some PATH configurations in LookPath in osc/exec (bsc#1247719) \- CVE-2025-47907: Fixed incorrect results returned from Rows.Scan in database/sql (bsc#1247720) Updated to version 1.23.12 cut from the go1.23-fips-release branch at the revision tagged go1.23.12-1-openssl-fips (jsc#SLE-18320) \- Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil salt to be passed as a hash length buffer of zeros. Other fixes: \- runtime: use-after-free of allpSnapshot in findRunnable \- runtime: segfaults in runtime.(*unwinder).next \- cmd/go: TestScript/build_trimpath_cgo fails to decode dwarf on release-branch.go1.23 \- cmd/cgo/internal/testsanitizers: failures with signal: segmentation fault or exit status 66 \- runtime: bad frame pointer during panic during duffcopy \- runtime: heap mspan limit is set too late, causing data race between span allocation and conservative scanning \- internal/trace: stress tests triggering suspected deadlock in tracer \- runtime/pprof: crash "cannot read stack of running goroutine" in goroutine profile \- cmd/link: duplicated definition of symbol github.com/ebitengine/purego.syscall15XABI0 when running with ASAN ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2812=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2812=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2812=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2812=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2812=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2812=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2812=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2812=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2812=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2812=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2812=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2812=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.23-openssl-debuginfo-1.23.12-150000.1.18.1 * go1.23-openssl-1.23.12-150000.1.18.1 * go1.23-openssl-race-1.23.12-150000.1.18.1 * go1.23-openssl-doc-1.23.12-150000.1.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.23-openssl-debuginfo-1.23.12-150000.1.18.1 * go1.23-openssl-1.23.12-150000.1.18.1 * go1.23-openssl-race-1.23.12-150000.1.18.1 * go1.23-openssl-doc-1.23.12-150000.1.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.23-openssl-debuginfo-1.23.12-150000.1.18.1 * go1.23-openssl-1.23.12-150000.1.18.1 * go1.23-openssl-race-1.23.12-150000.1.18.1 * go1.23-openssl-doc-1.23.12-150000.1.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.23-openssl-debuginfo-1.23.12-150000.1.18.1 * go1.23-openssl-1.23.12-150000.1.18.1 * go1.23-openssl-race-1.23.12-150000.1.18.1 * go1.23-openssl-doc-1.23.12-150000.1.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.23-openssl-debuginfo-1.23.12-150000.1.18.1 * go1.23-openssl-1.23.12-150000.1.18.1 * go1.23-openssl-race-1.23.12-150000.1.18.1 * go1.23-openssl-doc-1.23.12-150000.1.18.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.23-openssl-debuginfo-1.23.12-150000.1.18.1 * go1.23-openssl-1.23.12-150000.1.18.1 * go1.23-openssl-race-1.23.12-150000.1.18.1 * go1.23-openssl-doc-1.23.12-150000.1.18.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.23-openssl-debuginfo-1.23.12-150000.1.18.1 * go1.23-openssl-1.23.12-150000.1.18.1 * go1.23-openssl-race-1.23.12-150000.1.18.1 * go1.23-openssl-doc-1.23.12-150000.1.18.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.23-openssl-debuginfo-1.23.12-150000.1.18.1 * go1.23-openssl-1.23.12-150000.1.18.1 * go1.23-openssl-race-1.23.12-150000.1.18.1 * go1.23-openssl-doc-1.23.12-150000.1.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.23-openssl-debuginfo-1.23.12-150000.1.18.1 * go1.23-openssl-1.23.12-150000.1.18.1 * go1.23-openssl-race-1.23.12-150000.1.18.1 * go1.23-openssl-doc-1.23.12-150000.1.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.23-openssl-debuginfo-1.23.12-150000.1.18.1 * go1.23-openssl-1.23.12-150000.1.18.1 * go1.23-openssl-race-1.23.12-150000.1.18.1 * go1.23-openssl-doc-1.23.12-150000.1.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.23-openssl-debuginfo-1.23.12-150000.1.18.1 * go1.23-openssl-1.23.12-150000.1.18.1 * go1.23-openssl-race-1.23.12-150000.1.18.1 * go1.23-openssl-doc-1.23.12-150000.1.18.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.23-openssl-debuginfo-1.23.12-150000.1.18.1 * go1.23-openssl-1.23.12-150000.1.18.1 * go1.23-openssl-race-1.23.12-150000.1.18.1 * go1.23-openssl-doc-1.23.12-150000.1.18.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4674.html * https://www.suse.com/security/cve/CVE-2025-47906.html * https://www.suse.com/security/cve/CVE-2025-47907.html * https://bugzilla.suse.com/show_bug.cgi?id=1229122 * https://bugzilla.suse.com/show_bug.cgi?id=1246118 * https://bugzilla.suse.com/show_bug.cgi?id=1247719 * https://bugzilla.suse.com/show_bug.cgi?id=1247720 * https://bugzilla.suse.com/show_bug.cgi?id=1247816 * https://jira.suse.com/browse/SLE-18320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 15 16:30:34 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 15 Aug 2025 16:30:34 -0000 Subject: SUSE-SU-2025:02811-1: important: Security update for rust-keylime Message-ID: <175527543490.679.3355017339787996784@smelt2.prg2.suse.org> # Security update for rust-keylime Announcement ID: SUSE-SU-2025:02811-1 Release Date: 2025-08-15T12:51:55Z Rating: important References: * bsc#1210344 * bsc#1223234 * bsc#1229952 * bsc#1230029 * bsc#1242623 * bsc#1243861 * bsc#1247193 Cross-References: * CVE-2023-26964 * CVE-2024-12224 * CVE-2024-32650 * CVE-2024-43806 * CVE-2025-3416 * CVE-2025-58266 CVSS scores: * CVE-2023-26964 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-26964 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-26964 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-12224 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-12224 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-12224 ( NVD ): 5.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-32650 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43806 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-3416 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for rust-keylime fixes the following issues: * Update to version 0.2.7+141: * CVE-2025-58266: shlex: Fixed command injection (bsc#1247193) * Update to version 0.2.7+117: * CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RST_STREAM frames (bsc#1210344). * CVE-2024-12224: rust-keylime: idna: idna accepts Punycode labels that do not produce any non-ASCII when decoded (bsc#1243861). * CVE-2024-32650: rust-keylime: rust-rustls: Infinite loop in rustls::conn::ConnectionCommon:complete_io() with proper client input (bsc#1223234). * CVE-2024-43806: rust-keylime: rustix: rustix::fs::Dir iterator with the linux_raw backend can cause memory explosion (bsc#1229952). * CVE-2025-3416: rust-keylime: openssl: Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate (bsc#1242623). * rust-shlex: Multiple issues involving quote API ( RUSTSEC-2024-0006, GHSA-r7qv-8r2h-pg27, bsc#1230029) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2811=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * rust-keylime-0.2.7+141-150500.3.5.1 * rust-keylime-debuginfo-0.2.7+141-150500.3.5.1 ## References: * https://www.suse.com/security/cve/CVE-2023-26964.html * https://www.suse.com/security/cve/CVE-2024-12224.html * https://www.suse.com/security/cve/CVE-2024-32650.html * https://www.suse.com/security/cve/CVE-2024-43806.html * https://www.suse.com/security/cve/CVE-2025-3416.html * https://www.suse.com/security/cve/CVE-2025-58266.html * https://bugzilla.suse.com/show_bug.cgi?id=1210344 * https://bugzilla.suse.com/show_bug.cgi?id=1223234 * https://bugzilla.suse.com/show_bug.cgi?id=1229952 * https://bugzilla.suse.com/show_bug.cgi?id=1230029 * https://bugzilla.suse.com/show_bug.cgi?id=1242623 * https://bugzilla.suse.com/show_bug.cgi?id=1243861 * https://bugzilla.suse.com/show_bug.cgi?id=1247193 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 15 16:30:40 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 15 Aug 2025 16:30:40 -0000 Subject: SUSE-SU-2025:02810-1: important: Security update for rust-keylime Message-ID: <175527544037.679.18227952899686496824@smelt2.prg2.suse.org> # Security update for rust-keylime Announcement ID: SUSE-SU-2025:02810-1 Release Date: 2025-08-15T12:51:47Z Rating: important References: * bsc#1210344 * bsc#1223234 * bsc#1229952 * bsc#1230029 * bsc#1242623 * bsc#1243861 * bsc#1247193 Cross-References: * CVE-2023-26964 * CVE-2024-12224 * CVE-2024-32650 * CVE-2024-43806 * CVE-2025-3416 * CVE-2025-58266 CVSS scores: * CVE-2023-26964 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-26964 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-26964 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-12224 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-12224 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-12224 ( NVD ): 5.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-32650 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43806 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-3416 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for rust-keylime fixes the following issues: * Update to version 0.2.7+141: * CVE-2025-58266: shlex: Fixed command injection (bsc#1247193) * Update to version 0.2.7+117: * CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RST_STREAM frames (bsc#1210344). * CVE-2024-12224: rust-keylime: idna: idna accepts Punycode labels that do not produce any non-ASCII when decoded (bsc#1243861). * CVE-2024-32650: rust-keylime: rust-rustls: Infinite loop in rustls::conn::ConnectionCommon:complete_io() with proper client input (bsc#1223234). * CVE-2024-43806: rust-keylime: rustix: rustix::fs::Dir iterator with the linux_raw backend can cause memory explosion (bsc#1229952). * CVE-2025-3416: rust-keylime: openssl: Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate (bsc#1242623). * rust-shlex: Multiple issues involving quote API ( RUSTSEC-2024-0006, GHSA-r7qv-8r2h-pg27, bsc#1230029) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2810=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2810=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * rust-keylime-debuginfo-0.2.7+141-150400.3.5.1 * rust-keylime-0.2.7+141-150400.3.5.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * rust-keylime-debuginfo-0.2.7+141-150400.3.5.1 * rust-keylime-0.2.7+141-150400.3.5.1 ## References: * https://www.suse.com/security/cve/CVE-2023-26964.html * https://www.suse.com/security/cve/CVE-2024-12224.html * https://www.suse.com/security/cve/CVE-2024-32650.html * https://www.suse.com/security/cve/CVE-2024-43806.html * https://www.suse.com/security/cve/CVE-2025-3416.html * https://www.suse.com/security/cve/CVE-2025-58266.html * https://bugzilla.suse.com/show_bug.cgi?id=1210344 * https://bugzilla.suse.com/show_bug.cgi?id=1223234 * https://bugzilla.suse.com/show_bug.cgi?id=1229952 * https://bugzilla.suse.com/show_bug.cgi?id=1230029 * https://bugzilla.suse.com/show_bug.cgi?id=1242623 * https://bugzilla.suse.com/show_bug.cgi?id=1243861 * https://bugzilla.suse.com/show_bug.cgi?id=1247193 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 15 16:30:46 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 15 Aug 2025 16:30:46 -0000 Subject: SUSE-SU-2025:02809-1: important: Security update for rust-keylime Message-ID: <175527544619.679.14642405611668781084@smelt2.prg2.suse.org> # Security update for rust-keylime Announcement ID: SUSE-SU-2025:02809-1 Release Date: 2025-08-15T12:51:37Z Rating: important References: * bsc#1210344 * bsc#1223234 * bsc#1229952 * bsc#1230029 * bsc#1242623 * bsc#1243861 * bsc#1247193 Cross-References: * CVE-2023-26964 * CVE-2024-12224 * CVE-2024-32650 * CVE-2024-43806 * CVE-2025-3416 * CVE-2025-58266 CVSS scores: * CVE-2023-26964 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-26964 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-26964 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-12224 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-12224 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-12224 ( NVD ): 5.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-32650 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43806 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-3416 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro for Rancher 5.3 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for rust-keylime fixes the following issues: * Update to version 0.2.7+141: * CVE-2025-58266: shlex: Fixed command injection (bsc#1247193) * Update to version 0.2.7+117: * CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RST_STREAM frames (bsc#1210344). * CVE-2024-12224: rust-keylime: idna: idna accepts Punycode labels that do not produce any non-ASCII when decoded (bsc#1243861). * CVE-2024-32650: rust-keylime: rust-rustls: Infinite loop in rustls::conn::ConnectionCommon:complete_io() with proper client input (bsc#1223234). * CVE-2024-43806: rust-keylime: rustix: rustix::fs::Dir iterator with the linux_raw backend can cause memory explosion (bsc#1229952). * CVE-2025-3416: rust-keylime: openssl: Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate (bsc#1242623). * rust-shlex: Multiple issues involving quote API ( RUSTSEC-2024-0006, GHSA-r7qv-8r2h-pg27, bsc#1230029) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2809=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2809=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * rust-keylime-debuginfo-0.2.7+141-150400.3.7.1 * rust-keylime-0.2.7+141-150400.3.7.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * rust-keylime-debuginfo-0.2.7+141-150400.3.7.1 * rust-keylime-0.2.7+141-150400.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2023-26964.html * https://www.suse.com/security/cve/CVE-2024-12224.html * https://www.suse.com/security/cve/CVE-2024-32650.html * https://www.suse.com/security/cve/CVE-2024-43806.html * https://www.suse.com/security/cve/CVE-2025-3416.html * https://www.suse.com/security/cve/CVE-2025-58266.html * https://bugzilla.suse.com/show_bug.cgi?id=1210344 * https://bugzilla.suse.com/show_bug.cgi?id=1223234 * https://bugzilla.suse.com/show_bug.cgi?id=1229952 * https://bugzilla.suse.com/show_bug.cgi?id=1230029 * https://bugzilla.suse.com/show_bug.cgi?id=1242623 * https://bugzilla.suse.com/show_bug.cgi?id=1243861 * https://bugzilla.suse.com/show_bug.cgi?id=1247193 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 15 16:30:48 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 15 Aug 2025 16:30:48 -0000 Subject: SUSE-SU-2025:02808-1: important: Security update for podman Message-ID: <175527544837.679.9676011927134265062@smelt2.prg2.suse.org> # Security update for podman Announcement ID: SUSE-SU-2025:02808-1 Release Date: 2025-08-15T12:51:31Z Rating: important References: * bsc#1245320 Cross-References: * CVE-2025-6032 CVSS scores: * CVE-2025-6032 ( SUSE ): 9.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-6032 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2025-6032 ( NVD ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * Containers Module 15-SP6 * Containers Module 15-SP7 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2025-6032: Fixed machine init command failing to verify TLS certificate (bsc#1245320) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2808=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2808=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2808=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2808=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2808=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-2808=1 * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2025-2808=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2808=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2808=1 ## Package List: * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * podman-remote-debuginfo-4.9.5-150500.3.46.1 * podmansh-4.9.5-150500.3.46.1 * podman-remote-4.9.5-150500.3.46.1 * podman-4.9.5-150500.3.46.1 * podman-debuginfo-4.9.5-150500.3.46.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * podman-docker-4.9.5-150500.3.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * podman-remote-debuginfo-4.9.5-150500.3.46.1 * podmansh-4.9.5-150500.3.46.1 * podman-remote-4.9.5-150500.3.46.1 * podman-4.9.5-150500.3.46.1 * podman-debuginfo-4.9.5-150500.3.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * podman-docker-4.9.5-150500.3.46.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * podman-remote-debuginfo-4.9.5-150500.3.46.1 * podmansh-4.9.5-150500.3.46.1 * podman-remote-4.9.5-150500.3.46.1 * podman-4.9.5-150500.3.46.1 * podman-debuginfo-4.9.5-150500.3.46.1 * openSUSE Leap 15.5 (noarch) * podman-docker-4.9.5-150500.3.46.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * podman-remote-debuginfo-4.9.5-150500.3.46.1 * podmansh-4.9.5-150500.3.46.1 * podman-remote-4.9.5-150500.3.46.1 * podman-4.9.5-150500.3.46.1 * podman-debuginfo-4.9.5-150500.3.46.1 * openSUSE Leap 15.6 (noarch) * podman-docker-4.9.5-150500.3.46.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * podman-remote-debuginfo-4.9.5-150500.3.46.1 * podmansh-4.9.5-150500.3.46.1 * podman-remote-4.9.5-150500.3.46.1 * podman-4.9.5-150500.3.46.1 * podman-debuginfo-4.9.5-150500.3.46.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * podman-docker-4.9.5-150500.3.46.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * podman-remote-debuginfo-4.9.5-150500.3.46.1 * podmansh-4.9.5-150500.3.46.1 * podman-remote-4.9.5-150500.3.46.1 * podman-4.9.5-150500.3.46.1 * podman-debuginfo-4.9.5-150500.3.46.1 * Containers Module 15-SP6 (noarch) * podman-docker-4.9.5-150500.3.46.1 * Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64) * podman-remote-debuginfo-4.9.5-150500.3.46.1 * podmansh-4.9.5-150500.3.46.1 * podman-remote-4.9.5-150500.3.46.1 * podman-4.9.5-150500.3.46.1 * podman-debuginfo-4.9.5-150500.3.46.1 * Containers Module 15-SP7 (noarch) * podman-docker-4.9.5-150500.3.46.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * podman-remote-debuginfo-4.9.5-150500.3.46.1 * podmansh-4.9.5-150500.3.46.1 * podman-remote-4.9.5-150500.3.46.1 * podman-4.9.5-150500.3.46.1 * podman-debuginfo-4.9.5-150500.3.46.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * podman-docker-4.9.5-150500.3.46.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * podman-remote-debuginfo-4.9.5-150500.3.46.1 * podmansh-4.9.5-150500.3.46.1 * podman-remote-4.9.5-150500.3.46.1 * podman-4.9.5-150500.3.46.1 * podman-debuginfo-4.9.5-150500.3.46.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * podman-docker-4.9.5-150500.3.46.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6032.html * https://bugzilla.suse.com/show_bug.cgi?id=1245320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 15 16:30:50 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 15 Aug 2025 16:30:50 -0000 Subject: SUSE-SU-2025:02807-1: important: Security update for podman Message-ID: <175527545084.679.10881312846533975499@smelt2.prg2.suse.org> # Security update for podman Announcement ID: SUSE-SU-2025:02807-1 Release Date: 2025-08-15T12:50:56Z Rating: important References: * bsc#1245320 Cross-References: * CVE-2025-6032 CVSS scores: * CVE-2025-6032 ( SUSE ): 9.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-6032 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2025-6032 ( NVD ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2025-6032: Fixed machine init command failing to verify TLS certificate (bsc#1245320) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2807=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2807=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2807=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2807=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2807=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2807=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2807=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2807=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2807=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * podman-debuginfo-4.9.5-150400.4.50.1 * podman-4.9.5-150400.4.50.1 * podman-remote-debuginfo-4.9.5-150400.4.50.1 * podman-remote-4.9.5-150400.4.50.1 * podmansh-4.9.5-150400.4.50.1 * openSUSE Leap 15.4 (noarch) * podman-docker-4.9.5-150400.4.50.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.50.1 * podman-remote-4.9.5-150400.4.50.1 * podman-4.9.5-150400.4.50.1 * podman-remote-debuginfo-4.9.5-150400.4.50.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.50.1 * podman-remote-4.9.5-150400.4.50.1 * podman-4.9.5-150400.4.50.1 * podman-remote-debuginfo-4.9.5-150400.4.50.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.50.1 * podman-remote-4.9.5-150400.4.50.1 * podman-4.9.5-150400.4.50.1 * podman-remote-debuginfo-4.9.5-150400.4.50.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.50.1 * podman-remote-4.9.5-150400.4.50.1 * podman-4.9.5-150400.4.50.1 * podman-remote-debuginfo-4.9.5-150400.4.50.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * podman-debuginfo-4.9.5-150400.4.50.1 * podman-remote-4.9.5-150400.4.50.1 * podman-4.9.5-150400.4.50.1 * podman-remote-debuginfo-4.9.5-150400.4.50.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * podman-debuginfo-4.9.5-150400.4.50.1 * podman-remote-4.9.5-150400.4.50.1 * podman-4.9.5-150400.4.50.1 * podman-remote-debuginfo-4.9.5-150400.4.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.50.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * podman-debuginfo-4.9.5-150400.4.50.1 * podman-remote-4.9.5-150400.4.50.1 * podman-4.9.5-150400.4.50.1 * podman-remote-debuginfo-4.9.5-150400.4.50.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * podman-docker-4.9.5-150400.4.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * podman-debuginfo-4.9.5-150400.4.50.1 * podman-remote-4.9.5-150400.4.50.1 * podman-4.9.5-150400.4.50.1 * podman-remote-debuginfo-4.9.5-150400.4.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.50.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6032.html * https://bugzilla.suse.com/show_bug.cgi?id=1245320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 15 16:30:58 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 15 Aug 2025 16:30:58 -0000 Subject: SUSE-SU-2025:02806-1: important: Security update for podman Message-ID: <175527545816.679.17248723719956335656@smelt2.prg2.suse.org> # Security update for podman Announcement ID: SUSE-SU-2025:02806-1 Release Date: 2025-08-15T12:50:31Z Rating: important References: * bsc#1245320 Cross-References: * CVE-2025-6032 CVSS scores: * CVE-2025-6032 ( SUSE ): 9.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-6032 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2025-6032 ( NVD ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2025-6032: Fixed machine init command failing to verify TLS certificate (bsc#1245320) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2806=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2806=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2806=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2806=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2806=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2806=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2806=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2806=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * podman-4.9.5-150300.9.52.1 * podman-remote-debuginfo-4.9.5-150300.9.52.1 * podmansh-4.9.5-150300.9.52.1 * podman-debuginfo-4.9.5-150300.9.52.1 * podman-remote-4.9.5-150300.9.52.1 * openSUSE Leap 15.3 (noarch) * podman-docker-4.9.5-150300.9.52.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * podman-remote-debuginfo-4.9.5-150300.9.52.1 * podman-remote-4.9.5-150300.9.52.1 * podman-4.9.5-150300.9.52.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * podman-remote-debuginfo-4.9.5-150300.9.52.1 * podman-remote-4.9.5-150300.9.52.1 * podman-4.9.5-150300.9.52.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * podman-remote-debuginfo-4.9.5-150300.9.52.1 * podman-remote-4.9.5-150300.9.52.1 * podman-4.9.5-150300.9.52.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * podman-remote-debuginfo-4.9.5-150300.9.52.1 * podman-remote-4.9.5-150300.9.52.1 * podman-4.9.5-150300.9.52.1 * podman-debuginfo-4.9.5-150300.9.52.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * podman-remote-debuginfo-4.9.5-150300.9.52.1 * podman-remote-4.9.5-150300.9.52.1 * podman-4.9.5-150300.9.52.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * podman-remote-debuginfo-4.9.5-150300.9.52.1 * podman-remote-4.9.5-150300.9.52.1 * podman-4.9.5-150300.9.52.1 * podman-debuginfo-4.9.5-150300.9.52.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * podman-remote-debuginfo-4.9.5-150300.9.52.1 * podman-remote-4.9.5-150300.9.52.1 * podman-4.9.5-150300.9.52.1 * podman-debuginfo-4.9.5-150300.9.52.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6032.html * https://bugzilla.suse.com/show_bug.cgi?id=1245320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 08:30:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 08:30:13 -0000 Subject: SUSE-SU-2025:02834-1: important: Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP4) Message-ID: <175550581376.9101.13277448671820871384@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:02834-1 Release Date: 2025-08-17T12:04:04Z Rating: important References: * bsc#1232927 * bsc#1244631 * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2024-36978 * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2024-36978 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36978 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_158 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1244631). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2834=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-2834=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_158-default-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_38-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_158-default-debuginfo-4-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_158-default-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_38-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_158-default-debuginfo-4-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1232927 * https://bugzilla.suse.com/show_bug.cgi?id=1244631 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 08:30:22 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 08:30:22 -0000 Subject: SUSE-SU-2025:02833-1: important: Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP4) Message-ID: <175550582270.9101.10235570154869714853@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:02833-1 Release Date: 2025-08-17T09:03:59Z Rating: important References: * bsc#1232927 * bsc#1244631 * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2024-36978 * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2024-36978 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36978 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_128 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1244631). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2833=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-2833=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_128-default-15-150400.2.1 * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-15-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_29-debugsource-15-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_128-default-15-150400.2.1 * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-15-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_29-debugsource-15-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1232927 * https://bugzilla.suse.com/show_bug.cgi?id=1244631 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 08:30:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 08:30:28 -0000 Subject: SUSE-SU-2025:02832-1: important: Security update for the Linux Kernel (Live Patch 58 for SLE 15 SP3) Message-ID: <175550582819.9101.12584016982053150937@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 58 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:02832-1 Release Date: 2025-08-17T06:03:55Z Rating: important References: * bsc#1244631 * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2024-36978 * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2024-36978 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36978 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_207 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1244631). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2832=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2832=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_207-default-3-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_58-debugsource-3-150300.2.1 * kernel-livepatch-5_3_18-150300_59_207-default-debuginfo-3-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_207-preempt-3-150300.2.1 * kernel-livepatch-5_3_18-150300_59_207-preempt-debuginfo-3-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_207-default-3-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_58-debugsource-3-150300.2.1 * kernel-livepatch-5_3_18-150300_59_207-default-debuginfo-3-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1244631 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 08:30:33 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 08:30:33 -0000 Subject: SUSE-SU-2025:02830-1: important: Security update for the Linux Kernel (Live Patch 68 for SLE 12 SP5) Message-ID: <175550583343.9101.16068220890422466087@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 68 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:02830-1 Release Date: 2025-08-16T17:04:07Z Rating: important References: * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_258 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-2830=1 SUSE-SLE-Live- Patching-12-SP5-2025-2831=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_247-default-6-2.1 * kgraft-patch-4_12_14-122_258-default-3-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 08:30:37 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 08:30:37 -0000 Subject: SUSE-SU-2025:02827-1: important: Security update for the Linux Kernel (Live Patch 67 for SLE 12 SP5) Message-ID: <175550583768.9101.6993830111289580642@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 67 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:02827-1 Release Date: 2025-08-16T15:33:44Z Rating: important References: * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_255 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-2827=1 SUSE-SLE-Live- Patching-12-SP5-2025-2828=1 SUSE-SLE-Live-Patching-12-SP5-2025-2825=1 SUSE-SLE- Live-Patching-12-SP5-2025-2826=1 SUSE-SLE-Live-Patching-12-SP5-2025-2829=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_255-default-5-2.1 * kgraft-patch-4_12_14-122_244-default-8-2.1 * kgraft-patch-4_12_14-122_231-default-13-2.1 * kgraft-patch-4_12_14-122_250-default-6-2.1 * kgraft-patch-4_12_14-122_222-default-16-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 08:30:41 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 08:30:41 -0000 Subject: SUSE-SU-2025:02823-1: important: Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP7) Message-ID: <175550584192.9101.10232167575693985619@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP7) Announcement ID: SUSE-SU-2025:02823-1 Release Date: 2025-08-16T07:03:44Z Rating: important References: * bsc#1244337 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150700_7_8 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2823=1 * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2025-2824=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_44-rt-debuginfo-2-150600.2.1 * kernel-livepatch-6_4_0-150600_10_44-rt-2-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_13-debugsource-2-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-6_4_0-150700_7_8-rt-2-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_2-debugsource-2-150700.2.1 * kernel-livepatch-6_4_0-150700_7_8-rt-debuginfo-2-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 08:30:50 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 08:30:50 -0000 Subject: SUSE-SU-2025:02821-1: important: Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6) Message-ID: <175550585083.9101.8421960906938630134@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02821-1 Release Date: 2025-08-16T06:04:35Z Rating: important References: * bsc#1244631 * bsc#1245218 * bsc#1245350 * bsc#1245989 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2024-36972 * CVE-2024-36978 * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2024-36972 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36972 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36978 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36978 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves six vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_8 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2024-36972: af_unix: update unix_sk(sk)->oob_skb under sk_receive_queue lock (bsc#1245989). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1244631). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2821=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-SLE15-SP6-RT_Update_0-debugsource-20-150600.3.1 * kernel-livepatch-6_4_0-150600_8-rt-debuginfo-20-150600.3.1 * kernel-livepatch-6_4_0-150600_8-rt-20-150600.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36972.html * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1244631 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1245989 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 08:30:58 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 08:30:58 -0000 Subject: SUSE-SU-2025:02820-1: important: Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP6) Message-ID: <175550585876.9101.11091742643721018622@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02820-1 Release Date: 2025-08-16T06:04:39Z Rating: important References: * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_20 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2820=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-2822=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_14-rt-14-150600.2.1 * kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo-10-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource-10-150600.2.1 * kernel-livepatch-6_4_0-150600_10_20-rt-10-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource-14-150600.2.1 * kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo-14-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 12:30:27 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 12:30:27 -0000 Subject: SUSE-SU-2025:02837-1: important: Security update for go1.24-openssl Message-ID: <175552022771.604.15286813684197638542@smelt2.prg2.suse.org> # Security update for go1.24-openssl Announcement ID: SUSE-SU-2025:02837-1 Release Date: 2025-08-18T08:36:09Z Rating: important References: * bsc#1236217 * bsc#1246118 * bsc#1247719 * bsc#1247720 * jsc#SLE-18320 Cross-References: * CVE-2025-4674 * CVE-2025-47906 * CVE-2025-47907 CVSS scores: * CVE-2025-4674 ( SUSE ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-4674 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2025-4674 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2025-47906 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-47906 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-47907 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-47907 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2025-47907 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities, contains one feature and has one security fix can now be installed. ## Description: This update for go1.24-openssl fixes the following issues: Updated to go1.24.6 (released 2025-08-06) (bsc#1236217): \- CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go (bsc#1246118) \- CVE-2025-47906: Fixed incorrect expansion of "", "." and ".." in some PATH configurations in LookPath in osc/exec (bsc#1247719) \- CVE-2025-47907: Fixed incorrect results returned from Rows.Scan in database/sql (bsc#1247720) Updated to version 1.24.6 cut from the go1.24-fips-release branch at the revision tagged go1.24.6-1-openssl-fips. (jsc#SLE-18320) \- Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil salt to be passed as a hash length buffer of zeros. Other fixes: \- cmd/compile: regression on ppc64le bit operations \- cmd/go: crash on unknown GOEXPERIMENT during toolchain selection \- cmd/link: duplicated definition of symbol github.com/ebitengine/purego.syscall15XABI0 when running with ASAN \- internal/trace: stress tests triggering suspected deadlock in tracer \- os/user:nolibgcc: TestGroupIdsTestUser failures \- runtime/pprof: crash "cannot read stack of running goroutine" in goroutine profile \- runtime: RSS seems to have increased in Go 1.24 while the runtime accounting has not \- runtime: bad frame pointer during panic during duffcopy \- runtime: heap mspan limit is set too late, causing data race between span allocation and conservative scanning \- runtime: memlock not unlocked in all control flow paths in sysReserveAlignedSbrk \- runtime: segfaults in runtime.(*unwinder).next \- runtime: use-after-free of allpSnapshot in findRunnable ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2837=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2837=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2837=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2837=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2837=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2837=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2837=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2837=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2837=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2837=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2837=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2837=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.24-openssl-1.24.6-150000.1.12.1 * go1.24-openssl-race-1.24.6-150000.1.12.1 * go1.24-openssl-doc-1.24.6-150000.1.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.24-openssl-1.24.6-150000.1.12.1 * go1.24-openssl-race-1.24.6-150000.1.12.1 * go1.24-openssl-doc-1.24.6-150000.1.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.24-openssl-1.24.6-150000.1.12.1 * go1.24-openssl-race-1.24.6-150000.1.12.1 * go1.24-openssl-doc-1.24.6-150000.1.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.24-openssl-1.24.6-150000.1.12.1 * go1.24-openssl-race-1.24.6-150000.1.12.1 * go1.24-openssl-doc-1.24.6-150000.1.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.24-openssl-1.24.6-150000.1.12.1 * go1.24-openssl-race-1.24.6-150000.1.12.1 * go1.24-openssl-doc-1.24.6-150000.1.12.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-openssl-1.24.6-150000.1.12.1 * go1.24-openssl-race-1.24.6-150000.1.12.1 * go1.24-openssl-doc-1.24.6-150000.1.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-openssl-1.24.6-150000.1.12.1 * go1.24-openssl-race-1.24.6-150000.1.12.1 * go1.24-openssl-doc-1.24.6-150000.1.12.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.24-openssl-1.24.6-150000.1.12.1 * go1.24-openssl-race-1.24.6-150000.1.12.1 * go1.24-openssl-doc-1.24.6-150000.1.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.24-openssl-1.24.6-150000.1.12.1 * go1.24-openssl-race-1.24.6-150000.1.12.1 * go1.24-openssl-doc-1.24.6-150000.1.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.24-openssl-1.24.6-150000.1.12.1 * go1.24-openssl-race-1.24.6-150000.1.12.1 * go1.24-openssl-doc-1.24.6-150000.1.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.24-openssl-1.24.6-150000.1.12.1 * go1.24-openssl-race-1.24.6-150000.1.12.1 * go1.24-openssl-doc-1.24.6-150000.1.12.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.24-openssl-1.24.6-150000.1.12.1 * go1.24-openssl-race-1.24.6-150000.1.12.1 * go1.24-openssl-doc-1.24.6-150000.1.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4674.html * https://www.suse.com/security/cve/CVE-2025-47906.html * https://www.suse.com/security/cve/CVE-2025-47907.html * https://bugzilla.suse.com/show_bug.cgi?id=1236217 * https://bugzilla.suse.com/show_bug.cgi?id=1246118 * https://bugzilla.suse.com/show_bug.cgi?id=1247719 * https://bugzilla.suse.com/show_bug.cgi?id=1247720 * https://jira.suse.com/browse/SLE-18320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 16:31:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 16:31:09 -0000 Subject: SUSE-SU-2025:02846-1: important: Security update for the Linux Kernel Message-ID: <175553466927.679.1228044315605980946@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:02846-1 Release Date: 2025-08-18T15:47:52Z Rating: important References: * bsc#1171844 * bsc#1205711 * bsc#1210629 * bsc#1220631 * bsc#1220704 * bsc#1223634 * bsc#1223638 * bsc#1225000 * bsc#1230216 * bsc#1230581 * bsc#1237881 * bsc#1238160 * bsc#1238374 * bsc#1238400 * bsc#1240224 * bsc#1240722 * bsc#1242365 * bsc#1242414 * bsc#1242446 * bsc#1242548 * bsc#1242780 * bsc#1242837 * bsc#1242960 * bsc#1243068 * bsc#1243479 * bsc#1244735 * bsc#1244750 * bsc#1244792 * bsc#1244801 * bsc#1244840 * bsc#1244860 * bsc#1244883 * bsc#1245051 * bsc#1245058 * bsc#1245060 * bsc#1245073 * bsc#1245078 * bsc#1245121 * bsc#1245132 * bsc#1245139 * bsc#1245151 * bsc#1245201 * bsc#1245210 * bsc#1245217 * bsc#1245265 * bsc#1245649 * bsc#1245668 * bsc#1245675 * bsc#1245682 * bsc#1245689 * bsc#1245708 * bsc#1245747 * bsc#1245758 * bsc#1245768 * bsc#1245777 * bsc#1245945 * bsc#1245952 * bsc#1245954 * bsc#1245970 * bsc#1245976 * bsc#1245986 * bsc#1246000 * bsc#1246008 * bsc#1246029 * bsc#1246037 * bsc#1246045 * bsc#1246171 * bsc#1246182 * bsc#1246243 * bsc#1246253 * bsc#1246386 * bsc#1246387 * bsc#1246459 * bsc#1246473 * bsc#1246781 * bsc#1247141 * bsc#1247147 * bsc#1247177 * bsc#1247181 * bsc#1247279 * bsc#1247314 * bsc#1247348 * bsc#1247349 * bsc#1247437 Cross-References: * CVE-2021-46984 * CVE-2021-46987 * CVE-2022-4129 * CVE-2022-49138 * CVE-2022-49319 * CVE-2022-49323 * CVE-2022-49768 * CVE-2022-49825 * CVE-2022-49934 * CVE-2022-49948 * CVE-2022-49969 * CVE-2022-49993 * CVE-2022-50025 * CVE-2022-50027 * CVE-2022-50030 * CVE-2022-50033 * CVE-2022-50103 * CVE-2022-50149 * CVE-2022-50226 * CVE-2023-2176 * CVE-2023-52878 * CVE-2023-53020 * CVE-2023-53117 * CVE-2023-53118 * CVE-2024-26974 * CVE-2024-26982 * CVE-2024-44963 * CVE-2024-46713 * CVE-2024-49861 * CVE-2025-21731 * CVE-2025-21928 * CVE-2025-23163 * CVE-2025-37798 * CVE-2025-37856 * CVE-2025-37885 * CVE-2025-37920 * CVE-2025-38034 * CVE-2025-38035 * CVE-2025-38040 * CVE-2025-38051 * CVE-2025-38058 * CVE-2025-38064 * CVE-2025-38068 * CVE-2025-38074 * CVE-2025-38079 * CVE-2025-38094 * CVE-2025-38105 * CVE-2025-38108 * CVE-2025-38112 * CVE-2025-38115 * CVE-2025-38126 * CVE-2025-38147 * CVE-2025-38157 * CVE-2025-38161 * CVE-2025-38166 * CVE-2025-38177 * CVE-2025-38180 * CVE-2025-38181 * CVE-2025-38192 * CVE-2025-38193 * CVE-2025-38198 * CVE-2025-38200 * CVE-2025-38211 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38222 * CVE-2025-38249 * CVE-2025-38250 * CVE-2025-38264 * CVE-2025-38312 * CVE-2025-38319 * CVE-2025-38323 * CVE-2025-38337 * CVE-2025-38350 * CVE-2025-38375 * CVE-2025-38391 * CVE-2025-38403 * CVE-2025-38415 * CVE-2025-38420 * CVE-2025-38468 * CVE-2025-38477 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2021-46984 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46984 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46987 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46987 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-4129 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-4129 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-4129 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49138 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2022-49138 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-49319 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49319 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49323 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49323 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49323 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49768 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49825 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49825 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49934 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49934 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49948 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49969 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49969 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49993 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49993 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50025 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-50025 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-50027 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-50027 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50030 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-50030 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-50033 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-50033 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50103 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50149 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-50226 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-2176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-2176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53020 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53020 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53117 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-53117 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26974 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26974 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26982 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-44963 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-44963 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46713 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49861 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49861 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49861 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-21731 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21731 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21928 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21928 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21928 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21928 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-23163 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23163 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37856 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37856 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37920 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37920 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38034 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38034 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38035 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38035 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38040 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38040 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38051 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38058 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38058 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38064 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38064 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38068 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38068 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38074 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38105 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38105 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38108 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38108 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38112 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38112 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38115 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38115 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38126 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38126 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38147 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38157 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38157 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38161 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38166 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38166 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38180 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38180 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38192 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38192 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38193 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38193 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38198 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38211 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38211 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38222 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-38222 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2025-38249 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38249 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38250 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38250 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38264 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38312 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38319 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38323 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38323 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38337 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38350 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38350 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38375 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38391 ( SUSE ): 5.2 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38391 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38403 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38415 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38415 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38477 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38477 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 83 vulnerabilities and has one security fix can now be installed. ## Description: This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-2846=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2846=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-2846=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-debuginfo-4.12.14-122.269.1 * ocfs2-kmp-default-4.12.14-122.269.1 * kernel-default-debugsource-4.12.14-122.269.1 * kernel-default-debuginfo-4.12.14-122.269.1 * kernel-default-devel-4.12.14-122.269.1 * gfs2-kmp-default-4.12.14-122.269.1 * kernel-default-base-4.12.14-122.269.1 * cluster-md-kmp-default-4.12.14-122.269.1 * dlm-kmp-default-4.12.14-122.269.1 * kernel-default-base-debuginfo-4.12.14-122.269.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.269.1 * kernel-syms-4.12.14-122.269.1 * dlm-kmp-default-debuginfo-4.12.14-122.269.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.269.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-4.12.14-122.269.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * kernel-macros-4.12.14-122.269.1 * kernel-source-4.12.14-122.269.1 * kernel-devel-4.12.14-122.269.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x) * kernel-default-man-4.12.14-122.269.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.269.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * gfs2-kmp-default-debuginfo-4.12.14-122.269.1 * ocfs2-kmp-default-4.12.14-122.269.1 * kernel-default-debugsource-4.12.14-122.269.1 * kernel-default-debuginfo-4.12.14-122.269.1 * kernel-default-devel-4.12.14-122.269.1 * kernel-default-devel-debuginfo-4.12.14-122.269.1 * gfs2-kmp-default-4.12.14-122.269.1 * kernel-default-base-4.12.14-122.269.1 * cluster-md-kmp-default-4.12.14-122.269.1 * dlm-kmp-default-4.12.14-122.269.1 * kernel-default-base-debuginfo-4.12.14-122.269.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.269.1 * kernel-syms-4.12.14-122.269.1 * dlm-kmp-default-debuginfo-4.12.14-122.269.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.269.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (nosrc x86_64) * kernel-default-4.12.14-122.269.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * kernel-macros-4.12.14-122.269.1 * kernel-source-4.12.14-122.269.1 * kernel-devel-4.12.14-122.269.1 * SUSE Linux Enterprise Live Patching 12-SP5 (nosrc) * kernel-default-4.12.14-122.269.1 * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kernel-default-kgraft-4.12.14-122.269.1 * kernel-default-debugsource-4.12.14-122.269.1 * kernel-default-debuginfo-4.12.14-122.269.1 * kernel-default-kgraft-devel-4.12.14-122.269.1 * kgraft-patch-4_12_14-122_269-default-1-8.3.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46984.html * https://www.suse.com/security/cve/CVE-2021-46987.html * https://www.suse.com/security/cve/CVE-2022-4129.html * https://www.suse.com/security/cve/CVE-2022-49138.html * https://www.suse.com/security/cve/CVE-2022-49319.html * https://www.suse.com/security/cve/CVE-2022-49323.html * https://www.suse.com/security/cve/CVE-2022-49768.html * https://www.suse.com/security/cve/CVE-2022-49825.html * https://www.suse.com/security/cve/CVE-2022-49934.html * https://www.suse.com/security/cve/CVE-2022-49948.html * https://www.suse.com/security/cve/CVE-2022-49969.html * https://www.suse.com/security/cve/CVE-2022-49993.html * https://www.suse.com/security/cve/CVE-2022-50025.html * https://www.suse.com/security/cve/CVE-2022-50027.html * https://www.suse.com/security/cve/CVE-2022-50030.html * https://www.suse.com/security/cve/CVE-2022-50033.html * https://www.suse.com/security/cve/CVE-2022-50103.html * https://www.suse.com/security/cve/CVE-2022-50149.html * https://www.suse.com/security/cve/CVE-2022-50226.html * https://www.suse.com/security/cve/CVE-2023-2176.html * https://www.suse.com/security/cve/CVE-2023-52878.html * https://www.suse.com/security/cve/CVE-2023-53020.html * https://www.suse.com/security/cve/CVE-2023-53117.html * https://www.suse.com/security/cve/CVE-2023-53118.html * https://www.suse.com/security/cve/CVE-2024-26974.html * https://www.suse.com/security/cve/CVE-2024-26982.html * https://www.suse.com/security/cve/CVE-2024-44963.html * https://www.suse.com/security/cve/CVE-2024-46713.html * https://www.suse.com/security/cve/CVE-2024-49861.html * https://www.suse.com/security/cve/CVE-2025-21731.html * https://www.suse.com/security/cve/CVE-2025-21928.html * https://www.suse.com/security/cve/CVE-2025-23163.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-37856.html * https://www.suse.com/security/cve/CVE-2025-37885.html * https://www.suse.com/security/cve/CVE-2025-37920.html * https://www.suse.com/security/cve/CVE-2025-38034.html * https://www.suse.com/security/cve/CVE-2025-38035.html * https://www.suse.com/security/cve/CVE-2025-38040.html * https://www.suse.com/security/cve/CVE-2025-38051.html * https://www.suse.com/security/cve/CVE-2025-38058.html * https://www.suse.com/security/cve/CVE-2025-38064.html * https://www.suse.com/security/cve/CVE-2025-38068.html * https://www.suse.com/security/cve/CVE-2025-38074.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38094.html * https://www.suse.com/security/cve/CVE-2025-38105.html * https://www.suse.com/security/cve/CVE-2025-38108.html * https://www.suse.com/security/cve/CVE-2025-38112.html * https://www.suse.com/security/cve/CVE-2025-38115.html * https://www.suse.com/security/cve/CVE-2025-38126.html * https://www.suse.com/security/cve/CVE-2025-38147.html * https://www.suse.com/security/cve/CVE-2025-38157.html * https://www.suse.com/security/cve/CVE-2025-38161.html * https://www.suse.com/security/cve/CVE-2025-38166.html * https://www.suse.com/security/cve/CVE-2025-38177.html * https://www.suse.com/security/cve/CVE-2025-38180.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38192.html * https://www.suse.com/security/cve/CVE-2025-38193.html * https://www.suse.com/security/cve/CVE-2025-38198.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38211.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38222.html * https://www.suse.com/security/cve/CVE-2025-38249.html * https://www.suse.com/security/cve/CVE-2025-38250.html * https://www.suse.com/security/cve/CVE-2025-38264.html * https://www.suse.com/security/cve/CVE-2025-38312.html * https://www.suse.com/security/cve/CVE-2025-38319.html * https://www.suse.com/security/cve/CVE-2025-38323.html * https://www.suse.com/security/cve/CVE-2025-38337.html * https://www.suse.com/security/cve/CVE-2025-38350.html * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-38391.html * https://www.suse.com/security/cve/CVE-2025-38403.html * https://www.suse.com/security/cve/CVE-2025-38415.html * https://www.suse.com/security/cve/CVE-2025-38420.html * https://www.suse.com/security/cve/CVE-2025-38468.html * https://www.suse.com/security/cve/CVE-2025-38477.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1171844 * https://bugzilla.suse.com/show_bug.cgi?id=1205711 * https://bugzilla.suse.com/show_bug.cgi?id=1210629 * https://bugzilla.suse.com/show_bug.cgi?id=1220631 * https://bugzilla.suse.com/show_bug.cgi?id=1220704 * https://bugzilla.suse.com/show_bug.cgi?id=1223634 * https://bugzilla.suse.com/show_bug.cgi?id=1223638 * https://bugzilla.suse.com/show_bug.cgi?id=1225000 * https://bugzilla.suse.com/show_bug.cgi?id=1230216 * https://bugzilla.suse.com/show_bug.cgi?id=1230581 * https://bugzilla.suse.com/show_bug.cgi?id=1237881 * https://bugzilla.suse.com/show_bug.cgi?id=1238160 * https://bugzilla.suse.com/show_bug.cgi?id=1238374 * https://bugzilla.suse.com/show_bug.cgi?id=1238400 * https://bugzilla.suse.com/show_bug.cgi?id=1240224 * https://bugzilla.suse.com/show_bug.cgi?id=1240722 * https://bugzilla.suse.com/show_bug.cgi?id=1242365 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242446 * https://bugzilla.suse.com/show_bug.cgi?id=1242548 * https://bugzilla.suse.com/show_bug.cgi?id=1242780 * https://bugzilla.suse.com/show_bug.cgi?id=1242837 * https://bugzilla.suse.com/show_bug.cgi?id=1242960 * https://bugzilla.suse.com/show_bug.cgi?id=1243068 * https://bugzilla.suse.com/show_bug.cgi?id=1243479 * https://bugzilla.suse.com/show_bug.cgi?id=1244735 * https://bugzilla.suse.com/show_bug.cgi?id=1244750 * https://bugzilla.suse.com/show_bug.cgi?id=1244792 * https://bugzilla.suse.com/show_bug.cgi?id=1244801 * https://bugzilla.suse.com/show_bug.cgi?id=1244840 * https://bugzilla.suse.com/show_bug.cgi?id=1244860 * https://bugzilla.suse.com/show_bug.cgi?id=1244883 * https://bugzilla.suse.com/show_bug.cgi?id=1245051 * https://bugzilla.suse.com/show_bug.cgi?id=1245058 * https://bugzilla.suse.com/show_bug.cgi?id=1245060 * https://bugzilla.suse.com/show_bug.cgi?id=1245073 * https://bugzilla.suse.com/show_bug.cgi?id=1245078 * https://bugzilla.suse.com/show_bug.cgi?id=1245121 * https://bugzilla.suse.com/show_bug.cgi?id=1245132 * https://bugzilla.suse.com/show_bug.cgi?id=1245139 * https://bugzilla.suse.com/show_bug.cgi?id=1245151 * https://bugzilla.suse.com/show_bug.cgi?id=1245201 * https://bugzilla.suse.com/show_bug.cgi?id=1245210 * https://bugzilla.suse.com/show_bug.cgi?id=1245217 * https://bugzilla.suse.com/show_bug.cgi?id=1245265 * https://bugzilla.suse.com/show_bug.cgi?id=1245649 * https://bugzilla.suse.com/show_bug.cgi?id=1245668 * https://bugzilla.suse.com/show_bug.cgi?id=1245675 * https://bugzilla.suse.com/show_bug.cgi?id=1245682 * https://bugzilla.suse.com/show_bug.cgi?id=1245689 * https://bugzilla.suse.com/show_bug.cgi?id=1245708 * https://bugzilla.suse.com/show_bug.cgi?id=1245747 * https://bugzilla.suse.com/show_bug.cgi?id=1245758 * https://bugzilla.suse.com/show_bug.cgi?id=1245768 * https://bugzilla.suse.com/show_bug.cgi?id=1245777 * https://bugzilla.suse.com/show_bug.cgi?id=1245945 * https://bugzilla.suse.com/show_bug.cgi?id=1245952 * https://bugzilla.suse.com/show_bug.cgi?id=1245954 * https://bugzilla.suse.com/show_bug.cgi?id=1245970 * https://bugzilla.suse.com/show_bug.cgi?id=1245976 * https://bugzilla.suse.com/show_bug.cgi?id=1245986 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246008 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246171 * https://bugzilla.suse.com/show_bug.cgi?id=1246182 * https://bugzilla.suse.com/show_bug.cgi?id=1246243 * https://bugzilla.suse.com/show_bug.cgi?id=1246253 * https://bugzilla.suse.com/show_bug.cgi?id=1246386 * https://bugzilla.suse.com/show_bug.cgi?id=1246387 * https://bugzilla.suse.com/show_bug.cgi?id=1246459 * https://bugzilla.suse.com/show_bug.cgi?id=1246473 * https://bugzilla.suse.com/show_bug.cgi?id=1246781 * https://bugzilla.suse.com/show_bug.cgi?id=1247141 * https://bugzilla.suse.com/show_bug.cgi?id=1247147 * https://bugzilla.suse.com/show_bug.cgi?id=1247177 * https://bugzilla.suse.com/show_bug.cgi?id=1247181 * https://bugzilla.suse.com/show_bug.cgi?id=1247279 * https://bugzilla.suse.com/show_bug.cgi?id=1247314 * https://bugzilla.suse.com/show_bug.cgi?id=1247348 * https://bugzilla.suse.com/show_bug.cgi?id=1247349 * https://bugzilla.suse.com/show_bug.cgi?id=1247437 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 16:31:26 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 16:31:26 -0000 Subject: SUSE-SU-2025:02848-1: important: Security update for the Linux Kernel Message-ID: <175553468685.679.7234491399265287646@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:02848-1 Release Date: 2025-08-18T15:55:33Z Rating: important References: * bsc#1210629 * bsc#1233551 * bsc#1234863 * bsc#1236104 * bsc#1236333 * bsc#1239644 * bsc#1242414 * bsc#1242417 * bsc#1245140 * bsc#1245217 * bsc#1245711 * bsc#1245986 * bsc#1246000 * bsc#1246029 * bsc#1246037 * bsc#1246045 * bsc#1246186 * bsc#1247347 * bsc#1247348 * bsc#1247349 Cross-References: * CVE-2022-50211 * CVE-2023-2176 * CVE-2023-52923 * CVE-2023-52927 * CVE-2024-53057 * CVE-2024-53164 * CVE-2024-57947 * CVE-2025-37797 * CVE-2025-37798 * CVE-2025-38079 * CVE-2025-38120 * CVE-2025-38177 * CVE-2025-38181 * CVE-2025-38200 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38257 * CVE-2025-38494 * CVE-2025-38495 * CVE-2025-38497 CVSS scores: * CVE-2022-50211 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-50211 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-2176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-2176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-2176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52923 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52923 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52927 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-52927 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53057 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53164 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53164 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57947 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57947 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38120 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-38120 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-38177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38257 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38497 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38497 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Manager Proxy 4.2 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Server 4.2 An update that solves 20 vulnerabilities can now be installed. ## Description: This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2025-2848=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2848=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2848=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2848=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2848=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2848=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2848=1 ## Package List: * SUSE Linux Enterprise High Availability Extension 15 SP3 (s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.215.1 * ocfs2-kmp-default-5.3.18-150300.59.215.1 * cluster-md-kmp-default-5.3.18-150300.59.215.1 * gfs2-kmp-default-5.3.18-150300.59.215.1 * kernel-default-debugsource-5.3.18-150300.59.215.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.215.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.215.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.215.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.215.1 * dlm-kmp-default-5.3.18-150300.59.215.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc) * kernel-default-5.3.18-150300.59.215.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (nosrc ppc64le s390x x86_64) * kernel-default-5.3.18-150300.59.215.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (ppc64le s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.215.1 * reiserfs-kmp-default-5.3.18-150300.59.215.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.215.1 * kernel-default-base-5.3.18-150300.59.215.1.150300.18.128.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.215.1 * kernel-obs-build-5.3.18-150300.59.215.1 * kernel-obs-build-debugsource-5.3.18-150300.59.215.1 * kernel-default-devel-5.3.18-150300.59.215.1 * kernel-default-debugsource-5.3.18-150300.59.215.1 * kernel-syms-5.3.18-150300.59.215.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * kernel-source-5.3.18-150300.59.215.1 * kernel-macros-5.3.18-150300.59.215.1 * kernel-devel-5.3.18-150300.59.215.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch nosrc) * kernel-docs-5.3.18-150300.59.215.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.215.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x) * kernel-zfcpdump-debuginfo-5.3.18-150300.59.215.1 * kernel-zfcpdump-debugsource-5.3.18-150300.59.215.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (nosrc x86_64) * kernel-preempt-5.3.18-150300.59.215.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64) * kernel-preempt-devel-debuginfo-5.3.18-150300.59.215.1 * kernel-preempt-debugsource-5.3.18-150300.59.215.1 * kernel-preempt-debuginfo-5.3.18-150300.59.215.1 * kernel-preempt-devel-5.3.18-150300.59.215.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.215.1 * SUSE Enterprise Storage 7.1 (aarch64) * kernel-64kb-debugsource-5.3.18-150300.59.215.1 * kernel-64kb-devel-5.3.18-150300.59.215.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.215.1 * kernel-64kb-debuginfo-5.3.18-150300.59.215.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64) * kernel-default-5.3.18-150300.59.215.1 * kernel-preempt-5.3.18-150300.59.215.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * kernel-default-debuginfo-5.3.18-150300.59.215.1 * kernel-preempt-debuginfo-5.3.18-150300.59.215.1 * kernel-preempt-debugsource-5.3.18-150300.59.215.1 * reiserfs-kmp-default-5.3.18-150300.59.215.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.215.1 * kernel-preempt-devel-5.3.18-150300.59.215.1 * kernel-default-base-5.3.18-150300.59.215.1.150300.18.128.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.215.1 * kernel-obs-build-5.3.18-150300.59.215.1 * kernel-obs-build-debugsource-5.3.18-150300.59.215.1 * kernel-default-devel-5.3.18-150300.59.215.1 * kernel-default-debugsource-5.3.18-150300.59.215.1 * kernel-syms-5.3.18-150300.59.215.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.215.1 * SUSE Enterprise Storage 7.1 (noarch) * kernel-source-5.3.18-150300.59.215.1 * kernel-macros-5.3.18-150300.59.215.1 * kernel-devel-5.3.18-150300.59.215.1 * SUSE Enterprise Storage 7.1 (noarch nosrc) * kernel-docs-5.3.18-150300.59.215.1 * SUSE Linux Enterprise Micro 5.1 (nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.215.1 * SUSE Linux Enterprise Micro 5.1 (s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.215.1 * kernel-default-debugsource-5.3.18-150300.59.215.1 * kernel-default-base-5.3.18-150300.59.215.1.150300.18.128.1 * SUSE Linux Enterprise Micro 5.2 (nosrc s390x) * kernel-default-5.3.18-150300.59.215.1 * SUSE Linux Enterprise Micro 5.2 (s390x) * kernel-default-debuginfo-5.3.18-150300.59.215.1 * kernel-default-debugsource-5.3.18-150300.59.215.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (nosrc s390x) * kernel-default-5.3.18-150300.59.215.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (s390x) * kernel-default-debuginfo-5.3.18-150300.59.215.1 * kernel-default-debugsource-5.3.18-150300.59.215.1 * SUSE Linux Enterprise Live Patching 15-SP3 (nosrc) * kernel-default-5.3.18-150300.59.215.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.215.1 * kernel-default-livepatch-5.3.18-150300.59.215.1 * kernel-default-livepatch-devel-5.3.18-150300.59.215.1 * kernel-default-debugsource-5.3.18-150300.59.215.1 * kernel-livepatch-SLE15-SP3_Update_60-debugsource-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_215-default-debuginfo-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_215-default-1-150300.7.3.1 ## References: * https://www.suse.com/security/cve/CVE-2022-50211.html * https://www.suse.com/security/cve/CVE-2023-2176.html * https://www.suse.com/security/cve/CVE-2023-52923.html * https://www.suse.com/security/cve/CVE-2023-52927.html * https://www.suse.com/security/cve/CVE-2024-53057.html * https://www.suse.com/security/cve/CVE-2024-53164.html * https://www.suse.com/security/cve/CVE-2024-57947.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38120.html * https://www.suse.com/security/cve/CVE-2025-38177.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38257.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://www.suse.com/security/cve/CVE-2025-38497.html * https://bugzilla.suse.com/show_bug.cgi?id=1210629 * https://bugzilla.suse.com/show_bug.cgi?id=1233551 * https://bugzilla.suse.com/show_bug.cgi?id=1234863 * https://bugzilla.suse.com/show_bug.cgi?id=1236104 * https://bugzilla.suse.com/show_bug.cgi?id=1236333 * https://bugzilla.suse.com/show_bug.cgi?id=1239644 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242417 * https://bugzilla.suse.com/show_bug.cgi?id=1245140 * https://bugzilla.suse.com/show_bug.cgi?id=1245217 * https://bugzilla.suse.com/show_bug.cgi?id=1245711 * https://bugzilla.suse.com/show_bug.cgi?id=1245986 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246186 * https://bugzilla.suse.com/show_bug.cgi?id=1247347 * https://bugzilla.suse.com/show_bug.cgi?id=1247348 * https://bugzilla.suse.com/show_bug.cgi?id=1247349 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 16:31:35 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 16:31:35 -0000 Subject: SUSE-SU-2025:02844-1: important: Security update for the Linux Kernel Message-ID: <175553469514.679.13103414515135159204@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:02844-1 Release Date: 2025-08-18T15:45:21Z Rating: important References: * bsc#1233551 * bsc#1234863 * bsc#1240799 * bsc#1242780 * bsc#1245140 * bsc#1245217 * bsc#1246037 * bsc#1246045 Cross-References: * CVE-2022-50211 * CVE-2023-53117 * CVE-2024-53057 * CVE-2024-53164 * CVE-2025-21971 * CVE-2025-38079 * CVE-2025-38200 * CVE-2025-38213 CVSS scores: * CVE-2022-50211 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-50211 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-53117 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-53117 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53057 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53164 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53164 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21971 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21971 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 11 SP4 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE An update that solves eight vulnerabilities can now be installed. ## Description: The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-50211: md-raid10: fix KASAN warning (bsc#1245140). * CVE-2023-53117: fs: prevent out-of-bounds array speculation when closing a file descriptor (bsc#1242780). * CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551). * CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863). * CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1240799). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245217). * CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045). * CVE-2025-38213: vgacon: Add check for vc_origin address range in vgacon_scroll() (bsc#1246037). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-2844=1 * SUSE Linux Enterprise Server 11 SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-2844=1 ## Package List: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (nosrc x86_64) * kernel-trace-3.0.101-108.189.1 * kernel-default-3.0.101-108.189.1 * kernel-xen-3.0.101-108.189.1 * kernel-ec2-3.0.101-108.189.1 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (x86_64) * kernel-xen-devel-3.0.101-108.189.1 * kernel-ec2-devel-3.0.101-108.189.1 * kernel-default-base-3.0.101-108.189.1 * kernel-default-devel-3.0.101-108.189.1 * kernel-ec2-base-3.0.101-108.189.1 * kernel-source-3.0.101-108.189.1 * kernel-trace-devel-3.0.101-108.189.1 * kernel-trace-base-3.0.101-108.189.1 * kernel-syms-3.0.101-108.189.1 * kernel-xen-base-3.0.101-108.189.1 * SUSE Linux Enterprise Server 11 SP4 (nosrc x86_64) * kernel-trace-3.0.101-108.189.1 * kernel-default-3.0.101-108.189.1 * kernel-xen-3.0.101-108.189.1 * kernel-ec2-3.0.101-108.189.1 * SUSE Linux Enterprise Server 11 SP4 (x86_64) * kernel-xen-devel-3.0.101-108.189.1 * kernel-ec2-devel-3.0.101-108.189.1 * kernel-default-base-3.0.101-108.189.1 * kernel-default-devel-3.0.101-108.189.1 * kernel-ec2-base-3.0.101-108.189.1 * kernel-source-3.0.101-108.189.1 * kernel-trace-devel-3.0.101-108.189.1 * kernel-trace-base-3.0.101-108.189.1 * kernel-syms-3.0.101-108.189.1 * kernel-xen-base-3.0.101-108.189.1 ## References: * https://www.suse.com/security/cve/CVE-2022-50211.html * https://www.suse.com/security/cve/CVE-2023-53117.html * https://www.suse.com/security/cve/CVE-2024-53057.html * https://www.suse.com/security/cve/CVE-2024-53164.html * https://www.suse.com/security/cve/CVE-2025-21971.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://bugzilla.suse.com/show_bug.cgi?id=1233551 * https://bugzilla.suse.com/show_bug.cgi?id=1234863 * https://bugzilla.suse.com/show_bug.cgi?id=1240799 * https://bugzilla.suse.com/show_bug.cgi?id=1242780 * https://bugzilla.suse.com/show_bug.cgi?id=1245140 * https://bugzilla.suse.com/show_bug.cgi?id=1245217 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 16:31:37 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 16:31:37 -0000 Subject: SUSE-SU-2025:02843-1: low: Security update for cairo Message-ID: <175553469785.679.18316941750450903519@smelt2.prg2.suse.org> # Security update for cairo Announcement ID: SUSE-SU-2025:02843-1 Release Date: 2025-08-18T12:33:41Z Rating: low References: * bsc#1247589 Cross-References: * CVE-2025-50422 CVSS scores: * CVE-2025-50422 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-50422 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-50422 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for cairo fixes the following issues: * CVE-2025-50422: NULL pointer access in `active_edges_to_traps()` can lead to crash in Poppler (bsc#1247589). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2843=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2843=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libcairo2-1.16.0-150200.5.8.1 * cairo-debugsource-1.16.0-150200.5.8.1 * libcairo-gobject2-debuginfo-1.16.0-150200.5.8.1 * libcairo-gobject2-1.16.0-150200.5.8.1 * libcairo2-debuginfo-1.16.0-150200.5.8.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libcairo2-1.16.0-150200.5.8.1 * cairo-debugsource-1.16.0-150200.5.8.1 * libcairo-gobject2-debuginfo-1.16.0-150200.5.8.1 * libcairo-gobject2-1.16.0-150200.5.8.1 * libcairo2-debuginfo-1.16.0-150200.5.8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-50422.html * https://bugzilla.suse.com/show_bug.cgi?id=1247589 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 16:31:41 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 16:31:41 -0000 Subject: SUSE-SU-2025:02842-1: important: Security update for postgresql13 Message-ID: <175553470155.679.5281769256282039833@smelt2.prg2.suse.org> # Security update for postgresql13 Announcement ID: SUSE-SU-2025:02842-1 Release Date: 2025-08-18T12:33:33Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql13 fixes the following issues: Upgrade to 13.22: * CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table (bsc#1248120). * CVE-2025-8714: untrusted data inclusion in `pg_dump` lets superuser of origin server execute arbitrary code in psql client (bsc#1248122). * CVE-2025-8715: improper neutralization of newlines in `pg_dump` allows execution of arbitrary code in psql client and in restore target server (bsc#1248119). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2842=1 openSUSE-SLE-15.6-2025-2842=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql13-plpython-debuginfo-13.22-150600.14.11.1 * postgresql13-13.22-150600.14.11.1 * postgresql13-contrib-13.22-150600.14.11.1 * postgresql13-llvmjit-devel-13.22-150600.14.11.1 * postgresql13-pltcl-debuginfo-13.22-150600.14.11.1 * postgresql13-debugsource-13.22-150600.14.11.1 * postgresql13-server-devel-debuginfo-13.22-150600.14.11.1 * postgresql13-devel-13.22-150600.14.11.1 * postgresql13-test-13.22-150600.14.11.1 * postgresql13-llvmjit-debuginfo-13.22-150600.14.11.1 * postgresql13-pltcl-13.22-150600.14.11.1 * postgresql13-plperl-13.22-150600.14.11.1 * postgresql13-server-devel-13.22-150600.14.11.1 * postgresql13-server-debuginfo-13.22-150600.14.11.1 * postgresql13-server-13.22-150600.14.11.1 * postgresql13-llvmjit-13.22-150600.14.11.1 * postgresql13-debuginfo-13.22-150600.14.11.1 * postgresql13-contrib-debuginfo-13.22-150600.14.11.1 * postgresql13-plperl-debuginfo-13.22-150600.14.11.1 * postgresql13-devel-debuginfo-13.22-150600.14.11.1 * postgresql13-plpython-13.22-150600.14.11.1 * openSUSE Leap 15.6 (noarch) * postgresql13-docs-13.22-150600.14.11.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 20:30:10 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 20:30:10 -0000 Subject: SUSE-SU-2025:02858-1: important: Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP7) Message-ID: <175554901029.603.16051343016056413543@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP7) Announcement ID: SUSE-SU-2025:02858-1 Release Date: 2025-08-18T17:33:55Z Rating: important References: * bsc#1244337 * bsc#1245218 * bsc#1245350 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves seven vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150700_5 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2025-2858=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-6_4_0-150700_5-rt-debuginfo-2-150700.3.1 * kernel-livepatch-SLE15-SP7-RT_Update_0-debugsource-2-150700.3.1 * kernel-livepatch-6_4_0-150700_5-rt-2-150700.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 20:30:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 20:30:16 -0000 Subject: SUSE-SU-2025:02857-1: important: Security update for the Linux Kernel (Live Patch 57 for SLE 15 SP3) Message-ID: <175554901640.603.14714189468819224147@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 57 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:02857-1 Release Date: 2025-08-18T17:33:52Z Rating: important References: * bsc#1244631 * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2024-36978 * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2024-36978 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36978 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_204 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1244631). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2857=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2857=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_57-debugsource-4-150300.2.1 * kernel-livepatch-5_3_18-150300_59_204-default-debuginfo-4-150300.2.1 * kernel-livepatch-5_3_18-150300_59_204-default-4-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_204-preempt-debuginfo-4-150300.2.1 * kernel-livepatch-5_3_18-150300_59_204-preempt-4-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_57-debugsource-4-150300.2.1 * kernel-livepatch-5_3_18-150300_59_204-default-debuginfo-4-150300.2.1 * kernel-livepatch-5_3_18-150300_59_204-default-4-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1244631 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 20:30:20 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 20:30:20 -0000 Subject: SUSE-SU-2025:02854-1: important: Security update for the Linux Kernel (Live Patch 63 for SLE 12 SP5) Message-ID: <175554902080.603.6442404481874689007@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 63 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:02854-1 Release Date: 2025-08-18T17:03:58Z Rating: important References: * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_237 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-2854=1 SUSE-SLE-Live- Patching-12-SP5-2025-2855=1 SUSE-SLE-Live-Patching-12-SP5-2025-2856=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_237-default-9-2.1 * kgraft-patch-4_12_14-122_225-default-15-2.1 * kgraft-patch-4_12_14-122_234-default-13-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 20:34:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 20:34:04 -0000 Subject: SUSE-SU-2025:02853-1: important: Security update for the Linux Kernel Message-ID: <175554924415.603.10202103045803111003@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:02853-1 Release Date: 2025-08-18T16:01:55Z Rating: important References: * bsc#1204142 * bsc#1219338 * bsc#1225707 * bsc#1228664 * bsc#1230216 * bsc#1233300 * bsc#1235515 * bsc#1235613 * bsc#1235837 * bsc#1236333 * bsc#1236897 * bsc#1238896 * bsc#1239061 * bsc#1240323 * bsc#1240696 * bsc#1240885 * bsc#1240966 * bsc#1240998 * bsc#1241166 * bsc#1241200 * bsc#1241345 * bsc#1242086 * bsc#1242414 * bsc#1242837 * bsc#1242960 * bsc#1242965 * bsc#1242993 * bsc#1243042 * bsc#1243068 * bsc#1243100 * bsc#1243479 * bsc#1243669 * bsc#1243678 * bsc#1243806 * bsc#1244309 * bsc#1244457 * bsc#1244735 * bsc#1244749 * bsc#1244750 * bsc#1244792 * bsc#1244801 * bsc#1245084 * bsc#1245151 * bsc#1245201 * bsc#1245202 * bsc#1245216 * bsc#1245260 * bsc#1245431 * bsc#1245440 * bsc#1245457 * bsc#1245498 * bsc#1245499 * bsc#1245504 * bsc#1245506 * bsc#1245508 * bsc#1245510 * bsc#1245540 * bsc#1245598 * bsc#1245599 * bsc#1245621 * bsc#1245646 * bsc#1245647 * bsc#1245649 * bsc#1245650 * bsc#1245654 * bsc#1245658 * bsc#1245660 * bsc#1245664 * bsc#1245665 * bsc#1245666 * bsc#1245668 * bsc#1245669 * bsc#1245670 * bsc#1245671 * bsc#1245675 * bsc#1245676 * bsc#1245677 * bsc#1245679 * bsc#1245682 * bsc#1245683 * bsc#1245684 * bsc#1245686 * bsc#1245688 * bsc#1245689 * bsc#1245690 * bsc#1245691 * bsc#1245695 * bsc#1245705 * bsc#1245708 * bsc#1245711 * bsc#1245713 * bsc#1245714 * bsc#1245719 * bsc#1245723 * bsc#1245729 * bsc#1245730 * bsc#1245731 * bsc#1245735 * bsc#1245737 * bsc#1245744 * bsc#1245745 * bsc#1245746 * bsc#1245747 * bsc#1245748 * bsc#1245749 * bsc#1245750 * bsc#1245751 * bsc#1245752 * bsc#1245757 * bsc#1245758 * bsc#1245765 * bsc#1245768 * bsc#1245769 * bsc#1245777 * bsc#1245781 * bsc#1245789 * bsc#1245812 * bsc#1245937 * bsc#1245945 * bsc#1245951 * bsc#1245952 * bsc#1245954 * bsc#1245955 * bsc#1245957 * bsc#1245966 * bsc#1245970 * bsc#1245976 * bsc#1245980 * bsc#1245983 * bsc#1245986 * bsc#1246000 * bsc#1246002 * bsc#1246006 * bsc#1246008 * bsc#1246020 * bsc#1246023 * bsc#1246029 * bsc#1246031 * bsc#1246037 * bsc#1246041 * bsc#1246042 * bsc#1246044 * bsc#1246045 * bsc#1246047 * bsc#1246049 * bsc#1246050 * bsc#1246055 * bsc#1246073 * bsc#1246093 * bsc#1246098 * bsc#1246109 * bsc#1246113 * bsc#1246122 * bsc#1246125 * bsc#1246134 * bsc#1246171 * bsc#1246173 * bsc#1246178 * bsc#1246179 * bsc#1246182 * bsc#1246183 * bsc#1246186 * bsc#1246188 * bsc#1246195 * bsc#1246203 * bsc#1246212 * bsc#1246217 * bsc#1246220 * bsc#1246236 * bsc#1246240 * bsc#1246243 * bsc#1246244 * bsc#1246246 * bsc#1246249 * bsc#1246250 * bsc#1246253 * bsc#1246258 * bsc#1246262 * bsc#1246264 * bsc#1246266 * bsc#1246268 * bsc#1246273 * bsc#1246283 * bsc#1246285 * bsc#1246286 * bsc#1246287 * bsc#1246290 * bsc#1246292 * bsc#1246293 * bsc#1246295 * bsc#1246297 * bsc#1246333 * bsc#1246334 * bsc#1246337 * bsc#1246342 * bsc#1246349 * bsc#1246354 * bsc#1246358 * bsc#1246361 * bsc#1246364 * bsc#1246370 * bsc#1246375 * bsc#1246384 * bsc#1246385 * bsc#1246386 * bsc#1246387 * bsc#1246438 * bsc#1246443 * bsc#1246449 * bsc#1246453 * bsc#1246473 * bsc#1246490 * bsc#1246506 * bsc#1246547 * bsc#1246644 * bsc#1246777 * bsc#1246781 * bsc#1246870 * bsc#1246879 * bsc#1246911 * bsc#1247018 * bsc#1247021 * bsc#1247023 * bsc#1247028 * bsc#1247031 * bsc#1247033 * bsc#1247035 * bsc#1247061 * bsc#1247062 * bsc#1247064 * bsc#1247079 * bsc#1247089 * bsc#1247091 * bsc#1247097 * bsc#1247098 * bsc#1247101 * bsc#1247103 * bsc#1247104 * bsc#1247113 * bsc#1247118 * bsc#1247123 * bsc#1247125 * bsc#1247128 * bsc#1247132 * bsc#1247138 * bsc#1247141 * bsc#1247143 * bsc#1247145 * bsc#1247146 * bsc#1247147 * bsc#1247149 * bsc#1247150 * bsc#1247151 * bsc#1247152 * bsc#1247153 * bsc#1247154 * bsc#1247156 * bsc#1247160 * bsc#1247164 * bsc#1247169 * bsc#1247170 * bsc#1247171 * bsc#1247172 * bsc#1247174 * bsc#1247176 * bsc#1247177 * bsc#1247178 * bsc#1247181 * bsc#1247209 * bsc#1247210 * bsc#1247227 * bsc#1247233 * bsc#1247234 * bsc#1247236 * bsc#1247238 * bsc#1247241 * bsc#1247251 * bsc#1247252 * bsc#1247253 * bsc#1247255 * bsc#1247265 * bsc#1247271 * bsc#1247273 * bsc#1247274 * bsc#1247276 * bsc#1247277 * bsc#1247278 * bsc#1247279 * bsc#1247282 * bsc#1247284 * bsc#1247285 * bsc#1247288 * bsc#1247289 * bsc#1247293 * bsc#1247308 * bsc#1247311 * bsc#1247314 * bsc#1247317 * bsc#1247347 * bsc#1247348 * bsc#1247349 * bsc#1247374 * bsc#1247437 * bsc#1247450 * bsc#1247712 * bsc#1247831 * jsc#PED-12731 * jsc#PED-12745 Cross-References: * CVE-2019-11135 * CVE-2024-36028 * CVE-2024-36348 * CVE-2024-36349 * CVE-2024-36350 * CVE-2024-36357 * CVE-2024-42134 * CVE-2024-44963 * CVE-2024-56742 * CVE-2024-57947 * CVE-2025-21839 * CVE-2025-21872 * CVE-2025-23163 * CVE-2025-37798 * CVE-2025-37856 * CVE-2025-37864 * CVE-2025-37885 * CVE-2025-37920 * CVE-2025-37984 * CVE-2025-38034 * CVE-2025-38035 * CVE-2025-38047 * CVE-2025-38051 * CVE-2025-38052 * CVE-2025-38058 * CVE-2025-38061 * CVE-2025-38062 * CVE-2025-38063 * CVE-2025-38064 * CVE-2025-38074 * CVE-2025-38084 * CVE-2025-38085 * CVE-2025-38087 * CVE-2025-38088 * CVE-2025-38089 * CVE-2025-38090 * CVE-2025-38091 * CVE-2025-38094 * CVE-2025-38095 * CVE-2025-38097 * CVE-2025-38098 * CVE-2025-38099 * CVE-2025-38100 * CVE-2025-38102 * CVE-2025-38105 * CVE-2025-38106 * CVE-2025-38107 * CVE-2025-38108 * CVE-2025-38109 * CVE-2025-38110 * CVE-2025-38111 * CVE-2025-38112 * CVE-2025-38113 * CVE-2025-38114 * CVE-2025-38115 * CVE-2025-38117 * CVE-2025-38118 * CVE-2025-38120 * CVE-2025-38122 * CVE-2025-38123 * CVE-2025-38124 * CVE-2025-38126 * CVE-2025-38127 * CVE-2025-38129 * CVE-2025-38131 * CVE-2025-38132 * CVE-2025-38135 * CVE-2025-38136 * CVE-2025-38138 * CVE-2025-38142 * CVE-2025-38143 * CVE-2025-38145 * CVE-2025-38147 * CVE-2025-38148 * CVE-2025-38149 * CVE-2025-38151 * CVE-2025-38153 * CVE-2025-38154 * CVE-2025-38155 * CVE-2025-38157 * CVE-2025-38158 * CVE-2025-38159 * CVE-2025-38161 * CVE-2025-38162 * CVE-2025-38165 * CVE-2025-38166 * CVE-2025-38173 * CVE-2025-38174 * CVE-2025-38177 * CVE-2025-38180 * CVE-2025-38181 * CVE-2025-38182 * CVE-2025-38183 * CVE-2025-38186 * CVE-2025-38187 * CVE-2025-38188 * CVE-2025-38189 * CVE-2025-38192 * CVE-2025-38193 * CVE-2025-38194 * CVE-2025-38197 * CVE-2025-38198 * CVE-2025-38200 * CVE-2025-38202 * CVE-2025-38203 * CVE-2025-38204 * CVE-2025-38206 * CVE-2025-38210 * CVE-2025-38211 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38214 * CVE-2025-38215 * CVE-2025-38217 * CVE-2025-38220 * CVE-2025-38222 * CVE-2025-38225 * CVE-2025-38226 * CVE-2025-38227 * CVE-2025-38229 * CVE-2025-38231 * CVE-2025-38236 * CVE-2025-38238 * CVE-2025-38239 * CVE-2025-38244 * CVE-2025-38246 * CVE-2025-38248 * CVE-2025-38249 * CVE-2025-38250 * CVE-2025-38256 * CVE-2025-38257 * CVE-2025-38259 * CVE-2025-38264 * CVE-2025-38265 * CVE-2025-38268 * CVE-2025-38272 * CVE-2025-38273 * CVE-2025-38275 * CVE-2025-38277 * CVE-2025-38279 * CVE-2025-38283 * CVE-2025-38286 * CVE-2025-38287 * CVE-2025-38288 * CVE-2025-38289 * CVE-2025-38290 * CVE-2025-38291 * CVE-2025-38292 * CVE-2025-38293 * CVE-2025-38299 * CVE-2025-38300 * CVE-2025-38303 * CVE-2025-38304 * CVE-2025-38305 * CVE-2025-38307 * CVE-2025-38310 * CVE-2025-38312 * CVE-2025-38313 * CVE-2025-38315 * CVE-2025-38317 * CVE-2025-38319 * CVE-2025-38323 * CVE-2025-38326 * CVE-2025-38328 * CVE-2025-38332 * CVE-2025-38334 * CVE-2025-38335 * CVE-2025-38336 * CVE-2025-38337 * CVE-2025-38338 * CVE-2025-38342 * CVE-2025-38343 * CVE-2025-38344 * CVE-2025-38345 * CVE-2025-38348 * CVE-2025-38349 * CVE-2025-38350 * CVE-2025-38352 * CVE-2025-38353 * CVE-2025-38354 * CVE-2025-38355 * CVE-2025-38356 * CVE-2025-38361 * CVE-2025-38362 * CVE-2025-38363 * CVE-2025-38364 * CVE-2025-38365 * CVE-2025-38369 * CVE-2025-38371 * CVE-2025-38373 * CVE-2025-38375 * CVE-2025-38376 * CVE-2025-38377 * CVE-2025-38380 * CVE-2025-38382 * CVE-2025-38384 * CVE-2025-38385 * CVE-2025-38386 * CVE-2025-38387 * CVE-2025-38389 * CVE-2025-38391 * CVE-2025-38392 * CVE-2025-38393 * CVE-2025-38395 * CVE-2025-38396 * CVE-2025-38399 * CVE-2025-38400 * CVE-2025-38401 * CVE-2025-38403 * CVE-2025-38404 * CVE-2025-38406 * CVE-2025-38409 * CVE-2025-38410 * CVE-2025-38412 * CVE-2025-38414 * CVE-2025-38415 * CVE-2025-38416 * CVE-2025-38417 * CVE-2025-38420 * CVE-2025-38424 * CVE-2025-38425 * CVE-2025-38426 * CVE-2025-38427 * CVE-2025-38428 * CVE-2025-38429 * CVE-2025-38430 * CVE-2025-38436 * CVE-2025-38443 * CVE-2025-38448 * CVE-2025-38449 * CVE-2025-38453 * CVE-2025-38455 * CVE-2025-38457 * CVE-2025-38460 * CVE-2025-38461 * CVE-2025-38462 * CVE-2025-38463 * CVE-2025-38465 * CVE-2025-38467 * CVE-2025-38468 * CVE-2025-38470 * CVE-2025-38471 * CVE-2025-38473 * CVE-2025-38474 * CVE-2025-38475 * CVE-2025-38476 * CVE-2025-38477 * CVE-2025-38478 * CVE-2025-38480 * CVE-2025-38481 * CVE-2025-38482 * CVE-2025-38483 * CVE-2025-38485 * CVE-2025-38487 * CVE-2025-38489 * CVE-2025-38494 * CVE-2025-38495 * CVE-2025-38496 * CVE-2025-38497 * CVE-2025-38498 CVSS scores: * CVE-2019-11135 ( SUSE ): 6.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2019-11135 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36348 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36349 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36350 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36357 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-42134 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42134 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42134 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44963 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-44963 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56742 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56742 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57947 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57947 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21872 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23163 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23163 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37856 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37856 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37864 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37920 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37920 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-37984 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-37984 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38034 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38034 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38035 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38035 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38047 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38047 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38051 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38052 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38058 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38058 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38061 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38062 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38062 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38063 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38063 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38064 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38064 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38074 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38084 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38084 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38085 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38085 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38087 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38088 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38088 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38089 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38089 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38090 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38090 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38091 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38091 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38095 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38097 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38097 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38098 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38098 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38099 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38099 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38100 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38102 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38102 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38105 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38105 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38106 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38106 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38107 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38107 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38108 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38108 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38109 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38109 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38110 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38110 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38111 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38111 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38112 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38112 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38113 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38114 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38114 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38115 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38115 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38117 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38117 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38118 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38120 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-38120 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-38122 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38123 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38124 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38126 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38126 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38127 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38127 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38129 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38129 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38131 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38131 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38132 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38132 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38135 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38136 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38138 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38142 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38142 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38143 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38143 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38145 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38145 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38147 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38148 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38149 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38149 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38151 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38151 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38153 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38153 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38154 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38154 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38155 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38155 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38157 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38157 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38158 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38158 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38159 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38159 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38161 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38162 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38165 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38166 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38166 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38173 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38173 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38174 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38174 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38180 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38180 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38182 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38183 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38183 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38186 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38186 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38187 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38187 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38188 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38189 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38189 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38192 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38192 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38193 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38193 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38194 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38197 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38197 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38198 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38203 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38203 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38204 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38204 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38206 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38206 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38211 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38211 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38214 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38214 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38215 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38217 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38217 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38220 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38220 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38222 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-38222 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2025-38225 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38226 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38226 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38227 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38227 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38229 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38229 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-38231 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38231 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38238 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38238 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38239 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38239 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38244 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38244 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38246 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38248 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38248 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38249 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38249 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38250 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38250 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38256 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38256 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38257 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38259 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38259 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38264 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38265 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38265 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38268 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38268 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38272 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38273 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38273 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38275 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38277 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38277 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38279 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38279 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38283 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38283 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38286 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38286 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38287 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38288 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38289 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38289 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38290 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38290 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38291 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38291 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38292 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38292 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38293 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38293 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38299 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38299 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38300 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38300 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38303 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38303 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38304 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38305 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38307 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38310 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38310 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38312 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38313 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38315 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38315 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38317 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-38317 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2025-38319 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38323 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38323 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38326 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38326 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38328 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38332 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38334 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38334 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38335 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38335 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38336 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38337 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38338 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38338 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38342 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-38344 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38344 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38345 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38345 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38348 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38349 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38349 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38350 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38350 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38352 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38352 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38353 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38353 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38354 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38354 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38355 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38355 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38356 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38356 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38361 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38361 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38362 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38363 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38364 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38364 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38365 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38365 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38369 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38369 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38371 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38371 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38373 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38373 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38375 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38376 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38376 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38377 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38377 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38380 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38380 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38382 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38382 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38384 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38384 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38385 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38385 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38386 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38386 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38387 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38387 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38389 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38389 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38391 ( SUSE ): 5.2 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38391 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38392 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38392 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38393 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38393 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38395 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38395 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38396 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38396 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38399 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38399 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38400 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38400 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38401 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38401 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38403 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38406 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38406 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38409 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38409 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38410 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38410 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38412 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38412 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38414 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38414 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38415 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38415 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38416 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38416 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38417 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38417 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38425 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38425 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38426 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38426 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38427 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38427 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38428 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38428 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38429 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38429 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38430 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38430 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38436 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38436 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38448 ( SUSE ): 4.1 CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38448 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38453 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38453 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38455 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38455 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38457 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38457 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38460 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38460 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38461 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38461 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38462 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38462 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38463 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38463 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38465 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38465 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38467 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38467 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38470 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38471 ( SUSE ): 8.4 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38471 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2025-38473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38474 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38474 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38475 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38475 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38476 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38476 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38477 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38477 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38478 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38478 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38480 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38480 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38481 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38481 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38482 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38482 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38483 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38483 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38485 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38485 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38487 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38487 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38489 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38489 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38496 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38496 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38497 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38497 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38498 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38498 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Real Time Module 15-SP7 An update that solves 260 vulnerabilities, contains two features and has 46 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: \- CVE-2024-36028: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() (bsc#1225707). \- CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357: x86/process: Move the buffer clearing before MONITOR (bsc#1238896). \- CVE-2024-42134: virtio-pci: Check if is_avq is NULL (bsc#1228664 bsc#1247831). \- CVE-2024-44963: btrfs: do not BUG_ON() when freeing tree block after error (bsc#1230216). \- CVE-2024-56742: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() (bsc#1235613). \- CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061). \- CVE-2025-21872: efi/mokvar-table: Avoid repeated map/unmap of the same page (bsc#1240323). \- CVE-2025-23163: net: vlan: do not propagate flags on open (bsc#1242837). \- CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068). \- CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965). \- CVE-2025-37885: KVM: x86: Reset IRTE to host control if _new_ route isn't postable (bsc#1242960). \- CVE-2025-37920: kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (bsc#1243479). \- CVE-2025-37984: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (bsc#1243669). \- CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792). \- CVE-2025-38035: nvmet-tcp: do not restore null sk_state_change (bsc#1244801). \- CVE-2025-38047: x86/fred: Fix system hang during S4 resume with FRED enabled (bsc#1245084). \- CVE-2025-38051: smb: client: Fix use-after-free in cifs_fill_dirent (bsc#1244750). \- CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151). \- CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() (bsc#1245440). \- CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216). \- CVE-2025-38063: dm: fix unconditional IO throttle caused by REQ_PREFLUSH (bsc#1245202). \- CVE-2025-38064: virtio: break and reset virtio devices on device_shutdown() (bsc#1245201). \- CVE-2025-38074: vhost-scsi: protect vq->log_used with vq->mutex (bsc#1244735). \- CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macb_halt_tx (bsc#1245649). \- CVE-2025-38097: kabi: restore encap_sk in struct xfrm_state (bsc#1245660). \- CVE-2025-38098: drm/amd/display: Do not treat wb connector as physical in (bsc#1245654). \- CVE-2025-38099: Bluetooth: btusb: Fix regression in the initialization of fake Bluetooth controllers (bsc#1245671). \- CVE-2025-38100: x86/iopl: Cure TIF_IO_BITMAP inconsistencies (bsc#1245650). \- CVE-2025-38105: ALSA: usb-audio: Kill timer properly at removal (bsc#1245682). \- CVE-2025-38106: io_uring/sqpoll: do not put task_struct on tctx setup failure (bsc#1245664). \- CVE-2025-38115: net_sched: sch_sfq: fix a potential crash on gso_skb handling (bsc#1245689). \- CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695). \- CVE-2025-38126: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (bsc#1245708). \- CVE-2025-38131: coresight: prevent deactivate active config while enabling the config (bsc#1245677). \- CVE-2025-38132: coresight: holding cscfg_csdev_lock while removing cscfg from csdev (bsc#1245679). \- CVE-2025-38147: calipso: unlock rcu before returning -EAFNOSUPPORT (bsc#1245768). \- CVE-2025-38158: hisi_acc_vfio_pci: fix XQE dma address error (bsc#1245750). \- CVE-2025-38162: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (bsc#1245752). \- CVE-2025-38166: bpf: fix ktls panic with sockmap (bsc#1245758). \- CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970). \- CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937). \- CVE-2025-38183: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (bsc#1246006). \- CVE-2025-38187: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951). \- CVE-2025-38188: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (bsc#1246098). \- CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045). \- CVE-2025-38202: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980). \- CVE-2025-38203: jfs: Fix null- ptr-deref in jfs_ioc_trim (bsc#1246044). \- CVE-2025-38204: jfs: fix array- index-out-of-bounds read in add_missing_indices (bsc#1245983). \- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073). \- CVE-2025-38210: configfs-tsm-report: Fix NULL dereference of tsm_ops (bsc#1246020). \- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029). \- CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966). \- CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976). \- CVE-2025-38236: af_unix: Disable MSG_OOB for unprivileged users (bsc#1246093). \- CVE-2025-38239: scsi: megaraid_sas: Fix invalid node index (bsc#1246178). \- CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183). \- CVE-2025-38248: bridge: mcast: Fix use-after-free during router port configuration (bsc#1246173). \- CVE-2025-38250: kABI workaround for bluetooth hci_dev changes (bsc#1246182). \- CVE-2025-38256: io_uring/rsrc: fix folio unpinning (bsc#1246188). \- CVE-2025-38264: llist: add interface to check if a node is on a list (bsc#1246387). \- CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268). \- CVE-2025-38279: selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264). \- CVE-2025-38283: hisi_acc_vfio_pci: bugfix live migration function without VF device driver (bsc#1246273). \- CVE-2025-38303: Bluetooth: eir: Fix possible crashes on eir_create_adv_data (bsc#1246354). \- CVE-2025-38310: seg6: Fix validation of nexthop addresses (bsc#1246361). \- CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473). \- CVE-2025-38334: x86/sgx: Prevent attempts to reclaim poisoned pages (bsc#1246384). \- CVE-2025-38335: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (bsc#1246250). \- CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253). \- CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777). \- CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781). \- CVE-2025-38352: posix-cpu- timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911). \- CVE-2025-38364: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (bsc#1247091). \- CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023). \- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177). \- CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031). \- CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169). \- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156). \- CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (bsc#1247097). \- CVE-2025-38403: vsock/vmci: Clear the vmci transport packet properly when initializing it (bsc#1247141). \- CVE-2025-38414: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (bsc#1247145). \- CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252). \- CVE-2025-38429: bus: mhi: ep: Update read pointer only after buffer is written (bsc#1247253). \- CVE-2025-38453: kABI: io_uring: msg_ring ensure io_kiocb freeing is deferred (bsc#1247234). \- CVE-2025-38455: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (bsc#1247101). \- CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098). \- CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143). \- CVE-2025-38461: vsock: Fix transport_* TOCTOU (bsc#1247103). \- CVE-2025-38462: vsock: Fix transport_{g2h,h2g} TOCTOU (bsc#1247104). \- CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113). \- CVE-2025-38465: netlink: make sure we allow at least one dump skb (bsc#1247118). \- CVE-2025-38470: kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (bsc#1247288). \- CVE-2025-38471: tls: always refresh the queue when reading sock (bsc#1247450). \- CVE-2025-38475: smc: Fix various oops due to inet_sock type confusion (bsc#1247308). \- CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). \- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374). The following non-security bugs were fixed: * Enable SMC_LO (a.k.a SMC-D) (jsc#PED-13248). * Fix dma_unmap_sg() nents value (git-fixes) * Logitech C-270 even more broken (stable-fixes). * Re-enable qmi_wwan for arm64 (bsc#1246113) * Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes). * Revert "ACPI: battery: negate current when discharging" (stable-fixes). * Revert "cgroup_freezer: cgroup_freezing: Check if not frozen" (bsc#1219338). * Revert "drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1" (stable-fixes). * Revert "drm/nouveau: check ioctl command codes better" (git-fixes). * Revert "drm/xe/xe2: Enable Indirect Ring State support for Xe2" (git-fixes). * Revert "mmc: sdhci: Disable SD card clock before changing parameters" (git- fixes). * Revert "usb: xhci: Implement xhci_handshake_check_state() helper" (git- fixes). * Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" (stable-fixes). * Update config files. config/x86_64/default config/arm64/default CONFIG_INTEGRITY_MACHINE_KEYRING=y +CONFIG_INTEGRITY_CA_MACHINE_KEYRING=y +CONFIG_INTEGRITY_CA_MACHINE_KEYRING_MAX=y +CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y (bsc#1243678) * accel/ivpu: Remove copy engine support (stable-fixes). * acpi: LPSS: Remove AudioDSP related ID (git-fixes). * acpi: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122). * acpi: processor: perflib: Fix initial _PPC limit application (git-fixes). * acpica: Refuse to evaluate a method if arguments are missing (stable-fixes). * af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes). * af_unix: Add a prompt to CONFIG_AF_UNIX_OOB (bsc#1246093). * alsa: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes). * alsa: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable- fixes). * alsa: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable- fixes). * alsa: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes). * alsa: hda/realtek: Fix mute LED mask on HP OMEN 16 laptop (git-fixes). * alsa: hda/tegra: Add Tegra264 support (stable-fixes). * alsa: hda: Add missing NVIDIA HDA codec IDs (stable-fixes). * alsa: hda: Add new pci id for AMD GPU display HD audio controller (stable- fixes). * alsa: hda: Ignore unsol events for cards being shut down (stable-fixes). * alsa: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git- fixes). * alsa: sb: Do not allow changing the DMA mode during operations (stable- fixes). * alsa: sb: Force to disable DMAs once when DMA mode is changed (stable- fixes). * alsa: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes). * amd/amdkfd: fix a kfd_process ref leak (stable-fixes). * aoe: clean device rq_list in aoedev_downdev() (git-fixes). * apple-mfi-fastcharge: protect first device name (git-fixes). * asoc: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes). * asoc: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes). * asoc: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable- fixes). * asoc: amd: yc: update quirk data for HP Victus (stable-fixes). * asoc: codec: wcd9335: Convert to GPIO descriptors (stable-fixes). * asoc: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes). * asoc: codecs: wcd9335: Handle nicer probe deferral and simplify with dev_err_probe() (stable-fixes). * asoc: cs35l56: probe() should fail if the device ID is not recognized (git- fixes). * asoc: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git- fixes). * asoc: fsl_sai: Force a software reset when starting in consumer mode (git- fixes). * asoc: fsl_xcvr: get channel status data when PHY is not exists (git-fixes). * asoc: mediatek: use reserved memory or enable buffer pre-allocation (git- fixes). * asoc: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes). * asoc: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git- fixes). * ata: pata_cs5536: fix build on 32-bit UML (stable-fixes). * audit,module: restore audit logging in load failure case (git-fixes). * bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes). * bluetooth: HCI: Set extended advertising data synchronously (git-fixes). * bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes). * bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes). * bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT (git-fixes). * bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes). * bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes). * bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes). * bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes). * bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes). * bluetooth: btintel: Check if controller is ISO capable on btintel_classify_pkt_type (git-fixes). * bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes). * bluetooth: hci_conn: Fix sending BT_HCI_CMD_LE_CREATE_CONN_CANCEL (git- fixes). * bluetooth: hci_core: add missing braces when using macro parameters (git- fixes). * bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git- fixes). * bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes). * bluetooth: hci_sync: Attempt to dequeue connection attempt (git-fixes). * bluetooth: hci_sync: Fix UAF on create_le_conn_complete (git-fixes). * bluetooth: hci_sync: Fix handling of HCI_OP_CREATE_CONN_CANCEL (git-fixes). * bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes). * bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes). * bluetooth: hci_sync: revert some mesh modifications (git-fixes). * bnxt_en: Fix double invocation of bnxt_ulp_stop()/bnxt_ulp_start() (git- fixes). * bonding: Correctly support GSO ESP offload (git-fixes). * bpf, sockmap: Fix sk_msg_reset_curr (git-fixes). * bpf/lpm_trie: Inline longest_prefix_match for fastpath (git-fixes). * bpf/selftests: Check errno when percpu map value size exceeds (git-fixes). * bpf: Add a possibly-zero-sized read test (git-fixes). * bpf: Avoid **hidden** attribute in static object (git-fixes). * bpf: Check percpu map value size first (git-fixes). * bpf: Disable some `attribute ignored' warnings in GCC (git-fixes). * bpf: Fix memory leak in bpf_core_apply (git-fixes). * bpf: Fix potential integer overflow in resolve_btfids (git-fixes). * bpf: Harden __bpf_kfunc tag against linker kfunc removal (git-fixes). * bpf: Make the pointer returned by iter next method valid (git-fixes). * bpf: Simplify checking size of helper accesses (git-fixes). * bpf: fix order of args in call to bpf_map_kvcalloc (git-fixes). * bpf: sockmap, updating the sg structure should also update curr (git-fixes). * bpftool: Fix missing pids during link show (git-fixes). * bpftool: Fix undefined behavior caused by shifting into the sign bit (git- fixes). * bpftool: Mount bpffs on provided dir instead of parent dir (git-fixes). * bpftool: Remove unnecessary source files from bootstrap version (git-fixes). * bpftool: Un-const bpf_func_info to fix it for llvm 17 and newer (git-fixes). * btrfs: do not ignore inode missing when replaying log tree (git-fixes). * btrfs: do not silently ignore unexpected extent type when replaying log (git-fixes). * btrfs: do not skip remaining extrefs if dir not found during log replay (git-fixes). * btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068) * btrfs: fix assertion when building free space tree (git-fixes). * btrfs: fix inode lookup error handling during log replay (git-fixes). * btrfs: fix invalid inode pointer dereferences during log replay (git-fixes). * btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes). * btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes). * btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes). * btrfs: fix ssd_spread overallocation (git-fixes). * btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068) * btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes). * btrfs: rename err to ret in btrfs_rmdir() (git-fixes). * btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes). * btrfs: return a btrfs_inode from read_one_inode() (git-fixes). * btrfs: tests: fix chunk map leak after failure to add it to the tree (git- fixes). * btrfs: update superblock's device bytes_used when dropping chunk (git- fixes). * btrfs: use NOFS context when getting inodes during logging and log replay (git-fixes). * btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes). * bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes). * bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes). * can: dev: can_restart(): move debug message and stats after successful restart (stable-fixes). * can: dev: can_restart(): reverse logic to remove need for goto (stable- fixes). * can: kvaser_pciefd: Store device channel index (git-fixes). * can: kvaser_usb: Assign netdev.dev_port based on device channel index (git- fixes). * can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes). * can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes). * can: peak_usb: fix USB FD devices potential malfunction (git-fixes). * cdc-acm: fix race between initial clearing halt and open (git-fixes). * cgroup,freezer: fix incomplete freezing when attaching tasks (bsc#1245789). * cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166). * cifs: reconnect helper should set reconnect for the right channel (git- fixes). * clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes). * clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes). * clk: sunxi-ng: v3s: Fix de clock definition (git-fixes). * clk: xilinx: vcu: unregister pll_post only if registered correctly (git- fixes). * clocksource: Scale the watchdog read retries automatically (bsc#1241345 bsc#1244457). * clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin (bsc#1241345 bsc#1244457). * comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes). * comedi: Fix initialization of data for instructions that write to subdevice (git-fixes). * comedi: Fix some signed shift left operations (git-fixes). * comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes). * comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes). * comedi: das16m1: Fix bit shift out of bounds (git-fixes). * comedi: das6402: Fix bit shift out of bounds (git-fixes). * comedi: pcl812: Fix bit shift out of bounds (git-fixes). * compiler_types.h: Define **retain for __attribute** (( **retain** )) (git- fixes). * crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes). * crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes). * crypto: ccp - Fix locking on alloc failure handling (git-fixes). * crypto: hkdf - skip TVs with unapproved salt lengths in FIPS mode (bsc#1241200 bsc#1246134). * crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes). * crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes). * crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes). * crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes). * crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes). * crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes). * crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes). * crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes). * crypto: qat - fix state restore for banks with exceptions (git-fixes). * crypto: qat - flush misc workqueue during device shutdown (git-fixes). * crypto: qat - use unmanaged allocation for dc_data (git-fixes). * crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes). * dax: add a sysfs knob to control memmap_on_memory behavior (bsc#1235515,jsc#PED-12731). * devlink: Add support for u64 parameters (jsc#PED-12745). * devlink: avoid param type value translations (jsc#PED-12745). * devlink: define enum for attr types of dynamic attributes (jsc#PED-12745). * devlink: define enum for attr types of dynamic attributes (jsc#PED-12745). * devlink: introduce devlink_nl_put_u64() (jsc#PED-12745). * dm-bufio: fix sched in atomic context (git-fixes). * dm-flakey: error all IOs when num_features is absent (git-fixes). * dm-flakey: make corrupting read bios work (git-fixes). * dm-mirror: fix a tiny race condition (git-fixes). * dm-raid: fix variable in journal device check (git-fixes). * dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes). * dm: do not change md if dm_table_set_restrictions() fails (git-fixes). * dm: free table mempools if not used in __bind (git-fixes). * dm: restrict dm device size to 2^63-512 bytes (git-fixes). * dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes). * dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes). * dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes). * dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git- fixes). * dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes). * dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes). * dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes). * dmaengine: xilinx_dma: Set dma_device directions (stable-fixes). * docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes). * documentatiion/ABI: add ABI documentation for sys-bus-dax (bsc#1235515,jsc#PED-12731). * documentation: ACPI: Fix parent device references (git-fixes). * documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes). * dpll: Add basic Microchip ZL3073x support (jsc#PED-12745). * dpll: zl3073x: Add support to get/set frequency on pins (jsc#PED-12745). * dpll: zl3073x: Add support to get/set frequency on pins (jsc#PED-12745). * dpll: zl3073x: Add support to get/set priority on input pins (jsc#PED-12745). * dpll: zl3073x: Add support to get/set priority on input pins (jsc#PED-12745). * dpll: zl3073x: Fetch invariants during probe (jsc#PED-12745). * dpll: zl3073x: Implement input pin selection in manual mode (jsc#PED-12745). * dpll: zl3073x: Implement input pin selection in manual mode (jsc#PED-12745). * dpll: zl3073x: Implement input pin state setting in automatic mode (jsc#PED-12745). * dpll: zl3073x: Implement input pin state setting in automatic mode (jsc#PED-12745). * dpll: zl3073x: Read DPLL types and pin properties from system firmware (jsc#PED-12745). * dpll: zl3073x: Read DPLL types and pin properties from system firmware (jsc#PED-12745). * dpll: zl3073x: Register DPLL devices and pins (jsc#PED-12745). * drm/amd/display: Check dce_hwseq before dereferencing it (stable-fixes). * drm/amd/display: Correct non-OLED pre_T11_delay (stable-fixes). * drm/amd/display: Disable CRTC degamma LUT for DCN401 (stable-fixes). * drm/amd/display: Do not overwrite dce60_clk_mgr (git-fixes). * drm/amd/display: Fix RMCM programming seq errors (stable-fixes). * drm/amd/display: Fix mpv playback corruption on weston (stable-fixes). * drm/amd/display: Free memory allocation (stable-fixes). * drm/amd/display: fix initial backlight brightness calculation (git-fixes). * drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git- fixes). * drm/amdgpu/discovery: use specific ip_discovery.bin for legacy asics (stable-fixes). * drm/amdgpu/gfx10: fix kiq locking in KCQ reset (git-fixes). * drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes). * drm/amdgpu/gfx9.4.3: fix kiq locking in KCQ reset (git-fixes). * drm/amdgpu/gfx9: fix kiq locking in KCQ reset (git-fixes). * drm/amdgpu/ip_discovery: add missing ip_discovery fw (stable-fixes). * drm/amdgpu: Add kicker device detection (stable-fixes). * drm/amdgpu: Fix SDMA UTC_L1 handling during start/stop sequences (stable- fixes). * drm/amdgpu: Increase reset counter only on success (stable-fixes). * drm/amdgpu: Initialize data to NULL in imu_v12_0_program_rlc_ram() (git- fixes). * drm/amdgpu: Remove nbiov7.9 replay count reporting (git-fixes). * drm/amdgpu: Reset the clear flag in buddy during resume (git-fixes). * drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes). * drm/amdgpu: seq64 memory unmap uses uninterruptible lock (stable-fixes). * drm/amdkfd: Do not call mmput from MMU notifier callback (git-fixes). * drm/amdkfd: Fix instruction hazard in gfx12 trap handler (stable-fixes). * drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes). * drm/amdkfd: remove gfx 12 trap handler page size cap (stable-fixes). * drm/bridge: aux-hpd-bridge: fix assignment of the of_node (git-fixes). * drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes). * drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git- fixes). * drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes). * drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes). * drm/connector: hdmi: Evaluate limited range after computing format (git- fixes). * drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes). * drm/exynos: fimd: Guard display clock control with runtime PM calls (git- fixes). * drm/framebuffer: Acquire internal references on GEM handles (git-fixes). * drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes). * drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes). * drm/i915/display: Fix dma_fence_wait_timeout() return value handling (git- fixes). * drm/i915/dsi: Fix off by one in BXT_MIPI_TRANS_VTOTAL (stable-fixes). * drm/i915/gsc: mei interrupt top half should be in irq disabled context (git- fixes). * drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes). * drm/i915/selftests: Change mock_request() to return error pointers (git- fixes). * drm/imagination: Fix kernel crash when hard resetting the GPU (git-fixes). * drm/mediatek: Add wait_event_timeout when disabling plane (git-fixes). * drm/mediatek: only announce AFBC if really supported (git-fixes). * drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes). * drm/msm: Fix a fence leak in submit error path (stable-fixes). * drm/msm: Fix another leak in the submit error path (stable-fixes). * drm/nouveau: check ioctl command codes better (git-fixes). * drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes). * drm/panthor: Add missing explicit padding in drm_panthor_gpu_info (git- fixes). * drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes). * drm/sched: Increment job count before swapping tail spsc queue (git-fixes). * drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes). * drm/scheduler: signal scheduled fence when kill job (stable-fixes). * drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes). * drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes). * drm/v3d: Disable interrupts before resetting the GPU (git-fixes). * drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes). * drm/xe/bmg: fix compressed VRAM handling (git-fixes). * drm/xe/guc: Dead CT helper (stable-fixes). * drm/xe/guc: Explicitly exit CT safe mode on unwind (git-fixes). * drm/xe/guc_submit: add back fix (git-fixes). * drm/xe/mocs: Initialize MOCS index early (stable-fixes). * drm/xe/pf: Clear all LMTT pages on alloc (git-fixes). * drm/xe/pf: Move VFs reprovisioning to worker (stable-fixes). * drm/xe/pf: Prepare to stop SR-IOV support prior GT reset (git-fixes). * drm/xe/pf: Sanitize VF scratch registers on FLR (stable-fixes). * drm/xe/pm: Correct comment of xe_pm_set_vram_threshold() (git-fixes). * drm/xe/uapi: Correct sync type definition in comments (git-fixes). * drm/xe/vf: Disable CSC support on VF (git-fixes). * drm/xe: Allocate PF queue size on pow2 boundary (git-fixes). * drm/xe: Allow bo mapping on multiple ggtts (stable-fixes). * drm/xe: Fix DSB buffer coherency (stable-fixes). * drm/xe: Fix build without debugfs (git-fixes). * drm/xe: Fix early wedge on GuC load failure (git-fixes). * drm/xe: Fix taking invalid lock on wedge (stable-fixes). * drm/xe: Move DSB l2 flush to a more sensible place (git-fixes). * drm/xe: Replace double space with single space after comma (stable-fixes). * drm/xe: add interface to request physical alignment for buffer objects (stable-fixes). * drm/xe: move DPT l2 flush to a more sensible place (git-fixes). * dt-bindings: dpll: Add DPLL device and pin (jsc#PED-12745). * dt-bindings: dpll: Add support for Microchip Azurite chip family (jsc#PED-12745). * dt-bindings: dpll: Add support for Microchip Azurite chip family (jsc#PED-12745). * e1000: Move cancel_work_sync to avoid deadlock (git-fixes). * exfat: fdatasync flag should be same like generic_write_sync() (git-fixes). * fbcon: Fix outdated registered_fb reference in comment (git-fixes). * fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes). * firewire: ohci: correct code comments about bus_reset tasklet (git-fixes). * fs/jfs: consolidate sanity checking in dbMount (git-fixes). * fs/orangefs: Allow 2 more characters in do_c_string() (git-fixes). * gpio: mlxbf2: use platform_get_irq_optional() (git-fixes). * gpio: pca953x: log an error when failing to get the reset GPIO (git-fixes). * gpio: sim: include a missing header (git-fixes). * gpio: vf610: add locking to gpio direction functions (git-fixes). * gpio: virtio: Fix config space reading (git-fixes). * gpiolib: Fix debug messaging in gpiod_find_and_request() (git-fixes). * gpiolib: Handle no pin_ranges in gpiochip_generic_config() (git-fixes). * gpiolib: acpi: Do not use GPIO chip fwnode in acpi_gpiochip_find() (bsc#1233300). * gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match (bsc#1233300). * gpiolib: cdev: Ignore reconfiguration without direction (git-fixes). * gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes). * hfs: make splice write available again (git-fixes). * hfsplus: make splice write available again (git-fixes). * hfsplus: remove mutex_lock check in hfsplus_free_extents (git-fixes). * hid: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes). * hid: core: do not bypass hid_hw_raw_request (stable-fixes). * hid: core: ensure __hid_request reserves the report ID as the first byte (git-fixes). * hid: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes). * hid: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable- fixes). * hid: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable- fixes). * hv_netvsc: Use VF's tso_max_size value when data path is VF (bsc#1246203). * hwmon: (corsair-cpro) Validate the size of the received input buffer (git- fixes). * hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes). * hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes). * hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes). * i2c/designware: Fix an initialization issue (git-fixes). * i2c: qup: jump out of the loop in case of timeout (git-fixes). * i2c: stm32: fix the device used for the DMA map (git-fixes). * i2c: tegra: Fix reset error handling with ACPI (git-fixes). * i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes). * i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes). * ib/mlx5: Fix potential deadlock in MR deregistration (git-fixes) * ice, irdma: fix an off by one in error handling code (bsc#1247712). * ice, irdma: move interrupts code to irdma (bsc#1247712). * ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712). * ice: count combined queues using Rx/Tx count (bsc#1247712). * ice: devlink PF MSI-X max and min parameter (bsc#1247712). * ice: enable_rdma devlink param (bsc#1247712). * ice: fix eswitch code memory leak in reset scenario (git-fixes). * ice: get rid of num_lan_msix field (bsc#1247712). * ice: init flow director before RDMA (bsc#1247712). * ice: remove splitting MSI-X between features (bsc#1247712). * ice: simplify VF MSI-X managing (bsc#1247712). * ice: treat dyn_allowed only as suggestion (bsc#1247712). * iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git- fixes). * iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes). * iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable- fixes). * iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes). * iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes). * iio: adc: max1363: Reorder mode_list[] entries (stable-fixes). * iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes). * iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes). * iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes). * input: iqs7222 - explicitly define number of external channels (git-fixes). * input: xpad - adjust error handling for disconnect (git-fixes). * input: xpad - set correct controller type for Acer NGR200 (git-fixes). * input: xpad - support Acer NGR 200 Controller (stable-fixes). * io_uring/timeout: fix multishot updates (bsc#1247021). * io_uring: fix potential page leak in io_sqe_buffer_register() (git-fixes). * iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes). * iommu/amd: Set the pgsize_bitmap correctly (git-fixes). * iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes). * iommu/tegra241-cmdqv: Read SMMU IDR1.CMDQS instead of hardcoding (git- fixes). * iommu/vt-d: Fix possible circular locking dependency (git-fixes). * iommu/vt-d: Fix system hang on reboot -f (git-fixes). * ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes). * ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (git-fixes). * ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes). * ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes). * irdma: free iwdev->rf after removing MSI-X (bsc#1247712). * iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes). * jfs: fix metapage reference count leak in dbAllocCtl (git-fixes). * kABI fix after KVM: SVM: Fix SNP AP destroy race with VMRUN (git-fixes). * kABI fixes for struct memory_block changes (bsc#1235515,jsc#PED-12731). * kABI fixes for struct memory_block changes (bsc#1235515,jsc#PED-12731). * kABI workaround for fw_attributes_class_get() (stable-fixes). * kABI workaround for struct drm_framebuffer changes (git-fixes). * kABI: Fix the module::name type in audit_context (git-fixes). * kabi/severities: ignore two unused/dropped symbols from MEI * kabi: Hide adding of u64 to devlink_param_type (jsc#PED-12745). * kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes). * kernel-syms.spec: Drop old rpm release number hack (bsc#1247172). * kvm: SVM: Fix SNP AP destroy race with VMRUN (git-fixes). * leds: multicolor: Fix intensity setting while SW blinking (stable-fixes). * lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1236897). * lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897). * maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes). * md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes). * media: gspca: Add bounds checking to firmware parser (git-fixes). * media: hi556: correct the test pattern configuration (git-fixes). * media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes). * media: ipu6: isys: Use correct pads for xlate_streams() (git-fixes). * media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls (git-fixes). * media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes). * media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git- fixes). * media: usbtv: Lock resolution while streaming (git-fixes). * media: uvcvideo: Do not mark valid metadata as invalid (git-fixes). * media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git- fixes). * media: v4l2-ctrls: Do not reset handler's error in v4l2_ctrl_handler_free() (git-fixes). * media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes). * media: venus: Add a check for packet size after reading from shared memory (git-fixes). * media: venus: hfi: explicitly release IRQ during teardown (git-fixes). * media: venus: protect against spurious interrupts during probe (git-fixes). * media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git- fixes). * media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git- fixes). * media: verisilicon: Fix AV1 decoder clock frequency (git-fixes). * media: vivid: fix wrong pixel_array control size (git-fixes). * mei: vsc: Destroy mutex after freeing the IRQ (git-fixes). * mei: vsc: Do not re-init VSC from mei_vsc_hw_reset() on stop (git-fixes). * mei: vsc: Drop unused vsc_tp_request_irq() and vsc_tp_free_irq() (stable- fixes). * mei: vsc: Event notifier fixes (git-fixes). * mei: vsc: Fix "BUG: Invalid wait context" lockdep error (git-fixes). * mei: vsc: Run event callback from a workqueue (git-fixes). * mei: vsc: Unset the event callback on remove and probe errors (git-fixes). * memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git- fixes). * mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes). * misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes). * mm/memory_hotplug: allow architecture to override memmap on memory support check (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: allow architecture to override memmap on memory support check (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: allow memmap on memory hotplug request to fallback (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: allow memmap on memory hotplug request to fallback (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: embed vmem_altmap details in memory block (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: embed vmem_altmap details in memory block (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: export mhp_supports_memmap_on_memory() (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: fix memmap_on_memory sysfs value retrieval (git-fixes). * mm/memory_hotplug: replace an open-coded kmemdup() in (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: simplify ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE kconfig (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: simplify ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE kconfig (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: split memmap_on_memory requests across memblocks (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: support memmap_on_memory when memmap is not aligned to pageblocks (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: support memmap_on_memory when memmap is not aligned to pageblocks (bsc#1235515,jsc#PED-12731). * mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes). * mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes). * mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes). * mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes). * mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes). * module: Fix memory deallocation on error path in move_module() (git-fixes). * module: Remove unnecessary +1 from last_unloaded_module::name size (git- fixes). * module: Restore the moduleparam prefix length check (git-fixes). * mtd: fix possible integer overflow in erase_xfer() (git-fixes). * mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes). * mtd: rawnand: atmel: set pmecc data setup time (git-fixes). * mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes). * mtd: rawnand: renesas: Add missing check after DMA map (git-fixes). * mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes). * mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes). * mtd: spinand: fix memory leak of ECC engine conf (stable-fixes). * mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes). * mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes). * mtk-sd: Prevent memory corruption from DMA map failure (git-fixes). * mtk-sd: reset host->mrq on prepare_data() error (git-fixes). * mwl8k: Add missing check after DMA map (git-fixes). * nbd: fix uaf in nbd_genl_connect() error path (git-fixes). * net/mlx5: HWS, fix missing ip_version handling in definer (git-fixes). * net/packet: fix a race in packet_set_ring() and packet_notifier() (git- fixes). * net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes). * net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git- fixes). * net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git- fixes). * net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes). * net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes). * net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes). * net/smc: Fix lookup of netdev by using ib_device_get_netdev() (git-fixes bsc#1246217). * net: mana: Add debug logs in MANA network driver (bsc#1246212). * net: mana: Add handler for hardware servicing events (bsc#1245730). * net: mana: Allocate MSI-X vectors dynamically (bsc#1245457). * net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457). * net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (bsc#1246203). * net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729). * net: mana: Set tx_packets to post gso processing packet count (bsc#1245731). * net: mana: explain irq_setup() algorithm (bsc#1245457). * net: phy: Do not register LEDs for genphy (git-fixes). * net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes). * net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes). * net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git- fixes). * net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes). * net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git- fixes). * net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes). * net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes). * net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes). * netlink: fix policy dump for int with validation callback (jsc#PED-12745). * netlink: fix policy dump for int with validation callback (jsc#PED-12745). * netlink: specs: devlink: replace underscores with dashes in names (jsc#PED-12745). * netlink: specs: devlink: replace underscores with dashes in names (jsc#PED-12745). * netlink: specs: nfsd: replace underscores with dashes in names (git-fixes). * netlink: specs: tc: replace underscores with dashes in names (git-fixes). * netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes). * nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git- fixes). * nfs: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes). * nfs: Fix the setting of capabilities when automounting a new filesystem (git-fixes). * nfs: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git- fixes). * nfs: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes). * nfsd: detect mismatch of file handle and delegation stateid in OPEN op (git- fixes). * nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes). * nfsv4.2: another fix for listxattr (git-fixes). * nfsv4.2: fix listxattr to return selinux security label (git-fixes). * nfsv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes). * nfsv4: Always set NLINK even if the server does not support it (git-fixes). * nfsv4: xattr handlers should check for absent nfs filehandles (git-fixes). * nilfs2: reject invalid file types when reading inodes (git-fixes). * nvme-pci: refresh visible attrs after being checked (git-fixes). * nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes). * nvme: fix endianness of command word prints in nvme_log_err_passthru() (git- fixes). * nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes). * nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes). * nvmet-tcp: fix callback lock for TLS handshake (git-fixes). * objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes). * objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks (git-fixes). * objtool: Fix _THIS_IP_ detection for cold functions (git-fixes). * objtool: Fix error handling inconsistencies in check() (git-fixes). * objtool: Ignore dangling jump table entries (git-fixes). * objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes). * objtool: Properly disable uaccess validation (git-fixes). * objtool: Silence more KCOV warnings (git-fixes). * objtool: Silence more KCOV warnings, part 2 (git-fixes). * objtool: Stop UNRET validation on UD2 (git-fixes). * pNFS/flexfiles: do not attempt pnfs on fatal DS errors (git-fixes). * pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes). * pci/MSI: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457). * pci: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes). * pci: endpoint: Fix configfs group list head handling (git-fixes). * pci: endpoint: Fix configfs group removal on driver teardown (git-fixes). * pci: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes). * pci: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes). * pci: hv: Allow dynamic MSI-X vector allocation (bsc#1245457). * pci: rockchip-host: Fix "Unexpected Completion" log message (git-fixes). * perf: Fix sample vs do_exit() (bsc#1246547). * phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git- fixes). * pinctrl: amd: Clear GPIO debounce for suspend (git-fixes). * pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes). * pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes). * pinmux: fix race causing mux_owner NULL with active mux_usecount (git- fixes). * platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git- fixes). * platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git- fixes). * platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes). * platform/mellanox: mlxreg-lc: Fix logic error in power state check (git- fixes). * platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes). * platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes). * platform/x86: Fix initialization order for firmware_attributes_class (git- fixes). * platform/x86: dell-sysman: Directly use firmware_attributes_class (stable- fixes). * platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes). * platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes). * platform/x86: firmware_attributes_class: Move include linux/device/class.h (stable-fixes). * platform/x86: firmware_attributes_class: Simplify API (stable-fixes). * platform/x86: hp-bioscfg: Directly use firmware_attributes_class (stable- fixes). * platform/x86: hp-bioscfg: Fix class device unregistration (git-fixes). * platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes). * platform/x86: make fw_attr_class constant (stable-fixes). * platform/x86: think-lmi: Create ksets consecutively (stable-fixes). * platform/x86: think-lmi: Directly use firmware_attributes_class (stable- fixes). * platform/x86: think-lmi: Fix class device unregistration (git-fixes). * platform/x86: think-lmi: Fix kobject cleanup (git-fixes). * platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes). * pm / devfreq: Check governor before using governor->name (git-fixes). * power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes). * power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git- fixes). * powercap: call put_device() on an error path in powercap_register_control_type() (stable-fixes). * powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git- fixes). * powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes). * powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH (git-fixes). * powerpc/pseries/dlpar: Search DRC index from ibm,drc-indexes for IO add (bsc#1243042 ltc#212167). * ptp: fix breakage after ptp_vclock_in_use() rework (bsc#1246506). * pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes). * pwm: mediatek: Ensure to disable clocks in error path (git-fixes). * pwm: rockchip: Round period/duty down on apply, up on get (git-fixes). * rdma/core: Rate limit GID cache warning messages (git-fixes) * rdma/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes) * rdma/hns: Drop GFP_NOWARN (git-fixes) * rdma/hns: Fix -Wframe-larger-than issue (git-fixes) * rdma/hns: Fix HW configurations not cleared in error flow (git-fixes) * rdma/hns: Fix accessing uninitialized resources (git-fixes) * rdma/hns: Fix double destruction of rsv_qp (git-fixes) * rdma/hns: Get message length of ack_req from FW (git-fixes) * rdma/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes) * rdma/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes) * rdma/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes) * rdma/mlx5: Fix CC counters query for MPV (git-fixes) * rdma/mlx5: Fix HW counters query for non-representor devices (git-fixes) * rdma/mlx5: Fix UMR modifying of mkey page size (git-fixes) * rdma/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes) * rdma/mlx5: Fix vport loopback for MPV device (git-fixes) * rdma/mlx5: Initialize obj_event->obj_sub_list before xa_insert (git-fixes) * rdma/mlx5: reduce stack usage in mlx5_ib_ufile_hw_cleanup (git-fixes) * rdma/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes) * rdma/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes) * rdma/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes) * rdma/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes) * rdma/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git- fixes) * rdma/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes) * regmap: fix potential memory leak of regmap_bus (git-fixes). * regulator: core: fix NULL dereference on unbind due to stale coupling data (stable-fixes). * regulator: fan53555: add enable_time support and soft-start times (stable- fixes). * regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git- fixes). * regulator: pwm-regulator: Calculate the output voltage for disabled PWMs (stable-fixes). * resource: fix false warning in __request_region() (git-fixes). * restore UCSI_CONNECTOR_RESET_HARD definition (git-fixes). * ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes). * rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes). * rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes). * rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes). * rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes). * rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes). * rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes). * rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes). * rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes). * s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246870). * s390/entry: Fix last breaking event handling in case of stack corruption (git-fixes bsc#1243806). * s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245646). * s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245647). * s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245598). * s390: Add z17 elf platform (LTC#214086 bsc#1245540). * samples: mei: Fix building on musl libc (git-fixes). * sched,freezer: Remove unnecessary warning in __thaw_task (bsc#1219338). * sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up() (git- fixes). * scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes). * scsi: fnic: Add and improve logs in FDMI and FDMI ABTS paths (bsc#1246644). * scsi: fnic: Fix crash in fnic_wq_cmpl_handler when FDMI times out (git- fixes). * scsi: fnic: Fix missing DMA mapping error in fnic_send_frame() (git-fixes). * scsi: fnic: Set appropriate logging level for log message (bsc#1246644). * scsi: fnic: Turn off FDMI ACTIVE flags on link down (git-fixes). * scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Modify end-of-life adapters' model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142). * scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: megaraid_sas: Fix invalid node index (git-fixes). * scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git- fixes). * scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git- fixes). * scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245599). * selftests/bpf: Add CFLAGS per source file and runner (git-fixes). * selftests/bpf: Add tests for iter next method returning valid pointer (git- fixes). * selftests/bpf: Change functions definitions to support GCC (git-fixes). * selftests/bpf: Fix a few tests for GCC related warnings (git-fixes). * selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect (git-fixes). * selftests/bpf: Fix prog numbers in test_sockmap (git-fixes). * smb3: move server check earlier when setting channel sequence number (git- fixes). * smb3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion (git-fixes). * smb3: send channel sequence number in SMB3 requests after reconnects (git- fixes). * soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes). * soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes). * soc: aspeed: lpc-snoop: Do not disable channels that are not enabled (git- fixes). * soc: qcom: QMI encoding/decoding for big endian (git-fixes). * soc: qcom: fix endianness for QMI header (git-fixes). * soc: qcom: pmic_glink: fix OF node leak (git-fixes). * soundwire: amd: fix for clearing command status register (git-fixes). * soundwire: stream: restore params when prepare ports fail (git-fixes). * spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git- fixes). * sprintf.h requires stdarg.h (git-fixes). * sprintf.h: mask additional include (git-fixes). * staging: axis-fifo: remove sysfs interface (git-fixes). * staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git- fixes). * staging: nvec: Fix incorrect null termination of battery manufacturer (git- fixes). * staging: vchiq_arm: Make vchiq_shutdown never fail (git-fixes). * struct cdns: move new member to the end (git-fixes). * struct ucsi_operations: use padding for new operation (git-fixes). * sunrpc: do not immediately retransmit on seqno miss (git-fixes). * sunrpc: fix client side handling of tls alerts (git-fixes). * supported.conf: Mark ZL3073X modules supported * supported.conf: add missing entries for armv7hl * supported.conf: move nvme-apple to optional again * supported.conf: sort entries again * tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes). * thermal: trip: Use READ_ONCE() for lockless access to trip properties (git- fixes). * thermal: trip: Use common set of trip type names (git-fixes). * thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes). * thunderbolt: Fix copy+paste error in match_service_id() (git-fixes). * thunderbolt: Fix wake on connect at runtime (git-fixes). * tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes). * tracing/kprobes: Fix to free objects when failed to copy a symbol (git- fixes). * types: Complement the aligned types with signed 64-bit one (stable-fixes). * ucount: fix atomic_long_inc_below() argument type (git-fixes). * ucsi-glink: adapt to kABI consistency (git-fixes). * ucsi_ccg: Refine the UCSI Interrupt handling (git-fixes). * ucsi_operations: add stubs for all operations (git-fixes). * ucsi_ops: adapt update_connector to kABI consistency (git-fixes). * usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes). * usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes). * usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes). * usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes). * usb: cdnsp: Fix issue with resuming from L1 (git-fixes). * usb: cdnsp: Replace snprintf() with the safer scnprintf() variant (stable- fixes). * usb: cdnsp: do not disable slot for disabled slot (git-fixes). * usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes). * usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes). * usb: dwc2: also exit clock_gating when stopping udc while suspended (stable- fixes). * usb: dwc3: Abort suspend on soft disconnect failure (git-fixes). * usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes). * usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes). * usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes). * usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes). * usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes). * usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes). * usb: hub: Do not try to recover devices lost during warm reset (git-fixes). * usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes). * usb: musb: fix gadget state on disconnect (git-fixes). * usb: musb: omap2430: fix device leak at unbind (git-fixes). * usb: net: sierra: check for no status endpoint (git-fixes). * usb: potential integer overflow in usbg_make_tpg() (stable-fixes). * usb: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes). * usb: serial: option: add Foxconn T99W640 (stable-fixes). * usb: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable- fixes). * usb: typec: Update sysfs when setting ops (git-fixes). * usb: typec: altmodes/displayport: do not index invalid pin_assignments (git- fixes). * usb: typec: displayport: Fix potential deadlock (git-fixes). * usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes). * usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable- fixes). * usb: typec: tcpm: allow switching to mode accessory to mux properly (stable- fixes). * usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes). * usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git- fixes). * usb: typec: ucsi: Add DATA_RESET option of Connector Reset command (git- fixes). * usb: typec: ucsi: Add qcm6490-pmic-glink as needing PDOS quirk (git-fixes). * usb: typec: ucsi: Delay alternate mode discovery (git-fixes). * usb: typec: ucsi: Fix busy loop on ASUS VivoBooks (git-fixes). * usb: typec: ucsi: Fix the partner PD revision (git-fixes). * usb: typec: ucsi: Get PD revision for partner (git-fixes). * usb: typec: ucsi: Set orientation as none when connector is unplugged (git- fixes). * usb: typec: ucsi: Update power_supply on power role change (git-fixes). * usb: typec: ucsi: add callback for connector status updates (git-fixes). * usb: typec: ucsi: add update_connector callback (git-fixes). * usb: typec: ucsi: do not retrieve PDOs if not supported (git-fixes). * usb: typec: ucsi: extract code to read PD caps (git-fixes). * usb: typec: ucsi: fix UCSI on SM8550 & SM8650 Qualcomm devices (git-fixes). * usb: typec: ucsi: glink: fix off-by-one in connector_status (git-fixes). * usb: typec: ucsi: glink: increase max ports for x1e80100 (git-fixes). * usb: typec: ucsi: glink: move GPIO reading into connector_status callback (git-fixes). * usb: typec: ucsi: glink: use typec_set_orientation (git-fixes). * usb: typec: ucsi: move ucsi_acknowledge() from ucsi_read_error() (git- fixes). * usb: typec: ucsi: properly register partner's PD device (git-fixes). * usb: typec: ucsi: support delaying GET_PDOS for device (git-fixes). * usb: typec: ucsi_acpi: Add LG Gram quirk (git-fixes). * usb: typec: ucsi_glink: drop NO_PARTNER_PDOS quirk for sm8550 / sm8650 (git- fixes). * usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk (git-fixes). * usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk on qcm6490 (git-fixes). * usb: typec: ucsi_glink: rework quirks implementation (git-fixes). * usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git- fixes). * usb: xhci: quirk for data loss in ISOC transfers (stable-fixes). * usb:cdnsp: remove TRB_FLUSH_ENDPOINT command (stable-fixes). * virtgpu: do not reset on shutdown (git-fixes). * vmci: Prevent the dispatching of uninitialized payloads (git-fixes). * vt: add missing notification when switching back to text mode (stable- fixes). * vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes). * vt: keyboard: Do not process Unicode characters in K_OFF mode (git-fixes). * watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git- fixes). * wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes). * wifi: ath11k: fix dest ring-buffer corruption (git-fixes). * wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes). * wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes). * wifi: ath11k: fix source ring-buffer corruption (git-fixes). * wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes). * wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (git-fixes). * wifi: ath12k: fix dest ring-buffer corruption (git-fixes). * wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes). * wifi: ath12k: fix endianness handling while accessing wmi service bit (git- fixes). * wifi: ath12k: fix source ring-buffer corruption (git-fixes). * wifi: ath6kl: remove WARN on bad firmware input (stable-fixes). * wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes). * wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes). * wifi: cfg80211/mac80211: correctly parse S1G beacon optional elements (git- fixes). * wifi: cfg80211: fix S1G beacon head validation in nl80211 (git-fixes). * wifi: cfg80211: remove scan request n_channels counted_by (git-fixes). * wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes). * wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes). * wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes). * wifi: mac80211: Add link iteration macro for link data (stable-fixes). * wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes). * wifi: mac80211: Create separate links for VLAN interfaces (stable-fixes). * wifi: mac80211: Do not call fq_flow_idx() for management frames (git-fixes). * wifi: mac80211: Do not schedule stopped TXQs (git-fixes). * wifi: mac80211: Write cnt before copying in ieee80211_copy_rnr_beacon() (git-fixes). * wifi: mac80211: chan: chandef is non-NULL for reserved (stable-fixes). * wifi: mac80211: drop invalid source address OCB frames (stable-fixes). * wifi: mac80211: finish link init before RCU publish (git-fixes). * wifi: mac80211: fix non-transmitted BSSID profile search (git-fixes). * wifi: mac80211: reject TDLS operations when station is not associated (git- fixes). * wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes). * wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes). * wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes). * wifi: nl80211: Set num_sub_specs before looping through sub_specs (git- fixes). * wifi: plfxlc: Fix error handling in usb driver probe (git-fixes). * wifi: prevent A-MSDU attacks in mesh networks (stable-fixes). * wifi: rt2x00: fix remove callback type mismatch (git-fixes). * wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes). * wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes). * wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes). * x86/CPU/AMD: Add more models to X86_FEATURE_ZEN5 (bsc#1246449). * x86/CPU/AMD: Improve the erratum 1386 workaround (git-fixes). * x86/CPU/AMD: Terminate the erratum_1386_microcode array (git-fixes). * x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes). * x86/cpu: Avoid running off the end of an AMD erratum table (git-fixes). * x86/cpu: Expose only stepping min/max interface (git-fixes). * x86/cpu: Introduce new microcode matching helper (git-fixes). * x86/cpu: Move AMD erratum 1386 table over to 'x86_cpu_id' (git-fixes). * x86/cpu: Replace PEBS use of 'x86_cpu_desc' use with 'x86_cpu_id' (git- fixes). * x86/mce/amd: Add default names for MCA banks and blocks (git-fixes). * x86/mce/amd: Fix threshold limit reset (git-fixes). * x86/mce: Do not remove sysfs if thresholding sysfs init fails (git-fixes). * x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git- fixes). * x86/mtrr: Rename mtrr_overwrite_state() to guest_force_mtrr_state() (git- fixes). * x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git- fixes). * x86/traps: Initialize DR6 by writing its architectural reset value (git- fixes). * x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes). * x86: UV RTC: Add parameter to disable RTC clocksource (bsc#1241345). * xfs: fix off-by-one error in fsmap's end_daddr usage (bsc#1235837). * xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes). * xfs: remove unused event xfs_alloc_near_error (git-fixes). * xfs: remove unused event xfs_alloc_near_nominleft (git-fixes). * xfs: remove unused event xfs_attr_node_removename (git-fixes). * xfs: remove unused event xfs_ioctl_clone (git-fixes). * xfs: remove unused event xfs_pagecache_inval (git-fixes). * xfs: remove unused event xlog_iclog_want_sync (git-fixes). * xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes). * xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes). * xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes). * xfs: remove unused xfs_attr events (git-fixes). * xfs: remove unused xfs_reflink_compare_extents events (git-fixes). * xfs: remove usused xfs_end_io_direct events (git-fixes). * xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git- fixes). * xhci: dbc: Flush queued requests before stopping dbc (git-fixes). * xhci: dbctty: disable ECHO flag by default (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Real Time Module 15-SP7 zypper in -t patch SUSE-SLE-Module-RT-15-SP7-2025-2853=1 * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2025-2853=1 ## Package List: * SUSE Real Time Module 15-SP7 (x86_64) * dlm-kmp-rt-6.4.0-150700.7.13.1 * kernel-rt-devel-debuginfo-6.4.0-150700.7.13.1 * kernel-syms-rt-6.4.0-150700.7.13.1 * kernel-rt-devel-6.4.0-150700.7.13.1 * ocfs2-kmp-rt-6.4.0-150700.7.13.1 * cluster-md-kmp-rt-debuginfo-6.4.0-150700.7.13.1 * cluster-md-kmp-rt-6.4.0-150700.7.13.1 * gfs2-kmp-rt-debuginfo-6.4.0-150700.7.13.1 * ocfs2-kmp-rt-debuginfo-6.4.0-150700.7.13.1 * kernel-rt-debuginfo-6.4.0-150700.7.13.1 * gfs2-kmp-rt-6.4.0-150700.7.13.1 * kernel-rt-debugsource-6.4.0-150700.7.13.1 * dlm-kmp-rt-debuginfo-6.4.0-150700.7.13.1 * SUSE Real Time Module 15-SP7 (noarch) * kernel-source-rt-6.4.0-150700.7.13.1 * kernel-devel-rt-6.4.0-150700.7.13.1 * SUSE Real Time Module 15-SP7 (nosrc x86_64) * kernel-rt-6.4.0-150700.7.13.1 * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-6_4_0-150700_7_13-rt-debuginfo-1-150700.1.5.1 * kernel-livepatch-SLE15-SP7-RT_Update_3-debugsource-1-150700.1.5.1 * kernel-livepatch-6_4_0-150700_7_13-rt-1-150700.1.5.1 ## References: * https://www.suse.com/security/cve/CVE-2019-11135.html * https://www.suse.com/security/cve/CVE-2024-36028.html * https://www.suse.com/security/cve/CVE-2024-36348.html * https://www.suse.com/security/cve/CVE-2024-36349.html * https://www.suse.com/security/cve/CVE-2024-36350.html * https://www.suse.com/security/cve/CVE-2024-36357.html * https://www.suse.com/security/cve/CVE-2024-42134.html * https://www.suse.com/security/cve/CVE-2024-44963.html * https://www.suse.com/security/cve/CVE-2024-56742.html * https://www.suse.com/security/cve/CVE-2024-57947.html * https://www.suse.com/security/cve/CVE-2025-21839.html * https://www.suse.com/security/cve/CVE-2025-21872.html * https://www.suse.com/security/cve/CVE-2025-23163.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-37856.html * https://www.suse.com/security/cve/CVE-2025-37864.html * https://www.suse.com/security/cve/CVE-2025-37885.html * https://www.suse.com/security/cve/CVE-2025-37920.html * https://www.suse.com/security/cve/CVE-2025-37984.html * https://www.suse.com/security/cve/CVE-2025-38034.html * https://www.suse.com/security/cve/CVE-2025-38035.html * https://www.suse.com/security/cve/CVE-2025-38047.html * https://www.suse.com/security/cve/CVE-2025-38051.html * https://www.suse.com/security/cve/CVE-2025-38052.html * https://www.suse.com/security/cve/CVE-2025-38058.html * https://www.suse.com/security/cve/CVE-2025-38061.html * https://www.suse.com/security/cve/CVE-2025-38062.html * https://www.suse.com/security/cve/CVE-2025-38063.html * https://www.suse.com/security/cve/CVE-2025-38064.html * https://www.suse.com/security/cve/CVE-2025-38074.html * https://www.suse.com/security/cve/CVE-2025-38084.html * https://www.suse.com/security/cve/CVE-2025-38085.html * https://www.suse.com/security/cve/CVE-2025-38087.html * https://www.suse.com/security/cve/CVE-2025-38088.html * https://www.suse.com/security/cve/CVE-2025-38089.html * https://www.suse.com/security/cve/CVE-2025-38090.html * https://www.suse.com/security/cve/CVE-2025-38091.html * https://www.suse.com/security/cve/CVE-2025-38094.html * https://www.suse.com/security/cve/CVE-2025-38095.html * https://www.suse.com/security/cve/CVE-2025-38097.html * https://www.suse.com/security/cve/CVE-2025-38098.html * https://www.suse.com/security/cve/CVE-2025-38099.html * https://www.suse.com/security/cve/CVE-2025-38100.html * https://www.suse.com/security/cve/CVE-2025-38102.html * https://www.suse.com/security/cve/CVE-2025-38105.html * https://www.suse.com/security/cve/CVE-2025-38106.html * https://www.suse.com/security/cve/CVE-2025-38107.html * https://www.suse.com/security/cve/CVE-2025-38108.html * https://www.suse.com/security/cve/CVE-2025-38109.html * https://www.suse.com/security/cve/CVE-2025-38110.html * https://www.suse.com/security/cve/CVE-2025-38111.html * https://www.suse.com/security/cve/CVE-2025-38112.html * https://www.suse.com/security/cve/CVE-2025-38113.html * https://www.suse.com/security/cve/CVE-2025-38114.html * https://www.suse.com/security/cve/CVE-2025-38115.html * https://www.suse.com/security/cve/CVE-2025-38117.html * https://www.suse.com/security/cve/CVE-2025-38118.html * https://www.suse.com/security/cve/CVE-2025-38120.html * https://www.suse.com/security/cve/CVE-2025-38122.html * https://www.suse.com/security/cve/CVE-2025-38123.html * https://www.suse.com/security/cve/CVE-2025-38124.html * https://www.suse.com/security/cve/CVE-2025-38126.html * https://www.suse.com/security/cve/CVE-2025-38127.html * https://www.suse.com/security/cve/CVE-2025-38129.html * https://www.suse.com/security/cve/CVE-2025-38131.html * https://www.suse.com/security/cve/CVE-2025-38132.html * https://www.suse.com/security/cve/CVE-2025-38135.html * https://www.suse.com/security/cve/CVE-2025-38136.html * https://www.suse.com/security/cve/CVE-2025-38138.html * https://www.suse.com/security/cve/CVE-2025-38142.html * https://www.suse.com/security/cve/CVE-2025-38143.html * https://www.suse.com/security/cve/CVE-2025-38145.html * https://www.suse.com/security/cve/CVE-2025-38147.html * https://www.suse.com/security/cve/CVE-2025-38148.html * https://www.suse.com/security/cve/CVE-2025-38149.html * https://www.suse.com/security/cve/CVE-2025-38151.html * https://www.suse.com/security/cve/CVE-2025-38153.html * https://www.suse.com/security/cve/CVE-2025-38154.html * https://www.suse.com/security/cve/CVE-2025-38155.html * https://www.suse.com/security/cve/CVE-2025-38157.html * https://www.suse.com/security/cve/CVE-2025-38158.html * https://www.suse.com/security/cve/CVE-2025-38159.html * https://www.suse.com/security/cve/CVE-2025-38161.html * https://www.suse.com/security/cve/CVE-2025-38162.html * https://www.suse.com/security/cve/CVE-2025-38165.html * https://www.suse.com/security/cve/CVE-2025-38166.html * https://www.suse.com/security/cve/CVE-2025-38173.html * https://www.suse.com/security/cve/CVE-2025-38174.html * https://www.suse.com/security/cve/CVE-2025-38177.html * https://www.suse.com/security/cve/CVE-2025-38180.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38182.html * https://www.suse.com/security/cve/CVE-2025-38183.html * https://www.suse.com/security/cve/CVE-2025-38186.html * https://www.suse.com/security/cve/CVE-2025-38187.html * https://www.suse.com/security/cve/CVE-2025-38188.html * https://www.suse.com/security/cve/CVE-2025-38189.html * https://www.suse.com/security/cve/CVE-2025-38192.html * https://www.suse.com/security/cve/CVE-2025-38193.html * https://www.suse.com/security/cve/CVE-2025-38194.html * https://www.suse.com/security/cve/CVE-2025-38197.html * https://www.suse.com/security/cve/CVE-2025-38198.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38202.html * https://www.suse.com/security/cve/CVE-2025-38203.html * https://www.suse.com/security/cve/CVE-2025-38204.html * https://www.suse.com/security/cve/CVE-2025-38206.html * https://www.suse.com/security/cve/CVE-2025-38210.html * https://www.suse.com/security/cve/CVE-2025-38211.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38214.html * https://www.suse.com/security/cve/CVE-2025-38215.html * https://www.suse.com/security/cve/CVE-2025-38217.html * https://www.suse.com/security/cve/CVE-2025-38220.html * https://www.suse.com/security/cve/CVE-2025-38222.html * https://www.suse.com/security/cve/CVE-2025-38225.html * https://www.suse.com/security/cve/CVE-2025-38226.html * https://www.suse.com/security/cve/CVE-2025-38227.html * https://www.suse.com/security/cve/CVE-2025-38229.html * https://www.suse.com/security/cve/CVE-2025-38231.html * https://www.suse.com/security/cve/CVE-2025-38236.html * https://www.suse.com/security/cve/CVE-2025-38238.html * https://www.suse.com/security/cve/CVE-2025-38239.html * https://www.suse.com/security/cve/CVE-2025-38244.html * https://www.suse.com/security/cve/CVE-2025-38246.html * https://www.suse.com/security/cve/CVE-2025-38248.html * https://www.suse.com/security/cve/CVE-2025-38249.html * https://www.suse.com/security/cve/CVE-2025-38250.html * https://www.suse.com/security/cve/CVE-2025-38256.html * https://www.suse.com/security/cve/CVE-2025-38257.html * https://www.suse.com/security/cve/CVE-2025-38259.html * https://www.suse.com/security/cve/CVE-2025-38264.html * https://www.suse.com/security/cve/CVE-2025-38265.html * https://www.suse.com/security/cve/CVE-2025-38268.html * https://www.suse.com/security/cve/CVE-2025-38272.html * https://www.suse.com/security/cve/CVE-2025-38273.html * https://www.suse.com/security/cve/CVE-2025-38275.html * https://www.suse.com/security/cve/CVE-2025-38277.html * https://www.suse.com/security/cve/CVE-2025-38279.html * https://www.suse.com/security/cve/CVE-2025-38283.html * https://www.suse.com/security/cve/CVE-2025-38286.html * https://www.suse.com/security/cve/CVE-2025-38287.html * https://www.suse.com/security/cve/CVE-2025-38288.html * https://www.suse.com/security/cve/CVE-2025-38289.html * https://www.suse.com/security/cve/CVE-2025-38290.html * https://www.suse.com/security/cve/CVE-2025-38291.html * https://www.suse.com/security/cve/CVE-2025-38292.html * https://www.suse.com/security/cve/CVE-2025-38293.html * https://www.suse.com/security/cve/CVE-2025-38299.html * https://www.suse.com/security/cve/CVE-2025-38300.html * https://www.suse.com/security/cve/CVE-2025-38303.html * https://www.suse.com/security/cve/CVE-2025-38304.html * https://www.suse.com/security/cve/CVE-2025-38305.html * https://www.suse.com/security/cve/CVE-2025-38307.html * https://www.suse.com/security/cve/CVE-2025-38310.html * https://www.suse.com/security/cve/CVE-2025-38312.html * https://www.suse.com/security/cve/CVE-2025-38313.html * https://www.suse.com/security/cve/CVE-2025-38315.html * https://www.suse.com/security/cve/CVE-2025-38317.html * https://www.suse.com/security/cve/CVE-2025-38319.html * https://www.suse.com/security/cve/CVE-2025-38323.html * https://www.suse.com/security/cve/CVE-2025-38326.html * https://www.suse.com/security/cve/CVE-2025-38328.html * https://www.suse.com/security/cve/CVE-2025-38332.html * https://www.suse.com/security/cve/CVE-2025-38334.html * https://www.suse.com/security/cve/CVE-2025-38335.html * https://www.suse.com/security/cve/CVE-2025-38336.html * https://www.suse.com/security/cve/CVE-2025-38337.html * https://www.suse.com/security/cve/CVE-2025-38338.html * https://www.suse.com/security/cve/CVE-2025-38342.html * https://www.suse.com/security/cve/CVE-2025-38343.html * https://www.suse.com/security/cve/CVE-2025-38344.html * https://www.suse.com/security/cve/CVE-2025-38345.html * https://www.suse.com/security/cve/CVE-2025-38348.html * https://www.suse.com/security/cve/CVE-2025-38349.html * https://www.suse.com/security/cve/CVE-2025-38350.html * https://www.suse.com/security/cve/CVE-2025-38352.html * https://www.suse.com/security/cve/CVE-2025-38353.html * https://www.suse.com/security/cve/CVE-2025-38354.html * https://www.suse.com/security/cve/CVE-2025-38355.html * https://www.suse.com/security/cve/CVE-2025-38356.html * https://www.suse.com/security/cve/CVE-2025-38361.html * https://www.suse.com/security/cve/CVE-2025-38362.html * https://www.suse.com/security/cve/CVE-2025-38363.html * https://www.suse.com/security/cve/CVE-2025-38364.html * https://www.suse.com/security/cve/CVE-2025-38365.html * https://www.suse.com/security/cve/CVE-2025-38369.html * https://www.suse.com/security/cve/CVE-2025-38371.html * https://www.suse.com/security/cve/CVE-2025-38373.html * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-38376.html * https://www.suse.com/security/cve/CVE-2025-38377.html * https://www.suse.com/security/cve/CVE-2025-38380.html * https://www.suse.com/security/cve/CVE-2025-38382.html * https://www.suse.com/security/cve/CVE-2025-38384.html * https://www.suse.com/security/cve/CVE-2025-38385.html * https://www.suse.com/security/cve/CVE-2025-38386.html * https://www.suse.com/security/cve/CVE-2025-38387.html * https://www.suse.com/security/cve/CVE-2025-38389.html * https://www.suse.com/security/cve/CVE-2025-38391.html * https://www.suse.com/security/cve/CVE-2025-38392.html * https://www.suse.com/security/cve/CVE-2025-38393.html * https://www.suse.com/security/cve/CVE-2025-38395.html * https://www.suse.com/security/cve/CVE-2025-38396.html * https://www.suse.com/security/cve/CVE-2025-38399.html * https://www.suse.com/security/cve/CVE-2025-38400.html * https://www.suse.com/security/cve/CVE-2025-38401.html * https://www.suse.com/security/cve/CVE-2025-38403.html * https://www.suse.com/security/cve/CVE-2025-38404.html * https://www.suse.com/security/cve/CVE-2025-38406.html * https://www.suse.com/security/cve/CVE-2025-38409.html * https://www.suse.com/security/cve/CVE-2025-38410.html * https://www.suse.com/security/cve/CVE-2025-38412.html * https://www.suse.com/security/cve/CVE-2025-38414.html * https://www.suse.com/security/cve/CVE-2025-38415.html * https://www.suse.com/security/cve/CVE-2025-38416.html * https://www.suse.com/security/cve/CVE-2025-38417.html * https://www.suse.com/security/cve/CVE-2025-38420.html * https://www.suse.com/security/cve/CVE-2025-38424.html * https://www.suse.com/security/cve/CVE-2025-38425.html * https://www.suse.com/security/cve/CVE-2025-38426.html * https://www.suse.com/security/cve/CVE-2025-38427.html * https://www.suse.com/security/cve/CVE-2025-38428.html * https://www.suse.com/security/cve/CVE-2025-38429.html * https://www.suse.com/security/cve/CVE-2025-38430.html * https://www.suse.com/security/cve/CVE-2025-38436.html * https://www.suse.com/security/cve/CVE-2025-38443.html * https://www.suse.com/security/cve/CVE-2025-38448.html * https://www.suse.com/security/cve/CVE-2025-38449.html * https://www.suse.com/security/cve/CVE-2025-38453.html * https://www.suse.com/security/cve/CVE-2025-38455.html * https://www.suse.com/security/cve/CVE-2025-38457.html * https://www.suse.com/security/cve/CVE-2025-38460.html * https://www.suse.com/security/cve/CVE-2025-38461.html * https://www.suse.com/security/cve/CVE-2025-38462.html * https://www.suse.com/security/cve/CVE-2025-38463.html * https://www.suse.com/security/cve/CVE-2025-38465.html * https://www.suse.com/security/cve/CVE-2025-38467.html * https://www.suse.com/security/cve/CVE-2025-38468.html * https://www.suse.com/security/cve/CVE-2025-38470.html * https://www.suse.com/security/cve/CVE-2025-38471.html * https://www.suse.com/security/cve/CVE-2025-38473.html * https://www.suse.com/security/cve/CVE-2025-38474.html * https://www.suse.com/security/cve/CVE-2025-38475.html * https://www.suse.com/security/cve/CVE-2025-38476.html * https://www.suse.com/security/cve/CVE-2025-38477.html * https://www.suse.com/security/cve/CVE-2025-38478.html * https://www.suse.com/security/cve/CVE-2025-38480.html * https://www.suse.com/security/cve/CVE-2025-38481.html * https://www.suse.com/security/cve/CVE-2025-38482.html * https://www.suse.com/security/cve/CVE-2025-38483.html * https://www.suse.com/security/cve/CVE-2025-38485.html * https://www.suse.com/security/cve/CVE-2025-38487.html * https://www.suse.com/security/cve/CVE-2025-38489.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://www.suse.com/security/cve/CVE-2025-38496.html * https://www.suse.com/security/cve/CVE-2025-38497.html * https://www.suse.com/security/cve/CVE-2025-38498.html * https://bugzilla.suse.com/show_bug.cgi?id=1204142 * https://bugzilla.suse.com/show_bug.cgi?id=1219338 * https://bugzilla.suse.com/show_bug.cgi?id=1225707 * https://bugzilla.suse.com/show_bug.cgi?id=1228664 * https://bugzilla.suse.com/show_bug.cgi?id=1230216 * https://bugzilla.suse.com/show_bug.cgi?id=1233300 * https://bugzilla.suse.com/show_bug.cgi?id=1235515 * https://bugzilla.suse.com/show_bug.cgi?id=1235613 * https://bugzilla.suse.com/show_bug.cgi?id=1235837 * https://bugzilla.suse.com/show_bug.cgi?id=1236333 * https://bugzilla.suse.com/show_bug.cgi?id=1236897 * https://bugzilla.suse.com/show_bug.cgi?id=1238896 * https://bugzilla.suse.com/show_bug.cgi?id=1239061 * https://bugzilla.suse.com/show_bug.cgi?id=1240323 * https://bugzilla.suse.com/show_bug.cgi?id=1240696 * https://bugzilla.suse.com/show_bug.cgi?id=1240885 * https://bugzilla.suse.com/show_bug.cgi?id=1240966 * https://bugzilla.suse.com/show_bug.cgi?id=1240998 * https://bugzilla.suse.com/show_bug.cgi?id=1241166 * https://bugzilla.suse.com/show_bug.cgi?id=1241200 * https://bugzilla.suse.com/show_bug.cgi?id=1241345 * https://bugzilla.suse.com/show_bug.cgi?id=1242086 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242837 * https://bugzilla.suse.com/show_bug.cgi?id=1242960 * https://bugzilla.suse.com/show_bug.cgi?id=1242965 * https://bugzilla.suse.com/show_bug.cgi?id=1242993 * https://bugzilla.suse.com/show_bug.cgi?id=1243042 * https://bugzilla.suse.com/show_bug.cgi?id=1243068 * https://bugzilla.suse.com/show_bug.cgi?id=1243100 * https://bugzilla.suse.com/show_bug.cgi?id=1243479 * https://bugzilla.suse.com/show_bug.cgi?id=1243669 * https://bugzilla.suse.com/show_bug.cgi?id=1243678 * https://bugzilla.suse.com/show_bug.cgi?id=1243806 * https://bugzilla.suse.com/show_bug.cgi?id=1244309 * https://bugzilla.suse.com/show_bug.cgi?id=1244457 * https://bugzilla.suse.com/show_bug.cgi?id=1244735 * https://bugzilla.suse.com/show_bug.cgi?id=1244749 * https://bugzilla.suse.com/show_bug.cgi?id=1244750 * https://bugzilla.suse.com/show_bug.cgi?id=1244792 * https://bugzilla.suse.com/show_bug.cgi?id=1244801 * https://bugzilla.suse.com/show_bug.cgi?id=1245084 * https://bugzilla.suse.com/show_bug.cgi?id=1245151 * https://bugzilla.suse.com/show_bug.cgi?id=1245201 * https://bugzilla.suse.com/show_bug.cgi?id=1245202 * https://bugzilla.suse.com/show_bug.cgi?id=1245216 * https://bugzilla.suse.com/show_bug.cgi?id=1245260 * https://bugzilla.suse.com/show_bug.cgi?id=1245431 * https://bugzilla.suse.com/show_bug.cgi?id=1245440 * https://bugzilla.suse.com/show_bug.cgi?id=1245457 * https://bugzilla.suse.com/show_bug.cgi?id=1245498 * https://bugzilla.suse.com/show_bug.cgi?id=1245499 * https://bugzilla.suse.com/show_bug.cgi?id=1245504 * https://bugzilla.suse.com/show_bug.cgi?id=1245506 * https://bugzilla.suse.com/show_bug.cgi?id=1245508 * https://bugzilla.suse.com/show_bug.cgi?id=1245510 * https://bugzilla.suse.com/show_bug.cgi?id=1245540 * https://bugzilla.suse.com/show_bug.cgi?id=1245598 * https://bugzilla.suse.com/show_bug.cgi?id=1245599 * https://bugzilla.suse.com/show_bug.cgi?id=1245621 * https://bugzilla.suse.com/show_bug.cgi?id=1245646 * https://bugzilla.suse.com/show_bug.cgi?id=1245647 * https://bugzilla.suse.com/show_bug.cgi?id=1245649 * https://bugzilla.suse.com/show_bug.cgi?id=1245650 * https://bugzilla.suse.com/show_bug.cgi?id=1245654 * https://bugzilla.suse.com/show_bug.cgi?id=1245658 * https://bugzilla.suse.com/show_bug.cgi?id=1245660 * https://bugzilla.suse.com/show_bug.cgi?id=1245664 * https://bugzilla.suse.com/show_bug.cgi?id=1245665 * https://bugzilla.suse.com/show_bug.cgi?id=1245666 * https://bugzilla.suse.com/show_bug.cgi?id=1245668 * https://bugzilla.suse.com/show_bug.cgi?id=1245669 * https://bugzilla.suse.com/show_bug.cgi?id=1245670 * https://bugzilla.suse.com/show_bug.cgi?id=1245671 * https://bugzilla.suse.com/show_bug.cgi?id=1245675 * https://bugzilla.suse.com/show_bug.cgi?id=1245676 * https://bugzilla.suse.com/show_bug.cgi?id=1245677 * https://bugzilla.suse.com/show_bug.cgi?id=1245679 * https://bugzilla.suse.com/show_bug.cgi?id=1245682 * https://bugzilla.suse.com/show_bug.cgi?id=1245683 * https://bugzilla.suse.com/show_bug.cgi?id=1245684 * https://bugzilla.suse.com/show_bug.cgi?id=1245686 * https://bugzilla.suse.com/show_bug.cgi?id=1245688 * https://bugzilla.suse.com/show_bug.cgi?id=1245689 * https://bugzilla.suse.com/show_bug.cgi?id=1245690 * https://bugzilla.suse.com/show_bug.cgi?id=1245691 * https://bugzilla.suse.com/show_bug.cgi?id=1245695 * https://bugzilla.suse.com/show_bug.cgi?id=1245705 * https://bugzilla.suse.com/show_bug.cgi?id=1245708 * https://bugzilla.suse.com/show_bug.cgi?id=1245711 * https://bugzilla.suse.com/show_bug.cgi?id=1245713 * https://bugzilla.suse.com/show_bug.cgi?id=1245714 * https://bugzilla.suse.com/show_bug.cgi?id=1245719 * https://bugzilla.suse.com/show_bug.cgi?id=1245723 * https://bugzilla.suse.com/show_bug.cgi?id=1245729 * https://bugzilla.suse.com/show_bug.cgi?id=1245730 * https://bugzilla.suse.com/show_bug.cgi?id=1245731 * https://bugzilla.suse.com/show_bug.cgi?id=1245735 * https://bugzilla.suse.com/show_bug.cgi?id=1245737 * https://bugzilla.suse.com/show_bug.cgi?id=1245744 * https://bugzilla.suse.com/show_bug.cgi?id=1245745 * https://bugzilla.suse.com/show_bug.cgi?id=1245746 * https://bugzilla.suse.com/show_bug.cgi?id=1245747 * https://bugzilla.suse.com/show_bug.cgi?id=1245748 * https://bugzilla.suse.com/show_bug.cgi?id=1245749 * https://bugzilla.suse.com/show_bug.cgi?id=1245750 * https://bugzilla.suse.com/show_bug.cgi?id=1245751 * https://bugzilla.suse.com/show_bug.cgi?id=1245752 * https://bugzilla.suse.com/show_bug.cgi?id=1245757 * https://bugzilla.suse.com/show_bug.cgi?id=1245758 * https://bugzilla.suse.com/show_bug.cgi?id=1245765 * https://bugzilla.suse.com/show_bug.cgi?id=1245768 * https://bugzilla.suse.com/show_bug.cgi?id=1245769 * https://bugzilla.suse.com/show_bug.cgi?id=1245777 * https://bugzilla.suse.com/show_bug.cgi?id=1245781 * https://bugzilla.suse.com/show_bug.cgi?id=1245789 * https://bugzilla.suse.com/show_bug.cgi?id=1245812 * https://bugzilla.suse.com/show_bug.cgi?id=1245937 * https://bugzilla.suse.com/show_bug.cgi?id=1245945 * https://bugzilla.suse.com/show_bug.cgi?id=1245951 * https://bugzilla.suse.com/show_bug.cgi?id=1245952 * https://bugzilla.suse.com/show_bug.cgi?id=1245954 * https://bugzilla.suse.com/show_bug.cgi?id=1245955 * https://bugzilla.suse.com/show_bug.cgi?id=1245957 * https://bugzilla.suse.com/show_bug.cgi?id=1245966 * https://bugzilla.suse.com/show_bug.cgi?id=1245970 * https://bugzilla.suse.com/show_bug.cgi?id=1245976 * https://bugzilla.suse.com/show_bug.cgi?id=1245980 * https://bugzilla.suse.com/show_bug.cgi?id=1245983 * https://bugzilla.suse.com/show_bug.cgi?id=1245986 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246002 * https://bugzilla.suse.com/show_bug.cgi?id=1246006 * https://bugzilla.suse.com/show_bug.cgi?id=1246008 * https://bugzilla.suse.com/show_bug.cgi?id=1246020 * https://bugzilla.suse.com/show_bug.cgi?id=1246023 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246031 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246041 * https://bugzilla.suse.com/show_bug.cgi?id=1246042 * https://bugzilla.suse.com/show_bug.cgi?id=1246044 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246047 * https://bugzilla.suse.com/show_bug.cgi?id=1246049 * https://bugzilla.suse.com/show_bug.cgi?id=1246050 * https://bugzilla.suse.com/show_bug.cgi?id=1246055 * https://bugzilla.suse.com/show_bug.cgi?id=1246073 * https://bugzilla.suse.com/show_bug.cgi?id=1246093 * https://bugzilla.suse.com/show_bug.cgi?id=1246098 * https://bugzilla.suse.com/show_bug.cgi?id=1246109 * https://bugzilla.suse.com/show_bug.cgi?id=1246113 * https://bugzilla.suse.com/show_bug.cgi?id=1246122 * https://bugzilla.suse.com/show_bug.cgi?id=1246125 * https://bugzilla.suse.com/show_bug.cgi?id=1246134 * https://bugzilla.suse.com/show_bug.cgi?id=1246171 * https://bugzilla.suse.com/show_bug.cgi?id=1246173 * https://bugzilla.suse.com/show_bug.cgi?id=1246178 * https://bugzilla.suse.com/show_bug.cgi?id=1246179 * https://bugzilla.suse.com/show_bug.cgi?id=1246182 * https://bugzilla.suse.com/show_bug.cgi?id=1246183 * https://bugzilla.suse.com/show_bug.cgi?id=1246186 * https://bugzilla.suse.com/show_bug.cgi?id=1246188 * https://bugzilla.suse.com/show_bug.cgi?id=1246195 * https://bugzilla.suse.com/show_bug.cgi?id=1246203 * https://bugzilla.suse.com/show_bug.cgi?id=1246212 * https://bugzilla.suse.com/show_bug.cgi?id=1246217 * https://bugzilla.suse.com/show_bug.cgi?id=1246220 * https://bugzilla.suse.com/show_bug.cgi?id=1246236 * https://bugzilla.suse.com/show_bug.cgi?id=1246240 * https://bugzilla.suse.com/show_bug.cgi?id=1246243 * https://bugzilla.suse.com/show_bug.cgi?id=1246244 * https://bugzilla.suse.com/show_bug.cgi?id=1246246 * https://bugzilla.suse.com/show_bug.cgi?id=1246249 * https://bugzilla.suse.com/show_bug.cgi?id=1246250 * https://bugzilla.suse.com/show_bug.cgi?id=1246253 * https://bugzilla.suse.com/show_bug.cgi?id=1246258 * https://bugzilla.suse.com/show_bug.cgi?id=1246262 * https://bugzilla.suse.com/show_bug.cgi?id=1246264 * https://bugzilla.suse.com/show_bug.cgi?id=1246266 * https://bugzilla.suse.com/show_bug.cgi?id=1246268 * https://bugzilla.suse.com/show_bug.cgi?id=1246273 * https://bugzilla.suse.com/show_bug.cgi?id=1246283 * https://bugzilla.suse.com/show_bug.cgi?id=1246285 * https://bugzilla.suse.com/show_bug.cgi?id=1246286 * https://bugzilla.suse.com/show_bug.cgi?id=1246287 * https://bugzilla.suse.com/show_bug.cgi?id=1246290 * https://bugzilla.suse.com/show_bug.cgi?id=1246292 * https://bugzilla.suse.com/show_bug.cgi?id=1246293 * https://bugzilla.suse.com/show_bug.cgi?id=1246295 * https://bugzilla.suse.com/show_bug.cgi?id=1246297 * https://bugzilla.suse.com/show_bug.cgi?id=1246333 * https://bugzilla.suse.com/show_bug.cgi?id=1246334 * https://bugzilla.suse.com/show_bug.cgi?id=1246337 * https://bugzilla.suse.com/show_bug.cgi?id=1246342 * https://bugzilla.suse.com/show_bug.cgi?id=1246349 * https://bugzilla.suse.com/show_bug.cgi?id=1246354 * https://bugzilla.suse.com/show_bug.cgi?id=1246358 * https://bugzilla.suse.com/show_bug.cgi?id=1246361 * https://bugzilla.suse.com/show_bug.cgi?id=1246364 * https://bugzilla.suse.com/show_bug.cgi?id=1246370 * https://bugzilla.suse.com/show_bug.cgi?id=1246375 * https://bugzilla.suse.com/show_bug.cgi?id=1246384 * https://bugzilla.suse.com/show_bug.cgi?id=1246385 * https://bugzilla.suse.com/show_bug.cgi?id=1246386 * https://bugzilla.suse.com/show_bug.cgi?id=1246387 * https://bugzilla.suse.com/show_bug.cgi?id=1246438 * https://bugzilla.suse.com/show_bug.cgi?id=1246443 * https://bugzilla.suse.com/show_bug.cgi?id=1246449 * https://bugzilla.suse.com/show_bug.cgi?id=1246453 * https://bugzilla.suse.com/show_bug.cgi?id=1246473 * https://bugzilla.suse.com/show_bug.cgi?id=1246490 * https://bugzilla.suse.com/show_bug.cgi?id=1246506 * https://bugzilla.suse.com/show_bug.cgi?id=1246547 * https://bugzilla.suse.com/show_bug.cgi?id=1246644 * https://bugzilla.suse.com/show_bug.cgi?id=1246777 * https://bugzilla.suse.com/show_bug.cgi?id=1246781 * https://bugzilla.suse.com/show_bug.cgi?id=1246870 * https://bugzilla.suse.com/show_bug.cgi?id=1246879 * https://bugzilla.suse.com/show_bug.cgi?id=1246911 * https://bugzilla.suse.com/show_bug.cgi?id=1247018 * https://bugzilla.suse.com/show_bug.cgi?id=1247021 * https://bugzilla.suse.com/show_bug.cgi?id=1247023 * https://bugzilla.suse.com/show_bug.cgi?id=1247028 * https://bugzilla.suse.com/show_bug.cgi?id=1247031 * https://bugzilla.suse.com/show_bug.cgi?id=1247033 * https://bugzilla.suse.com/show_bug.cgi?id=1247035 * https://bugzilla.suse.com/show_bug.cgi?id=1247061 * https://bugzilla.suse.com/show_bug.cgi?id=1247062 * https://bugzilla.suse.com/show_bug.cgi?id=1247064 * https://bugzilla.suse.com/show_bug.cgi?id=1247079 * https://bugzilla.suse.com/show_bug.cgi?id=1247089 * https://bugzilla.suse.com/show_bug.cgi?id=1247091 * https://bugzilla.suse.com/show_bug.cgi?id=1247097 * https://bugzilla.suse.com/show_bug.cgi?id=1247098 * https://bugzilla.suse.com/show_bug.cgi?id=1247101 * https://bugzilla.suse.com/show_bug.cgi?id=1247103 * https://bugzilla.suse.com/show_bug.cgi?id=1247104 * https://bugzilla.suse.com/show_bug.cgi?id=1247113 * https://bugzilla.suse.com/show_bug.cgi?id=1247118 * https://bugzilla.suse.com/show_bug.cgi?id=1247123 * https://bugzilla.suse.com/show_bug.cgi?id=1247125 * https://bugzilla.suse.com/show_bug.cgi?id=1247128 * https://bugzilla.suse.com/show_bug.cgi?id=1247132 * https://bugzilla.suse.com/show_bug.cgi?id=1247138 * https://bugzilla.suse.com/show_bug.cgi?id=1247141 * https://bugzilla.suse.com/show_bug.cgi?id=1247143 * https://bugzilla.suse.com/show_bug.cgi?id=1247145 * https://bugzilla.suse.com/show_bug.cgi?id=1247146 * https://bugzilla.suse.com/show_bug.cgi?id=1247147 * https://bugzilla.suse.com/show_bug.cgi?id=1247149 * https://bugzilla.suse.com/show_bug.cgi?id=1247150 * https://bugzilla.suse.com/show_bug.cgi?id=1247151 * https://bugzilla.suse.com/show_bug.cgi?id=1247152 * https://bugzilla.suse.com/show_bug.cgi?id=1247153 * https://bugzilla.suse.com/show_bug.cgi?id=1247154 * https://bugzilla.suse.com/show_bug.cgi?id=1247156 * https://bugzilla.suse.com/show_bug.cgi?id=1247160 * https://bugzilla.suse.com/show_bug.cgi?id=1247164 * https://bugzilla.suse.com/show_bug.cgi?id=1247169 * https://bugzilla.suse.com/show_bug.cgi?id=1247170 * https://bugzilla.suse.com/show_bug.cgi?id=1247171 * https://bugzilla.suse.com/show_bug.cgi?id=1247172 * https://bugzilla.suse.com/show_bug.cgi?id=1247174 * https://bugzilla.suse.com/show_bug.cgi?id=1247176 * https://bugzilla.suse.com/show_bug.cgi?id=1247177 * https://bugzilla.suse.com/show_bug.cgi?id=1247178 * https://bugzilla.suse.com/show_bug.cgi?id=1247181 * https://bugzilla.suse.com/show_bug.cgi?id=1247209 * https://bugzilla.suse.com/show_bug.cgi?id=1247210 * https://bugzilla.suse.com/show_bug.cgi?id=1247227 * https://bugzilla.suse.com/show_bug.cgi?id=1247233 * https://bugzilla.suse.com/show_bug.cgi?id=1247234 * https://bugzilla.suse.com/show_bug.cgi?id=1247236 * https://bugzilla.suse.com/show_bug.cgi?id=1247238 * https://bugzilla.suse.com/show_bug.cgi?id=1247241 * https://bugzilla.suse.com/show_bug.cgi?id=1247251 * https://bugzilla.suse.com/show_bug.cgi?id=1247252 * https://bugzilla.suse.com/show_bug.cgi?id=1247253 * https://bugzilla.suse.com/show_bug.cgi?id=1247255 * https://bugzilla.suse.com/show_bug.cgi?id=1247265 * https://bugzilla.suse.com/show_bug.cgi?id=1247271 * https://bugzilla.suse.com/show_bug.cgi?id=1247273 * https://bugzilla.suse.com/show_bug.cgi?id=1247274 * https://bugzilla.suse.com/show_bug.cgi?id=1247276 * https://bugzilla.suse.com/show_bug.cgi?id=1247277 * https://bugzilla.suse.com/show_bug.cgi?id=1247278 * https://bugzilla.suse.com/show_bug.cgi?id=1247279 * https://bugzilla.suse.com/show_bug.cgi?id=1247282 * https://bugzilla.suse.com/show_bug.cgi?id=1247284 * https://bugzilla.suse.com/show_bug.cgi?id=1247285 * https://bugzilla.suse.com/show_bug.cgi?id=1247288 * https://bugzilla.suse.com/show_bug.cgi?id=1247289 * https://bugzilla.suse.com/show_bug.cgi?id=1247293 * https://bugzilla.suse.com/show_bug.cgi?id=1247308 * https://bugzilla.suse.com/show_bug.cgi?id=1247311 * https://bugzilla.suse.com/show_bug.cgi?id=1247314 * https://bugzilla.suse.com/show_bug.cgi?id=1247317 * https://bugzilla.suse.com/show_bug.cgi?id=1247347 * https://bugzilla.suse.com/show_bug.cgi?id=1247348 * https://bugzilla.suse.com/show_bug.cgi?id=1247349 * https://bugzilla.suse.com/show_bug.cgi?id=1247374 * https://bugzilla.suse.com/show_bug.cgi?id=1247437 * https://bugzilla.suse.com/show_bug.cgi?id=1247450 * https://bugzilla.suse.com/show_bug.cgi?id=1247712 * https://bugzilla.suse.com/show_bug.cgi?id=1247831 * https://jira.suse.com/browse/PED-12731 * https://jira.suse.com/browse/PED-12745 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 20:34:32 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 20:34:32 -0000 Subject: SUSE-SU-2025:02852-1: important: Security update for the Linux Kernel Message-ID: <175554927247.603.12984258317551168112@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:02852-1 Release Date: 2025-08-18T15:58:14Z Rating: important References: * bsc#1206051 * bsc#1221829 * bsc#1233551 * bsc#1234480 * bsc#1234863 * bsc#1236104 * bsc#1236333 * bsc#1237164 * bsc#1238160 * bsc#1239644 * bsc#1240799 * bsc#1242414 * bsc#1242417 * bsc#1244309 * bsc#1244523 * bsc#1245217 * bsc#1245431 * bsc#1245506 * bsc#1245711 * bsc#1245986 * bsc#1246000 * bsc#1246029 * bsc#1246037 * bsc#1246045 * bsc#1246073 * bsc#1246186 * bsc#1246287 * bsc#1246555 * bsc#1246781 * bsc#1247314 * bsc#1247347 * bsc#1247348 * bsc#1247349 * bsc#1247437 Cross-References: * CVE-2022-49138 * CVE-2022-49770 * CVE-2023-52923 * CVE-2023-52927 * CVE-2024-26643 * CVE-2024-53057 * CVE-2024-53164 * CVE-2024-57947 * CVE-2025-21701 * CVE-2025-21971 * CVE-2025-37797 * CVE-2025-37798 * CVE-2025-38079 * CVE-2025-38088 * CVE-2025-38120 * CVE-2025-38177 * CVE-2025-38181 * CVE-2025-38200 * CVE-2025-38206 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38257 * CVE-2025-38289 * CVE-2025-38350 * CVE-2025-38468 * CVE-2025-38477 * CVE-2025-38494 * CVE-2025-38495 * CVE-2025-38497 CVSS scores: * CVE-2022-49138 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2022-49138 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-49770 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52923 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52923 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52927 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-52927 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26643 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26643 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53057 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53164 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53164 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57947 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57947 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21701 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21971 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21971 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38088 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38088 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38120 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-38120 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-38177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38206 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38206 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38257 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38289 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38289 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38350 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38350 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38477 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38477 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38497 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38497 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves 29 vulnerabilities and has five security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-49138: Bluetooth: hci_event: Fix checking conn for le_conn_complete_evt (bsc#1238160). * CVE-2023-52923: netfilter: nf_tables: split async and sync catchall in two functions (bsc#1236104). * CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644). * CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829). * CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551). * CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863). * CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164). * CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1240799). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245217). * CVE-2025-38181: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246000). * CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045). * CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073). * CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029). * CVE-2025-38213: vgacon: Add check for vc_origin address range in vgacon_scroll() (bsc#1246037). * CVE-2025-38257: s390/pkey: Prevent overflow in size calculation for memdup_user() (bsc#1246186). * CVE-2025-38289: scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1246287). * CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781). * CVE-2025-38468: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (bsc#1247437). * CVE-2025-38477: net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (bsc#1247314). * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247349). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247348). * CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). The following non-security bugs were fixed: * Revert "hugetlb: unshare some PMDs when splitting VMAs" (bsc#1245431). * Revert "mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race" * Revert "mm/hugetlb: unshare page tables during VMA split, not before" * bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (bsc#1244523). * net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480 bsc#1246555). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2852=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2852=1 ## Package List: * openSUSE Leap 15.5 (noarch) * kernel-source-rt-5.14.21-150500.13.103.2 * kernel-devel-rt-5.14.21-150500.13.103.2 * openSUSE Leap 15.5 (x86_64) * kernel-rt-livepatch-5.14.21-150500.13.103.2 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.103.2 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.103.2 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.103.2 * ocfs2-kmp-rt-5.14.21-150500.13.103.2 * reiserfs-kmp-rt-5.14.21-150500.13.103.2 * kselftests-kmp-rt-5.14.21-150500.13.103.2 * kernel-rt-devel-5.14.21-150500.13.103.2 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.103.2 * kernel-rt-optional-debuginfo-5.14.21-150500.13.103.2 * kernel-rt_debug-debugsource-5.14.21-150500.13.103.2 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.103.2 * kernel-rt-optional-5.14.21-150500.13.103.2 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.103.2 * kernel-rt-devel-debuginfo-5.14.21-150500.13.103.2 * kernel-rt-extra-debuginfo-5.14.21-150500.13.103.2 * kernel-rt-vdso-5.14.21-150500.13.103.2 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.103.2 * cluster-md-kmp-rt-5.14.21-150500.13.103.2 * kernel-rt_debug-vdso-5.14.21-150500.13.103.2 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.103.2 * dlm-kmp-rt-5.14.21-150500.13.103.2 * kernel-rt-debuginfo-5.14.21-150500.13.103.2 * kernel-rt-extra-5.14.21-150500.13.103.2 * gfs2-kmp-rt-5.14.21-150500.13.103.2 * kernel-rt-livepatch-devel-5.14.21-150500.13.103.2 * kernel-rt_debug-debuginfo-5.14.21-150500.13.103.2 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.103.2 * kernel-rt_debug-devel-5.14.21-150500.13.103.2 * kernel-rt-debugsource-5.14.21-150500.13.103.2 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.103.2 * kernel-rt_debug-5.14.21-150500.13.103.2 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.103.2 * kernel-devel-rt-5.14.21-150500.13.103.2 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.103.2 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.103.2 * kernel-rt-debugsource-5.14.21-150500.13.103.2 ## References: * https://www.suse.com/security/cve/CVE-2022-49138.html * https://www.suse.com/security/cve/CVE-2022-49770.html * https://www.suse.com/security/cve/CVE-2023-52923.html * https://www.suse.com/security/cve/CVE-2023-52927.html * https://www.suse.com/security/cve/CVE-2024-26643.html * https://www.suse.com/security/cve/CVE-2024-53057.html * https://www.suse.com/security/cve/CVE-2024-53164.html * https://www.suse.com/security/cve/CVE-2024-57947.html * https://www.suse.com/security/cve/CVE-2025-21701.html * https://www.suse.com/security/cve/CVE-2025-21971.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38088.html * https://www.suse.com/security/cve/CVE-2025-38120.html * https://www.suse.com/security/cve/CVE-2025-38177.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38206.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38257.html * https://www.suse.com/security/cve/CVE-2025-38289.html * https://www.suse.com/security/cve/CVE-2025-38350.html * https://www.suse.com/security/cve/CVE-2025-38468.html * https://www.suse.com/security/cve/CVE-2025-38477.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://www.suse.com/security/cve/CVE-2025-38497.html * https://bugzilla.suse.com/show_bug.cgi?id=1206051 * https://bugzilla.suse.com/show_bug.cgi?id=1221829 * https://bugzilla.suse.com/show_bug.cgi?id=1233551 * https://bugzilla.suse.com/show_bug.cgi?id=1234480 * https://bugzilla.suse.com/show_bug.cgi?id=1234863 * https://bugzilla.suse.com/show_bug.cgi?id=1236104 * https://bugzilla.suse.com/show_bug.cgi?id=1236333 * https://bugzilla.suse.com/show_bug.cgi?id=1237164 * https://bugzilla.suse.com/show_bug.cgi?id=1238160 * https://bugzilla.suse.com/show_bug.cgi?id=1239644 * https://bugzilla.suse.com/show_bug.cgi?id=1240799 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242417 * https://bugzilla.suse.com/show_bug.cgi?id=1244309 * https://bugzilla.suse.com/show_bug.cgi?id=1244523 * https://bugzilla.suse.com/show_bug.cgi?id=1245217 * https://bugzilla.suse.com/show_bug.cgi?id=1245431 * https://bugzilla.suse.com/show_bug.cgi?id=1245506 * https://bugzilla.suse.com/show_bug.cgi?id=1245711 * https://bugzilla.suse.com/show_bug.cgi?id=1245986 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246073 * https://bugzilla.suse.com/show_bug.cgi?id=1246186 * https://bugzilla.suse.com/show_bug.cgi?id=1246287 * https://bugzilla.suse.com/show_bug.cgi?id=1246555 * https://bugzilla.suse.com/show_bug.cgi?id=1246781 * https://bugzilla.suse.com/show_bug.cgi?id=1247314 * https://bugzilla.suse.com/show_bug.cgi?id=1247347 * https://bugzilla.suse.com/show_bug.cgi?id=1247348 * https://bugzilla.suse.com/show_bug.cgi?id=1247349 * https://bugzilla.suse.com/show_bug.cgi?id=1247437 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 20:34:59 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 20:34:59 -0000 Subject: SUSE-SU-2025:02851-1: important: Security update for the Linux Kernel Message-ID: <175554929916.603.15071358858018507658@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:02851-1 Release Date: 2025-08-18T15:57:50Z Rating: important References: * bsc#1206051 * bsc#1221829 * bsc#1229334 * bsc#1234863 * bsc#1236104 * bsc#1236333 * bsc#1238160 * bsc#1239644 * bsc#1240185 * bsc#1240799 * bsc#1242414 * bsc#1242780 * bsc#1244309 * bsc#1245217 * bsc#1245431 * bsc#1245506 * bsc#1245711 * bsc#1245986 * bsc#1246000 * bsc#1246029 * bsc#1246037 * bsc#1246045 * bsc#1246073 * bsc#1246186 * bsc#1246781 * bsc#1247314 * bsc#1247347 * bsc#1247348 * bsc#1247349 * bsc#1247437 Cross-References: * CVE-2022-49138 * CVE-2022-49770 * CVE-2023-52923 * CVE-2023-52927 * CVE-2023-53117 * CVE-2024-26643 * CVE-2024-42265 * CVE-2024-53164 * CVE-2024-57947 * CVE-2025-21881 * CVE-2025-21971 * CVE-2025-37798 * CVE-2025-38079 * CVE-2025-38088 * CVE-2025-38120 * CVE-2025-38177 * CVE-2025-38181 * CVE-2025-38200 * CVE-2025-38206 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38257 * CVE-2025-38350 * CVE-2025-38468 * CVE-2025-38477 * CVE-2025-38494 * CVE-2025-38495 * CVE-2025-38497 CVSS scores: * CVE-2022-49138 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2022-49138 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-49770 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52923 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52923 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52927 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-52927 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53117 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-53117 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26643 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26643 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42265 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-53164 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53164 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57947 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57947 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21971 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21971 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38088 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38088 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38120 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-38120 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-38177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38206 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38206 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38257 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38350 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38350 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38477 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38477 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38497 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38497 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves 28 vulnerabilities and has two security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-49138: Bluetooth: hci_event: Fix checking conn for le_conn_complete_evt (bsc#1238160). * CVE-2023-52923: netfilter: nf_tables: split async and sync catchall in two functions (bsc#1236104). * CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644). * CVE-2023-53117: fs: prevent out-of-bounds array speculation when closing a file descriptor (bsc#1242780). * CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829). * CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334). * CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863). * CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185). * CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1240799). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245217). * CVE-2025-38181: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246000). * CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045). * CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073). * CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029). * CVE-2025-38213: vgacon: Add check for vc_origin address range in vgacon_scroll() (bsc#1246037). * CVE-2025-38257: s390/pkey: Prevent overflow in size calculation for memdup_user() (bsc#1246186). * CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781). * CVE-2025-38468: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (bsc#1247437). * CVE-2025-38477: net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (bsc#1247314). * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247349). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247348). * CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). The following non-security bugs were fixed: * Revert "hugetlb: unshare some PMDs when splitting VMAs (bsc#1245431)." * Revert "mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race" * Revert "mm/hugetlb: unshare page tables during VMA split, not before" ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2851=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2851=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2851=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2851=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.127.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.127.1 * kernel-rt-debuginfo-5.14.21-150400.15.127.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.127.1 * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.127.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.127.1 * kernel-rt-debuginfo-5.14.21-150400.15.127.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.127.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.127.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.127.1 * kernel-rt-debuginfo-5.14.21-150400.15.127.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.127.1 * SUSE Linux Enterprise Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.127.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.127.1 * kernel-rt-debuginfo-5.14.21-150400.15.127.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.127.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49138.html * https://www.suse.com/security/cve/CVE-2022-49770.html * https://www.suse.com/security/cve/CVE-2023-52923.html * https://www.suse.com/security/cve/CVE-2023-52927.html * https://www.suse.com/security/cve/CVE-2023-53117.html * https://www.suse.com/security/cve/CVE-2024-26643.html * https://www.suse.com/security/cve/CVE-2024-42265.html * https://www.suse.com/security/cve/CVE-2024-53164.html * https://www.suse.com/security/cve/CVE-2024-57947.html * https://www.suse.com/security/cve/CVE-2025-21881.html * https://www.suse.com/security/cve/CVE-2025-21971.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38088.html * https://www.suse.com/security/cve/CVE-2025-38120.html * https://www.suse.com/security/cve/CVE-2025-38177.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38206.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38257.html * https://www.suse.com/security/cve/CVE-2025-38350.html * https://www.suse.com/security/cve/CVE-2025-38468.html * https://www.suse.com/security/cve/CVE-2025-38477.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://www.suse.com/security/cve/CVE-2025-38497.html * https://bugzilla.suse.com/show_bug.cgi?id=1206051 * https://bugzilla.suse.com/show_bug.cgi?id=1221829 * https://bugzilla.suse.com/show_bug.cgi?id=1229334 * https://bugzilla.suse.com/show_bug.cgi?id=1234863 * https://bugzilla.suse.com/show_bug.cgi?id=1236104 * https://bugzilla.suse.com/show_bug.cgi?id=1236333 * https://bugzilla.suse.com/show_bug.cgi?id=1238160 * https://bugzilla.suse.com/show_bug.cgi?id=1239644 * https://bugzilla.suse.com/show_bug.cgi?id=1240185 * https://bugzilla.suse.com/show_bug.cgi?id=1240799 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242780 * https://bugzilla.suse.com/show_bug.cgi?id=1244309 * https://bugzilla.suse.com/show_bug.cgi?id=1245217 * https://bugzilla.suse.com/show_bug.cgi?id=1245431 * https://bugzilla.suse.com/show_bug.cgi?id=1245506 * https://bugzilla.suse.com/show_bug.cgi?id=1245711 * https://bugzilla.suse.com/show_bug.cgi?id=1245986 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246073 * https://bugzilla.suse.com/show_bug.cgi?id=1246186 * https://bugzilla.suse.com/show_bug.cgi?id=1246781 * https://bugzilla.suse.com/show_bug.cgi?id=1247314 * https://bugzilla.suse.com/show_bug.cgi?id=1247347 * https://bugzilla.suse.com/show_bug.cgi?id=1247348 * https://bugzilla.suse.com/show_bug.cgi?id=1247349 * https://bugzilla.suse.com/show_bug.cgi?id=1247437 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 20:35:15 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 20:35:15 -0000 Subject: SUSE-SU-2025:02850-1: important: Security update for the Linux Kernel Message-ID: <175554931516.603.5349767050283937574@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:02850-1 Release Date: 2025-08-18T15:57:32Z Rating: important References: * bsc#1233551 * bsc#1234863 * bsc#1236333 * bsc#1239644 * bsc#1242414 * bsc#1242417 * bsc#1245217 * bsc#1245711 * bsc#1245986 * bsc#1246000 * bsc#1246029 * bsc#1246037 * bsc#1246045 * bsc#1246186 * bsc#1247347 * bsc#1247348 * bsc#1247349 Cross-References: * CVE-2023-52927 * CVE-2024-53057 * CVE-2024-53164 * CVE-2024-57947 * CVE-2025-37797 * CVE-2025-37798 * CVE-2025-38079 * CVE-2025-38120 * CVE-2025-38177 * CVE-2025-38181 * CVE-2025-38200 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38257 * CVE-2025-38494 * CVE-2025-38495 * CVE-2025-38497 CVSS scores: * CVE-2023-52927 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-52927 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53057 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53164 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53164 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57947 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57947 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38120 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-38120 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-38177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38257 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38497 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38497 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves 17 vulnerabilities can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-49138: Bluetooth: hci_event: Fix checking conn for le_conn_complete_evt (bsc#1238160). * CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644). * CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551). * CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245217). * CVE-2025-38181: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246000). * CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045). * CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029). * CVE-2025-38213: vgacon: Add check for vc_origin address range in vgacon_scroll() (bsc#1246037). * CVE-2025-38257: s390/pkey: Prevent overflow in size calculation for memdup_user() (bsc#1246186). * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247349). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247348). * CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2850=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2850=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2850=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (nosrc x86_64) * kernel-rt-5.3.18-150300.217.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * kernel-rt-debuginfo-5.3.18-150300.217.1 * kernel-rt-debugsource-5.3.18-150300.217.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * kernel-source-rt-5.3.18-150300.217.1 * SUSE Linux Enterprise Micro 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.217.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * kernel-rt-debuginfo-5.3.18-150300.217.1 * kernel-rt-debugsource-5.3.18-150300.217.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * kernel-source-rt-5.3.18-150300.217.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.217.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * kernel-rt-debuginfo-5.3.18-150300.217.1 * kernel-rt-debugsource-5.3.18-150300.217.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * kernel-source-rt-5.3.18-150300.217.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52927.html * https://www.suse.com/security/cve/CVE-2024-53057.html * https://www.suse.com/security/cve/CVE-2024-53164.html * https://www.suse.com/security/cve/CVE-2024-57947.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38120.html * https://www.suse.com/security/cve/CVE-2025-38177.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38257.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://www.suse.com/security/cve/CVE-2025-38497.html * https://bugzilla.suse.com/show_bug.cgi?id=1233551 * https://bugzilla.suse.com/show_bug.cgi?id=1234863 * https://bugzilla.suse.com/show_bug.cgi?id=1236333 * https://bugzilla.suse.com/show_bug.cgi?id=1239644 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242417 * https://bugzilla.suse.com/show_bug.cgi?id=1245217 * https://bugzilla.suse.com/show_bug.cgi?id=1245711 * https://bugzilla.suse.com/show_bug.cgi?id=1245986 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246186 * https://bugzilla.suse.com/show_bug.cgi?id=1247347 * https://bugzilla.suse.com/show_bug.cgi?id=1247348 * https://bugzilla.suse.com/show_bug.cgi?id=1247349 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 18 20:35:40 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Aug 2025 20:35:40 -0000 Subject: SUSE-SU-2025:02849-1: important: Security update for the Linux Kernel Message-ID: <175554934016.603.1318057519887950892@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:02849-1 Release Date: 2025-08-18T15:57:08Z Rating: important References: * bsc#1206051 * bsc#1221829 * bsc#1229334 * bsc#1234863 * bsc#1236104 * bsc#1236333 * bsc#1238160 * bsc#1239644 * bsc#1240185 * bsc#1240799 * bsc#1242414 * bsc#1242780 * bsc#1244309 * bsc#1245217 * bsc#1245431 * bsc#1245506 * bsc#1245711 * bsc#1245986 * bsc#1246000 * bsc#1246029 * bsc#1246037 * bsc#1246045 * bsc#1246073 * bsc#1246186 * bsc#1246781 * bsc#1247314 * bsc#1247347 * bsc#1247348 * bsc#1247349 * bsc#1247437 Cross-References: * CVE-2022-49138 * CVE-2022-49770 * CVE-2023-52923 * CVE-2023-52927 * CVE-2023-53117 * CVE-2024-26643 * CVE-2024-42265 * CVE-2024-53164 * CVE-2024-57947 * CVE-2025-21881 * CVE-2025-21971 * CVE-2025-37798 * CVE-2025-38079 * CVE-2025-38088 * CVE-2025-38120 * CVE-2025-38177 * CVE-2025-38181 * CVE-2025-38200 * CVE-2025-38206 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38257 * CVE-2025-38350 * CVE-2025-38468 * CVE-2025-38477 * CVE-2025-38494 * CVE-2025-38495 * CVE-2025-38497 CVSS scores: * CVE-2022-49138 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2022-49138 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-49770 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52923 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52923 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52927 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-52927 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53117 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-53117 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26643 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26643 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42265 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-53164 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53164 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57947 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57947 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21971 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21971 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38088 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38088 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38120 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-38120 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-38177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38206 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38206 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38257 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38350 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38350 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38477 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38477 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38497 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38497 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS An update that solves 28 vulnerabilities and has two security fixes can now be installed. ## Description: This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2025-2849=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2849=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2849=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2849=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2849=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-2849=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-2849=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-2849=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-2849=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2849=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2849=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2849=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2849=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2849=1 ## Package List: * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * dlm-kmp-default-5.14.21-150400.24.173.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.173.1 * ocfs2-kmp-default-5.14.21-150400.24.173.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.173.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.173.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.173.1 * kernel-default-debugsource-5.14.21-150400.24.173.1 * gfs2-kmp-default-5.14.21-150400.24.173.1 * cluster-md-kmp-default-5.14.21-150400.24.173.1 * kernel-default-debuginfo-5.14.21-150400.24.173.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc) * kernel-default-5.14.21-150400.24.173.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.173.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.173.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.173.1 * kernel-64kb-debugsource-5.14.21-150400.24.173.1 * kernel-64kb-devel-5.14.21-150400.24.173.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.173.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 * kernel-obs-build-debugsource-5.14.21-150400.24.173.1 * kernel-syms-5.14.21-150400.24.173.1 * reiserfs-kmp-default-5.14.21-150400.24.173.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.173.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.173.1 * kernel-default-devel-5.14.21-150400.24.173.1 * kernel-default-debugsource-5.14.21-150400.24.173.1 * kernel-obs-build-5.14.21-150400.24.173.1 * kernel-default-debuginfo-5.14.21-150400.24.173.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * kernel-devel-5.14.21-150400.24.173.1 * kernel-macros-5.14.21-150400.24.173.1 * kernel-source-5.14.21-150400.24.173.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.173.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.173.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.173.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.173.1 * kernel-64kb-debugsource-5.14.21-150400.24.173.1 * kernel-64kb-devel-5.14.21-150400.24.173.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.173.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 * kernel-obs-build-debugsource-5.14.21-150400.24.173.1 * kernel-syms-5.14.21-150400.24.173.1 * reiserfs-kmp-default-5.14.21-150400.24.173.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.173.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.173.1 * kernel-default-devel-5.14.21-150400.24.173.1 * kernel-default-debugsource-5.14.21-150400.24.173.1 * kernel-obs-build-5.14.21-150400.24.173.1 * kernel-default-debuginfo-5.14.21-150400.24.173.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * kernel-devel-5.14.21-150400.24.173.1 * kernel-macros-5.14.21-150400.24.173.1 * kernel-source-5.14.21-150400.24.173.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.173.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.173.1 * kernel-64kb-debugsource-5.14.21-150400.24.173.1 * kernel-64kb-devel-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-5.14.21-150400.24.173.1 * kernel-syms-5.14.21-150400.24.173.1 * reiserfs-kmp-default-5.14.21-150400.24.173.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.173.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.173.1 * kernel-default-devel-5.14.21-150400.24.173.1 * kernel-default-debugsource-5.14.21-150400.24.173.1 * kernel-obs-build-5.14.21-150400.24.173.1 * kernel-default-debuginfo-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * kernel-devel-5.14.21-150400.24.173.1 * kernel-macros-5.14.21-150400.24.173.1 * kernel-source-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch nosrc) * kernel-docs-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.173.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 * kernel-obs-build-debugsource-5.14.21-150400.24.173.1 * kernel-syms-5.14.21-150400.24.173.1 * reiserfs-kmp-default-5.14.21-150400.24.173.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.173.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.173.1 * kernel-default-devel-5.14.21-150400.24.173.1 * kernel-default-debugsource-5.14.21-150400.24.173.1 * kernel-obs-build-5.14.21-150400.24.173.1 * kernel-default-debuginfo-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * kernel-devel-5.14.21-150400.24.173.1 * kernel-macros-5.14.21-150400.24.173.1 * kernel-source-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.173.1 * SUSE Manager Proxy 4.3 LTS (nosrc x86_64) * kernel-default-5.14.21-150400.24.173.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 * kernel-syms-5.14.21-150400.24.173.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.173.1 * kernel-default-devel-5.14.21-150400.24.173.1 * kernel-default-debugsource-5.14.21-150400.24.173.1 * kernel-default-debuginfo-5.14.21-150400.24.173.1 * SUSE Manager Proxy 4.3 LTS (noarch) * kernel-devel-5.14.21-150400.24.173.1 * kernel-macros-5.14.21-150400.24.173.1 * kernel-source-5.14.21-150400.24.173.1 * SUSE Manager Retail Branch Server 4.3 LTS (nosrc x86_64) * kernel-default-5.14.21-150400.24.173.1 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.173.1 * kernel-default-devel-5.14.21-150400.24.173.1 * kernel-default-debugsource-5.14.21-150400.24.173.1 * kernel-default-debuginfo-5.14.21-150400.24.173.1 * SUSE Manager Retail Branch Server 4.3 LTS (noarch) * kernel-devel-5.14.21-150400.24.173.1 * kernel-macros-5.14.21-150400.24.173.1 * SUSE Manager Server 4.3 LTS (nosrc ppc64le s390x x86_64) * kernel-default-5.14.21-150400.24.173.1 * SUSE Manager Server 4.3 LTS (ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * kernel-syms-5.14.21-150400.24.173.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.173.1 * kernel-default-devel-5.14.21-150400.24.173.1 * kernel-default-debugsource-5.14.21-150400.24.173.1 * kernel-default-debuginfo-5.14.21-150400.24.173.1 * SUSE Manager Server 4.3 LTS (noarch) * kernel-devel-5.14.21-150400.24.173.1 * kernel-macros-5.14.21-150400.24.173.1 * kernel-source-5.14.21-150400.24.173.1 * SUSE Manager Server 4.3 LTS (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.173.1 * SUSE Manager Server 4.3 LTS (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.173.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc) * kernel-default-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_43-debugsource-1-150400.9.3.1 * kernel-default-livepatch-5.14.21-150400.24.173.1 * kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 * kernel-default-debugsource-5.14.21-150400.24.173.1 * kernel-livepatch-5_14_21-150400_24_173-default-debuginfo-1-150400.9.3.1 * kernel-default-livepatch-devel-5.14.21-150400.24.173.1 * kernel-default-debuginfo-5.14.21-150400.24.173.1 * openSUSE Leap 15.4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.173.1 * openSUSE Leap 15.4 (noarch) * kernel-devel-5.14.21-150400.24.173.1 * kernel-macros-5.14.21-150400.24.173.1 * kernel-source-vanilla-5.14.21-150400.24.173.1 * kernel-docs-html-5.14.21-150400.24.173.1 * kernel-source-5.14.21-150400.24.173.1 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * kernel-kvmsmall-debugsource-5.14.21-150400.24.173.1 * kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 * kernel-kvmsmall-debuginfo-5.14.21-150400.24.173.1 * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.173.1 * kernel-default-base-rebuild-5.14.21-150400.24.173.1.150400.24.88.1 * kernel-kvmsmall-devel-5.14.21-150400.24.173.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * dlm-kmp-default-5.14.21-150400.24.173.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.173.1 * kernel-obs-build-debugsource-5.14.21-150400.24.173.1 * cluster-md-kmp-default-5.14.21-150400.24.173.1 * kernel-default-debuginfo-5.14.21-150400.24.173.1 * kernel-default-extra-5.14.21-150400.24.173.1 * kernel-syms-5.14.21-150400.24.173.1 * kselftests-kmp-default-5.14.21-150400.24.173.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.173.1 * kernel-default-debugsource-5.14.21-150400.24.173.1 * gfs2-kmp-default-5.14.21-150400.24.173.1 * reiserfs-kmp-default-5.14.21-150400.24.173.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.173.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.173.1 * kselftests-kmp-default-debuginfo-5.14.21-150400.24.173.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.173.1 * kernel-default-devel-5.14.21-150400.24.173.1 * kernel-obs-build-5.14.21-150400.24.173.1 * kernel-default-optional-debuginfo-5.14.21-150400.24.173.1 * kernel-obs-qa-5.14.21-150400.24.173.1 * kernel-default-livepatch-5.14.21-150400.24.173.1 * ocfs2-kmp-default-5.14.21-150400.24.173.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.173.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.173.1 * kernel-default-optional-5.14.21-150400.24.173.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.173.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_173-default-1-150400.9.3.1 * kernel-livepatch-SLE15-SP4_Update_43-debugsource-1-150400.9.3.1 * kernel-livepatch-5_14_21-150400_24_173-default-debuginfo-1-150400.9.3.1 * kernel-default-livepatch-devel-5.14.21-150400.24.173.1 * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150400.24.173.1 * openSUSE Leap 15.4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.173.1 * openSUSE Leap 15.4 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.173.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.173.1 * openSUSE Leap 15.4 (nosrc) * dtb-aarch64-5.14.21-150400.24.173.1 * openSUSE Leap 15.4 (aarch64) * kselftests-kmp-64kb-5.14.21-150400.24.173.1 * dtb-sprd-5.14.21-150400.24.173.1 * gfs2-kmp-64kb-5.14.21-150400.24.173.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.173.1 * dtb-lg-5.14.21-150400.24.173.1 * dtb-socionext-5.14.21-150400.24.173.1 * dtb-qcom-5.14.21-150400.24.173.1 * dtb-rockchip-5.14.21-150400.24.173.1 * dtb-freescale-5.14.21-150400.24.173.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.173.1 * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.173.1 * kernel-64kb-debuginfo-5.14.21-150400.24.173.1 * dtb-hisilicon-5.14.21-150400.24.173.1 * dtb-apple-5.14.21-150400.24.173.1 * dtb-amazon-5.14.21-150400.24.173.1 * kernel-64kb-devel-5.14.21-150400.24.173.1 * kernel-64kb-debugsource-5.14.21-150400.24.173.1 * dlm-kmp-64kb-5.14.21-150400.24.173.1 * dtb-amlogic-5.14.21-150400.24.173.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.173.1 * dtb-exynos-5.14.21-150400.24.173.1 * dtb-marvell-5.14.21-150400.24.173.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.173.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.173.1 * dtb-allwinner-5.14.21-150400.24.173.1 * dtb-mediatek-5.14.21-150400.24.173.1 * dtb-broadcom-5.14.21-150400.24.173.1 * cluster-md-kmp-64kb-5.14.21-150400.24.173.1 * dtb-arm-5.14.21-150400.24.173.1 * dtb-apm-5.14.21-150400.24.173.1 * dtb-amd-5.14.21-150400.24.173.1 * kernel-64kb-optional-debuginfo-5.14.21-150400.24.173.1 * ocfs2-kmp-64kb-5.14.21-150400.24.173.1 * dtb-altera-5.14.21-150400.24.173.1 * kernel-64kb-extra-debuginfo-5.14.21-150400.24.173.1 * kernel-64kb-optional-5.14.21-150400.24.173.1 * dtb-renesas-5.14.21-150400.24.173.1 * reiserfs-kmp-64kb-5.14.21-150400.24.173.1 * dtb-nvidia-5.14.21-150400.24.173.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.173.1 * kernel-64kb-extra-5.14.21-150400.24.173.1 * dtb-xilinx-5.14.21-150400.24.173.1 * dtb-cavium-5.14.21-150400.24.173.1 * openSUSE Leap 15.4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.173.1 * kernel-default-debuginfo-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.173.1 * kernel-default-debuginfo-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.173.1 * kernel-default-debuginfo-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.173.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.173.1.150400.24.88.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.173.1 * kernel-default-debuginfo-5.14.21-150400.24.173.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49138.html * https://www.suse.com/security/cve/CVE-2022-49770.html * https://www.suse.com/security/cve/CVE-2023-52923.html * https://www.suse.com/security/cve/CVE-2023-52927.html * https://www.suse.com/security/cve/CVE-2023-53117.html * https://www.suse.com/security/cve/CVE-2024-26643.html * https://www.suse.com/security/cve/CVE-2024-42265.html * https://www.suse.com/security/cve/CVE-2024-53164.html * https://www.suse.com/security/cve/CVE-2024-57947.html * https://www.suse.com/security/cve/CVE-2025-21881.html * https://www.suse.com/security/cve/CVE-2025-21971.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38088.html * https://www.suse.com/security/cve/CVE-2025-38120.html * https://www.suse.com/security/cve/CVE-2025-38177.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38206.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38257.html * https://www.suse.com/security/cve/CVE-2025-38350.html * https://www.suse.com/security/cve/CVE-2025-38468.html * https://www.suse.com/security/cve/CVE-2025-38477.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://www.suse.com/security/cve/CVE-2025-38497.html * https://bugzilla.suse.com/show_bug.cgi?id=1206051 * https://bugzilla.suse.com/show_bug.cgi?id=1221829 * https://bugzilla.suse.com/show_bug.cgi?id=1229334 * https://bugzilla.suse.com/show_bug.cgi?id=1234863 * https://bugzilla.suse.com/show_bug.cgi?id=1236104 * https://bugzilla.suse.com/show_bug.cgi?id=1236333 * https://bugzilla.suse.com/show_bug.cgi?id=1238160 * https://bugzilla.suse.com/show_bug.cgi?id=1239644 * https://bugzilla.suse.com/show_bug.cgi?id=1240185 * https://bugzilla.suse.com/show_bug.cgi?id=1240799 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242780 * https://bugzilla.suse.com/show_bug.cgi?id=1244309 * https://bugzilla.suse.com/show_bug.cgi?id=1245217 * https://bugzilla.suse.com/show_bug.cgi?id=1245431 * https://bugzilla.suse.com/show_bug.cgi?id=1245506 * https://bugzilla.suse.com/show_bug.cgi?id=1245711 * https://bugzilla.suse.com/show_bug.cgi?id=1245986 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246073 * https://bugzilla.suse.com/show_bug.cgi?id=1246186 * https://bugzilla.suse.com/show_bug.cgi?id=1246781 * https://bugzilla.suse.com/show_bug.cgi?id=1247314 * https://bugzilla.suse.com/show_bug.cgi?id=1247347 * https://bugzilla.suse.com/show_bug.cgi?id=1247348 * https://bugzilla.suse.com/show_bug.cgi?id=1247349 * https://bugzilla.suse.com/show_bug.cgi?id=1247437 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 08:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 08:30:07 -0000 Subject: SUSE-SU-2025:02884-1: important: Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP5) Message-ID: <175559220700.603.5459053519113703013@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:02884-1 Release Date: 2025-08-19T06:04:34Z Rating: important References: * bsc#1232927 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_116 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2884=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-2884=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_116-default-2-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_29-debugsource-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_116-default-debuginfo-2-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_116-default-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_116-default-debuginfo-2-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x) * kernel-livepatch-SLE15-SP5_Update_29-debugsource-2-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1232927 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 08:30:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 08:30:14 -0000 Subject: SUSE-SU-2025:02883-1: important: Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP5) Message-ID: <175559221431.603.8459262296489343975@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:02883-1 Release Date: 2025-08-19T06:04:22Z Rating: important References: * bsc#1232927 * bsc#1245218 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38079 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_113 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2883=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-2883=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_113-default-debuginfo-3-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-3-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_28-debugsource-3-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_113-default-debuginfo-3-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-3-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_28-debugsource-3-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1232927 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 08:30:18 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 08:30:18 -0000 Subject: SUSE-SU-2025:02878-1: important: Security update for the Linux Kernel (Live Patch 70 for SLE 12 SP5) Message-ID: <175559221880.603.11053210025038309061@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 70 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:02878-1 Release Date: 2025-08-19T06:03:40Z Rating: important References: * bsc#1245218 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38079 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_266 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-2878=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_266-default-2-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 08:30:24 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 08:30:24 -0000 Subject: SUSE-SU-2025:02876-1: important: Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP5) Message-ID: <175559222485.603.1912360248734359100@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:02876-1 Release Date: 2025-08-19T06:04:10Z Rating: important References: * bsc#1232927 * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_110 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2876=1 SUSE-2025-2879=1 SUSE-2025-2880=1 SUSE-2025-2881=1 SUSE-2025-2882=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-2876=1 SUSE-SLE- Module-Live-Patching-15-SP5-2025-2879=1 SUSE-SLE-Module-Live- Patching-15-SP5-2025-2880=1 SUSE-SLE-Module-Live-Patching-15-SP5-2025-2881=1 SUSE-SLE-Module-Live-Patching-15-SP5-2025-2882=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_94-default-5-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_24-debugsource-5-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_23-debugsource-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_91-default-debuginfo-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_97-default-5-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_22-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_103-default-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_103-default-debuginfo-4-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_26-debugsource-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_110-default-debuginfo-3-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_27-debugsource-3-150500.2.1 * kernel-livepatch-5_14_21-150500_55_94-default-debuginfo-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_91-default-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_110-default-3-150500.2.1 * kernel-livepatch-5_14_21-150500_55_97-default-debuginfo-5-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_94-default-5-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_24-debugsource-5-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_23-debugsource-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_91-default-debuginfo-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_97-default-5-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_22-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_103-default-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_103-default-debuginfo-4-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_26-debugsource-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_110-default-debuginfo-3-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_27-debugsource-3-150500.2.1 * kernel-livepatch-5_14_21-150500_55_94-default-debuginfo-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_91-default-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_110-default-3-150500.2.1 * kernel-livepatch-5_14_21-150500_55_97-default-debuginfo-5-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1232927 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 08:30:38 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 08:30:38 -0000 Subject: SUSE-SU-2025:02873-1: important: Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP7) Message-ID: <175559223802.603.16696268633185931655@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP7) Announcement ID: SUSE-SU-2025:02873-1 Release Date: 2025-08-19T04:03:56Z Rating: important References: * bsc#1244337 * bsc#1245350 * bsc#1245776 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-37752 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150700_7_3 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2025-2873=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-SLE15-SP7-RT_Update_1-debugsource-2-150700.2.1 * kernel-livepatch-6_4_0-150700_7_3-rt-debuginfo-2-150700.2.1 * kernel-livepatch-6_4_0-150700_7_3-rt-2-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 08:30:44 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 08:30:44 -0000 Subject: SUSE-SU-2025:02871-1: important: Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP6) Message-ID: <175559224441.603.9013783847089792896@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02871-1 Release Date: 2025-08-19T03:33:41Z Rating: important References: * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_39 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2871=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_39-rt-3-150600.2.1 * kernel-livepatch-6_4_0-150600_10_39-rt-debuginfo-3-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_11-debugsource-3-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 08:30:50 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 08:30:50 -0000 Subject: SUSE-SU-2025:02875-1: important: Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6) Message-ID: <175559225069.603.8593407029038083749@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02875-1 Release Date: 2025-08-19T06:04:44Z Rating: important References: * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_25 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2866=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-2867=1 SUSE-SLE-Module-Live- Patching-15-SP6-2025-2865=1 SUSE-SLE-Module-Live-Patching-15-SP6-2025-2868=1 SUSE-SLE-Module-Live-Patching-15-SP6-2025-2869=1 SUSE-SLE-Module-Live- Patching-15-SP6-2025-2877=1 SUSE-SLE-Module-Live-Patching-15-SP6-2025-2872=1 SUSE-SLE-Module-Live-Patching-15-SP6-2025-2885=1 SUSE-SLE-Module-Live- Patching-15-SP6-2025-2864=1 SUSE-SLE-Module-Live-Patching-15-SP6-2025-2862=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2885=1 SUSE-2025-2877=1 SUSE-2025-2872=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2875=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-2875=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_11-rt-debuginfo-15-150600.2.1 * kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo-13-150600.2.1 * kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo-15-150600.2.1 * kernel-livepatch-6_4_0-150600_10_23-rt-debuginfo-10-150600.2.1 * kernel-livepatch-6_4_0-150600_10_29-rt-debuginfo-5-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource-19-150600.2.1 * kernel-livepatch-6_4_0-150600_10_34-rt-4-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_10-debugsource-4-150600.2.1 * kernel-livepatch-6_4_0-150600_10_11-rt-15-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource-15-150600.2.1 * kernel-livepatch-6_4_0-150600_10_17-rt-13-150600.2.1 * kernel-livepatch-6_4_0-150600_10_34-rt-debuginfo-4-150600.2.1 * kernel-livepatch-6_4_0-150600_10_5-rt-19-150600.2.1 * kernel-livepatch-6_4_0-150600_10_23-rt-10-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_3-debugsource-15-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource-13-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_7-debugsource-10-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_9-debugsource-5-150600.2.1 * kernel-livepatch-6_4_0-150600_10_29-rt-5-150600.2.1 * kernel-livepatch-6_4_0-150600_10_8-rt-15-150600.2.1 * kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo-19-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-14-150600.2.1 * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-19-150600.2.1 * kernel-livepatch-6_4_0-150600_23_17-default-19-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_3-debugsource-19-150600.2.1 * kernel-livepatch-6_4_0-150600_23_25-default-14-150600.2.1 * kernel-livepatch-6_4_0-150600_23_14-default-19-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_5-debugsource-14-150600.2.1 * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-19-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_2-debugsource-19-150600.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-14-150600.2.1 * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-19-150600.2.1 * kernel-livepatch-6_4_0-150600_23_17-default-19-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_3-debugsource-19-150600.2.1 * kernel-livepatch-6_4_0-150600_23_25-default-14-150600.2.1 * kernel-livepatch-6_4_0-150600_23_14-default-19-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_5-debugsource-14-150600.2.1 * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-19-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_2-debugsource-19-150600.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-13-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_20-debugsource-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_83-default-13-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-13-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_20-debugsource-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_83-default-13-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 08:30:57 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 08:30:57 -0000 Subject: SUSE-SU-2025:02860-1: important: Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP4) Message-ID: <175559225762.603.1249515132874526333@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:02860-1 Release Date: 2025-08-19T03:33:37Z Rating: important References: * bsc#1232927 * bsc#1244631 * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2024-36978 * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2024-36978 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36978 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_161 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1244631). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2861=1 SUSE-2025-2870=1 SUSE-2025-2860=1 SUSE-2025-2863=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-2861=1 SUSE-SLE- Module-Live-Patching-15-SP4-2025-2870=1 SUSE-SLE-Module-Live- Patching-15-SP4-2025-2860=1 SUSE-SLE-Module-Live-Patching-15-SP4-2025-2863=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_161-default-debuginfo-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_34-debugsource-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_136-default-13-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_32-debugsource-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_133-default-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_161-default-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_39-debugsource-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_31-debugsource-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_144-default-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-13-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_161-default-debuginfo-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_34-debugsource-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_136-default-13-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_32-debugsource-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_133-default-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_161-default-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_39-debugsource-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_31-debugsource-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_144-default-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-13-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1232927 * https://bugzilla.suse.com/show_bug.cgi?id=1244631 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 08:31:03 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 08:31:03 -0000 Subject: SUSE-SU-2025:02859-1: important: Security update for the Linux Kernel (Live Patch 54 for SLE 15 SP3) Message-ID: <175559226354.603.4119910807788787819@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 54 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:02859-1 Release Date: 2025-08-18T20:38:10Z Rating: important References: * bsc#1244631 * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2024-36978 * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2024-36978 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36978 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_195 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1244631). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2859=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2859=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_195-default-debuginfo-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_195-default-6-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_54-debugsource-6-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_195-preempt-debuginfo-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_195-preempt-6-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_195-default-6-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1244631 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 08:31:10 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 08:31:10 -0000 Subject: SUSE-SU-2025:02889-1: important: Security update for container-suseconnect Message-ID: <175559227080.603.3301153666843692439@smelt2.prg2.suse.org> # Security update for container-suseconnect Announcement ID: SUSE-SU-2025:02889-1 Release Date: 2025-08-19T07:54:19Z Rating: important References: Affected Products: * Containers Module 15-SP6 * Containers Module 15-SP7 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that can now be installed. ## Description: This update for container-suseconnect rebuilds it with the last go1.24 security release. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2889=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2889=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2889=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2889=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2889=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2889=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2889=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2889=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2889=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2889=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2889=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-2889=1 * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2025-2889=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2889=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * container-suseconnect-2.5.5-150000.4.69.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * container-suseconnect-2.5.5-150000.4.69.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * container-suseconnect-2.5.5-150000.4.69.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * container-suseconnect-2.5.5-150000.4.69.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * container-suseconnect-2.5.5-150000.4.69.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * container-suseconnect-2.5.5-150000.4.69.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * container-suseconnect-2.5.5-150000.4.69.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * container-suseconnect-2.5.5-150000.4.69.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * container-suseconnect-2.5.5-150000.4.69.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * container-suseconnect-2.5.5-150000.4.69.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * container-suseconnect-2.5.5-150000.4.69.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * container-suseconnect-2.5.5-150000.4.69.1 * Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64) * container-suseconnect-2.5.5-150000.4.69.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * container-suseconnect-2.5.5-150000.4.69.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 08:31:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 08:31:21 -0000 Subject: SUSE-SU-2025:02886-1: low: Security update for lua51-luajit Message-ID: <175559228129.603.16251221868974595829@smelt2.prg2.suse.org> # Security update for lua51-luajit Announcement ID: SUSE-SU-2025:02886-1 Release Date: 2025-08-19T07:08:40Z Rating: low References: * bsc#1246077 * bsc#1246078 * bsc#1246079 Cross-References: * CVE-2024-25176 * CVE-2024-25177 * CVE-2024-25178 CVSS scores: * CVE-2024-25176 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-25176 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2024-25176 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-25177 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-25177 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-25177 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25178 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-25178 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2024-25178 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H Affected Products: * openSUSE Leap 15.6 An update that solves three vulnerabilities can now be installed. ## Description: This update for lua51-luajit fixes the following issues: * CVE-2024-25176: Fixed stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c (bsc#1246077) * CVE-2024-25177: Fixed unsinking of IR_FSTORE for NULL metatable (bsc#1246078) * CVE-2024-25178: Fixed ut-of-bounds read in the stack-overflow handler in lj_state.c (bsc#1246079) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2886=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64) * lua51-luajit-devel-2.1.0~beta2-150000.3.3.1 * lua51-luajit-2.1.0~beta2-150000.3.3.1 * lua51-luajit-debuginfo-2.1.0~beta2-150000.3.3.1 * lua51-luajit-debugsource-2.1.0~beta2-150000.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-25176.html * https://www.suse.com/security/cve/CVE-2024-25177.html * https://www.suse.com/security/cve/CVE-2024-25178.html * https://bugzilla.suse.com/show_bug.cgi?id=1246077 * https://bugzilla.suse.com/show_bug.cgi?id=1246078 * https://bugzilla.suse.com/show_bug.cgi?id=1246079 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 12:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 12:30:09 -0000 Subject: SUSE-SU-2025:02902-1: important: Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP5) Message-ID: <175560660950.29828.3478961999769395847@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:02902-1 Release Date: 2025-08-19T09:34:28Z Rating: important References: * bsc#1232927 * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_100 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-2902=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2902=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_25-debugsource-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_100-default-debuginfo-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_100-default-4-150500.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_25-debugsource-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_100-default-debuginfo-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_100-default-4-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1232927 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 12:30:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 12:30:16 -0000 Subject: SUSE-SU-2025:02897-1: important: Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP4) Message-ID: <175560661633.29828.8863143452332824412@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:02897-1 Release Date: 2025-08-19T10:03:56Z Rating: important References: * bsc#1232927 * bsc#1244631 * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2024-36978 * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2024-36978 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36978 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_167 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1244631). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-2898=1 SUSE-SLE- Module-Live-Patching-15-SP4-2025-2904=1 SUSE-SLE-Module-Live- Patching-15-SP4-2025-2905=1 SUSE-SLE-Module-Live-Patching-15-SP4-2025-2899=1 SUSE-SLE-Module-Live-Patching-15-SP4-2025-2897=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2904=1 SUSE-2025-2905=1 SUSE-2025-2899=1 SUSE-2025-2897=1 SUSE-2025-2898=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_40-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-12-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_33-debugsource-12-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_41-debugsource-3-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_37-debugsource-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_167-default-debuginfo-3-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_36-debugsource-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_150-default-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_150-default-debuginfo-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_153-default-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_153-default-debuginfo-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_167-default-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_164-default-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_141-default-12-150400.2.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_40-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-12-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_33-debugsource-12-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_41-debugsource-3-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_37-debugsource-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_167-default-debuginfo-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_150-default-debuginfo-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_150-default-5-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_36-debugsource-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_153-default-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_153-default-debuginfo-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_167-default-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_164-default-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_141-default-12-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1232927 * https://bugzilla.suse.com/show_bug.cgi?id=1244631 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 12:30:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 12:30:21 -0000 Subject: SUSE-SU-2025:02908-1: important: Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP6) Message-ID: <175560662158.29828.3050439826245619123@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02908-1 Release Date: 2025-08-19T11:33:53Z Rating: important References: * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_33 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-2908=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2900=1 SUSE-2025-2901=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-2901=1 SUSE-SLE- Module-Live-Patching-15-SP5-2025-2900=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2895=1 SUSE-2025-2903=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2895=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-2903=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_261-default-2-2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_73-default-15-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_17-debugsource-15-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_19-debugsource-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-15-150500.2.1 * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_80-default-13-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_73-default-15-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_19-debugsource-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-15-150500.2.1 * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_80-default-13-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le x86_64) * kernel-livepatch-SLE15-SP5_Update_17-debugsource-15-150500.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_33-default-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-15-150600.2.1 * kernel-livepatch-6_4_0-150600_23_22-default-15-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_7-debugsource-10-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_4-debugsource-15-150600.2.1 * kernel-livepatch-6_4_0-150600_23_33-default-debuginfo-10-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_33-default-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-15-150600.2.1 * kernel-livepatch-6_4_0-150600_23_22-default-15-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_7-debugsource-10-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_4-debugsource-15-150600.2.1 * kernel-livepatch-6_4_0-150600_23_33-default-debuginfo-10-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 12:30:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 12:30:28 -0000 Subject: SUSE-SU-2025:02894-1: important: Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3) Message-ID: <175560662888.29828.6198337160334843216@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:02894-1 Release Date: 2025-08-19T09:19:19Z Rating: important References: * bsc#1244631 * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2024-36978 * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2024-36978 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36978 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_174 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1244631). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2894=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2894=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_48-debugsource-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_174-default-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_174-default-debuginfo-15-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_174-preempt-debuginfo-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_174-preempt-15-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_174-default-15-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1244631 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 12:30:40 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 12:30:40 -0000 Subject: SUSE-SU-2025:02896-1: low: Security update for 389-ds Message-ID: <175560664073.29828.16021984452629825717@smelt2.prg2.suse.org> # Security update for 389-ds Announcement ID: SUSE-SU-2025:02896-1 Release Date: 2025-08-19T09:30:17Z Rating: low References: * bsc#1242666 * bsc#1243428 Cross-References: * CVE-2025-3416 CVSS scores: * CVE-2025-3416 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for 389-ds fixes the following issues: Update to version 2.0.20~git64.628a24b68: Security fixes: * CVE-2025-3416: Fixed openssl use after free (bsc#1242666) Other fixes: * resolve infinite loop due when loading RUV entryrdn (bsc#1243428) Upstream changelog: * Issue 6119 - Synchronise accept_thread with slapd_daemon (#6120) * Issue 6825 - RootDN Access Control Plugin with wildcards for IP addre? (#6826) * Issue 6819 - Incorrect pwdpolicysubentry returned for an entry with user password policy * Issue 6641 - modrdn fails when a user is member of multiple groups (#6643) * Issue 6534 - CI fails with Fedora 41 and DNF5 * Revert "Issue 5120 - ns-slapd doesn't start in referral mode (#6763)" * Issue 6438 - Add basic dsidm organizational unit tests * Issue 6439 - Fix dsidm service get_dn option * Issue 5120 - ns-slapd doesn't start in referral mode (#6763) * Issue 6740 Certificate verify fails in FIPS mode * Issue 5356 - Set DEFAULT_PASSWORD_STORAGE_SCHEME to PBKDF2-SHA512 in tests * Issue 6603 - Release tarballs ship a different Cargo.lock * Issue 4982 - BUG - missing inttypes.h (#4983) * Issue 6571 - (2nd) Nested group does not receive memberOf attribute (#6697) * Issue 6686 - CLI - Re-enabling user accounts that reached inactivity limit fails with error (#6687) * Issue 6288 - dsidm crash with account policy when alt-state-attr is disabled (#6292) * Issue 6571 - Nested group does not receive memberOf attribute (#6679) * Issue 6676 - Add GitHub workflow action and fix pbkdf2 tests (#6677) * Issue 6155 - ldap-agent fails to start because of permission error (#6179) * Issue 6632 - Replication init fails with ASAN build * Issue 6561 - TLS 1.2 stickiness in FIPS mode * Bump openssl from 0.10.66 to 0.10.70 in /src * Issue 6004 - (2nd) idletimeout may be ignored (#6569) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2896=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * libsvrcore0-debuginfo-2.0.20~git64.628a24b68-150400.3.45.3 * 389-ds-2.0.20~git64.628a24b68-150400.3.45.3 * 389-ds-debugsource-2.0.20~git64.628a24b68-150400.3.45.3 * libsvrcore0-2.0.20~git64.628a24b68-150400.3.45.3 * 389-ds-snmp-debuginfo-2.0.20~git64.628a24b68-150400.3.45.3 * lib389-2.0.20~git64.628a24b68-150400.3.45.3 * 389-ds-snmp-2.0.20~git64.628a24b68-150400.3.45.3 * 389-ds-debuginfo-2.0.20~git64.628a24b68-150400.3.45.3 * 389-ds-devel-2.0.20~git64.628a24b68-150400.3.45.3 ## References: * https://www.suse.com/security/cve/CVE-2025-3416.html * https://bugzilla.suse.com/show_bug.cgi?id=1242666 * https://bugzilla.suse.com/show_bug.cgi?id=1243428 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 16:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 16:30:07 -0000 Subject: SUSE-SU-2025:02918-1: important: Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP6) Message-ID: <175562100748.603.350755235589150975@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02918-1 Release Date: 2025-08-19T14:33:37Z Rating: important References: * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_38 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-2918=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2920=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2920=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_228-default-14-2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_8-debugsource-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_38-default-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_38-default-debuginfo-5-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_8-debugsource-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_38-default-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_38-default-debuginfo-5-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 16:30:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 16:30:13 -0000 Subject: SUSE-SU-2025:02917-1: important: Security update for the Linux Kernel (Live Patch 56 for SLE 15 SP3) Message-ID: <175562101392.603.8346332109088492997@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 56 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:02917-1 Release Date: 2025-08-19T13:04:09Z Rating: important References: * bsc#1244631 * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2024-36978 * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2024-36978 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36978 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_201 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1244631). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2917=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2917=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_201-default-debuginfo-4-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_56-debugsource-4-150300.2.1 * kernel-livepatch-5_3_18-150300_59_201-default-4-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_201-preempt-debuginfo-4-150300.2.1 * kernel-livepatch-5_3_18-150300_59_201-preempt-4-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_201-default-debuginfo-4-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_56-debugsource-4-150300.2.1 * kernel-livepatch-5_3_18-150300_59_201-default-4-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1244631 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 16:30:19 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 16:30:19 -0000 Subject: SUSE-SU-2025:02911-1: important: Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP5) Message-ID: <175562101934.603.272061038210570481@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:02911-1 Release Date: 2025-08-19T12:33:37Z Rating: important References: * bsc#1232927 * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_88 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2911=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-2911=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_88-default-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_88-default-debuginfo-9-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_21-debugsource-9-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_88-default-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_88-default-debuginfo-9-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_21-debugsource-9-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1232927 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 16:30:26 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 16:30:26 -0000 Subject: SUSE-SU-2025:02909-1: important: Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4) Message-ID: <175562102632.603.6418058567003269956@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:02909-1 Release Date: 2025-08-19T12:03:55Z Rating: important References: * bsc#1232927 * bsc#1244631 * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2024-36978 * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2024-36978 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36978 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_147 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1244631). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2909=1 SUSE-2025-2910=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-2909=1 SUSE-SLE- Module-Live-Patching-15-SP4-2025-2910=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_125-default-17-150400.2.1 * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-17-150400.2.1 * kernel-livepatch-5_14_21-150400_24_147-default-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_28-debugsource-17-150400.2.1 * kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_35-debugsource-10-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_125-default-17-150400.2.1 * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-17-150400.2.1 * kernel-livepatch-5_14_21-150400_24_147-default-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_28-debugsource-17-150400.2.1 * kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_35-debugsource-10-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1232927 * https://bugzilla.suse.com/show_bug.cgi?id=1244631 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 16:30:39 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 16:30:39 -0000 Subject: SUSE-SU-2025:02919-1: moderate: Security update for gstreamer-0_10-plugins-base Message-ID: <175562103983.603.1667789616205811608@smelt2.prg2.suse.org> # Security update for gstreamer-0_10-plugins-base Announcement ID: SUSE-SU-2025:02919-1 Release Date: 2025-08-19T13:52:42Z Rating: moderate References: * bsc#1244403 * bsc#1244404 * bsc#1244407 Cross-References: * CVE-2025-47806 * CVE-2025-47807 * CVE-2025-47808 CVSS scores: * CVE-2025-47806 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-47806 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-47806 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-47807 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-47807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-47807 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-47807 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-47808 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-47808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-47808 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for gstreamer-0_10-plugins-base fixes the following issues: * CVE-2025-47808: Fixed stack buffer overflow in SubRip subtitle parser (bsc#1244404) * CVE-2025-47807: Fixed NULL-pointer dereference in TMPlayer subtitle parser (bsc#1244403) * CVE-2025-47806: Fixed NULL-pointer dereference in SubRip subtitle parser (bsc#1244407) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2919=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * gstreamer-0_10-plugins-base-devel-0.10.36-18.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47806.html * https://www.suse.com/security/cve/CVE-2025-47807.html * https://www.suse.com/security/cve/CVE-2025-47808.html * https://bugzilla.suse.com/show_bug.cgi?id=1244403 * https://bugzilla.suse.com/show_bug.cgi?id=1244404 * https://bugzilla.suse.com/show_bug.cgi?id=1244407 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 16:30:43 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 16:30:43 -0000 Subject: SUSE-SU-2025:02915-1: moderate: Security update for jq Message-ID: <175562104391.603.11548884680640697469@smelt2.prg2.suse.org> # Security update for jq Announcement ID: SUSE-SU-2025:02915-1 Release Date: 2025-08-19T12:57:02Z Rating: moderate References: * bsc#1244116 Cross-References: * CVE-2025-48060 CVSS scores: * CVE-2025-48060 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-48060 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-48060 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-48060 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for jq fixes the following issues: * CVE-2025-48060: Fixed stack-buffer-overflow in jq_fuzz_execute (bsc#1244116) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2915=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2915=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2915=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2915=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2915=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2915=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2915=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2915=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2915=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2915=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2915=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * libjq-devel-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * libjq-devel-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * libjq-devel-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libjq1-debuginfo-1.6-150000.3.9.1 * jq-1.6-150000.3.9.1 * libjq1-1.6-150000.3.9.1 * jq-debugsource-1.6-150000.3.9.1 * jq-debuginfo-1.6-150000.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-48060.html * https://bugzilla.suse.com/show_bug.cgi?id=1244116 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 16:30:47 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 16:30:47 -0000 Subject: SUSE-SU-2025:02914-1: moderate: Security update for docker Message-ID: <175562104739.603.1784398085325698647@smelt2.prg2.suse.org> # Security update for docker Announcement ID: SUSE-SU-2025:02914-1 Release Date: 2025-08-19T12:56:06Z Rating: moderate References: * bsc#1246556 * bsc#1247367 Cross-References: * CVE-2025-54388 CVSS scores: * CVE-2025-54388 ( SUSE ): 5.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2025-54388 ( SUSE ): 5.2 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2025-54388 ( NVD ): 5.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP7 * Containers Module 15-SP6 * Containers Module 15-SP7 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for docker fixes the following issues: * Update to Docker 28.3.3-ce. * CVE-2025-54388: Fixed a bug where firewalld when reloaded can make published container ports accessible from remote hosts. (bsc#1247367) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2914=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2914=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2914=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2914=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2914=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2914=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2914=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-2914=1 * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2025-2914=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2914=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2914=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2914=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2914=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2914=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2914=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2914=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2914=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2914=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2914=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2914=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2914=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2914=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2914=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2914=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * openSUSE Leap 15.6 (noarch) * docker-bash-completion-28.3.3_ce-150000.230.1 * docker-rootless-extras-28.3.3_ce-150000.230.1 * docker-zsh-completion-28.3.3_ce-150000.230.1 * docker-fish-completion-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * Containers Module 15-SP6 (noarch) * docker-bash-completion-28.3.3_ce-150000.230.1 * docker-zsh-completion-28.3.3_ce-150000.230.1 * docker-rootless-extras-28.3.3_ce-150000.230.1 * Containers Module 15-SP7 (noarch) * docker-bash-completion-28.3.3_ce-150000.230.1 * docker-zsh-completion-28.3.3_ce-150000.230.1 * docker-rootless-extras-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * docker-bash-completion-28.3.3_ce-150000.230.1 * docker-fish-completion-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * docker-bash-completion-28.3.3_ce-150000.230.1 * docker-rootless-extras-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * docker-bash-completion-28.3.3_ce-150000.230.1 * docker-rootless-extras-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * docker-bash-completion-28.3.3_ce-150000.230.1 * docker-rootless-extras-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * docker-bash-completion-28.3.3_ce-150000.230.1 * docker-rootless-extras-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * docker-bash-completion-28.3.3_ce-150000.230.1 * docker-fish-completion-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * docker-bash-completion-28.3.3_ce-150000.230.1 * docker-rootless-extras-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * docker-bash-completion-28.3.3_ce-150000.230.1 * docker-rootless-extras-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * docker-bash-completion-28.3.3_ce-150000.230.1 * docker-fish-completion-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * docker-bash-completion-28.3.3_ce-150000.230.1 * docker-rootless-extras-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * docker-bash-completion-28.3.3_ce-150000.230.1 * docker-rootless-extras-28.3.3_ce-150000.230.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * SUSE Enterprise Storage 7.1 (noarch) * docker-bash-completion-28.3.3_ce-150000.230.1 * docker-fish-completion-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * docker-28.3.3_ce-150000.230.1 * docker-debuginfo-28.3.3_ce-150000.230.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54388.html * https://bugzilla.suse.com/show_bug.cgi?id=1246556 * https://bugzilla.suse.com/show_bug.cgi?id=1247367 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 16:30:50 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 16:30:50 -0000 Subject: SUSE-SU-2025:02913-1: moderate: Security update for docker Message-ID: <175562105087.603.16823508627972680437@smelt2.prg2.suse.org> # Security update for docker Announcement ID: SUSE-SU-2025:02913-1 Release Date: 2025-08-19T12:52:47Z Rating: moderate References: * bsc#1246556 * bsc#1247367 Cross-References: * CVE-2025-54388 CVSS scores: * CVE-2025-54388 ( SUSE ): 5.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2025-54388 ( SUSE ): 5.2 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2025-54388 ( NVD ): 5.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for docker fixes the following issues: * Update to Docker 28.3.3-ce. * CVE-2025-54388: Fixed a bug where firewalld when reloaded can make published container ports accessible from remote hosts. (bsc#1247367) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-2913=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2913=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * docker-28.3.3_ce-98.137.1 * docker-debuginfo-28.3.3_ce-98.137.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * docker-bash-completion-28.3.3_ce-98.137.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * docker-28.3.3_ce-98.137.1 * docker-debuginfo-28.3.3_ce-98.137.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * docker-bash-completion-28.3.3_ce-98.137.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54388.html * https://bugzilla.suse.com/show_bug.cgi?id=1246556 * https://bugzilla.suse.com/show_bug.cgi?id=1247367 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 16:30:52 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 16:30:52 -0000 Subject: SUSE-SU-2025:02912-1: moderate: Security update for govulncheck-vulndb Message-ID: <175562105287.603.5795299128251778813@smelt2.prg2.suse.org> # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2025:02912-1 Release Date: 2025-08-19T12:52:35Z Rating: moderate References: * jsc#PED-11136 Cross-References: * CVE-2021-21411 * CVE-2024-44906 * CVE-2025-44779 * CVE-2025-47907 * CVE-2025-50738 * CVE-2025-53534 * CVE-2025-53942 * CVE-2025-54386 * CVE-2025-54388 * CVE-2025-54410 * CVE-2025-54424 * CVE-2025-54576 * CVE-2025-54799 * CVE-2025-54801 * CVE-2025-54996 * CVE-2025-54997 * CVE-2025-54998 * CVE-2025-54999 * CVE-2025-55000 * CVE-2025-55001 * CVE-2025-55003 * CVE-2025-5999 * CVE-2025-6000 * CVE-2025-6004 * CVE-2025-6011 * CVE-2025-6013 * CVE-2025-6014 * CVE-2025-6015 * CVE-2025-6037 * CVE-2025-7195 * CVE-2025-8341 CVSS scores: * CVE-2021-21411 ( NVD ): 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N * CVE-2024-44906 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2025-44779 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2025-47907 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-47907 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2025-47907 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L * CVE-2025-50738 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-53534 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-53942 ( NVD ): 7.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-54386 ( NVD ): 7.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-54388 ( SUSE ): 5.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2025-54388 ( SUSE ): 5.2 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2025-54388 ( NVD ): 5.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-54410 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-54410 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2025-54410 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2025-54424 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54576 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-54799 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-54801 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-54996 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54997 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2025-54998 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-54999 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-54999 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-55000 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-55001 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2025-55003 ( NVD ): 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N * CVE-2025-5999 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-6000 ( SUSE ): 5.5 CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H * CVE-2025-6000 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2025-6000 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2025-6004 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-6011 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-6013 ( SUSE ): 7.4 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-6013 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2025-6013 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2025-6014 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-6015 ( NVD ): 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N * CVE-2025-6037 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2025-7195 ( NVD ): 5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L * CVE-2025-8341 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves 31 vulnerabilities and contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: * Update to version 0.0.20250814T182633 2025-08-14T18:26:33Z (jsc#PED-11136) Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3765 CVE-2024-44906 GHSA-h4h6-vccr-44h2 * GO-2025-3829 CVE-2025-54410 GHSA-4vq8-7jfc-9cvp * Update to version 0.0.20250811T192933 2025-08-11T19:29:33Z (jsc#PED-11136) Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3822 CVE-2025-53942 GHSA-9g4j-v8w5-7x42 * GO-2025-3829 CVE-2025-54410 GHSA-4vq8-7jfc-9cvp * GO-2025-3830 CVE-2025-54388 GHSA-x4rx-4gw3-53p4 * GO-2025-3831 CVE-2025-50738 GHSA-hfcf-79gh-f3jc * GO-2025-3832 CVE-2021-21411 GHSA-652x-m2gr-hppm * GO-2025-3833 CVE-2025-54576 GHSA-7rh7-c77v-6434 * GO-2025-3834 CVE-2025-54424 GHSA-8j63-96wh-wh3j * GO-2025-3835 CVE-2025-54386 GHSA-q6gg-9f92-r9wg * GO-2025-3836 CVE-2025-6037 GHSA-6c5r-4wfc-3mcx * GO-2025-3837 CVE-2025-5999 GHSA-6h4p-m86h-hhgh * GO-2025-3838 CVE-2025-6000 GHSA-mr4h-qf9j-f665 * GO-2025-3839 CVE-2025-6011 GHSA-mwgr-84fv-3jh9 * GO-2025-3840 CVE-2025-6004 GHSA-qgj7-fmq2-6cc4 * GO-2025-3841 CVE-2025-6014 GHSA-qv3p-fmv3-9hww * GO-2025-3842 CVE-2025-6015 GHSA-v6r4-35f9-9rpw * GO-2025-3843 CVE-2025-8341 GHSA-3c93-92r7-j934 * GO-2025-3844 CVE-2025-53534 GHSA-fm3m-jrgm-5ppg * GO-2025-3845 CVE-2025-54801 GHSA-qx2q-88mx-vhg7 * GO-2025-3847 CVE-2025-54799 GHSA-q82r-2j7m-9rv4 * GO-2025-3848 CVE-2025-6013 GHSA-7rx2-769v-hrwf * GO-2025-3851 CVE-2025-44779 GHSA-93jv-pvg8-hf3v * GO-2025-3852 CVE-2025-7195 GHSA-856v-8qm2-9wjv * GO-2025-3853 CVE-2025-55000 GHSA-f7c3-mhj2-9pvg * GO-2025-3854 CVE-2025-54999 GHSA-hh28-h22f-8357 * GO-2025-3855 CVE-2025-54998 GHSA-j3xv-7fxp-gfhx * GO-2025-3856 CVE-2025-55003 GHSA-rxp7-9q75-vj3p * GO-2025-3857 CVE-2025-54996 GHSA-vf84-mxrq-crqc * GO-2025-3858 CVE-2025-54997 GHSA-xp75-r577-cvhp * GO-2025-3859 CVE-2025-55001 GHSA-2q8q-8fgw-9p6p * Update to version 0.0.20250807T150727 2025-08-07T15:07:27Z (jsc#PED-11136) Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3849 CVE-2025-47907 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2912=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2912=1 ## Package List: * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20250814T182633-150000.1.98.1 * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20250814T182633-150000.1.98.1 ## References: * https://www.suse.com/security/cve/CVE-2021-21411.html * https://www.suse.com/security/cve/CVE-2024-44906.html * https://www.suse.com/security/cve/CVE-2025-44779.html * https://www.suse.com/security/cve/CVE-2025-47907.html * https://www.suse.com/security/cve/CVE-2025-50738.html * https://www.suse.com/security/cve/CVE-2025-53534.html * https://www.suse.com/security/cve/CVE-2025-53942.html * https://www.suse.com/security/cve/CVE-2025-54386.html * https://www.suse.com/security/cve/CVE-2025-54388.html * https://www.suse.com/security/cve/CVE-2025-54410.html * https://www.suse.com/security/cve/CVE-2025-54424.html * https://www.suse.com/security/cve/CVE-2025-54576.html * https://www.suse.com/security/cve/CVE-2025-54799.html * https://www.suse.com/security/cve/CVE-2025-54801.html * https://www.suse.com/security/cve/CVE-2025-54996.html * https://www.suse.com/security/cve/CVE-2025-54997.html * https://www.suse.com/security/cve/CVE-2025-54998.html * https://www.suse.com/security/cve/CVE-2025-54999.html * https://www.suse.com/security/cve/CVE-2025-55000.html * https://www.suse.com/security/cve/CVE-2025-55001.html * https://www.suse.com/security/cve/CVE-2025-55003.html * https://www.suse.com/security/cve/CVE-2025-5999.html * https://www.suse.com/security/cve/CVE-2025-6000.html * https://www.suse.com/security/cve/CVE-2025-6004.html * https://www.suse.com/security/cve/CVE-2025-6011.html * https://www.suse.com/security/cve/CVE-2025-6013.html * https://www.suse.com/security/cve/CVE-2025-6014.html * https://www.suse.com/security/cve/CVE-2025-6015.html * https://www.suse.com/security/cve/CVE-2025-6037.html * https://www.suse.com/security/cve/CVE-2025-7195.html * https://www.suse.com/security/cve/CVE-2025-8341.html * https://jira.suse.com/browse/PED-11136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 16:30:59 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 16:30:59 -0000 Subject: SUSE-SU-2025:20558-1: moderate: Security update for python-urllib3 Message-ID: <175562105919.603.6639546428954938350@smelt2.prg2.suse.org> # Security update for python-urllib3 Announcement ID: SUSE-SU-2025:20558-1 Release Date: 2025-08-14T09:26:49Z Rating: moderate References: * bsc#1244925 Cross-References: * CVE-2025-50181 CVSS scores: * CVE-2025-50181 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-50181 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-50181 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for python-urllib3 fixes the following issues: * CVE-2025-50181: * Pool managers now properly control redirects when retries is passed (GHSA-pq67-6m6q-mj2v, bsc#1244925) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-420=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * python311-urllib3-2.1.0-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-50181.html * https://bugzilla.suse.com/show_bug.cgi?id=1244925 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 16:31:06 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 16:31:06 -0000 Subject: SUSE-SU-2025:20557-1: important: Security update for libssh Message-ID: <175562106667.603.3273765826835200982@smelt2.prg2.suse.org> # Security update for libssh Announcement ID: SUSE-SU-2025:20557-1 Release Date: 2025-08-14T09:26:49Z Rating: important References: * bsc#1245309 * bsc#1245310 * bsc#1245311 * bsc#1245312 * bsc#1245314 * bsc#1245317 Cross-References: * CVE-2025-4877 * CVE-2025-4878 * CVE-2025-5318 * CVE-2025-5351 * CVE-2025-5372 * CVE-2025-5987 CVSS scores: * CVE-2025-4877 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-4877 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-4878 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-4878 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-4878 ( NVD ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-5318 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-5318 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-5318 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-5351 ( SUSE ): 6.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-5351 ( SUSE ): 6.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-5351 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-5372 ( SUSE ): 7.6 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-5372 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L * CVE-2025-5372 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-5987 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-5987 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-5987 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for libssh fixes the following issues: * CVE-2025-5372: ssh_kdf() returns a success code on certain failures (bsc#1245314) * CVE-2025-5987: Invalid return code for chacha20 poly1305 with OpenSSL backend (bsc#1245317) * CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions (bsc#1245309) * CVE-2025-4878: Use of uninitialized variable in privatekey_from_file() (bsc#1245310) * CVE-2025-5318: Likely read beyond bounds in sftp server handle management (bsc#1245311) * CVE-2025-5351: Double free in functions exporting keys (bsc#1245312) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-419=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libssh4-0.10.6-2.1 * libssh4-debuginfo-0.10.6-2.1 * libssh-debugsource-0.10.6-2.1 * libssh-config-0.10.6-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4877.html * https://www.suse.com/security/cve/CVE-2025-4878.html * https://www.suse.com/security/cve/CVE-2025-5318.html * https://www.suse.com/security/cve/CVE-2025-5351.html * https://www.suse.com/security/cve/CVE-2025-5372.html * https://www.suse.com/security/cve/CVE-2025-5987.html * https://bugzilla.suse.com/show_bug.cgi?id=1245309 * https://bugzilla.suse.com/show_bug.cgi?id=1245310 * https://bugzilla.suse.com/show_bug.cgi?id=1245311 * https://bugzilla.suse.com/show_bug.cgi?id=1245312 * https://bugzilla.suse.com/show_bug.cgi?id=1245314 * https://bugzilla.suse.com/show_bug.cgi?id=1245317 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 16:31:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 16:31:09 -0000 Subject: SUSE-SU-2025:20556-1: important: Security update for libxslt Message-ID: <175562106993.603.2247386074638029539@smelt2.prg2.suse.org> # Security update for libxslt Announcement ID: SUSE-SU-2025:20556-1 Release Date: 2025-08-14T09:21:00Z Rating: important References: * bsc#1246360 Cross-References: * CVE-2025-7424 CVSS scores: * CVE-2025-7424 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2025-7424 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for libxslt fixes the following issues: * CVE-2025-7424: Fixed type confusion in xmlNode.psvi between stylesheet and source nodes (bsc#1246360) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-418=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libxslt1-1.1.38-6.1 * libexslt0-debuginfo-1.1.38-6.1 * libxslt-debugsource-1.1.38-6.1 * libexslt0-1.1.38-6.1 * libxslt1-debuginfo-1.1.38-6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-7424.html * https://bugzilla.suse.com/show_bug.cgi?id=1246360 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 16:31:18 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 16:31:18 -0000 Subject: SUSE-SU-2025:20554-1: moderate: Security update for systemd Message-ID: <175562107813.603.5128109726510926232@smelt2.prg2.suse.org> # Security update for systemd Announcement ID: SUSE-SU-2025:20554-1 Release Date: 2025-08-12T14:14:50Z Rating: moderate References: * bsc#1242827 * bsc#1243935 * bsc#1247074 Cross-References: * CVE-2025-4598 CVSS scores: * CVE-2025-4598 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-4598 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 * SUSE Linux Micro Extras 6.0 An update that solves one vulnerability and has two fixes can now be installed. ## Description: This update for systemd fixes the following issues: * Remove the script used to help migrating the language and locale settings located in /etc/sysconfig/language on old systems to the systemd default locations (bsc#1247074) The script was introduced more than 7 years ago and all systems running TW should have been migrated since then. Moreover the installer supports the systemd default locations since approximately SLE15. * triggers.systemd: skip update of hwdb, journal-catalog if executed during an offline update. * logs-show: get timestamp and boot ID only when necessary (bsc#1242827) * sd-journal: drop to use Hashmap to manage journal files per boot ID * tree-wide: set SD_JOURNAL_ASSUME_IMMUTABLE where appropriate * sd-journal: introduce SD_JOURNAL_ASSUME_IMMUTABLE flag * sd-journal: make journal_file_read_tail_timestamp() notify to the caller that some new journal entries added * sd-journal: cache last entry offset and journal file state * sd-journal: fix typo in function name * coredump: use %d in kernel core pattern (bsc#1243935 CVE-2025-4598) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-416=1 * SUSE Linux Micro Extras 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-416=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * systemd-journal-remote-254.27-1.1 * libsystemd0-debuginfo-254.27-1.1 * systemd-debugsource-254.27-1.1 * systemd-254.27-1.1 * systemd-experimental-debuginfo-254.27-1.1 * udev-debuginfo-254.27-1.1 * systemd-debuginfo-254.27-1.1 * libudev1-debuginfo-254.27-1.1 * systemd-journal-remote-debuginfo-254.27-1.1 * systemd-coredump-254.27-1.1 * systemd-portable-debuginfo-254.27-1.1 * systemd-portable-254.27-1.1 * udev-254.27-1.1 * libudev1-254.27-1.1 * systemd-container-debuginfo-254.27-1.1 * systemd-coredump-debuginfo-254.27-1.1 * libsystemd0-254.27-1.1 * systemd-experimental-254.27-1.1 * systemd-container-254.27-1.1 * SUSE Linux Micro Extras 6.0 (aarch64 s390x x86_64) * systemd-debugsource-254.27-1.1 * systemd-devel-254.27-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4598.html * https://bugzilla.suse.com/show_bug.cgi?id=1242827 * https://bugzilla.suse.com/show_bug.cgi?id=1243935 * https://bugzilla.suse.com/show_bug.cgi?id=1247074 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 16:31:22 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 16:31:22 -0000 Subject: SUSE-SU-2025:20553-1: important: Security update for xz Message-ID: <175562108251.603.16167483212062789487@smelt2.prg2.suse.org> # Security update for xz Announcement ID: SUSE-SU-2025:20553-1 Release Date: 2025-08-08T10:23:21Z Rating: important References: * bsc#1240414 Cross-References: * CVE-2025-31115 CVSS scores: * CVE-2025-31115 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-31115 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-31115 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for xz fixes the following issues: * CVE-2025-31115: Fixed heap use after free and writing to an address based on the null pointer plus an offset (bsc#1240414) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-412=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * xz-debugsource-5.4.3-5.1 * liblzma5-5.4.3-5.1 * xz-5.4.3-5.1 * xz-debuginfo-5.4.3-5.1 * liblzma5-debuginfo-5.4.3-5.1 ## References: * https://www.suse.com/security/cve/CVE-2025-31115.html * https://bugzilla.suse.com/show_bug.cgi?id=1240414 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 19 20:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Aug 2025 20:30:07 -0000 Subject: SUSE-SU-2025:02922-1: important: Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP6) Message-ID: <175563540740.16753.515984146198718050@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02922-1 Release Date: 2025-08-19T19:33:29Z Rating: important References: * bsc#1244337 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_60 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2922=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2922=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_60-default-2-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_13-debugsource-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_60-default-debuginfo-2-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_60-default-2-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_13-debugsource-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_60-default-debuginfo-2-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 20 08:30:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 20 Aug 2025 08:30:11 -0000 Subject: SUSE-SU-2025:02924-1: important: Security update for go1.25 Message-ID: <175567861168.679.6542068747089578211@smelt2.prg2.suse.org> # Security update for go1.25 Announcement ID: SUSE-SU-2025:02924-1 Release Date: 2025-08-20T07:35:22Z Rating: important References: * bsc#1244485 * bsc#1246118 * bsc#1247719 * bsc#1247720 Cross-References: * CVE-2025-4674 * CVE-2025-47906 * CVE-2025-47907 CVSS scores: * CVE-2025-4674 ( SUSE ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-4674 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2025-4674 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2025-47906 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-47906 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-47907 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-47907 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2025-47907 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L Affected Products: * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: go1.25 (released 2025-08-12) is a major release of Go. go1.25.x minor releases will be provided through August 2026. https://github.com/golang/go/wiki/Go-Release-Cycle go1.25 arrives six months after Go 1.24. Most of its changes are in the implementation of the toolchain, runtime, and libraries. As always, the release maintains the Go 1 promise of compatibility. We expect almost all Go programs to continue to compile and run as before. (boo#1244485 go1.25 release tracking) * Language changes: There are no languages changes that affect Go programs in Go 1.25. However, in the language specification the notion of core types has been removed in favor of dedicated prose. See the respective blog post for more information. * go command: The go build -asan option now defaults to doing leak detection at program exit. This will report an error if memory allocated by C is not freed and is not referenced by any other memory allocated by either C or Go. These new error reports may be disabled by setting ASAN_OPTIONS=detect_leaks=0 in the environment when running the program. * go command: The Go distribution will include fewer prebuilt tool binaries. Core toolchain binaries such as the compiler and linker will still be included, but tools not invoked by build or test operations will be built and run by go tool as needed. * go command: The new go.mod ignore directive can be used to specify directories the go command should ignore. Files in these directories and their subdirectories will be ignored by the go command when matching package patterns, such as all or ./..., but will still be included in module zip files. * go command: The new go doc -http option will start a documentation server showing documentation for the requested object, and open the documentation in a browser window. * go command: The new go version -m -json option will print the JSON encodings of the runtime/debug.BuildInfo structures embedded in the given Go binary files. * go command: The go command now supports using a subdirectory of a repository as the path for a module root, when resolving a module path using the syntax to indicate that the root-path corresponds to the subdir of the repo-url with version control system vcs. * go command: The new work package pattern matches all packages in the work (formerly called main) modules: either the single work module in module mode or the set of workspace modules in workspace mode. * go command: When the go command updates the go line in a go.mod or go.work file, it no longer adds a toolchain line specifying the command?s current version. * go vet: The go vet command includes new analyzers: * go vet: waitgroup reports misplaced calls to sync.WaitGroup.Add; * go vet: hostport reports uses of fmt.Sprintf("%s:%d", host, port) to construct addresses for net.Dial, as these will not work with IPv6; instead it suggests using net.JoinHostPort. * Runtime: Container-aware GOMAXPROCS. The default behavior of the GOMAXPROCS has changed. In prior versions of Go, GOMAXPROCS defaults to the number of logical CPUs available at startup (runtime.NumCPU). Go 1.25 introduces two changes: On Linux, the runtime considers the CPU bandwidth limit of the cgroup containing the process, if any. If the CPU bandwidth limit is lower than the number of logical CPUs available, GOMAXPROCS will default to the lower limit. In container runtime systems like Kubernetes, cgroup CPU bandwidth limits generally correspond to the ?CPU limit? option. The Go runtime does not consider the ?CPU requests? option. On all OSes, the runtime periodically updates GOMAXPROCS if the number of logical CPUs available or the cgroup CPU bandwidth limit change. Both of these behaviors are automatically disabled if GOMAXPROCS is set manually via the GOMAXPROCS environment variable or a call to runtime.GOMAXPROCS. They can also be disabled explicitly with the GODEBUG settings containermaxprocs=0 and updatemaxprocs=0, respectively. In order to support reading updated cgroup limits, the runtime will keep cached file descriptors for the cgroup files for the duration of the process lifetime. * Runtime: garbage collector: A new garbage collector is now available as an experiment. This garbage collector?s design improves the performance of marking and scanning small objects through better locality and CPU scalability. Benchmark result vary, but we expect somewhere between a 10?40% reduction in garbage collection overhead in real-world programs that heavily use the garbage collector. The new garbage collector may be enabled by setting GOEXPERIMENT=greenteagc at build time. We expect the design to continue to evolve and improve. To that end, we encourage Go developers to try it out and report back their experiences. See the GitHub issue for more details on the design and instructions for sharing feedback. * Runtime: trace flight recorder: Runtime execution traces have long provided a powerful, but expensive way to understand and debug the low-level behavior of an application. Unfortunately, because of their size and the cost of continuously writing an execution trace, they were generally impractical for debugging rare events. The new runtime/trace.FlightRecorder API provides a lightweight way to capture a runtime execution trace by continuously recording the trace into an in-memory ring buffer. When a significant event occurs, a program can call FlightRecorder.WriteTo to snapshot the last few seconds of the trace to a file. This approach produces a much smaller trace by enabling applications to capture only the traces that matter. The length of time and amount of data captured by a FlightRecorder may be configured within the FlightRecorderConfig. * Runtime: Change to unhandled panic output: The message printed when a program exits due to an unhandled panic that was recovered and repanicked no longer repeats the text of the panic value. * Runtime: VMA names on Linux: On Linux systems with kernel support for anonymous virtual memory area (VMA) names (CONFIG_ANON_VMA_NAME), the Go runtime will annotate anonymous memory mappings with context about their purpose. e.g., [anon: Go: heap] for heap memory. This can be disabled with the GODEBUG setting decoratemappings=0. * Compiler: nil pointer bug: This release fixes a compiler bug, introduced in Go 1.21, that could incorrectly delay nil pointer checks. * Compiler: DWARF5 support: The compiler and linker in Go 1.25 now generate debug information using DWARF version 5. The newer DWARF version reduces the space required for debugging information in Go binaries, and reduces the time for linking, especially for large Go binaries. DWARF 5 generation can be disabled by setting the environment variable GOEXPERIMENT=nodwarf5 at build time (this fallback may be removed in a future Go release). * Compiler: Faster slices: The compiler can now allocate the backing store for slices on the stack in more situations, which improves performance. This change has the potential to amplify the effects of incorrect unsafe.Pointer usage, see for example issue 73199. In order to track down these problems, the bisect tool can be used to find the allocation causing trouble using the -compile=variablemake flag. All such new stack allocations can also be turned off using -gcflags=all=-d=variablemakehash=n. * Linker: The linker now accepts a -funcalign=N command line option, which specifies the alignment of function entries. The default value is platform- dependent, and is unchanged in this release. * Standard library: testing/synctest: The new testing/synctest package provides support for testing concurrent code. This package was first available in Go 1.24 under GOEXPERIMENT=synctest, with a slightly different API. The experiment has now graduated to general availability. The old API is still present if GOEXPERIMENT=synctest is set, but will be removed in Go 1.26. * Standard library: testing/synctest: The Test function runs a test function in an isolated ?bubble?. Within the bubble, time is virtualized: time package functions operate on a fake clock and the clock moves forward instantaneously if all goroutines in the bubble are blocked. * Standard library: testing/synctest: The Wait function waits for all goroutines in the current bubble to block. * Standard library: encoding/json/v2: Go 1.25 includes a new, experimental JSON implementation, which can be enabled by setting the environment variable GOEXPERIMENT=jsonv2 at build time. When enabled, two new packages are available: The encoding/json/v2 package is a major revision of the encoding/json package. The encoding/json/jsontext package provides lower- level processing of JSON syntax. In addition, when the ?jsonv2? GOEXPERIMENT is enabled: The encoding/json package uses the new JSON implementation. Marshaling and unmarshaling behavior is unaffected, but the text of errors returned by package function may change. The encoding/json package contains a number of new options which may be used to configure the marshaler and unmarshaler. The new implementation performs substantially better than the existing one under many scenarios. In general, encoding performance is at parity between the implementations and decoding is substantially faster in the new one. See the github.com/go-json-experiment/jsonbench repository for more detailed analysis. We encourage users of encoding/json to test their programs with GOEXPERIMENT=jsonv2 enabled to help detect any compatibility issues with the new implementation. We expect the design of encoding/json/v2 to continue to evolve. We encourage developers to try out the new API and provide feedback on the proposal issue. * archive/tar: The Writer.AddFS implementation now supports symbolic links for filesystems that implement io/fs.ReadLinkFS. * encoding/asn1: Unmarshal and UnmarshalWithParams now parse the ASN.1 types T61String and BMPString more consistently. This may result in some previously accepted malformed encodings now being rejected. * crypto: MessageSigner is a new signing interface that can be implemented by signers that wish to hash the message to be signed themselves. A new function is also introduced, SignMessage, which attempts to upgrade a Signer interface to MessageSigner, using the MessageSigner.SignMessage method if successful, and Signer.Sign if not. This can be used when code wishes to support both Signer and MessageSigner. * crypto: Changing the fips140 GODEBUG setting after the program has started is now a no-op. Previously, it was documented as not allowed, and could cause a panic if changed. * crypto: SHA-1, SHA-256, and SHA-512 are now slower on amd64 when AVX2 instructions are not available. All server processors (and most others) produced since 2015 support AVX2. * crypto/ecdsa: The new ParseRawPrivateKey, ParseUncompressedPublicKey, PrivateKey.Bytes, and PublicKey.Bytes functions and methods implement low- level encodings, replacing the need to use crypto/elliptic or math/big functions and methods. * crypto/ecdsa: When FIPS 140-3 mode is enabled, signing is now four times faster, matching the performance of non-FIPS mode. * crypto/ed25519: When FIPS 140-3 mode is enabled, signing is now four times faster, matching the performance of non-FIPS mode. * crypto/elliptic: The hidden and undocumented Inverse and CombinedMult methods on some Curve implementations have been removed. * crypto/rsa: PublicKey no longer claims that the modulus value is treated as secret. VerifyPKCS1v15 and VerifyPSS already warned that all inputs are public and could be leaked, and there are mathematical attacks that can recover the modulus from other public values. * crypto/rsa: Key generation is now three times faster. * crypto/sha1: Hashing is now two times faster on amd64 when SHA-NI instructions are available. * crypto/sha3: The new SHA3.Clone method implements hash.Cloner. * crypto/sha3: Hashing is now two times faster on Apple M processors. * crypto/tls: The new ConnectionState.CurveID field exposes the key exchange mechanism used to establish the connection. * crypto/tls: The new Config.GetEncryptedClientHelloKeys callback can be used to set the EncryptedClientHelloKeys for a server to use when a client sends an Encrypted Client Hello extension. * crypto/tls: SHA-1 signature algorithms are now disallowed in TLS 1.2 handshakes, per RFC 9155. They can be re-enabled with the GODEBUG setting tlssha1=1. * crypto/tls: When FIPS 140-3 mode is enabled, Extended Master Secret is now required in TLS 1.2, and Ed25519 and X25519MLKEM768 are now allowed. * crypto/tls: TLS servers now prefer the highest supported protocol version, even if it isn?t the client?s most preferred protocol version. * crypto/tls: Both TLS clients and servers are now stricter in following the specifications and in rejecting off-spec behavior. Connections with compliant peers should be unaffected. * crypto/x509: CreateCertificate, CreateCertificateRequest, and CreateRevocationList can now accept a crypto.MessageSigner signing interface as well as crypto.Signer. This allows these functions to use signers which implement ?one-shot? signing interfaces, where hashing is done as part of the signing operation, instead of by the caller. * crypto/x509: CreateCertificate now uses truncated SHA-256 to populate the SubjectKeyId if it is missing. The GODEBUG setting x509sha256skid=0 reverts to SHA-1. * crypto/x509: ParseCertificate now rejects certificates which contain a BasicConstraints extension that contains a negative pathLenConstraint. * crypto/x509: ParseCertificate now handles strings encoded with the ASN.1 T61String and BMPString types more consistently. This may result in some previously accepted malformed encodings now being rejected. * debug/elf: The debug/elf package adds two new constants: PT_RISCV_ATTRIBUTES and SHT_RISCV_ATTRIBUTES for RISC-V ELF parsing. * go/ast: The FilterPackage, PackageExports, and MergePackageFiles functions, and the MergeMode type and its constants, are all deprecated, as they are for use only with the long-deprecated Object and Package machinery. * go/ast: The new PreorderStack function, like Inspect, traverses a syntax tree and provides control over descent into subtrees, but as a convenience it also provides the stack of enclosing nodes at each point. * go/parser: The ParseDir function is deprecated. * go/token: The new FileSet.AddExistingFiles method enables existing Files to be added to a FileSet, or a FileSet to be constructed for an arbitrary set of Files, alleviating the problems associated with a single global FileSet in long-lived applications. * go/types: Var now has a Var.Kind method that classifies the variable as one of: package-level, receiver, parameter, result, local variable, or a struct field. * go/types: The new LookupSelection function looks up the field or method of a given name and receiver type, like the existing LookupFieldOrMethod function, but returns the result in the form of a Selection. * hash: The new XOF interface can be implemented by ?extendable output functions?, which are hash functions with arbitrary or unlimited output length such as SHAKE. * hash: Hashes implementing the new Cloner interface can return a copy of their state. All standard library Hash implementations now implement Cloner. * hash/maphash: The new Hash.Clone method implements hash.Cloner. * io/fs: A new ReadLinkFS interface provides the ability to read symbolic links in a filesystem. * log/slog: GroupAttrs creates a group Attr from a slice of Attr values. * log/slog: Record now has a Source method, returning its source location or nil if unavailable. * mime/multipart: The new helper function FileContentDisposition builds multipart Content-Disposition header fields. * net: LookupMX and Resolver.LookupMX now return DNS names that look like valid IP address, as well as valid domain names. Previously if a name server returned an IP address as a DNS name, LookupMX would discard it, as required by the RFCs. However, name servers in practice do sometimes return IP addresses. * net: On Windows, ListenMulticastUDP now supports IPv6 addresses. * net: On Windows, it is now possible to convert between an os.File and a network connection. Specifcally, the FileConn, FilePacketConn, and FileListener functions are now implemented, and return a network connection or listener corresponding to an open file. Similarly, the File methods of TCPConn, UDPConn, UnixConn, IPConn, TCPListener, and UnixListener are now implemented, and return the underlying os.File of a network connection. * net/http: The new CrossOriginProtection implements protections against Cross-Site Request Forgery (CSRF) by rejecting non-safe cross-origin browser requests. It uses modern browser Fetch metadata, doesn?t require tokens or cookies, and supports origin-based and pattern-based bypasses. * os: On Windows, NewFile now supports handles opened for asynchronous I/O (that is, syscall.FILE_FLAG_OVERLAPPED is specified in the syscall.CreateFile call). These handles are associated with the Go runtime?s I/O completion port, which provides the following benefits for the resulting File: I/O methods (File.Read, File.Write, File.ReadAt, and File.WriteAt) do not block an OS thread. Deadline methods (File.SetDeadline, File.SetReadDeadline, and File.SetWriteDeadline) are supported. This enhancement is especially beneficial for applications that communicate via named pipes on Windows. Note that a handle can only be associated with one completion port at a time. If the handle provided to NewFile is already associated with a completion port, the returned File is downgraded to synchronous I/O mode. In this case, I/O methods will block an OS thread, and the deadline methods have no effect. * os: The filesystems returned by DirFS and Root.FS implement the new io/fs.ReadLinkFS interface. CopyFS supports symlinks when copying filesystems that implement io/fs.ReadLinkFS. The Root type supports the following additional methods: Root.Chmod, Root.Chown, Root.Chtimes, Root.Lchown, Root.Link, Root.MkdirAll, Root.ReadFile, Root.Readlink, Root.RemoveAll, Root.Rename, Root.Symlink, and Root.WriteFile. * reflect: The new TypeAssert function permits converting a Value directly to a Go value of the given type. This is like using a type assertion on the result of Value.Interface, but avoids unnecessary memory allocations. * regexp/syntax: The \p{name} and \P{name} character class syntaxes now accept the names Any, ASCII, Assigned, Cn, and LC, as well as Unicode category aliases like \p{Letter} for \pL. Following Unicode TR18, they also now use case-insensitive name lookups, ignoring spaces, underscores, and hyphens. * runtime: Cleanup functions scheduled by AddCleanup are now executed concurrently and in parallel, making cleanups more viable for heavy use like the unique package. Note that individual cleanups should still shunt their work to a new goroutine if they must execute or block for a long time to avoid blocking the cleanup queue. * runtime: A new GODEBUG=checkfinalizers=1 setting helps find common issues with finalizers and cleanups, such as those described in the GC guide. In this mode, the runtime runs diagnostics on each garbage collection cycle, and will also regularly report the finalizer and cleanup queue lengths to stderr to help identify issues with long-running finalizers and/or cleanups. See the GODEBUG documentation for more details. * runtime: The new SetDefaultGOMAXPROCS function sets GOMAXPROCS to the runtime default value, as if the GOMAXPROCS environment variable is not set. This is useful for enabling the new GOMAXPROCS default if it has been disabled by the GOMAXPROCS environment variable or a prior call to GOMAXPROCS. * runtime/pprof: The mutex profile for contention on runtime-internal locks now correctly points to the end of the critical section that caused the delay. This matches the profile?s behavior for contention on sync.Mutex values. The runtimecontentionstacks setting for GODEBUG, which allowed opting in to the unusual behavior of Go 1.22 through 1.24 for this part of the profile, is now gone. * sync: The new WaitGroup.Go method makes the common pattern of creating and counting goroutines more convenient. * testing: The new methods T.Attr, B.Attr, and F.Attr emit an attribute to the test log. An attribute is an arbitrary key and value associated with a test. * testing: With the -json flag, attributes appear as a new ?attr? action. * testing: The new Output method of T, B and F provides an io.Writer that writes to the same test output stream as TB.Log. Like TB.Log, the output is indented, but it does not include the file and line number. * testing: The AllocsPerRun function now panics if parallel tests are running. The result of AllocsPerRun is inherently flaky if other tests are running. The new panicking behavior helps catch such bugs. * testing/fstest: MapFS implements the new io/fs.ReadLinkFS interface. TestFS will verify the functionality of the io/fs.ReadLinkFS interface if implemented. TestFS will no longer follow symlinks to avoid unbounded recursion. * unicode: The new CategoryAliases map provides access to category alias names, such as ?Letter? for ?L?. * unicode: The new categories Cn and LC define unassigned codepoints and cased letters, respectively. These have always been defined by Unicode but were inadvertently omitted in earlier versions of Go. The C category now includes Cn, meaning it has added all unassigned code points. * unique: The unique package now reclaims interned values more eagerly, more efficiently, and in parallel. As a consequence, applications using Make are now less likely to experience memory blow-up when lots of truly unique values are interned. * unique: Values passed to Make containing Handles previously required multiple garbage collection cycles to collect, proportional to the depth of the chain of Handle values. Now, once unused, they are collected promptly in a single cycle. * Darwin port: As announced in the Go 1.24 release notes, Go 1.25 requires macOS 12 Monterey or later. Support for previous versions has been discontinued. * Windows port: Go 1.25 is the last release that contains the broken 32-bit windows/arm port (GOOS=windows GOARCH=arm). It will be removed in Go 1.26. * Loong64 port: The linux/loong64 port now supports the race detector, gathering traceback information from C code using runtime.SetCgoTraceback, and linking cgo programs with the internal link mode. * RISC-V port: The linux/riscv64 port now supports the plugin build mode. * RISC-V port: The GORISCV64 environment variable now accepts a new value rva23u64, which selects the RVA23U64 user-mode application profile. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2924=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-2924=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-2924=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2924=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2924=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2924=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2924=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2924=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2924=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2924=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2924=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2924=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2924=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2924=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2924=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.25-race-1.25.0-150000.1.5.1 * go1.25-1.25.0-150000.1.5.1 * go1.25-doc-1.25.0-150000.1.5.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.25-race-1.25.0-150000.1.5.1 * go1.25-1.25.0-150000.1.5.1 * go1.25-doc-1.25.0-150000.1.5.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * go1.25-race-1.25.0-150000.1.5.1 * go1.25-1.25.0-150000.1.5.1 * go1.25-doc-1.25.0-150000.1.5.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * go1.25-race-1.25.0-150000.1.5.1 * go1.25-1.25.0-150000.1.5.1 * go1.25-doc-1.25.0-150000.1.5.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.25-race-1.25.0-150000.1.5.1 * go1.25-1.25.0-150000.1.5.1 * go1.25-doc-1.25.0-150000.1.5.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.25-race-1.25.0-150000.1.5.1 * go1.25-1.25.0-150000.1.5.1 * go1.25-doc-1.25.0-150000.1.5.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * go1.25-race-1.25.0-150000.1.5.1 * go1.25-1.25.0-150000.1.5.1 * go1.25-doc-1.25.0-150000.1.5.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * go1.25-race-1.25.0-150000.1.5.1 * go1.25-1.25.0-150000.1.5.1 * go1.25-doc-1.25.0-150000.1.5.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * go1.25-race-1.25.0-150000.1.5.1 * go1.25-1.25.0-150000.1.5.1 * go1.25-doc-1.25.0-150000.1.5.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * go1.25-race-1.25.0-150000.1.5.1 * go1.25-1.25.0-150000.1.5.1 * go1.25-doc-1.25.0-150000.1.5.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * go1.25-race-1.25.0-150000.1.5.1 * go1.25-1.25.0-150000.1.5.1 * go1.25-doc-1.25.0-150000.1.5.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * go1.25-race-1.25.0-150000.1.5.1 * go1.25-1.25.0-150000.1.5.1 * go1.25-doc-1.25.0-150000.1.5.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.25-race-1.25.0-150000.1.5.1 * go1.25-1.25.0-150000.1.5.1 * go1.25-doc-1.25.0-150000.1.5.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * go1.25-race-1.25.0-150000.1.5.1 * go1.25-1.25.0-150000.1.5.1 * go1.25-doc-1.25.0-150000.1.5.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * go1.25-race-1.25.0-150000.1.5.1 * go1.25-1.25.0-150000.1.5.1 * go1.25-doc-1.25.0-150000.1.5.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4674.html * https://www.suse.com/security/cve/CVE-2025-47906.html * https://www.suse.com/security/cve/CVE-2025-47907.html * https://bugzilla.suse.com/show_bug.cgi?id=1244485 * https://bugzilla.suse.com/show_bug.cgi?id=1246118 * https://bugzilla.suse.com/show_bug.cgi?id=1247719 * https://bugzilla.suse.com/show_bug.cgi?id=1247720 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 20 08:37:18 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 20 Aug 2025 08:37:18 -0000 Subject: SUSE-SU-2025:02923-1: important: Security update for the Linux Kernel Message-ID: <175567903868.679.3874695993921563256@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:02923-1 Release Date: 2025-08-20T07:24:59Z Rating: important References: * bsc#1012628 * bsc#1139073 * bsc#1204142 * bsc#1210025 * bsc#1211226 * bsc#1215199 * bsc#1218184 * bsc#1219338 * bsc#1220112 * bsc#1223008 * bsc#1225707 * bsc#1226498 * bsc#1228557 * bsc#1228854 * bsc#1229491 * bsc#1230216 * bsc#1232504 * bsc#1232882 * bsc#1233300 * bsc#1235490 * bsc#1235613 * bsc#1235728 * bsc#1235837 * bsc#1235968 * bsc#1236208 * bsc#1236333 * bsc#1236897 * bsc#1237312 * bsc#1237913 * bsc#1238212 * bsc#1238859 * bsc#1238896 * bsc#1238982 * bsc#1239061 * bsc#1239470 * bsc#1239925 * bsc#1240180 * bsc#1240323 * bsc#1240577 * bsc#1240610 * bsc#1240686 * bsc#1240723 * bsc#1240814 * bsc#1240823 * bsc#1240866 * bsc#1240885 * bsc#1240966 * bsc#1241166 * bsc#1241278 * bsc#1241340 * bsc#1241345 * bsc#1241414 * bsc#1241457 * bsc#1241492 * bsc#1241519 * bsc#1241537 * bsc#1241538 * bsc#1241544 * bsc#1241572 * bsc#1241576 * bsc#1241590 * bsc#1241592 * bsc#1241595 * bsc#1241617 * bsc#1241625 * bsc#1241635 * bsc#1241644 * bsc#1241654 * bsc#1242035 * bsc#1242044 * bsc#1242086 * bsc#1242163 * bsc#1242343 * bsc#1242414 * bsc#1242501 * bsc#1242504 * bsc#1242512 * bsc#1242514 * bsc#1242515 * bsc#1242520 * bsc#1242521 * bsc#1242524 * bsc#1242529 * bsc#1242530 * bsc#1242531 * bsc#1242532 * bsc#1242556 * bsc#1242559 * bsc#1242563 * bsc#1242564 * bsc#1242565 * bsc#1242566 * bsc#1242567 * bsc#1242568 * bsc#1242569 * bsc#1242573 * bsc#1242574 * bsc#1242575 * bsc#1242578 * bsc#1242584 * bsc#1242587 * bsc#1242591 * bsc#1242709 * bsc#1242725 * bsc#1242727 * bsc#1242758 * bsc#1242760 * bsc#1242761 * bsc#1242764 * bsc#1242766 * bsc#1242770 * bsc#1242781 * bsc#1242782 * bsc#1242785 * bsc#1242792 * bsc#1242837 * bsc#1242846 * bsc#1242849 * bsc#1242850 * bsc#1242871 * bsc#1242873 * bsc#1242906 * bsc#1242907 * bsc#1242908 * bsc#1242930 * bsc#1242940 * bsc#1242945 * bsc#1242946 * bsc#1242948 * bsc#1242949 * bsc#1242953 * bsc#1242954 * bsc#1242955 * bsc#1242957 * bsc#1242959 * bsc#1242960 * bsc#1242961 * bsc#1242965 * bsc#1242973 * bsc#1242974 * bsc#1242977 * bsc#1242982 * bsc#1242990 * bsc#1242993 * bsc#1243000 * bsc#1243006 * bsc#1243011 * bsc#1243015 * bsc#1243049 * bsc#1243051 * bsc#1243060 * bsc#1243068 * bsc#1243074 * bsc#1243076 * bsc#1243082 * bsc#1243100 * bsc#1243330 * bsc#1243342 * bsc#1243456 * bsc#1243467 * bsc#1243469 * bsc#1243470 * bsc#1243471 * bsc#1243472 * bsc#1243473 * bsc#1243475 * bsc#1243476 * bsc#1243479 * bsc#1243480 * bsc#1243506 * bsc#1243509 * bsc#1243511 * bsc#1243515 * bsc#1243516 * bsc#1243517 * bsc#1243522 * bsc#1243523 * bsc#1243524 * bsc#1243528 * bsc#1243529 * bsc#1243530 * bsc#1243534 * bsc#1243536 * bsc#1243537 * bsc#1243538 * bsc#1243540 * bsc#1243542 * bsc#1243543 * bsc#1243544 * bsc#1243545 * bsc#1243551 * bsc#1243559 * bsc#1243560 * bsc#1243562 * bsc#1243567 * bsc#1243571 * bsc#1243572 * bsc#1243573 * bsc#1243574 * bsc#1243575 * bsc#1243589 * bsc#1243620 * bsc#1243621 * bsc#1243624 * bsc#1243625 * bsc#1243626 * bsc#1243627 * bsc#1243628 * bsc#1243649 * bsc#1243659 * bsc#1243660 * bsc#1243664 * bsc#1243669 * bsc#1243698 * bsc#1243774 * bsc#1243782 * bsc#1243806 * bsc#1243823 * bsc#1243827 * bsc#1243832 * bsc#1243836 * bsc#1243847 * bsc#1244100 * bsc#1244145 * bsc#1244172 * bsc#1244176 * bsc#1244229 * bsc#1244234 * bsc#1244241 * bsc#1244261 * bsc#1244274 * bsc#1244275 * bsc#1244277 * bsc#1244309 * bsc#1244313 * bsc#1244337 * bsc#1244457 * bsc#1244626 * bsc#1244725 * bsc#1244727 * bsc#1244729 * bsc#1244731 * bsc#1244732 * bsc#1244735 * bsc#1244736 * bsc#1244737 * bsc#1244738 * bsc#1244739 * bsc#1244743 * bsc#1244746 * bsc#1244749 * bsc#1244750 * bsc#1244759 * bsc#1244789 * bsc#1244792 * bsc#1244801 * bsc#1244862 * bsc#1244906 * bsc#1244938 * bsc#1244995 * bsc#1244996 * bsc#1244999 * bsc#1245001 * bsc#1245003 * bsc#1245004 * bsc#1245025 * bsc#1245042 * bsc#1245046 * bsc#1245078 * bsc#1245081 * bsc#1245082 * bsc#1245083 * bsc#1245151 * bsc#1245155 * bsc#1245183 * bsc#1245193 * bsc#1245201 * bsc#1245202 * bsc#1245210 * bsc#1245216 * bsc#1245217 * bsc#1245225 * bsc#1245226 * bsc#1245228 * bsc#1245260 * bsc#1245431 * bsc#1245440 * bsc#1245455 * bsc#1245457 * bsc#1245498 * bsc#1245499 * bsc#1245504 * bsc#1245506 * bsc#1245508 * bsc#1245510 * bsc#1245540 * bsc#1245598 * bsc#1245599 * bsc#1245646 * bsc#1245647 * bsc#1245649 * bsc#1245650 * bsc#1245654 * bsc#1245658 * bsc#1245660 * bsc#1245665 * bsc#1245666 * bsc#1245668 * bsc#1245669 * bsc#1245670 * bsc#1245671 * bsc#1245675 * bsc#1245676 * bsc#1245677 * bsc#1245679 * bsc#1245682 * bsc#1245683 * bsc#1245684 * bsc#1245688 * bsc#1245689 * bsc#1245690 * bsc#1245691 * bsc#1245695 * bsc#1245705 * bsc#1245708 * bsc#1245711 * bsc#1245713 * bsc#1245714 * bsc#1245719 * bsc#1245723 * bsc#1245729 * bsc#1245730 * bsc#1245731 * bsc#1245735 * bsc#1245737 * bsc#1245744 * bsc#1245745 * bsc#1245746 * bsc#1245747 * bsc#1245748 * bsc#1245749 * bsc#1245750 * bsc#1245751 * bsc#1245752 * bsc#1245757 * bsc#1245758 * bsc#1245765 * bsc#1245768 * bsc#1245769 * bsc#1245777 * bsc#1245781 * bsc#1245789 * bsc#1245937 * bsc#1245945 * bsc#1245951 * bsc#1245952 * bsc#1245954 * bsc#1245957 * bsc#1245966 * bsc#1245970 * bsc#1245976 * bsc#1245980 * bsc#1245983 * bsc#1245986 * bsc#1246000 * bsc#1246002 * bsc#1246006 * bsc#1246008 * bsc#1246020 * bsc#1246023 * bsc#1246029 * bsc#1246031 * bsc#1246037 * bsc#1246041 * bsc#1246042 * bsc#1246044 * bsc#1246045 * bsc#1246047 * bsc#1246049 * bsc#1246050 * bsc#1246055 * bsc#1246073 * bsc#1246093 * bsc#1246098 * bsc#1246109 * bsc#1246122 * bsc#1246125 * bsc#1246171 * bsc#1246173 * bsc#1246178 * bsc#1246182 * bsc#1246183 * bsc#1246186 * bsc#1246195 * bsc#1246203 * bsc#1246212 * bsc#1246220 * bsc#1246236 * bsc#1246240 * bsc#1246243 * bsc#1246246 * bsc#1246249 * bsc#1246250 * bsc#1246253 * bsc#1246258 * bsc#1246262 * bsc#1246264 * bsc#1246266 * bsc#1246268 * bsc#1246273 * bsc#1246283 * bsc#1246287 * bsc#1246292 * bsc#1246293 * bsc#1246295 * bsc#1246334 * bsc#1246337 * bsc#1246342 * bsc#1246349 * bsc#1246354 * bsc#1246358 * bsc#1246361 * bsc#1246364 * bsc#1246370 * bsc#1246375 * bsc#1246384 * bsc#1246386 * bsc#1246387 * bsc#1246438 * bsc#1246453 * bsc#1246473 * bsc#1246490 * bsc#1246506 * bsc#1246547 * bsc#1246777 * bsc#1246781 * bsc#1246870 * bsc#1246879 * bsc#1246911 * bsc#1247018 * bsc#1247023 * bsc#1247028 * bsc#1247031 * bsc#1247033 * bsc#1247035 * bsc#1247061 * bsc#1247089 * bsc#1247091 * bsc#1247097 * bsc#1247098 * bsc#1247101 * bsc#1247103 * bsc#1247104 * bsc#1247113 * bsc#1247118 * bsc#1247123 * bsc#1247125 * bsc#1247128 * bsc#1247132 * bsc#1247138 * bsc#1247141 * bsc#1247143 * bsc#1247145 * bsc#1247146 * bsc#1247147 * bsc#1247149 * bsc#1247150 * bsc#1247151 * bsc#1247153 * bsc#1247154 * bsc#1247156 * bsc#1247160 * bsc#1247164 * bsc#1247169 * bsc#1247170 * bsc#1247171 * bsc#1247172 * bsc#1247174 * bsc#1247176 * bsc#1247177 * bsc#1247178 * bsc#1247181 * bsc#1247209 * bsc#1247210 * bsc#1247227 * bsc#1247233 * bsc#1247236 * bsc#1247238 * bsc#1247241 * bsc#1247243 * bsc#1247251 * bsc#1247252 * bsc#1247253 * bsc#1247255 * bsc#1247271 * bsc#1247273 * bsc#1247274 * bsc#1247276 * bsc#1247277 * bsc#1247278 * bsc#1247279 * bsc#1247284 * bsc#1247285 * bsc#1247288 * bsc#1247289 * bsc#1247293 * bsc#1247311 * bsc#1247314 * bsc#1247317 * bsc#1247347 * bsc#1247348 * bsc#1247349 * bsc#1247374 * bsc#1247437 * bsc#1247450 * bsc#1247712 * jsc#PED-10253 * jsc#PED-12551 Cross-References: * CVE-2019-11135 * CVE-2023-52888 * CVE-2023-53146 * CVE-2024-26831 * CVE-2024-36028 * CVE-2024-36348 * CVE-2024-36349 * CVE-2024-36350 * CVE-2024-36357 * CVE-2024-43869 * CVE-2024-44963 * CVE-2024-49568 * CVE-2024-49861 * CVE-2024-50106 * CVE-2024-56613 * CVE-2024-56699 * CVE-2024-56742 * CVE-2024-57947 * CVE-2024-57982 * CVE-2024-58053 * CVE-2024-58098 * CVE-2024-58099 * CVE-2024-58100 * CVE-2024-58237 * CVE-2025-21629 * CVE-2025-21658 * CVE-2025-21720 * CVE-2025-21839 * CVE-2025-21854 * CVE-2025-21868 * CVE-2025-21872 * CVE-2025-21898 * CVE-2025-21899 * CVE-2025-21920 * CVE-2025-21938 * CVE-2025-21959 * CVE-2025-21997 * CVE-2025-22005 * CVE-2025-22035 * CVE-2025-22066 * CVE-2025-22083 * CVE-2025-22089 * CVE-2025-22090 * CVE-2025-22095 * CVE-2025-22111 * CVE-2025-22113 * CVE-2025-22119 * CVE-2025-22120 * CVE-2025-22124 * CVE-2025-23141 * CVE-2025-23142 * CVE-2025-23144 * CVE-2025-23146 * CVE-2025-23147 * CVE-2025-23148 * CVE-2025-23149 * CVE-2025-23151 * CVE-2025-23155 * CVE-2025-23156 * CVE-2025-23157 * CVE-2025-23158 * CVE-2025-23159 * CVE-2025-23161 * CVE-2025-23163 * CVE-2025-37738 * CVE-2025-37740 * CVE-2025-37741 * CVE-2025-37742 * CVE-2025-37743 * CVE-2025-37747 * CVE-2025-37752 * CVE-2025-37754 * CVE-2025-37756 * CVE-2025-37757 * CVE-2025-37758 * CVE-2025-37765 * CVE-2025-37766 * CVE-2025-37767 * CVE-2025-37768 * CVE-2025-37769 * CVE-2025-37770 * CVE-2025-37771 * CVE-2025-37772 * CVE-2025-37781 * CVE-2025-37782 * CVE-2025-37786 * CVE-2025-37788 * CVE-2025-37792 * CVE-2025-37793 * CVE-2025-37794 * CVE-2025-37796 * CVE-2025-37798 * CVE-2025-37800 * CVE-2025-37801 * CVE-2025-37805 * CVE-2025-37810 * CVE-2025-37811 * CVE-2025-37812 * CVE-2025-37815 * CVE-2025-37819 * CVE-2025-37836 * CVE-2025-37839 * CVE-2025-37840 * CVE-2025-37841 * CVE-2025-37844 * CVE-2025-37849 * CVE-2025-37850 * CVE-2025-37851 * CVE-2025-37852 * CVE-2025-37853 * CVE-2025-37854 * CVE-2025-37856 * CVE-2025-37858 * CVE-2025-37859 * CVE-2025-37862 * CVE-2025-37864 * CVE-2025-37865 * CVE-2025-37867 * CVE-2025-37871 * CVE-2025-37873 * CVE-2025-37874 * CVE-2025-37875 * CVE-2025-37881 * CVE-2025-37884 * CVE-2025-37885 * CVE-2025-37889 * CVE-2025-37890 * CVE-2025-37891 * CVE-2025-37892 * CVE-2025-37897 * CVE-2025-37900 * CVE-2025-37901 * CVE-2025-37903 * CVE-2025-37905 * CVE-2025-37909 * CVE-2025-37911 * CVE-2025-37912 * CVE-2025-37913 * CVE-2025-37914 * CVE-2025-37915 * CVE-2025-37917 * CVE-2025-37918 * CVE-2025-37920 * CVE-2025-37921 * CVE-2025-37923 * CVE-2025-37925 * CVE-2025-37927 * CVE-2025-37928 * CVE-2025-37929 * CVE-2025-37930 * CVE-2025-37931 * CVE-2025-37932 * CVE-2025-37933 * CVE-2025-37936 * CVE-2025-37937 * CVE-2025-37938 * CVE-2025-37943 * CVE-2025-37944 * CVE-2025-37945 * CVE-2025-37946 * CVE-2025-37948 * CVE-2025-37951 * CVE-2025-37953 * CVE-2025-37954 * CVE-2025-37959 * CVE-2025-37961 * CVE-2025-37963 * CVE-2025-37967 * CVE-2025-37968 * CVE-2025-37969 * CVE-2025-37970 * CVE-2025-37972 * CVE-2025-37973 * CVE-2025-37978 * CVE-2025-37979 * CVE-2025-37980 * CVE-2025-37982 * CVE-2025-37983 * CVE-2025-37984 * CVE-2025-37985 * CVE-2025-37986 * CVE-2025-37987 * CVE-2025-37989 * CVE-2025-37990 * CVE-2025-37992 * CVE-2025-37994 * CVE-2025-37995 * CVE-2025-37997 * CVE-2025-37998 * CVE-2025-38000 * CVE-2025-38001 * CVE-2025-38003 * CVE-2025-38004 * CVE-2025-38005 * CVE-2025-38007 * CVE-2025-38009 * CVE-2025-38010 * CVE-2025-38011 * CVE-2025-38013 * CVE-2025-38014 * CVE-2025-38015 * CVE-2025-38018 * CVE-2025-38020 * CVE-2025-38022 * CVE-2025-38023 * CVE-2025-38024 * CVE-2025-38027 * CVE-2025-38031 * CVE-2025-38034 * CVE-2025-38035 * CVE-2025-38040 * CVE-2025-38043 * CVE-2025-38044 * CVE-2025-38045 * CVE-2025-38051 * CVE-2025-38052 * CVE-2025-38053 * CVE-2025-38057 * CVE-2025-38058 * CVE-2025-38059 * CVE-2025-38060 * CVE-2025-38061 * CVE-2025-38062 * CVE-2025-38063 * CVE-2025-38064 * CVE-2025-38065 * CVE-2025-38068 * CVE-2025-38072 * CVE-2025-38074 * CVE-2025-38077 * CVE-2025-38078 * CVE-2025-38079 * CVE-2025-38080 * CVE-2025-38081 * CVE-2025-38083 * CVE-2025-38084 * CVE-2025-38085 * CVE-2025-38087 * CVE-2025-38088 * CVE-2025-38089 * CVE-2025-38090 * CVE-2025-38094 * CVE-2025-38095 * CVE-2025-38097 * CVE-2025-38098 * CVE-2025-38099 * CVE-2025-38100 * CVE-2025-38102 * CVE-2025-38104 * CVE-2025-38105 * CVE-2025-38107 * CVE-2025-38108 * CVE-2025-38109 * CVE-2025-38110 * CVE-2025-38111 * CVE-2025-38112 * CVE-2025-38113 * CVE-2025-38115 * CVE-2025-38117 * CVE-2025-38118 * CVE-2025-38120 * CVE-2025-38122 * CVE-2025-38123 * CVE-2025-38124 * CVE-2025-38126 * CVE-2025-38127 * CVE-2025-38129 * CVE-2025-38131 * CVE-2025-38132 * CVE-2025-38135 * CVE-2025-38136 * CVE-2025-38138 * CVE-2025-38142 * CVE-2025-38143 * CVE-2025-38145 * CVE-2025-38147 * CVE-2025-38148 * CVE-2025-38149 * CVE-2025-38151 * CVE-2025-38153 * CVE-2025-38154 * CVE-2025-38155 * CVE-2025-38157 * CVE-2025-38158 * CVE-2025-38159 * CVE-2025-38161 * CVE-2025-38162 * CVE-2025-38165 * CVE-2025-38166 * CVE-2025-38173 * CVE-2025-38174 * CVE-2025-38177 * CVE-2025-38180 * CVE-2025-38181 * CVE-2025-38182 * CVE-2025-38183 * CVE-2025-38187 * CVE-2025-38188 * CVE-2025-38192 * CVE-2025-38193 * CVE-2025-38194 * CVE-2025-38197 * CVE-2025-38198 * CVE-2025-38200 * CVE-2025-38202 * CVE-2025-38203 * CVE-2025-38204 * CVE-2025-38206 * CVE-2025-38210 * CVE-2025-38211 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38214 * CVE-2025-38215 * CVE-2025-38217 * CVE-2025-38220 * CVE-2025-38222 * CVE-2025-38225 * CVE-2025-38226 * CVE-2025-38227 * CVE-2025-38229 * CVE-2025-38231 * CVE-2025-38236 * CVE-2025-38239 * CVE-2025-38240 * CVE-2025-38244 * CVE-2025-38246 * CVE-2025-38248 * CVE-2025-38249 * CVE-2025-38250 * CVE-2025-38257 * CVE-2025-38259 * CVE-2025-38264 * CVE-2025-38272 * CVE-2025-38273 * CVE-2025-38275 * CVE-2025-38277 * CVE-2025-38279 * CVE-2025-38283 * CVE-2025-38286 * CVE-2025-38289 * CVE-2025-38290 * CVE-2025-38292 * CVE-2025-38293 * CVE-2025-38300 * CVE-2025-38303 * CVE-2025-38304 * CVE-2025-38305 * CVE-2025-38307 * CVE-2025-38310 * CVE-2025-38312 * CVE-2025-38313 * CVE-2025-38319 * CVE-2025-38323 * CVE-2025-38326 * CVE-2025-38328 * CVE-2025-38332 * CVE-2025-38334 * CVE-2025-38335 * CVE-2025-38336 * CVE-2025-38337 * CVE-2025-38338 * CVE-2025-38342 * CVE-2025-38343 * CVE-2025-38344 * CVE-2025-38345 * CVE-2025-38348 * CVE-2025-38349 * CVE-2025-38350 * CVE-2025-38352 * CVE-2025-38354 * CVE-2025-38362 * CVE-2025-38363 * CVE-2025-38364 * CVE-2025-38365 * CVE-2025-38369 * CVE-2025-38371 * CVE-2025-38373 * CVE-2025-38375 * CVE-2025-38376 * CVE-2025-38377 * CVE-2025-38380 * CVE-2025-38382 * CVE-2025-38384 * CVE-2025-38385 * CVE-2025-38386 * CVE-2025-38387 * CVE-2025-38389 * CVE-2025-38391 * CVE-2025-38392 * CVE-2025-38393 * CVE-2025-38395 * CVE-2025-38396 * CVE-2025-38399 * CVE-2025-38400 * CVE-2025-38401 * CVE-2025-38403 * CVE-2025-38404 * CVE-2025-38406 * CVE-2025-38409 * CVE-2025-38410 * CVE-2025-38412 * CVE-2025-38414 * CVE-2025-38415 * CVE-2025-38416 * CVE-2025-38420 * CVE-2025-38424 * CVE-2025-38425 * CVE-2025-38426 * CVE-2025-38428 * CVE-2025-38429 * CVE-2025-38430 * CVE-2025-38436 * CVE-2025-38443 * CVE-2025-38448 * CVE-2025-38449 * CVE-2025-38455 * CVE-2025-38457 * CVE-2025-38460 * CVE-2025-38461 * CVE-2025-38462 * CVE-2025-38463 * CVE-2025-38465 * CVE-2025-38467 * CVE-2025-38468 * CVE-2025-38470 * CVE-2025-38471 * CVE-2025-38473 * CVE-2025-38474 * CVE-2025-38476 * CVE-2025-38477 * CVE-2025-38478 * CVE-2025-38480 * CVE-2025-38481 * CVE-2025-38482 * CVE-2025-38483 * CVE-2025-38485 * CVE-2025-38487 * CVE-2025-38489 * CVE-2025-38490 * CVE-2025-38494 * CVE-2025-38495 * CVE-2025-38496 * CVE-2025-38497 * CVE-2025-38498 * CVE-2025-39735 * CVE-2025-40014 CVSS scores: * CVE-2019-11135 ( SUSE ): 6.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2019-11135 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-52888 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52888 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53146 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-53146 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26831 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26831 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36348 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36349 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36350 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36357 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-43869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44963 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-44963 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49568 ( SUSE ): 5.9 CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49568 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-49861 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49861 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49861 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50106 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50106 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56613 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56613 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56613 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56699 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-56699 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-56742 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56742 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56742 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57947 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57947 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57982 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-58053 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58099 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58099 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58100 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21629 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21629 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21658 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21658 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21658 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21868 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21872 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21898 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21898 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21899 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21920 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21938 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21938 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21959 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21959 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21959 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21997 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21997 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21997 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22005 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22005 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22005 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22035 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-22035 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22066 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22066 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22066 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22083 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22083 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22089 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22089 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-22090 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22095 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22111 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22111 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22113 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22113 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22119 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22119 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-22120 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22124 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23141 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23141 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23142 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23146 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23146 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23147 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23149 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23155 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23156 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23158 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23159 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23161 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23161 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23163 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23163 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37738 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37738 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37740 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37741 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37742 ( SUSE ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2025-37743 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-37743 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-37747 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37757 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37765 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37766 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37768 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37769 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37770 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37771 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37781 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37782 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-37786 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37788 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37792 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37793 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37794 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37796 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37800 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37800 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37800 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37801 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37801 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37801 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37805 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-37805 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37810 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37810 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-37811 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37811 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37812 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37812 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37815 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37836 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37839 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-37839 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-37840 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37841 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37844 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37849 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-37850 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37851 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-37851 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37852 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37852 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37853 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37854 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37854 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37856 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37856 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37858 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37858 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-37859 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-37859 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-37862 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37864 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37867 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37873 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37874 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37875 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37881 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37884 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37884 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37890 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37891 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-37892 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37897 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-37897 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-37900 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37900 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37901 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37903 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-37903 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-37905 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-37905 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2025-37909 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-37909 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-37911 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-37911 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2025-37912 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37912 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37913 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-37913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-37914 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-37914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-37915 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-37915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-37917 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37917 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37918 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37918 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37920 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37920 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-37921 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-37921 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2025-37923 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-37923 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2025-37925 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N * CVE-2025-37925 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37927 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-37927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2025-37928 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37928 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37929 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37929 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-37930 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-37930 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2025-37931 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-37931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-37932 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-37932 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2025-37933 ( SUSE ): 4.1 CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37933 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37937 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37938 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37943 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37944 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37945 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37948 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-37951 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37954 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37954 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-37959 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37961 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37963 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-37963 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-37967 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37968 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37972 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37978 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37979 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37980 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37983 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37983 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37984 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-37984 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-37985 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37986 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37987 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37989 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37992 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37992 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37994 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37994 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-37995 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37995 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37997 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-37997 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37998 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-37998 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38000 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38000 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38001 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38001 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38003 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38003 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38004 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38004 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-38005 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38005 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38007 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38009 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38009 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38010 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38010 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38011 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38013 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38013 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38014 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38014 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38015 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38018 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38020 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38020 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38022 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38022 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38023 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38023 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38024 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38024 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38027 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38027 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38031 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38031 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38034 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38034 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38035 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38035 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38040 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38040 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38043 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-38043 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2025-38044 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-38044 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2025-38045 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38045 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38051 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38052 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38053 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38057 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38057 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38058 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38058 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38059 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38059 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38060 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38060 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38061 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38062 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38062 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38063 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38063 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38064 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38064 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38065 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38065 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38068 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38068 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38072 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38072 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38074 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38077 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38078 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38078 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38080 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38081 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38081 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38084 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38084 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38085 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38085 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38087 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38088 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38088 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38089 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38089 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38090 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38090 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38095 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38097 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38097 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38098 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38098 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38099 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38099 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38100 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38102 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38102 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38105 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38105 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38107 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38107 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38108 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38108 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38109 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38109 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38110 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38110 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38111 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38111 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38112 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38112 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38113 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38115 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38115 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38117 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38117 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38118 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38120 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-38120 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-38122 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38123 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38124 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38126 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38126 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38127 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38127 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38129 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38129 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38131 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38131 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38132 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38132 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38135 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38136 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38138 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38142 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38142 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38143 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38143 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38145 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38145 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38147 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38148 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38149 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38149 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38151 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38151 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38153 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38153 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38154 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38154 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38155 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38155 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38157 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38157 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38158 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38158 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38159 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38159 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38161 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38162 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38165 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38166 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38166 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38173 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38173 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38174 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38174 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38180 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38180 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38182 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38183 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38183 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38187 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38187 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38188 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38192 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38192 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38193 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38193 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38194 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38197 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38197 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38198 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38203 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38203 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38204 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38204 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38206 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38206 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38211 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38211 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38214 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38214 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38215 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38217 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38217 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38220 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38220 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38222 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-38222 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2025-38225 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38226 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38226 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38227 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38227 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38229 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38229 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-38231 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38231 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38239 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38239 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38240 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38240 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38244 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38244 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38246 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38248 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38248 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38249 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38249 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38250 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38250 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38257 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38259 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38259 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38264 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38272 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38273 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38273 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38275 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38277 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38277 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38279 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38279 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38283 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38283 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38286 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38286 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38289 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38289 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38290 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38290 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38292 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38292 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38293 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38293 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38300 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38300 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38303 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38303 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38304 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38305 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38307 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38310 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38310 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38312 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38313 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38319 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38323 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38323 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38326 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38326 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38328 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38332 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38334 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38334 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38335 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38335 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38336 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38337 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38338 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38338 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38342 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-38344 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38344 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38345 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38345 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38348 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38349 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38349 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38350 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38350 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38352 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38352 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38354 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38354 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38362 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38363 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38364 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38364 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38365 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38365 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38369 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38369 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38371 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38371 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38373 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38373 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38375 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38376 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38376 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38377 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38377 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38380 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38380 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38382 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38382 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38384 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38384 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38385 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38385 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38386 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38386 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38387 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38387 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38389 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38389 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38391 ( SUSE ): 5.2 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38391 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38392 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38392 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38393 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38393 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38395 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38395 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38396 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38396 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38399 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38399 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38400 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38400 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38401 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38401 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38403 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38406 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38406 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38409 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38409 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38410 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38410 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38412 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38412 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38414 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38414 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38415 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38415 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38416 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38416 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38425 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38425 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38426 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38426 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38428 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38428 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38429 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38429 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38430 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38430 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38436 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38436 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38448 ( SUSE ): 4.1 CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38448 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38455 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38455 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38457 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38457 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38460 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38460 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38461 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38461 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38462 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38462 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38463 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38463 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38465 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38465 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38467 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38467 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38470 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38471 ( SUSE ): 8.4 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38471 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2025-38473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38474 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38474 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38476 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38476 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38477 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38477 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38478 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38478 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38480 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38480 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38481 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38481 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38482 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38482 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38483 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38483 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38485 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38485 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38487 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38487 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38489 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38489 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38490 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38490 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38496 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38496 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38497 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38497 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38498 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38498 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39735 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39735 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39735 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-40014 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40014 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-40014 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Confidential Computing Module 15-SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 447 vulnerabilities, contains two features and has 69 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2019-11135: TSX Asynchronous Abort condition (bsc#1139073). * CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557). * CVE-2024-36028: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() (bsc#1225707). * CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357: x86/process: Move the buffer clearing before MONITOR (bsc#1238896). * CVE-2024-44963: btrfs: do not BUG_ON() when freeing tree block after error (bsc#1230216). * CVE-2024-49568: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (bsc#1235728). * CVE-2024-49861: net: clear the dst when changing skb protocol (bsc#1245954). * CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913). * CVE-2024-58053: rxrpc: Fix handling of received connection abort (bsc#1238982). * CVE-2024-56742: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() (bsc#1235613). * CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216). * CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966). * CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183). * CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911). * CVE-2025-38371: drm/v3d: Disable interrupts before resetting the GPU (bsc#1247178). * CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169). * CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (bsc#1247097). * CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252). * CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098). * CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143). * CVE-2025-38465: netlink: make sure we allow at least one dump skb (bsc#1247118). * CVE-2025-38470: kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (bsc#1247288). * CVE-2025-38471: tls: always refresh the queue when reading sock (bsc#1247450). * CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243). * CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374). * CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload mode (bsc#1238859). * CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061). * CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470). * CVE-2025-21868: kABI workaround for adding an header (bsc#1240180). * CVE-2025-21872: efi/mokvar-table: Avoid repeated map/unmap of the same page (bsc#1240323). * CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610). * CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list (bsc#1240577). * CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686). * CVE-2025-21938: mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr (bsc#1240723). * CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (bsc#1240814). * CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823). * CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544). * CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537). * CVE-2025-22111: kABI fix for net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF (bsc#1241572). * CVE-2025-22113: ext4: define ext4_journal_destroy wrapper (bsc#1241617). * CVE-2025-23155: net: stmmac: Fix accessing freed irq affinity_hint (bsc#1242573). * CVE-2025-23163: net: vlan: do not propagate flags on open (bsc#1242837). * CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846). * CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504). * CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515). * CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521). * CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725). * CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849). * CVE-2025-37801: spi: spi-imx: Add check for spi_imx_setupxfer() (bsc#1242850). * CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling (bsc#1242907). * CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946). * CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068). * CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker (bsc#1243051). * CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields (bsc#1242982). * CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965). * CVE-2025-37865: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (bsc#1242954). * CVE-2025-37874: net: ngbe: fix memory leak in ngbe_probe() error path (bsc#1242940). * CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex (bsc#1243060). * CVE-2025-37885: KVM: x86: Reset IRTE to host control if _new_ route isn't postable (bsc#1242960). * CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled (bsc#1243467). * CVE-2025-37917: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (bsc#1243475). * CVE-2025-37920: kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (bsc#1243479). * CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry (bsc#1243480). * CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551). * CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620). * CVE-2025-37933: octeon_ep: Fix host hang issue during device reboot (bsc#1243628). * CVE-2025-37936: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value (bsc#1243537). * CVE-2025-37938: tracing: Verify event formats that have "%*p.." (bsc#1243544). * CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (bsc#1243538). * CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664). * CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523). * CVE-2025-37967: usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572). * CVE-2025-37968: iio: light: opt3001: fix deadlock due to concurrent flag access (bsc#1243571). * CVE-2025-37984: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (bsc#1243669). * CVE-2025-37987: pds_core: Prevent possible adminq overflow/stuck condition (bsc#1243542). * CVE-2025-37992: net_sched: Flush gso_skb list too during ->change() (bsc#1243698). * CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827). * CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832). * CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836). * CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277). * CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234). * CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock (bsc#1244729). * CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed (bsc#1244999). * CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792). * CVE-2025-38035: nvmet-tcp: do not restore null sk_state_change (bsc#1244801). * CVE-2025-38051: smb: client: Fix use-after-free in cifs_fill_dirent (bsc#1244750). * CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check (bsc#1244746). * CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862). * CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151). * CVE-2025-38060: bpf: abort verification if env->cur_state->loop_entry != NULL (bsc#1245155). * CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() (bsc#1245440). * CVE-2025-38063: dm: fix unconditional IO throttle caused by REQ_PREFLUSH (bsc#1245202). * CVE-2025-38064: virtio: break and reset virtio devices on device_shutdown() (bsc#1245201). * CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743). * CVE-2025-38074: vhost-scsi: protect vq->log_used with vq->mutex (bsc#1244735). * CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macb_halt_tx (bsc#1245649). * CVE-2025-38097: kabi: restore encap_sk in struct xfrm_state (bsc#1245660). * CVE-2025-38098: drm/amd/display: Do not treat wb connector as physical in (bsc#1245654). * CVE-2025-38099: Bluetooth: btusb: Fix regression in the initialization of fake Bluetooth controllers (bsc#1245671). * CVE-2025-38100: x86/iopl: Cure TIF_IO_BITMAP inconsistencies (bsc#1245650). * CVE-2025-38105: ALSA: usb-audio: Kill timer properly at removal (bsc#1245682). * CVE-2025-38115: net_sched: sch_sfq: fix a potential crash on gso_skb handling (bsc#1245689). * CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695). * CVE-2025-38126: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (bsc#1245708). * CVE-2025-38131: coresight: prevent deactivate active config while enabling the config (bsc#1245677). * CVE-2025-38132: coresight: holding cscfg_csdev_lock while removing cscfg from csdev (bsc#1245679). * CVE-2025-38147: calipso: unlock rcu before returning -EAFNOSUPPORT (bsc#1245768). * CVE-2025-38158: hisi_acc_vfio_pci: fix XQE dma address error (bsc#1245750). * CVE-2025-38162: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (bsc#1245752). * CVE-2025-38166: bpf: fix ktls panic with sockmap (bsc#1245758). * CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970). * CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937). * CVE-2025-38183: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (bsc#1246006). * CVE-2025-38187: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951). * CVE-2025-38188: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (bsc#1246098). * CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045). * CVE-2025-38202: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980). * CVE-2025-38203: jfs: Fix null-ptr-deref in jfs_ioc_trim (bsc#1246044). * CVE-2025-38204: jfs: fix array-index-out-of-bounds read in add_missing_indices (bsc#1245983). * CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073). * CVE-2025-38210: configfs-tsm-report: Fix NULL dereference of tsm_ops (bsc#1246020). * CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029). * CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976). * CVE-2025-38236: af_unix: Disable MSG_OOB for unprivileged users (bsc#1246093). * CVE-2025-38239: scsi: megaraid_sas: Fix invalid node index (bsc#1246178). * CVE-2025-38248: bridge: mcast: Fix use-after-free during router port configuration (bsc#1246173). * CVE-2025-38250: kABI workaround for bluetooth hci_dev changes (bsc#1246182). * CVE-2025-38264: llist: add interface to check if a node is on a list (bsc#1246387). * CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268). * CVE-2025-38279: selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264). * CVE-2025-38283: hisi_acc_vfio_pci: bugfix live migration function without VF device driver (bsc#1246273). * CVE-2025-38303: Bluetooth: eir: Fix possible crashes on eir_create_adv_data (bsc#1246354). * CVE-2025-38310: seg6: Fix validation of nexthop addresses (bsc#1246361). * CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473). * CVE-2025-38334: x86/sgx: Prevent attempts to reclaim poisoned pages (bsc#1246384). * CVE-2025-38335: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (bsc#1246250). * CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253). * CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777). * CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781). * CVE-2025-38364: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (bsc#1247091). * CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023). * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177). * CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031). * CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156). * CVE-2025-38403: vsock/vmci: Clear the vmci transport packet properly when initializing it (bsc#1247141). * CVE-2025-38414: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (bsc#1247145). * CVE-2025-38429: bus: mhi: ep: Update read pointer only after buffer is written (bsc#1247253). * CVE-2025-38455: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (bsc#1247101). * CVE-2025-38461: vsock: Fix transport_* TOCTOU (bsc#1247103). * CVE-2025-38462: vsock: Fix transport_{g2h,h2g} TOCTOU (bsc#1247104). * CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113). * CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). The following non-security bugs were fixed: * ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes). * ACPI: HED: Always initialize before evged (stable-fixes). * ACPI: LPSS: Remove AudioDSP related ID (git-fixes). * ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions" (git-fixes). * ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes). * ACPI: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122). * ACPI: battery: negate current when discharging (stable-fixes). * ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes). * ACPI: processor: perflib: Fix initial _PPC limit application (git-fixes). * ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes). * ACPICA: Refuse to evaluate a method if arguments are missing (stable-fixes). * ACPICA: Utilities: Fix spelling mistake "Incremement" -> "Increment" (git- fixes). * ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes). * ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes). * ACPICA: fix acpi parse and parseext cache leaks (stable-fixes). * ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes). * ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes). * ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable- fixes). * ALSA: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable- fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes). * ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes). * ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes). * ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes). * ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes). * ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes). * ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable- fixes). * ALSA: hda/tegra: Add Tegra264 support (stable-fixes). * ALSA: hda: Add missing NVIDIA HDA codec IDs (stable-fixes). * ALSA: hda: Add new pci id for AMD GPU display HD audio controller (stable- fixes). * ALSA: hda: Ignore unsol events for cards being shut down (stable-fixes). * ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes). * ALSA: sb: Do not allow changing the DMA mode during operations (stable- fixes). * ALSA: sb: Force to disable DMAs once when DMA mode is changed (stable- fixes). * ALSA: seq: Improve data consistency at polling (stable-fixes). * ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes). * ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes). * ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable- fixes). * ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes). * ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes). * ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes). * ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git- fixes). * ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes). * ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes). * ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes). * ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes). * ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry (stable-fixes). * ALSA: usb-audio: Skip setting clock selector for single connections (stable- fixes). * ALSA: usb-audio: Support multiple control interfaces (stable-fixes). * ALSA: usb-audio: Support read-only clock selector control (stable-fixes). * ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes). * ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit (stable-fixes). * ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes). * ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git- fixes). * NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes). * NFS: Fix the setting of capabilities when automounting a new filesystem (git-fixes). * NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git- fixes). * NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes). * NFSv4.2: another fix for listxattr (git-fixes). * PCI/MSI: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457). * PCI: hv: Allow dynamic MSI-X vector allocation (bsc#1245457). * RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes) * Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" (stable-fixes). * SMB3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion (git-fixes). * [SMB3] send channel sequence number in SMB3 requests after reconnects (git- fixes). * af_unix: Add a prompt to CONFIG_AF_UNIX_OOB (bsc#1246093). * audit,module: restore audit logging in load failure case (git-fixes). * btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes). * cifs: reconnect helper should set reconnect for the right channel (git- fixes). * drm/amd/display: Do not overwrite dce60_clk_mgr (git-fixes). * exfat: fdatasync flag should be same like generic_write_sync() (git-fixes). * gpio: mlxbf2: use platform_get_irq_optional() (git-fixes). * hv_netvsc: Use VF's tso_max_size value when data path is VF (bsc#1246203). * ice, irdma: fix an off by one in error handling code (bsc#1247712). * ice, irdma: move interrupts code to irdma (bsc#1247712). * ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712). * ice: count combined queues using Rx/Tx count (bsc#1247712). * ice: devlink PF MSI-X max and min parameter (bsc#1247712). * ice: enable_rdma devlink param (bsc#1247712). * ice: get rid of num_lan_msix field (bsc#1247712). * ice: init flow director before RDMA (bsc#1247712). * ice: remove splitting MSI-X between features (bsc#1247712). * ice: simplify VF MSI-X managing (bsc#1247712). * ice: treat dyn_allowed only as suggestion (bsc#1247712). * ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes). * irdma: free iwdev->rf after removing MSI-X (bsc#1247712). * kABI: Fix the module::name type in audit_context (git-fixes). * module: Fix memory deallocation on error path in move_module() (git-fixes). * module: Remove unnecessary +1 from last_unloaded_module::name size (git- fixes). * module: Restore the moduleparam prefix length check (git-fixes). * net/packet: fix a race in packet_set_ring() and packet_notifier() (git- fixes). * net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git- fixes). * net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes). * net: mana: Add debug logs in MANA network driver (bsc#1246212). * net: mana: Add handler for hardware servicing events (bsc#1245730). * net: mana: Allocate MSI-X vectors dynamically (bsc#1245457). * net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457). * net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (bsc#1246203). * net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729). * net: mana: Set tx_packets to post gso processing packet count (bsc#1245731). * net: mana: explain irq_setup() algorithm (bsc#1245457). * net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes). * netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes). * pNFS/flexfiles: do not attempt pnfs on fatal DS errors (git-fixes). * ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes). * sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up() (git- fixes). * smb3: move server check earlier when setting channel sequence number (git- fixes). * smb: client: fix parsing of device numbers (git-fixes). * sunrpc: fix client side handling of tls alerts (git-fixes). * sunrpc: fix handling of server side tls alerts (git-fixes). * tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes). * tracing/kprobes: Fix to free objects when failed to copy a symbol (git- fixes). * ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes). * ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes). * ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable- fixes). * ASoC: SOF: ipc4-pcm: Adjust pipeline_list->pipelines allocation type (git- fixes). * ASoC: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes). * ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes). * ASoC: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes). * ASoC: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable- fixes). * ASoC: amd: yc: update quirk data for HP Victus (stable-fixes). * ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes). * ASoC: codec: wcd9335: Convert to GPIO descriptors (stable-fixes). * ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes). * ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes). * ASoC: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes). * ASoC: codecs: wcd9335: Handle nicer probe deferral and simplify with dev_err_probe() (stable-fixes). * ASoC: cs35l56: probe() should fail if the device ID is not recognized (git- fixes). * ASoC: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git- fixes). * ASoC: fsl_xcvr: get channel status data when PHY is not exists (git-fixes). * ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes). * ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes). * ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes). * ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes). * ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes). * ASoC: ops: Enforce platform maximum on initial value (stable-fixes). * ASoC: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes). * ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git- fixes). * ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes). * ASoC: rt722-sdca: Add some missing readable registers (stable-fixes). * ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable- fixes). * ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git- fixes). * ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes). * ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes). * ASoC: tas2764: Enable main IRQs (git-fixes). * ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes). * ASoC: tas2764: Power up/down amp on mute ops (stable-fixes). * ASoC: tas2764: Reinit cache on part reset (git-fixes). * ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes). * ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes). * Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes). * Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes). * Bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes). * Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes). * Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git- fixes). * Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes). * Bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT (git-fixes). * Bluetooth: MGMT: Fix sparse errors (git-fixes). * Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes). * Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git- fixes). * Bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes). * Bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes). * Bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes). * Bluetooth: Remove pending ACL connection attempts (stable-fixes). * Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes). * Bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes). * Bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes). * Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git- fixes). * Bluetooth: hci_conn: Fix sending BT_HCI_CMD_LE_CREATE_CONN_CANCEL (git- fixes). * Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes). * Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes). * Bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git- fixes). * Bluetooth: hci_event: Fix not using key encryption size when its known (git- fixes). * Bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes). * Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes). * Bluetooth: hci_sync: Attempt to dequeue connection attempt (git-fixes). * Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes). * Bluetooth: hci_sync: Fix UAF on create_le_conn_complete (git-fixes). * Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes). * Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git- fixes). * Bluetooth: hci_sync: Fix handling of HCI_OP_CREATE_CONN_CANCEL (git-fixes). * Bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes). * Bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes). * Bluetooth: hci_sync: revert some mesh modifications (git-fixes). * Docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes). * Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes). * Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes). * Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes). * Documentation: ACPI: Fix parent device references (git-fixes). * Documentation: fix typo in root= kernel parameter description (git-fixes). * Documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes). * Fix dma_unmap_sg() nents value (git-fixes) * HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes). * HID: core: do not bypass hid_hw_raw_request (stable-fixes). * HID: core: ensure __hid_request reserves the report ID as the first byte (git-fixes). * HID: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes). * HID: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable- fixes). * HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes). * HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes). * HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable- fixes). * HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes). * HID: wacom: fix kobject reference count leak (git-fixes). * HID: wacom: fix memory leak on kobject creation failure (git-fixes). * HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes). * IB/mlx5: Fix potential deadlock in MR deregistration (git-fixes) * Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes). * Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes). * Input: iqs7222 - explicitly define number of external channels (git-fixes). * Input: sparcspkr - avoid unannotated fall-through (stable-fixes). * Input: xpad - add more controllers (stable-fixes). * Input: xpad - adjust error handling for disconnect (git-fixes). * Input: xpad - set correct controller type for Acer NGR200 (git-fixes). * Input: xpad - support Acer NGR 200 Controller (stable-fixes). * KVM: SVM: Fix SNP AP destroy race with VMRUN (git-fixes). * KVM: SVM: Remove the need to trigger an UNBLOCK event on AP creation (git- fixes). * KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion (bsc#1215199). * KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225). * Logitech C-270 even more broken (stable-fixes). * Move upstreamed SCSI and ACPI patches into sorted section * MyBS: Correctly generate build flags for non-multibuild package limit (bsc# 1244241) * MyBS: Do not build kernel-obs-qa with limit_packages * MyBS: Simplify qa_expr generation * NFC: nci: uart: Set tty->disc_data only in success path (git-fixes). * NFS: Do not allow waiting for exiting tasks (git-fixes). * NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes). * NFSD: detect mismatch of file handle and delegation stateid in OPEN op (git- fixes). * NFSv4.2: fix listxattr to return selinux security label (git-fixes). * NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes). * NFSv4: Always set NLINK even if the server does not support it (git-fixes). * NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (git-fixes). * NFSv4: Treat ENETUNREACH errors as fatal for state recovery (git-fixes). * NFSv4: xattr handlers should check for absent nfs filehandles (git-fixes). * PCI/DPC: Initialize aer_err_info before using it (git-fixes). * PCI/DPC: Log Error Source ID only when valid (git-fixes). * PCI/DPC: Use defines with DPC reason fields (git-fixes). * PCI/MSI: Size device MSI domain with the maximum number of vectors (git- fixes). * PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes). * PCI: Explicitly put devices into D0 when initializing (git-fixes). * PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes). * PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes). * PCI: apple: Set only available ports up (git-fixes). * PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes). * PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes). * PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes). * PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes). * PCI: cadence: Fix runtime atomic count underflow (git-fixes). * PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes). * PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up() (git-fixes). * PCI: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes). * PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes). * PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable- fixes). * PCI: endpoint: Fix configfs group list head handling (git-fixes). * PCI: endpoint: Fix configfs group removal on driver teardown (git-fixes). * PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git- fixes). * PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes). * PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes). * PCI: rockchip-host: Fix "Unexpected Completion" log message (git-fixes). * PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes). * PM / devfreq: Check governor before using governor->name (git-fixes). * PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable- fixes). * PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git- fixes). * PM: sleep: Print PM debug messages during hibernation (git-fixes). * PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes). * RDMA/core: Fix best page size finding when it can cross SG entries (git- fixes) * RDMA/core: Rate limit GID cache warning messages (git-fixes) * RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes) * RDMA/hns: Drop GFP_NOWARN (git-fixes) * RDMA/hns: Fix -Wframe-larger-than issue (git-fixes) * RDMA/hns: Fix HW configurations not cleared in error flow (git-fixes) * RDMA/hns: Fix accessing uninitialized resources (git-fixes) * RDMA/hns: Fix double destruction of rsv_qp (git-fixes) * RDMA/hns: Get message length of ack_req from FW (git-fixes) * RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes) * RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes) * RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes) * RDMA/mlx5: Fix CC counters query for MPV (git-fixes) * RDMA/mlx5: Fix HW counters query for non-representor devices (git-fixes) * RDMA/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes) * RDMA/mlx5: Fix vport loopback for MPV device (git-fixes) * RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert (git-fixes) * RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes) * RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes) * RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes) * RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git- fixes) * RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes) * RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes) * Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes). * Remove compress-vmlinux.sh * Remove host-memcpy-hack.h * Remove try-disable-staging-driver * Revert "ACPI: battery: negate current when discharging" (stable-fixes). * Revert "ALSA: usb-audio: Skip setting clock selector for single connections" (stable-fixes). * Revert "arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes) * Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first" (stable-fixes). * Revert "cgroup_freezer: cgroup_freezing: Check if not frozen" (bsc#1219338). * Revert "drm/amdgpu: do not allow userspace to create a doorbell BO" (stable- fixes). * Revert "drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1" (stable-fixes). * Revert "ipv6: save dontfrag in cork (git-fixes)." * Revert "kABI: ipv6: save dontfrag in cork (git-fixes)." * Revert "mmc: sdhci: Disable SD card clock before changing parameters" (git- fixes). * Revert "usb: xhci: Implement xhci_handshake_check_state() helper" (git- fixes). * Revert "wifi: mt76: mt7996: fill txd by host driver" (stable-fixes). * SUNRPC: Do not allow waiting for exiting tasks (git-fixes). * SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls (git-fixes). * SUNRPC: rpc_clnt_set_transport() must not change the autobind setting (git- fixes). * SUNRPC: rpcbind should never reset the port to the value '0' (git-fixes). * USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes). * USB: serial: option: add Foxconn T99W640 (stable-fixes). * USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable- fixes). * USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable- fixes). * VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes). * accel/qaic: Mask out SR-IOV PCI resources (stable-fixes). * acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git- fixes). * add bug reference to existing hv_storvsc change (bsc#1245455). * af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes). * amd/amdkfd: fix a kfd_process ref leak (stable-fixes). * aoe: clean device rq_list in aoedev_downdev() (git-fixes). * apple-mfi-fastcharge: protect first device name (git-fixes). * arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes) * ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (stable-fixes). * ata: pata_cs5536: fix build on 32-bit UML (stable-fixes). * ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes). * ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes). * backlight: pm8941: Add NULL check in wled_configure() (git-fixes). * bnxt: properly flush XDP redirect lists (git-fixes). * bpf, sockmap: Fix sk_msg_reset_curr (git-fixes). * bpf/lpm_trie: Inline longest_prefix_match for fastpath (git-fixes). * bpf/selftests: Check errno when percpu map value size exceeds (git-fixes). * bpf: Add a possibly-zero-sized read test (git-fixes). * bpf: Avoid **hidden** attribute in static object (git-fixes). * bpf: Check percpu map value size first (git-fixes). * bpf: Disable some `attribute ignored' warnings in GCC (git-fixes). * bpf: Fix memory leak in bpf_core_apply (git-fixes). * bpf: Fix potential integer overflow in resolve_btfids (git-fixes). * bpf: Force uprobe bpf program to always return 0 (git-fixes). * bpf: Harden __bpf_kfunc tag against linker kfunc removal (git-fixes). * bpf: Make the pointer returned by iter next method valid (git-fixes). * bpf: Simplify checking size of helper accesses (git-fixes). * bpf: fix order of args in call to bpf_map_kvcalloc (git-fixes). * bpf: sockmap, updating the sg structure should also update curr (git-fixes). * bpftool: Fix missing pids during link show (git-fixes). * bpftool: Fix undefined behavior caused by shifting into the sign bit (git- fixes). * bpftool: Mount bpffs on provided dir instead of parent dir (git-fixes). * bpftool: Remove unnecessary source files from bootstrap version (git-fixes). * bpftool: Un-const bpf_func_info to fix it for llvm 17 and newer (git-fixes). * bs-upload-kernel: Pass limit_packages also on multibuild * btrfs: do not ignore inode missing when replaying log tree (git-fixes). * btrfs: do not silently ignore unexpected extent type when replaying log (git-fixes). * btrfs: do not skip remaining extrefs if dir not found during log replay (git-fixes). * btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068) * btrfs: fix assertion when building free space tree (git-fixes). * btrfs: fix fsync of files with no hard links not persisting deletion (git- fixes). * btrfs: fix inode lookup error handling during log replay (git-fixes). * btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes). * btrfs: fix invalid inode pointer dereferences during log replay (git-fixes). * btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes). * btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes). * btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes). * btrfs: fix ssd_spread overallocation (git-fixes). * btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes). * btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068) * btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes). * btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes). * btrfs: rename err to ret in btrfs_rmdir() (git-fixes). * btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes). * btrfs: return a btrfs_inode from read_one_inode() (git-fixes). * btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (git-fixes). * btrfs: tests: fix chunk map leak after failure to add it to the tree (git- fixes). * btrfs: update superblock's device bytes_used when dropping chunk (git- fixes). * btrfs: use NOFS context when getting inodes during logging and log replay (git-fixes). * btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes). * bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes). * bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git- fixes). * bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes). * bus: fsl-mc: fix double-free on mc_dev (git-fixes). * bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes). * bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes). * bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes). * calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes). * can: c_can: Use of_property_present() to test existence of DT property (stable-fixes). * can: dev: can_restart(): move debug message and stats after successful restart (stable-fixes). * can: dev: can_restart(): reverse logic to remove need for goto (stable- fixes). * can: kvaser_pciefd: Store device channel index (git-fixes). * can: kvaser_usb: Assign netdev.dev_port based on device channel index (git- fixes). * can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes). * can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes). * can: peak_usb: fix USB FD devices potential malfunction (git-fixes). * can: tcan4x5x: fix power regulator retrieval during probe (git-fixes). * cdc-acm: fix race between initial clearing halt and open (git-fixes). * ceph: Fix incorrect flush end position calculation (git-fixes). * ceph: allocate sparse_ext map only for sparse reads (git-fixes). * ceph: fix memory leaks in __ceph_sync_read() (git-fixes). * cgroup,freezer: fix incomplete freezing when attaching tasks (bsc#1245789). * cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166). * cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166). * cifs: change tcon status when need_reconnect is set on it (git-fixes). * clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes). * clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes). * clk: sunxi-ng: v3s: Fix de clock definition (git-fixes). * clk: xilinx: vcu: unregister pll_post only if registered correctly (git- fixes). * clocksource: Fix brown-bag boolean thinko in (git-fixes) * clocksource: Make watchdog and suspend-timing multiplication (git-fixes) * clocksource: Scale the watchdog read retries automatically (bsc#1241345 bsc#1244457). * clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin (bsc#1241345 bsc#1244457). * comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes). * comedi: Fix initialization of data for instructions that write to subdevice (git-fixes). * comedi: Fix some signed shift left operations (git-fixes). * comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes). * comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes). * comedi: das16m1: Fix bit shift out of bounds (git-fixes). * comedi: das6402: Fix bit shift out of bounds (git-fixes). * comedi: pcl812: Fix bit shift out of bounds (git-fixes). * compiler_types.h: Define **retain for __attribute** (( **retain** )) (git- fixes). * crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes). * crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes). * crypto: ccp - Fix locking on alloc failure handling (git-fixes). * crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes). * crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes). * crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes). * crypto: lrw - Only add ecb if it is not already there (git-fixes). * crypto: lzo - Fix compression buffer overrun (stable-fixes). * crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes). * crypto: marvell/cesa - Do not chain submitted requests (git-fixes). * crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes). * crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes). * crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes). * crypto: qat - add shutdown handler to qat_420xx (git-fixes). * crypto: qat - add shutdown handler to qat_4xxx (git-fixes). * crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes). * crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes). * crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes). * crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes). * crypto: qat - fix state restore for banks with exceptions (git-fixes). * crypto: qat - flush misc workqueue during device shutdown (git-fixes). * crypto: qat - use unmanaged allocation for dc_data (git-fixes). * crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes). * crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes). * crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes). * crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes). * crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git- fixes). * crypto: xts - Only add ecb if it is not already there (git-fixes). * devlink: Fix referring to hw_addr attribute during state validation (git- fixes). * devlink: fix port dump cmd type (git-fixes). * dlm: mask sk_shutdown value (bsc#1228854). * dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854). * dm-bufio: fix sched in atomic context (git-fixes). * dm-flakey: error all IOs when num_features is absent (git-fixes). * dm-flakey: make corrupting read bios work (git-fixes). * dm-mirror: fix a tiny race condition (git-fixes). * dm-raid: fix variable in journal device check (git-fixes). * dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes). * dm: do not change md if dm_table_set_restrictions() fails (git-fixes). * dm: free table mempools if not used in __bind (git-fixes). * dm: restrict dm device size to 2^63-512 bytes (git-fixes). * dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes). * dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes). * dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes). * dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes). * dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git- fixes). * dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes). * dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes). * dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes). * dmaengine: ti: Add NULL check in udma_probe() (git-fixes). * dmaengine: xilinx_dma: Set dma_device directions (stable-fixes). * drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes). * drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable- fixes). * drm/amd/display: Add null pointer check for get_first_active_display() (git- fixes). * drm/amd/display: Do not try AUX transactions on disconnected link (stable- fixes). * drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable- fixes). * drm/amd/display: Guard against setting dispclk low for dcn31x (stable- fixes). * drm/amd/display: Increase block_sequence array size (stable-fixes). * drm/amd/display: Initial psr_version with correct setting (stable-fixes). * drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes). * drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes). * drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes). * drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable- fixes). * drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git- fixes). * drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes). * drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes). * drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes). * drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes). * drm/amdgpu: Update SRIOV video codec caps (stable-fixes). * drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes). * drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes). * drm/amdgpu: reset psp->cmd to NULL after releasing the buffer (stable- fixes). * drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes). * drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes). * drm/amdkfd: KFD release_work possible circular locking (stable-fixes). * drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes). * drm/ast: Find VBIOS mode from regular display size (stable-fixes). * drm/ast: Fix comment on modeset lock (git-fixes). * drm/atomic: clarify the rules around drm_atomic_state->allow_modeset (stable-fixes). * drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes). * drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes). * drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes). * drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes). * drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes). * drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git- fixes). * drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes). * drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git- fixes). * drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes). * drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes). * drm/etnaviv: Protect the scheduler's pending list with its lock (git-fixes). * drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes). * drm/exynos: fimd: Guard display clock control with runtime PM calls (git- fixes). * drm/framebuffer: Acquire internal references on GEM handles (git-fixes). * drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes). * drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes). * drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes). * drm/i915/gsc: mei interrupt top half should be in irq disabled context (git- fixes). * drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes). * drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes). * drm/i915/selftests: Change mock_request() to return error pointers (git- fixes). * drm/i915: fix build error some more (git-fixes). * drm/mediatek: Fix kobject put for component sub-drivers (git-fixes). * drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable- fixes). * drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git- fixes). * drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git- fixes). * drm/msm/disp: Correct porch timing for SDM845 (git-fixes). * drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes). * drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes). * drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git- fixes). * drm/msm: Fix a fence leak in submit error path (stable-fixes). * drm/msm: Fix another leak in the submit error path (stable-fixes). * drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes). * drm/panel-edp: Add Starry 116KHD024006 (stable-fixes). * drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes). * drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes). * drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes). * drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes). * drm/sched: Increment job count before swapping tail spsc queue (git-fixes). * drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes). * drm/scheduler: signal scheduled fence when kill job (stable-fixes). * drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes). * drm/tegra: Assign plane type before registration (git-fixes). * drm/tegra: Fix a possible null pointer dereference (git-fixes). * drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes). * drm/tegra: rgb: Fix the unbound reference count (git-fixes). * drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes). * drm/udl: Unregister device before cleaning up on disconnect (git-fixes). * drm/v3d: Add clock handling (stable-fixes). * drm/vc4: tests: Use return instead of assert (git-fixes). * drm/vkms: Adjust vkms_state->active_planes allocation type (git-fixes). * drm/vmwgfx: Add seqno waiter for sync_files (git-fixes). * drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes). * drm: Add valid clones check (stable-fixes). * drm: bridge: adv7511: fill stream capabilities (stable-fixes). * drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes). * e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git- fixes). * fbcon: Fix outdated registered_fb reference in comment (git-fixes). * fbcon: Make sure modelist not set on unregistered console (stable-fixes). * fbcon: Use correct erase colour for clearing in fbcon (stable-fixes). * fbdev/efifb: Remove PM for parent device (bsc#1244261). * fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes). * fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git- fixes). * fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes). * fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes). * fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes). * fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes). * fgraph: Still initialize idle shadow stacks when starting (git-fixes). * firewire: ohci: correct code comments about bus_reset tasklet (git-fixes). * firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git- fixes). * firmware: arm_ffa: Reject higher major version as incompatible (stable- fixes). * firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes). * firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes). * firmware: psci: Fix refcount leak in psci_dt_init (git-fixes). * fpga: altera-cvp: Increase credit timeout (stable-fixes). * fs/jfs: consolidate sanity checking in dbMount (git-fixes). * fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() (git-fixes). * fs/orangefs: Allow 2 more characters in do_c_string() (git-fixes). * gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes). * gpio: pca953x: Simplify code with cleanup helpers (stable-fixes). * gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes). * gpio: pca953x: fix IRQ storm on system wake up (git-fixes). * gpio: pca953x: log an error when failing to get the reset GPIO (git-fixes). * gpio: sim: include a missing header (git-fixes). * gpio: vf610: add locking to gpio direction functions (git-fixes). * gpio: virtio: Fix config space reading (git-fixes). * gpiolib: Fix debug messaging in gpiod_find_and_request() (git-fixes). * gpiolib: Handle no pin_ranges in gpiochip_generic_config() (git-fixes). * gpiolib: Revert "Do not WARN on gpiod_put() for optional GPIO" (stable- fixes). * gpiolib: acpi: Do not use GPIO chip fwnode in acpi_gpiochip_find() (bsc#1233300). * gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match (bsc#1233300). * gpiolib: cdev: Ignore reconfiguration without direction (git-fixes). * gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes). * gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes). * gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git- fixes). * hfs: make splice write available again (git-fixes). * hfsplus: make splice write available again (git-fixes). * hfsplus: remove mutex_lock check in hfsplus_free_extents (git-fixes). * hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes). * hwmon: (corsair-cpro) Validate the size of the received input buffer (git- fixes). * hwmon: (dell-smm) Increment the number of fans (stable-fixes). * hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes). * hwmon: (gpio-fan) Add missing mutex locks (stable-fixes). * hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes). * hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace (git-fixes). * hwmon: (occ) Rework attribute registration for stack usage (git-fixes). * hwmon: (occ) fix unaligned accesses (git-fixes). * hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes). * hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes). * hwmon: (xgene-hwmon) use appropriate type for the latency value (stable- fixes). * hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu (git-fixes). * hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes). * i2c/designware: Fix an initialization issue (git-fixes). * i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes). * i2c: npcm: Add clock toggle recovery (stable-fixes). * i2c: pxa: fix call balance of i2c->clk handling routines (stable-fixes). * i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes). * i2c: qup: jump out of the loop in case of timeout (git-fixes). * i2c: robotfuzz-osif: disable zero-length read messages (git-fixes). * i2c: stm32: fix the device used for the DMA map (git-fixes). * i2c: tegra: Fix reset error handling with ACPI (git-fixes). * i2c: tegra: check msg length in SMBUS block read (bsc#1242086) * i2c: tiny-usb: disable zero-length read messages (git-fixes). * i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes). * i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes). * i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes). * i3c: master: svc: Fix missing STOP for master request (stable-fixes). * i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes). * i40e: retry VFLR handling if there is ongoing VF reset (git-fixes). * i40e: return false from i40e_reset_vf if reset is in progress (git-fixes). * ice: Fix LACP bonds without SRIOV environment (git-fixes). * ice: create new Tx scheduler nodes for new queues only (git-fixes). * ice: fix Tx scheduler error handling in XDP callback (git-fixes). * ice: fix rebuilding the Tx scheduler tree for large queue counts (git- fixes). * ice: fix vf->num_mac count with port representors (git-fixes). * ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes). * iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes). * iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git- fixes). * iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes). * iio: adc: ad7606_spi: fix reg write value mask (git-fixes). * iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes). * iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable- fixes). * iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes). * iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes). * iio: adc: max1363: Reorder mode_list[] entries (stable-fixes). * iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes). * iio: filter: admv8818: Support frequencies >= 2^32 (git-fixes). * iio: filter: admv8818: fix band 4, state 15 (git-fixes). * iio: filter: admv8818: fix integer overflow (git-fixes). * iio: filter: admv8818: fix range calculation (git-fixes). * iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes). * iio: imu: inv_icm42600: Fix temperature calculation (git-fixes). * iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes). * ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650). * ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes). * intel_th: avoid using deprecated page->mapping, index fields (stable-fixes). * iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes). * iommu/amd: Set the pgsize_bitmap correctly (git-fixes). * iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes). * iommu/vt-d: Fix possible circular locking dependency (git-fixes). * iommu/vt-d: Fix system hang on reboot -f (git-fixes). * iommu: Protect against overflow in iommu_pgsize() (git-fixes). * iommu: Skip PASID validation for devices without PASID capability (bsc#1244100) * iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100) * ip6mr: fix tables suspicious RCU usage (git-fixes). * ip_tunnel: annotate data-races around t->parms.link (git-fixes). * ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function (git-fixes). * ipmr: fix tables suspicious RCU usage (git-fixes). * ipv4: Convert ip_route_input() to dscp_t (git-fixes). * ipv4: Correct/silence an endian warning in __ip_do_redirect (git-fixes). * ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes). * ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (git-fixes). * ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes). * ipv6: save dontfrag in cork (git-fixes). * ipvs: Always clear ipvs_property flag in skb_scrub_packet() (git-fixes). * isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774). * iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes). * jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git- fixes). * jffs2: check that raw node were preallocated before writing summary (git- fixes). * jfs: fix metapage reference count leak in dbAllocCtl (git-fixes). * kABI fix after KVM: SVM: Fix SNP AP destroy race with VMRUN (git-fixes). * kABI workaround for hda_codec.beep_just_power_on flag (git-fixes). * kABI workaround for struct drm_framebuffer changes (git-fixes). * kABI: PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes). * kABI: ipv6: save dontfrag in cork (git-fixes). * kABI: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git- fixes). * kabi: restore layout of struct cgroup_subsys (bsc#1241166). * kabi: restore layout of struct mem_control (jsc#PED-12551). * kabi: restore layout of struct page_counter (jsc#PED-12551). * kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes). * kernel-obs-qa: Do not depend on srchash when qemu emulation is used In this case the dependency is never fulfilled * kernel-source: Do not use multiple -r in sed parameters * kernel-source: Remove log.sh from sources * kernel-syms.spec: Drop old rpm release number hack (bsc#1247172). * leds: multicolor: Fix intensity setting while SW blinking (stable-fixes). * leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes). * lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1236897). * lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897). * loop: Add sanity check for read/write_iter (git-fixes). * loop: add file_start_write() and file_end_write() (git-fixes). * mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes). * maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes). * md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes). * md/raid1,raid10: do not handle IO error for REQ_RAHEAD and REQ_NOWAIT (git- fixes). * md/raid1: Add check for missing source disk in process_checks() (git-fixes). * media: adv7180: Disable test-pattern control on adv7180 (stable-fixes). * media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes). * media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git- fixes). * media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git- fixes). * media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git- fixes). * media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git- fixes). * media: cx231xx: set device_caps for 417 (stable-fixes). * media: cxusb: no longer judge rbuf when the write fails (git-fixes). * media: davinci: vpif: Fix memory leak in probe error path (git-fixes). * media: gspca: Add bounds checking to firmware parser (git-fixes). * media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes). * media: hi556: correct the test pattern configuration (git-fixes). * media: i2c: imx219: Correct the minimum vblanking value (stable-fixes). * media: imx-jpeg: Cleanup after an allocation error (git-fixes). * media: imx-jpeg: Drop the first error frames (git-fixes). * media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes). * media: imx-jpeg: Reset slot data pointers when freed (git-fixes). * media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes). * media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes). * media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes). * media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes). * media: ov5675: suppress probe deferral errors (git-fixes). * media: ov8856: suppress probe deferral errors (git-fixes). * media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes). * media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git- fixes). * media: rkvdec: Fix frame size enumeration (git-fixes). * media: tc358746: improve calculation of the D-PHY timing registers (stable- fixes). * media: test-drivers: vivid: do not call schedule in loop (stable-fixes). * media: usbtv: Lock resolution while streaming (git-fixes). * media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes). * media: uvcvideo: Do not mark valid metadata as invalid (git-fixes). * media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git- fixes). * media: uvcvideo: Fix deferred probing error (git-fixes). * media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes). * media: uvcvideo: Return the number of processed controls (git-fixes). * media: v4l2-ctrls: Do not reset handler's error in v4l2_ctrl_handler_free() (git-fixes). * media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes). * media: v4l2-dev: fix error handling in __video_register_device() (git- fixes). * media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes). * media: venus: Add a check for packet size after reading from shared memory (git-fixes). * media: venus: Fix probe error handling (git-fixes). * media: venus: hfi: explicitly release IRQ during teardown (git-fixes). * media: venus: protect against spurious interrupts during probe (git-fixes). * media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git- fixes). * media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git- fixes). * media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes). * media: vidtv: Terminating the subsequent process of initialization failure (git-fixes). * media: vivid: Change the siize of the composing (git-fixes). * media: vivid: fix wrong pixel_array control size (git-fixes). * memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git- fixes). * mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes). * mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes). * mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes). * mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes). * misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes). * mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337). * mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551). * mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431). * mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431). * mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg (jsc#PED-12551). * mmc: Add quirk to disable DDR50 tuning (stable-fixes). * mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes). * mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes). * mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes). * mmc: host: Wait for Vdd to settle on card power off (stable-fixes). * mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes). * mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes). * mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes). * mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes). * mtd: fix possible integer overflow in erase_xfer() (git-fixes). * mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes). * mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes). * mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes). * mtd: rawnand: atmel: set pmecc data setup time (git-fixes). * mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes). * mtd: rawnand: renesas: Add missing check after DMA map (git-fixes). * mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes). * mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes). * mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes). * mtd: spinand: fix memory leak of ECC engine conf (stable-fixes). * mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes). * mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes). * mtk-sd: Prevent memory corruption from DMA map failure (git-fixes). * mtk-sd: reset host->mrq on prepare_data() error (git-fixes). * mwl8k: Add missing check after DMA map (git-fixes). * nbd: fix uaf in nbd_genl_connect() error path (git-fixes). * neighbour: Do not let neigh_forced_gc() disable preemption for long (git- fixes). * net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git- fixes). * net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes). * net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes). * net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git- fixes). * net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes). * net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes). * net/mlx5: Fix return value when searching for existing flow group (git- fixes). * net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes). * net/mlx5e: Fix leak of Geneve TLV option object (git-fixes). * net/neighbor: clear error in case strict check is not set (git-fixes). * net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes). * net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git- fixes). * net/sched: fix use-after-free in taprio_dev_notifier (git-fixes). * net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes). * net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes). * net: Fix TOCTOU issue in sk_is_readable() (git-fixes). * net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (git-fixes). * net: add rcu safety to rtnl_prop_list_size() (git-fixes). * net: fix udp gso skb_segment after pull from frag_list (git-fixes). * net: give more chances to rcu in netdev_wait_allrefs_any() (git-fixes). * net: ice: Perform accurate aRFS flow match (git-fixes). * net: ipv4: fix a memleak in ip_setup_cork (git-fixes). * net: linkwatch: use system_unbound_wq (git-fixes). * net: mana: Add support for Multi Vports on Bare metal (bsc#1244229). * net: mana: Record doorbell physical address in PF mode (bsc#1244229). * net: page_pool: fix warning code (git-fixes). * net: phy: Do not register LEDs for genphy (git-fixes). * net: phy: clear phydev->devlink when the link is deleted (git-fixes). * net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git- fixes). * net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes). * net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes). * net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538) * net: phy: mscc: Fix memory leak when using one step timestamping (git- fixes). * net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git- fixes). * net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git- fixes). * net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes). * net: sched: cls_u32: Fix allocation size in u32_init() (git-fixes). * net: sched: consistently use rcu_replace_pointer() in taprio_change() (git- fixes). * net: sched: em_text: fix possible memory leak in em_text_destroy() (git- fixes). * net: sched: fix erspan_opt settings in cls_flower (git-fixes). * net: usb: aqc111: debug info before sanitation (git-fixes). * net: usb: aqc111: fix error handling of usbnet read calls (git-fixes). * net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git- fixes). * net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes). * net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes). * net: wwan: t7xx: Fix napi rx poll issue (git-fixes). * net_sched: ets: fix a race in ets_qdisc_change() (git-fixes). * net_sched: prio: fix a race in prio_tune() (git-fixes). * net_sched: red: fix a race in __red_change() (git-fixes). * net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312) * net_sched: sch_sfq: reject invalid perturb period (git-fixes). * net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504) * net_sched: tbf: fix a race in tbf_change() (git-fixes). * netdev-genl: Hold rcu_read_lock in napi_get (git-fixes). * netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes). * netlink: specs: dpll: replace underscores with dashes in names (git-fixes). * netpoll: Use rcu_access_pointer() in __netpoll_setup (git-fixes). * netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes). * nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git- fixes). * nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes). * nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes). * nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git- fixes). * nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes). * nilfs2: reject invalid file types when reading inodes (git-fixes). * ntp: Clamp maxerror and esterror to operating range (git-fixes) * ntp: Remove invalid cast in time offset math (git-fixes) * ntp: Safeguard against time_constant overflow (git-fixes) * nvme-fc: do not reference lsrsp after failure (bsc#1245193). * nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git- fixes). * nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes). * nvme-pci: add quirks for device 126f:1001 (git-fixes). * nvme-pci: refresh visible attrs after being checked (git-fixes). * nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes). * nvme: always punt polled uring_cmd end_io work to task_work (git-fixes). * nvme: fix command limits status code (git-fixes). * nvme: fix endianness of command word prints in nvme_log_err_passthru() (git- fixes). * nvme: fix implicit bool to flags conversion (git-fixes). * nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes). * nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes). * nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193). * nvmet-fc: take tgtport refs for portentry (bsc#1245193). * nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193). * nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193). * nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193). * nvmet-fcloop: do not wait for lport cleanup (bsc#1245193). * nvmet-fcloop: drop response if targetport is gone (bsc#1245193). * nvmet-fcloop: prevent double port deletion (bsc#1245193). * nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193). * nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193). * nvmet-fcloop: remove nport from list on last user (bsc#1245193). * nvmet-fcloop: track ref counts for nports (bsc#1245193). * nvmet-fcloop: update refs on tfcp_req (bsc#1245193). * nvmet-tcp: fix callback lock for TLS handshake (git-fixes). * objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes). * objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks (git-fixes). * objtool: Fix _THIS_IP_ detection for cold functions (git-fixes). * objtool: Fix error handling inconsistencies in check() (git-fixes). * objtool: Ignore dangling jump table entries (git-fixes). * objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes). * objtool: Properly disable uaccess validation (git-fixes). * objtool: Silence more KCOV warnings (git-fixes). * objtool: Silence more KCOV warnings, part 2 (git-fixes). * objtool: Stop UNRET validation on UD2 (git-fixes). * orangefs: Do not truncate file size (git-fixes). * pNFS/flexfiles: Report ENETDOWN as a connection error (git-fixes). * page_pool: Fix use-after-free in page_pool_recycle_in_ring (git-fixes). * pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes). * perf: Fix sample vs do_exit() (bsc#1246547). * phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes). * phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes). * phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable- fixes). * phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes). * phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes). * phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes). * phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git- fixes). * pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes). * pinctrl: amd: Clear GPIO debounce for suspend (git-fixes). * pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable- fixes). * pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes). * pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes). * pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes). * pinctrl: armada-37xx: set GPIO output value before setting direction (git- fixes). * pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 (git- fixes). * pinctrl: at91: Fix possible out-of-boundary access (git-fixes). * pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned" (stable- fixes). * pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes). * pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes). * pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable- fixes). * pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes). * pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes). * pinctrl: st: Drop unused st_gpio_bank() function (git-fixes). * pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes). * pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes). * pinmux: fix race causing mux_owner NULL with active mux_usecount (git- fixes). * platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git- fixes). * platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git- fixes). * platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes). * platform/mellanox: mlxreg-lc: Fix logic error in power state check (git- fixes). * platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes). * platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes). * platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes). * platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes). * platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes). * platform/x86: dell_rbu: Fix list usage (git-fixes). * platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes). * platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (git-fixes). * platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes). * platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes). * platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes). * platform/x86: think-lmi: Create ksets consecutively (stable-fixes). * platform/x86: think-lmi: Fix kobject cleanup (git-fixes). * platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes). * platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes). * platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (git-fixes). * platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes). * power: reset: at91-reset: Optimize at91_reset() (git-fixes). * power: supply: bq27xxx: Retrieve again when busy (stable-fixes). * power: supply: collie: Fix wakeup source leaks on device unbind (stable- fixes). * power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes). * power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git- fixes). * powercap: call put_device() on an error path in powercap_register_control_type() (stable-fixes). * powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git- fixes). * powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes). * powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH (git-fixes). * powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199). * powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790). * powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states (bsc#1215199). * powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790). * pstore: Change kmsg_bytes storage size to u32 (git-fixes). * ptp: fix breakage after ptp_vclock_in_use() rework (bsc#1246506). * ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() (git-fixes). * pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes). * pwm: mediatek: Ensure to disable clocks in error path (git-fixes). * r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes). * regmap: fix potential memory leak of regmap_bus (git-fixes). * regulator: ad5398: Add device tree support (stable-fixes). * regulator: fan53555: add enable_time support and soft-start times (stable- fixes). * regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git- fixes). * regulator: max14577: Add error check for max14577_read_reg() (git-fixes). * regulator: max20086: Change enable gpio to optional (git-fixes). * regulator: max20086: Fix MAX200086 chip id (git-fixes). * regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes). * regulator: pwm-regulator: Calculate the output voltage for disabled PWMs (stable-fixes). * resource: fix false warning in __request_region() (git-fixes). * restore UCSI_CONNECTOR_RESET_HARD definition (git-fixes). * rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes). * rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes). * rpm/check-for-config-changes: add more to IGNORED_CONFIGS_RE Useful when someone tries (needs) to build the kernel with clang. * rpm/kernel-source.changes.old: Drop bogus bugzilla reference (bsc#1244725) * rpm/kernel-subpackage-spec: Skip brp-strip-debug to avoid file truncation (bsc#1246879) * rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337) * rpm: Stop using is_kotd_qa macro * rtc: Fix offset calculation for .start_secs < 0 (git-fixes). * rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes). * rtc: at91rm9200: drop unused module alias (git-fixes). * rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes). * rtc: cpcap: drop unused module alias (git-fixes). * rtc: da9063: drop unused module alias (git-fixes). * rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes). * rtc: ds1307: stop disabling alarms on probe (stable-fixes). * rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes). * rtc: jz4740: drop unused module alias (git-fixes). * rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes). * rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes). * rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes). * rtc: pm8xxx: drop unused module alias (git-fixes). * rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes). * rtc: rv3032: fix EERD location (stable-fixes). * rtc: s3c: drop unused module alias (git-fixes). * rtc: sh: assign correct interrupts with DT (git-fixes). * rtc: stm32: drop unused module alias (git-fixes). * s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246870). * s390/entry: Fix last breaking event handling in case of stack corruption (git-fixes bsc#1243806). * s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145). * s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245646). * s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226). * s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145). * s390/pci: Fix potential double remove of hotplug slot (bsc#1244145). * s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245647). * s390/pci: Prevent self deletion in disable_slot() (bsc#1244145). * s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145). * s390/pci: Serialize device addition and removal (bsc#1244145). * s390/pci: introduce lock to synchronize state of zpci_dev's (jsc#PED-10253 bsc#1244145). * s390/pci: remove hotplug slot when releasing the device (bsc#1244145). * s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145). * s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245598). * s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228). * s390: Add z17 elf platform (LTC#214086 bsc#1245540). * samples: mei: Fix building on musl libc (git-fixes). * sched,freezer: Remove unnecessary warning in __thaw_task (bsc#1219338). * scsi: Improve CDL control (git-fixes). * scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes). * scsi: dc395x: Remove DEBUG conditional compilation (git-fixes). * scsi: dc395x: Remove leftover if statement in reselect() (git-fixes). * scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes). * scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes). * scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git- fixes). * scsi: iscsi: Fix incorrect error path labels for flashnode operations (git- fixes). * scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Modify end-of-life adapters' model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142). * scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes). * scsi: megaraid_sas: Fix invalid node index (git-fixes). * scsi: mpi3mr: Add level check to control event logging (git-fixes). * scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes). * scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes). * scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git- fixes). * scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git- fixes). * scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git- fixes). * scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245599). * scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git- fixes). * scsi: st: ERASE does not change tape location (git-fixes). * scsi: st: Restore some drive settings after reset (git-fixes). * scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes). * scsi: storvsc: Do not report the host packet status as the hv status (git- fixes). * scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes). * selftests/bpf: Add CFLAGS per source file and runner (git-fixes). * selftests/bpf: Add tests for iter next method returning valid pointer (git- fixes). * selftests/bpf: Change functions definitions to support GCC (git-fixes). * selftests/bpf: Fix a few tests for GCC related warnings (git-fixes). * selftests/bpf: Fix bpf_nf selftest failure (git-fixes). * selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect (git-fixes). * selftests/bpf: Fix prog numbers in test_sockmap (git-fixes). * selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes). * selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes). * selftests/seccomp: fix syscall_restart test for arm compat (git-fixes). * serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes). * serial: imx: Restore original RXTL for console to fix data loss (git-fixes). * serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes). * serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes). * serial: sh-sci: Save and restore more registers (git-fixes). * serial: sh-sci: Update the suspend/resume support (stable-fixes). * smb3: fix Open files on server counter going negative (git-fixes). * smb: client: Use str_yes_no() helper function (git-fixes). * smb: client: allow more DFS referrals to be cached (git-fixes). * smb: client: avoid unnecessary reconnects when refreshing referrals (git- fixes). * smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes). * smb: client: do not retry DFS targets on server shutdown (git-fixes). * smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes). * smb: client: do not try following DFS links in cifs_tree_connect() (git- fixes). * smb: client: fix DFS interlink failover (git-fixes). * smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes). * smb: client: fix hang in wait_for_response() for negproto (bsc#1242709). * smb: client: fix potential race in cifs_put_tcon() (git-fixes). * smb: client: fix return value of parse_dfs_referrals() (git-fixes). * smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes). * smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes). * smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes). * smb: client: improve purging of cached referrals (git-fixes). * smb: client: introduce av_for_each_entry() helper (git-fixes). * smb: client: optimize referral walk on failed link targets (git-fixes). * smb: client: parse DNS domain name from domain= option (git-fixes). * smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes). * smb: client: provide dns_resolve_{unc,name} helpers (git-fixes). * smb: client: refresh referral without acquiring refpath_lock (git-fixes). * smb: client: remove unnecessary checks in open_cached_dir() (git-fixes). * soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes). * soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes). * soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes). * soc: aspeed: lpc-snoop: Do not disable channels that are not enabled (git- fixes). * soc: aspeed: lpc: Fix impossible judgment condition (git-fixes). * soc: qcom: QMI encoding/decoding for big endian (git-fixes). * soc: qcom: fix endianness for QMI header (git-fixes). * soc: qcom: pmic_glink: fix OF node leak (git-fixes). * soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes). * soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable- fixes). * software node: Correct a OOB check in software_node_get_reference_args() (stable-fixes). * soundwire: amd: change the soundwire wake enable/disable sequence (stable- fixes). * soundwire: amd: fix for clearing command status register (git-fixes). * soundwire: stream: restore params when prepare ports fail (git-fixes). * spi-rockchip: Fix register out of bounds access (stable-fixes). * spi: bcm63xx-hsspi: fix shared reset (git-fixes). * spi: bcm63xx-spi: fix shared reset (git-fixes). * spi: sh-msiof: Fix maximum DMA transfer size (git-fixes). * spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git- fixes). * spi: spi-sun4i: fix early activation (stable-fixes). * spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git- fixes). * spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes). * spi: tegra210-quad: remove redundant error handling code (git-fixes). * spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes). * staging: axis-fifo: remove sysfs interface (git-fixes). * staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git- fixes). * staging: iio: ad5933: Correct settling cycles encoding per datasheet (git- fixes). * staging: nvec: Fix incorrect null termination of battery manufacturer (git- fixes). * staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git- fixes). * struct cdns: move new member to the end (git-fixes). * struct ucsi_operations: use padding for new operation (git-fixes). * struct usci: hide additional member (git-fixes). * sunrpc: do not immediately retransmit on seqno miss (git-fixes). * sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (git- fixes). * supported.conf: add missing entries for armv7hl * supported.conf: move nvme-apple to optional again * supported.conf: sort entries again * tcp/dccp: allow a connection when sk_max_ack_backlog is zero (git-fixes). * tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes). * tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (git-fixes). * tcp: bring back NUMA dispersion in inet_ehash_locks_alloc() (git-fixes). * tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes). * tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes). * thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes). * thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes). * thunderbolt: Do not double dequeue a configuration request (stable-fixes). * thunderbolt: Fix a logic error in wake on connect (git-fixes). * thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes). * thunderbolt: Fix copy+paste error in match_service_id() (git-fixes). * thunderbolt: Fix wake on connect at runtime (git-fixes). * timekeeping: Fix bogus clock_was_set() invocation in (git-fixes) * timekeeping: Fix cross-timestamp interpolation corner case (git-fixes) * timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes) * timekeeping: Fix cross-timestamp interpolation on counter (git-fixes) * trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes). * tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git- fixes). * tracing: Add __print_dynamic_array() helper (bsc#1243544). * tracing: Add __string_len() example (bsc#1243544). * tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git- fixes). * tracing: Fix compilation warning on arm32 (bsc#1243551). * tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes). * truct dwc3 hide new member wakeup_pending_funcs (git-fixes). * types: Complement the aligned types with signed 64-bit one (stable-fixes). * ucount: fix atomic_long_inc_below() argument type (git-fixes). * ucsi-glink: adapt to kABI consistency (git-fixes). * ucsi_ccg: Refine the UCSI Interrupt handling (git-fixes). * ucsi_debugfs_entry: hide signedness change (git-fixes). * ucsi_operations: add stubs for all operations (git-fixes). * ucsi_ops: adapt update_connector to kABI consistency (git-fixes). * udp: annotate data-races around up->pending (git-fixes). * udp: fix incorrect parameter validation in the udp_lib_getsockopt() function (git-fixes). * udp: fix receiving fraglist GSO packets (git-fixes). * udp: preserve the connected status if only UDP cmsg (git-fixes). * uprobes: Use kzalloc to allocate xol area (git-fixes). * usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes). * usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes). * usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes). * usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes). * usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes). * usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes). * usb: cdnsp: Fix issue with detecting command completion event (git-fixes). * usb: cdnsp: Fix issue with resuming from L1 (git-fixes). * usb: cdnsp: Replace snprintf() with the safer scnprintf() variant (stable- fixes). * usb: cdnsp: do not disable slot for disabled slot (git-fixes). * usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes). * usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes). * usb: dwc2: also exit clock_gating when stopping udc while suspended (stable- fixes). * usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes). * usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes). * usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes). * usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes). * usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes). * usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes). * usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes). * usb: hub: Do not try to recover devices lost during warm reset (git-fixes). * usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes). * usb: musb: fix gadget state on disconnect (git-fixes). * usb: musb: omap2430: fix device leak at unbind (git-fixes). * usb: net: sierra: check for no status endpoint (git-fixes). * usb: potential integer overflow in usbg_make_tpg() (stable-fixes). * usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes). * usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes). * usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable- fixes). * usb: typec: Update sysfs when setting ops (git-fixes). * usb: typec: altmodes/displayport: do not index invalid pin_assignments (git- fixes). * usb: typec: displayport: Fix potential deadlock (git-fixes). * usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes). * usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable- fixes). * usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes). * usb: typec: tcpm: allow switching to mode accessory to mux properly (stable- fixes). * usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes). * usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git- fixes). * usb: typec: ucsi: Add DATA_RESET option of Connector Reset command (git- fixes). * usb: typec: ucsi: Add qcm6490-pmic-glink as needing PDOS quirk (git-fixes). * usb: typec: ucsi: Delay alternate mode discovery (git-fixes). * usb: typec: ucsi: Fix busy loop on ASUS VivoBooks (git-fixes). * usb: typec: ucsi: Fix the partner PD revision (git-fixes). * usb: typec: ucsi: Get PD revision for partner (git-fixes). * usb: typec: ucsi: Only enable supported notifications (git-fixes). * usb: typec: ucsi: Set orientation as none when connector is unplugged (git- fixes). * usb: typec: ucsi: Update power_supply on power role change (git-fixes). * usb: typec: ucsi: add callback for connector status updates (git-fixes). * usb: typec: ucsi: add update_connector callback (git-fixes). * usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git- fixes). * usb: typec: ucsi: do not retrieve PDOs if not supported (git-fixes). * usb: typec: ucsi: extract code to read PD caps (git-fixes). * usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes). * usb: typec: ucsi: fix UCSI on SM8550 & SM8650 Qualcomm devices (git-fixes). * usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes). * usb: typec: ucsi: glink: fix off-by-one in connector_status (git-fixes). * usb: typec: ucsi: glink: increase max ports for x1e80100 (git-fixes). * usb: typec: ucsi: glink: move GPIO reading into connector_status callback (git-fixes). * usb: typec: ucsi: glink: use typec_set_orientation (git-fixes). * usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes). * usb: typec: ucsi: move ucsi_acknowledge() from ucsi_read_error() (git- fixes). * usb: typec: ucsi: properly register partner's PD device (git-fixes). * usb: typec: ucsi: support delaying GET_PDOS for device (git-fixes). * usb: typec: ucsi_acpi: Add LG Gram quirk (git-fixes). * usb: typec: ucsi_glink: drop NO_PARTNER_PDOS quirk for sm8550 / sm8650 (git- fixes). * usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk (git-fixes). * usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk on qcm6490 (git-fixes). * usb: typec: ucsi_glink: rework quirks implementation (git-fixes). * usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes). * usb: usbtmc: Fix timeout value in get_stb (git-fixes). * usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes). * usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git- fixes). * usb: xhci: quirk for data loss in ISOC transfers (stable-fixes). * usb:cdnsp: remove TRB_FLUSH_ENDPOINT command (stable-fixes). * usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes). * vgacon: Add check for vc_origin address range in vgacon_scroll() (git- fixes). * virtgpu: do not reset on shutdown (git-fixes). * vmci: Prevent the dispatching of uninitialized payloads (git-fixes). * vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626). * vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626). * vmxnet3: update MTU after device quiesce (bsc#1244626). * vt: add missing notification when switching back to text mode (stable- fixes). * vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes). * vt: keyboard: Do not process Unicode characters in K_OFF mode (git-fixes). * vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes). * watchdog: da9052_wdt: respect TWDMIN (stable-fixes). * watchdog: exar: Shorten identity name to fit correctly (git-fixes). * watchdog: fix watchdog may detect false positive of softlockup (stable- fixes). * watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes). * watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes). * watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git- fixes). * wifi: ath11k: Fix QMI memory reuse logic (stable-fixes). * wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git- fixes). * wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes). * wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes). * wifi: ath11k: do not use static variables in ath11k_debugfs_fw_stats_process() (git-fixes). * wifi: ath11k: do not wait when there is no vdev started (git-fixes). * wifi: ath11k: fix dest ring-buffer corruption (git-fixes). * wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes). * wifi: ath11k: fix node corruption in ar->arvifs list (git-fixes). * wifi: ath11k: fix ring-buffer corruption (git-fixes). * wifi: ath11k: fix rx completion meta data corruption (git-fixes). * wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes). * wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes). * wifi: ath11k: fix source ring-buffer corruption (git-fixes). * wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes). * wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes). * wifi: ath11k: update channel list in worker when wait flag is set (bsc#1243847). * wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes). * wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes). * wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes). * wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes). * wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes). * wifi: ath12k: Fix invalid memory access while forming 802.11 header (git- fixes). * wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes). * wifi: ath12k: Fix the QoS control field offset to build QoS header (git- fixes). * wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable- fixes). * wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes). * wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes). * wifi: ath12k: fix a possible dead lock caused by ab->base_lock (stable- fixes). * wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable- fixes). * wifi: ath12k: fix cleanup path after mhi init (git-fixes). * wifi: ath12k: fix dest ring-buffer corruption (git-fixes). * wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes). * wifi: ath12k: fix endianness handling while accessing wmi service bit (git- fixes). * wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes). * wifi: ath12k: fix incorrect CE addresses (stable-fixes). * wifi: ath12k: fix invalid access to memory (git-fixes). * wifi: ath12k: fix link valid field initialization in the monitor Rx (stable- fixes). * wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable- fixes). * wifi: ath12k: fix node corruption in ar->arvifs list (git-fixes). * wifi: ath12k: fix ring-buffer corruption (git-fixes). * wifi: ath12k: fix source ring-buffer corruption (git-fixes). * wifi: ath6kl: remove WARN on bad firmware input (stable-fixes). * wifi: ath9k: return by of_get_mac_address (stable-fixes). * wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes). * wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes). * wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes). * wifi: carl9170: do not ping device which has failed to load firmware (git- fixes). * wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes). * wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes). * wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes). * wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes). * wifi: iwlwifi: add support for Killer on MTL (stable-fixes). * wifi: iwlwifi: fix debug actions order (stable-fixes). * wifi: iwlwifi: pcie: make sure to lock rxq->read (stable-fixes). * wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes). * wifi: mac80211: Add link iteration macro for link data (stable-fixes). * wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes). * wifi: mac80211: Do not call fq_flow_idx() for management frames (git-fixes). * wifi: mac80211: Do not schedule stopped TXQs (git-fixes). * wifi: mac80211: VLAN traffic in multicast path (stable-fixes). * wifi: mac80211: chan: chandef is non-NULL for reserved (stable-fixes). * wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable- fixes). * wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable- fixes). * wifi: mac80211: drop invalid source address OCB frames (stable-fixes). * wifi: mac80211: fix beacon interval calculation overflow (git-fixes). * wifi: mac80211: reject TDLS operations when station is not associated (git- fixes). * wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes). * wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes). * wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes). * wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git- fixes). * wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes). * wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes). * wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes). * wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes). * wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes). * wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes). * wifi: mt76: mt7925: prevent multiple scan commands (git-fixes). * wifi: mt76: mt7925: refine the sniffer commnad (git-fixes). * wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable- fixes). * wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes). * wifi: mt76: mt7996: revise TXS size (stable-fixes). * wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes). * wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable- fixes). * wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes). * wifi: plfxlc: Fix error handling in usb driver probe (git-fixes). * wifi: prevent A-MSDU attacks in mesh networks (stable-fixes). * wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes). * wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git- fixes). * wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes). * wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes). * wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes). * wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes). * wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes). * wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes). * wifi: rtw88: do not ignore hardware read error during DPK (git-fixes). * wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (git- fixes). * wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git- fixes). * wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes). * wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes). * wifi: rtw89: add wiphy_lock() to work that isn't held wiphy_lock() yet (stable-fixes). * wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes). * wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes). * wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes). * wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes). * wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes). * x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes). * x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes). * x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes). * x86/mce/amd: Add default names for MCA banks and blocks (git-fixes). * x86/mce/amd: Fix threshold limit reset (git-fixes). * x86/mce: Do not remove sysfs if thresholding sysfs init fails (git-fixes). * x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git- fixes). * x86/microcode/AMD: Add get_patch_level() (git-fixes). * x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes). * x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes). * x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes). * x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes). * x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes). * x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes). * x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes). * x86/microcode: Consolidate the loader enablement checking (git-fixes). * x86/mm/init: Handle the special case of device private pages in add_pages(), to not increase max_pfn and trigger dma_addressing_limited() bounce buffers (git-fixes). * x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git- fixes). * x86/traps: Initialize DR6 by writing its architectural reset value (git- fixes). * x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes). * x86/xen: fix balloon target initialization for PVH dom0 (git-fixes). * x86: UV RTC: Add parameter to disable RTC clocksource (bsc#1241345). * xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes) * xen/x86: fix initial memory balloon target (git-fixes). * xfs: fix off-by-one error in fsmap's end_daddr usage (bsc#1235837). * xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes). * xfs: remove unused event xfs_alloc_near_error (git-fixes). * xfs: remove unused event xfs_alloc_near_nominleft (git-fixes). * xfs: remove unused event xfs_attr_node_removename (git-fixes). * xfs: remove unused event xfs_ioctl_clone (git-fixes). * xfs: remove unused event xfs_pagecache_inval (git-fixes). * xfs: remove unused event xlog_iclog_want_sync (git-fixes). * xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes). * xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes). * xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes). * xfs: remove unused xfs_attr events (git-fixes). * xfs: remove unused xfs_reflink_compare_extents events (git-fixes). * xfs: remove usused xfs_end_io_direct events (git-fixes). * xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git- fixes). * xhci: dbc: Flush queued requests before stopping dbc (git-fixes). * xhci: dbctty: disable ECHO flag by default (git-fixes). * xsk: always clear DMA mapping information when unmapping the pool (git- fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Confidential Computing Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Confidential-Computing-15-SP6-2025-2923=1 ## Package List: * Confidential Computing Module 15-SP6 (nosrc x86_64) * kernel-coco-6.4.0-15061.28.coco15sp6.1 * kernel-coco_debug-6.4.0-15061.28.coco15sp6.1 * Confidential Computing Module 15-SP6 (x86_64) * kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1 * kernel-coco-devel-6.4.0-15061.28.coco15sp6.1 * kernel-coco_debug-debuginfo-6.4.0-15061.28.coco15sp6.1 * kernel-coco_debug-devel-debuginfo-6.4.0-15061.28.coco15sp6.1 * kernel-coco-debuginfo-6.4.0-15061.28.coco15sp6.1 * reiserfs-kmp-coco-debuginfo-6.4.0-15061.28.coco15sp6.1 * kernel-coco-debugsource-6.4.0-15061.28.coco15sp6.1 * reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1 * kernel-coco-vdso-debuginfo-6.4.0-15061.28.coco15sp6.1 * kernel-syms-coco-6.4.0-15061.28.coco15sp6.1 * kernel-coco_debug-debugsource-6.4.0-15061.28.coco15sp6.1 * Confidential Computing Module 15-SP6 (noarch) * kernel-devel-coco-6.4.0-15061.28.coco15sp6.1 * kernel-source-coco-6.4.0-15061.28.coco15sp6.1 ## References: * https://www.suse.com/security/cve/CVE-2019-11135.html * https://www.suse.com/security/cve/CVE-2023-52888.html * https://www.suse.com/security/cve/CVE-2023-53146.html * https://www.suse.com/security/cve/CVE-2024-26831.html * https://www.suse.com/security/cve/CVE-2024-36028.html * https://www.suse.com/security/cve/CVE-2024-36348.html * https://www.suse.com/security/cve/CVE-2024-36349.html * https://www.suse.com/security/cve/CVE-2024-36350.html * https://www.suse.com/security/cve/CVE-2024-36357.html * https://www.suse.com/security/cve/CVE-2024-43869.html * https://www.suse.com/security/cve/CVE-2024-44963.html * https://www.suse.com/security/cve/CVE-2024-49568.html * https://www.suse.com/security/cve/CVE-2024-49861.html * https://www.suse.com/security/cve/CVE-2024-50106.html * https://www.suse.com/security/cve/CVE-2024-56613.html * https://www.suse.com/security/cve/CVE-2024-56699.html * https://www.suse.com/security/cve/CVE-2024-56742.html * https://www.suse.com/security/cve/CVE-2024-57947.html * https://www.suse.com/security/cve/CVE-2024-57982.html * https://www.suse.com/security/cve/CVE-2024-58053.html * https://www.suse.com/security/cve/CVE-2024-58098.html * https://www.suse.com/security/cve/CVE-2024-58099.html * https://www.suse.com/security/cve/CVE-2024-58100.html * https://www.suse.com/security/cve/CVE-2024-58237.html * https://www.suse.com/security/cve/CVE-2025-21629.html * https://www.suse.com/security/cve/CVE-2025-21658.html * https://www.suse.com/security/cve/CVE-2025-21720.html * https://www.suse.com/security/cve/CVE-2025-21839.html * https://www.suse.com/security/cve/CVE-2025-21854.html * https://www.suse.com/security/cve/CVE-2025-21868.html * https://www.suse.com/security/cve/CVE-2025-21872.html * https://www.suse.com/security/cve/CVE-2025-21898.html * https://www.suse.com/security/cve/CVE-2025-21899.html * https://www.suse.com/security/cve/CVE-2025-21920.html * https://www.suse.com/security/cve/CVE-2025-21938.html * https://www.suse.com/security/cve/CVE-2025-21959.html * https://www.suse.com/security/cve/CVE-2025-21997.html * https://www.suse.com/security/cve/CVE-2025-22005.html * https://www.suse.com/security/cve/CVE-2025-22035.html * https://www.suse.com/security/cve/CVE-2025-22066.html * https://www.suse.com/security/cve/CVE-2025-22083.html * https://www.suse.com/security/cve/CVE-2025-22089.html * https://www.suse.com/security/cve/CVE-2025-22090.html * https://www.suse.com/security/cve/CVE-2025-22095.html * https://www.suse.com/security/cve/CVE-2025-22111.html * https://www.suse.com/security/cve/CVE-2025-22113.html * https://www.suse.com/security/cve/CVE-2025-22119.html * https://www.suse.com/security/cve/CVE-2025-22120.html * https://www.suse.com/security/cve/CVE-2025-22124.html * https://www.suse.com/security/cve/CVE-2025-23141.html * https://www.suse.com/security/cve/CVE-2025-23142.html * https://www.suse.com/security/cve/CVE-2025-23144.html * https://www.suse.com/security/cve/CVE-2025-23146.html * https://www.suse.com/security/cve/CVE-2025-23147.html * https://www.suse.com/security/cve/CVE-2025-23148.html * https://www.suse.com/security/cve/CVE-2025-23149.html * https://www.suse.com/security/cve/CVE-2025-23151.html * https://www.suse.com/security/cve/CVE-2025-23155.html * https://www.suse.com/security/cve/CVE-2025-23156.html * https://www.suse.com/security/cve/CVE-2025-23157.html * https://www.suse.com/security/cve/CVE-2025-23158.html * https://www.suse.com/security/cve/CVE-2025-23159.html * https://www.suse.com/security/cve/CVE-2025-23161.html * https://www.suse.com/security/cve/CVE-2025-23163.html * https://www.suse.com/security/cve/CVE-2025-37738.html * https://www.suse.com/security/cve/CVE-2025-37740.html * https://www.suse.com/security/cve/CVE-2025-37741.html * https://www.suse.com/security/cve/CVE-2025-37742.html * https://www.suse.com/security/cve/CVE-2025-37743.html * https://www.suse.com/security/cve/CVE-2025-37747.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37754.html * https://www.suse.com/security/cve/CVE-2025-37756.html * https://www.suse.com/security/cve/CVE-2025-37757.html * https://www.suse.com/security/cve/CVE-2025-37758.html * https://www.suse.com/security/cve/CVE-2025-37765.html * https://www.suse.com/security/cve/CVE-2025-37766.html * https://www.suse.com/security/cve/CVE-2025-37767.html * https://www.suse.com/security/cve/CVE-2025-37768.html * https://www.suse.com/security/cve/CVE-2025-37769.html * https://www.suse.com/security/cve/CVE-2025-37770.html * https://www.suse.com/security/cve/CVE-2025-37771.html * https://www.suse.com/security/cve/CVE-2025-37772.html * https://www.suse.com/security/cve/CVE-2025-37781.html * https://www.suse.com/security/cve/CVE-2025-37782.html * https://www.suse.com/security/cve/CVE-2025-37786.html * https://www.suse.com/security/cve/CVE-2025-37788.html * https://www.suse.com/security/cve/CVE-2025-37792.html * https://www.suse.com/security/cve/CVE-2025-37793.html * https://www.suse.com/security/cve/CVE-2025-37794.html * https://www.suse.com/security/cve/CVE-2025-37796.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-37800.html * https://www.suse.com/security/cve/CVE-2025-37801.html * https://www.suse.com/security/cve/CVE-2025-37805.html * https://www.suse.com/security/cve/CVE-2025-37810.html * https://www.suse.com/security/cve/CVE-2025-37811.html * https://www.suse.com/security/cve/CVE-2025-37812.html * https://www.suse.com/security/cve/CVE-2025-37815.html * https://www.suse.com/security/cve/CVE-2025-37819.html * https://www.suse.com/security/cve/CVE-2025-37836.html * https://www.suse.com/security/cve/CVE-2025-37839.html * https://www.suse.com/security/cve/CVE-2025-37840.html * https://www.suse.com/security/cve/CVE-2025-37841.html * https://www.suse.com/security/cve/CVE-2025-37844.html * https://www.suse.com/security/cve/CVE-2025-37849.html * https://www.suse.com/security/cve/CVE-2025-37850.html * https://www.suse.com/security/cve/CVE-2025-37851.html * https://www.suse.com/security/cve/CVE-2025-37852.html * https://www.suse.com/security/cve/CVE-2025-37853.html * https://www.suse.com/security/cve/CVE-2025-37854.html * https://www.suse.com/security/cve/CVE-2025-37856.html * https://www.suse.com/security/cve/CVE-2025-37858.html * https://www.suse.com/security/cve/CVE-2025-37859.html * https://www.suse.com/security/cve/CVE-2025-37862.html * https://www.suse.com/security/cve/CVE-2025-37864.html * https://www.suse.com/security/cve/CVE-2025-37865.html * https://www.suse.com/security/cve/CVE-2025-37867.html * https://www.suse.com/security/cve/CVE-2025-37871.html * https://www.suse.com/security/cve/CVE-2025-37873.html * https://www.suse.com/security/cve/CVE-2025-37874.html * https://www.suse.com/security/cve/CVE-2025-37875.html * https://www.suse.com/security/cve/CVE-2025-37881.html * https://www.suse.com/security/cve/CVE-2025-37884.html * https://www.suse.com/security/cve/CVE-2025-37885.html * https://www.suse.com/security/cve/CVE-2025-37889.html * https://www.suse.com/security/cve/CVE-2025-37890.html * https://www.suse.com/security/cve/CVE-2025-37891.html * https://www.suse.com/security/cve/CVE-2025-37892.html * https://www.suse.com/security/cve/CVE-2025-37897.html * https://www.suse.com/security/cve/CVE-2025-37900.html * https://www.suse.com/security/cve/CVE-2025-37901.html * https://www.suse.com/security/cve/CVE-2025-37903.html * https://www.suse.com/security/cve/CVE-2025-37905.html * https://www.suse.com/security/cve/CVE-2025-37909.html * https://www.suse.com/security/cve/CVE-2025-37911.html * https://www.suse.com/security/cve/CVE-2025-37912.html * https://www.suse.com/security/cve/CVE-2025-37913.html * https://www.suse.com/security/cve/CVE-2025-37914.html * https://www.suse.com/security/cve/CVE-2025-37915.html * https://www.suse.com/security/cve/CVE-2025-37917.html * https://www.suse.com/security/cve/CVE-2025-37918.html * https://www.suse.com/security/cve/CVE-2025-37920.html * https://www.suse.com/security/cve/CVE-2025-37921.html * https://www.suse.com/security/cve/CVE-2025-37923.html * https://www.suse.com/security/cve/CVE-2025-37925.html * https://www.suse.com/security/cve/CVE-2025-37927.html * https://www.suse.com/security/cve/CVE-2025-37928.html * https://www.suse.com/security/cve/CVE-2025-37929.html * https://www.suse.com/security/cve/CVE-2025-37930.html * https://www.suse.com/security/cve/CVE-2025-37931.html * https://www.suse.com/security/cve/CVE-2025-37932.html * https://www.suse.com/security/cve/CVE-2025-37933.html * https://www.suse.com/security/cve/CVE-2025-37936.html * https://www.suse.com/security/cve/CVE-2025-37937.html * https://www.suse.com/security/cve/CVE-2025-37938.html * https://www.suse.com/security/cve/CVE-2025-37943.html * https://www.suse.com/security/cve/CVE-2025-37944.html * https://www.suse.com/security/cve/CVE-2025-37945.html * https://www.suse.com/security/cve/CVE-2025-37946.html * https://www.suse.com/security/cve/CVE-2025-37948.html * https://www.suse.com/security/cve/CVE-2025-37951.html * https://www.suse.com/security/cve/CVE-2025-37953.html * https://www.suse.com/security/cve/CVE-2025-37954.html * https://www.suse.com/security/cve/CVE-2025-37959.html * https://www.suse.com/security/cve/CVE-2025-37961.html * https://www.suse.com/security/cve/CVE-2025-37963.html * https://www.suse.com/security/cve/CVE-2025-37967.html * https://www.suse.com/security/cve/CVE-2025-37968.html * https://www.suse.com/security/cve/CVE-2025-37969.html * https://www.suse.com/security/cve/CVE-2025-37970.html * https://www.suse.com/security/cve/CVE-2025-37972.html * https://www.suse.com/security/cve/CVE-2025-37973.html * https://www.suse.com/security/cve/CVE-2025-37978.html * https://www.suse.com/security/cve/CVE-2025-37979.html * https://www.suse.com/security/cve/CVE-2025-37980.html * https://www.suse.com/security/cve/CVE-2025-37982.html * https://www.suse.com/security/cve/CVE-2025-37983.html * https://www.suse.com/security/cve/CVE-2025-37984.html * https://www.suse.com/security/cve/CVE-2025-37985.html * https://www.suse.com/security/cve/CVE-2025-37986.html * https://www.suse.com/security/cve/CVE-2025-37987.html * https://www.suse.com/security/cve/CVE-2025-37989.html * https://www.suse.com/security/cve/CVE-2025-37990.html * https://www.suse.com/security/cve/CVE-2025-37992.html * https://www.suse.com/security/cve/CVE-2025-37994.html * https://www.suse.com/security/cve/CVE-2025-37995.html * https://www.suse.com/security/cve/CVE-2025-37997.html * https://www.suse.com/security/cve/CVE-2025-37998.html * https://www.suse.com/security/cve/CVE-2025-38000.html * https://www.suse.com/security/cve/CVE-2025-38001.html * https://www.suse.com/security/cve/CVE-2025-38003.html * https://www.suse.com/security/cve/CVE-2025-38004.html * https://www.suse.com/security/cve/CVE-2025-38005.html * https://www.suse.com/security/cve/CVE-2025-38007.html * https://www.suse.com/security/cve/CVE-2025-38009.html * https://www.suse.com/security/cve/CVE-2025-38010.html * https://www.suse.com/security/cve/CVE-2025-38011.html * https://www.suse.com/security/cve/CVE-2025-38013.html * https://www.suse.com/security/cve/CVE-2025-38014.html * https://www.suse.com/security/cve/CVE-2025-38015.html * https://www.suse.com/security/cve/CVE-2025-38018.html * https://www.suse.com/security/cve/CVE-2025-38020.html * https://www.suse.com/security/cve/CVE-2025-38022.html * https://www.suse.com/security/cve/CVE-2025-38023.html * https://www.suse.com/security/cve/CVE-2025-38024.html * https://www.suse.com/security/cve/CVE-2025-38027.html * https://www.suse.com/security/cve/CVE-2025-38031.html * https://www.suse.com/security/cve/CVE-2025-38034.html * https://www.suse.com/security/cve/CVE-2025-38035.html * https://www.suse.com/security/cve/CVE-2025-38040.html * https://www.suse.com/security/cve/CVE-2025-38043.html * https://www.suse.com/security/cve/CVE-2025-38044.html * https://www.suse.com/security/cve/CVE-2025-38045.html * https://www.suse.com/security/cve/CVE-2025-38051.html * https://www.suse.com/security/cve/CVE-2025-38052.html * https://www.suse.com/security/cve/CVE-2025-38053.html * https://www.suse.com/security/cve/CVE-2025-38057.html * https://www.suse.com/security/cve/CVE-2025-38058.html * https://www.suse.com/security/cve/CVE-2025-38059.html * https://www.suse.com/security/cve/CVE-2025-38060.html * https://www.suse.com/security/cve/CVE-2025-38061.html * https://www.suse.com/security/cve/CVE-2025-38062.html * https://www.suse.com/security/cve/CVE-2025-38063.html * https://www.suse.com/security/cve/CVE-2025-38064.html * https://www.suse.com/security/cve/CVE-2025-38065.html * https://www.suse.com/security/cve/CVE-2025-38068.html * https://www.suse.com/security/cve/CVE-2025-38072.html * https://www.suse.com/security/cve/CVE-2025-38074.html * https://www.suse.com/security/cve/CVE-2025-38077.html * https://www.suse.com/security/cve/CVE-2025-38078.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38080.html * https://www.suse.com/security/cve/CVE-2025-38081.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38084.html * https://www.suse.com/security/cve/CVE-2025-38085.html * https://www.suse.com/security/cve/CVE-2025-38087.html * https://www.suse.com/security/cve/CVE-2025-38088.html * https://www.suse.com/security/cve/CVE-2025-38089.html * https://www.suse.com/security/cve/CVE-2025-38090.html * https://www.suse.com/security/cve/CVE-2025-38094.html * https://www.suse.com/security/cve/CVE-2025-38095.html * https://www.suse.com/security/cve/CVE-2025-38097.html * https://www.suse.com/security/cve/CVE-2025-38098.html * https://www.suse.com/security/cve/CVE-2025-38099.html * https://www.suse.com/security/cve/CVE-2025-38100.html * https://www.suse.com/security/cve/CVE-2025-38102.html * https://www.suse.com/security/cve/CVE-2025-38104.html * https://www.suse.com/security/cve/CVE-2025-38105.html * https://www.suse.com/security/cve/CVE-2025-38107.html * https://www.suse.com/security/cve/CVE-2025-38108.html * https://www.suse.com/security/cve/CVE-2025-38109.html * https://www.suse.com/security/cve/CVE-2025-38110.html * https://www.suse.com/security/cve/CVE-2025-38111.html * https://www.suse.com/security/cve/CVE-2025-38112.html * https://www.suse.com/security/cve/CVE-2025-38113.html * https://www.suse.com/security/cve/CVE-2025-38115.html * https://www.suse.com/security/cve/CVE-2025-38117.html * https://www.suse.com/security/cve/CVE-2025-38118.html * https://www.suse.com/security/cve/CVE-2025-38120.html * https://www.suse.com/security/cve/CVE-2025-38122.html * https://www.suse.com/security/cve/CVE-2025-38123.html * https://www.suse.com/security/cve/CVE-2025-38124.html * https://www.suse.com/security/cve/CVE-2025-38126.html * https://www.suse.com/security/cve/CVE-2025-38127.html * https://www.suse.com/security/cve/CVE-2025-38129.html * https://www.suse.com/security/cve/CVE-2025-38131.html * https://www.suse.com/security/cve/CVE-2025-38132.html * https://www.suse.com/security/cve/CVE-2025-38135.html * https://www.suse.com/security/cve/CVE-2025-38136.html * https://www.suse.com/security/cve/CVE-2025-38138.html * https://www.suse.com/security/cve/CVE-2025-38142.html * https://www.suse.com/security/cve/CVE-2025-38143.html * https://www.suse.com/security/cve/CVE-2025-38145.html * https://www.suse.com/security/cve/CVE-2025-38147.html * https://www.suse.com/security/cve/CVE-2025-38148.html * https://www.suse.com/security/cve/CVE-2025-38149.html * https://www.suse.com/security/cve/CVE-2025-38151.html * https://www.suse.com/security/cve/CVE-2025-38153.html * https://www.suse.com/security/cve/CVE-2025-38154.html * https://www.suse.com/security/cve/CVE-2025-38155.html * https://www.suse.com/security/cve/CVE-2025-38157.html * https://www.suse.com/security/cve/CVE-2025-38158.html * https://www.suse.com/security/cve/CVE-2025-38159.html * https://www.suse.com/security/cve/CVE-2025-38161.html * https://www.suse.com/security/cve/CVE-2025-38162.html * https://www.suse.com/security/cve/CVE-2025-38165.html * https://www.suse.com/security/cve/CVE-2025-38166.html * https://www.suse.com/security/cve/CVE-2025-38173.html * https://www.suse.com/security/cve/CVE-2025-38174.html * https://www.suse.com/security/cve/CVE-2025-38177.html * https://www.suse.com/security/cve/CVE-2025-38180.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38182.html * https://www.suse.com/security/cve/CVE-2025-38183.html * https://www.suse.com/security/cve/CVE-2025-38187.html * https://www.suse.com/security/cve/CVE-2025-38188.html * https://www.suse.com/security/cve/CVE-2025-38192.html * https://www.suse.com/security/cve/CVE-2025-38193.html * https://www.suse.com/security/cve/CVE-2025-38194.html * https://www.suse.com/security/cve/CVE-2025-38197.html * https://www.suse.com/security/cve/CVE-2025-38198.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38202.html * https://www.suse.com/security/cve/CVE-2025-38203.html * https://www.suse.com/security/cve/CVE-2025-38204.html * https://www.suse.com/security/cve/CVE-2025-38206.html * https://www.suse.com/security/cve/CVE-2025-38210.html * https://www.suse.com/security/cve/CVE-2025-38211.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38214.html * https://www.suse.com/security/cve/CVE-2025-38215.html * https://www.suse.com/security/cve/CVE-2025-38217.html * https://www.suse.com/security/cve/CVE-2025-38220.html * https://www.suse.com/security/cve/CVE-2025-38222.html * https://www.suse.com/security/cve/CVE-2025-38225.html * https://www.suse.com/security/cve/CVE-2025-38226.html * https://www.suse.com/security/cve/CVE-2025-38227.html * https://www.suse.com/security/cve/CVE-2025-38229.html * https://www.suse.com/security/cve/CVE-2025-38231.html * https://www.suse.com/security/cve/CVE-2025-38236.html * https://www.suse.com/security/cve/CVE-2025-38239.html * https://www.suse.com/security/cve/CVE-2025-38240.html * https://www.suse.com/security/cve/CVE-2025-38244.html * https://www.suse.com/security/cve/CVE-2025-38246.html * https://www.suse.com/security/cve/CVE-2025-38248.html * https://www.suse.com/security/cve/CVE-2025-38249.html * https://www.suse.com/security/cve/CVE-2025-38250.html * https://www.suse.com/security/cve/CVE-2025-38257.html * https://www.suse.com/security/cve/CVE-2025-38259.html * https://www.suse.com/security/cve/CVE-2025-38264.html * https://www.suse.com/security/cve/CVE-2025-38272.html * https://www.suse.com/security/cve/CVE-2025-38273.html * https://www.suse.com/security/cve/CVE-2025-38275.html * https://www.suse.com/security/cve/CVE-2025-38277.html * https://www.suse.com/security/cve/CVE-2025-38279.html * https://www.suse.com/security/cve/CVE-2025-38283.html * https://www.suse.com/security/cve/CVE-2025-38286.html * https://www.suse.com/security/cve/CVE-2025-38289.html * https://www.suse.com/security/cve/CVE-2025-38290.html * https://www.suse.com/security/cve/CVE-2025-38292.html * https://www.suse.com/security/cve/CVE-2025-38293.html * https://www.suse.com/security/cve/CVE-2025-38300.html * https://www.suse.com/security/cve/CVE-2025-38303.html * https://www.suse.com/security/cve/CVE-2025-38304.html * https://www.suse.com/security/cve/CVE-2025-38305.html * https://www.suse.com/security/cve/CVE-2025-38307.html * https://www.suse.com/security/cve/CVE-2025-38310.html * https://www.suse.com/security/cve/CVE-2025-38312.html * https://www.suse.com/security/cve/CVE-2025-38313.html * https://www.suse.com/security/cve/CVE-2025-38319.html * https://www.suse.com/security/cve/CVE-2025-38323.html * https://www.suse.com/security/cve/CVE-2025-38326.html * https://www.suse.com/security/cve/CVE-2025-38328.html * https://www.suse.com/security/cve/CVE-2025-38332.html * https://www.suse.com/security/cve/CVE-2025-38334.html * https://www.suse.com/security/cve/CVE-2025-38335.html * https://www.suse.com/security/cve/CVE-2025-38336.html * https://www.suse.com/security/cve/CVE-2025-38337.html * https://www.suse.com/security/cve/CVE-2025-38338.html * https://www.suse.com/security/cve/CVE-2025-38342.html * https://www.suse.com/security/cve/CVE-2025-38343.html * https://www.suse.com/security/cve/CVE-2025-38344.html * https://www.suse.com/security/cve/CVE-2025-38345.html * https://www.suse.com/security/cve/CVE-2025-38348.html * https://www.suse.com/security/cve/CVE-2025-38349.html * https://www.suse.com/security/cve/CVE-2025-38350.html * https://www.suse.com/security/cve/CVE-2025-38352.html * https://www.suse.com/security/cve/CVE-2025-38354.html * https://www.suse.com/security/cve/CVE-2025-38362.html * https://www.suse.com/security/cve/CVE-2025-38363.html * https://www.suse.com/security/cve/CVE-2025-38364.html * https://www.suse.com/security/cve/CVE-2025-38365.html * https://www.suse.com/security/cve/CVE-2025-38369.html * https://www.suse.com/security/cve/CVE-2025-38371.html * https://www.suse.com/security/cve/CVE-2025-38373.html * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-38376.html * https://www.suse.com/security/cve/CVE-2025-38377.html * https://www.suse.com/security/cve/CVE-2025-38380.html * https://www.suse.com/security/cve/CVE-2025-38382.html * https://www.suse.com/security/cve/CVE-2025-38384.html * https://www.suse.com/security/cve/CVE-2025-38385.html * https://www.suse.com/security/cve/CVE-2025-38386.html * https://www.suse.com/security/cve/CVE-2025-38387.html * https://www.suse.com/security/cve/CVE-2025-38389.html * https://www.suse.com/security/cve/CVE-2025-38391.html * https://www.suse.com/security/cve/CVE-2025-38392.html * https://www.suse.com/security/cve/CVE-2025-38393.html * https://www.suse.com/security/cve/CVE-2025-38395.html * https://www.suse.com/security/cve/CVE-2025-38396.html * https://www.suse.com/security/cve/CVE-2025-38399.html * https://www.suse.com/security/cve/CVE-2025-38400.html * https://www.suse.com/security/cve/CVE-2025-38401.html * https://www.suse.com/security/cve/CVE-2025-38403.html * https://www.suse.com/security/cve/CVE-2025-38404.html * https://www.suse.com/security/cve/CVE-2025-38406.html * https://www.suse.com/security/cve/CVE-2025-38409.html * https://www.suse.com/security/cve/CVE-2025-38410.html * https://www.suse.com/security/cve/CVE-2025-38412.html * https://www.suse.com/security/cve/CVE-2025-38414.html * https://www.suse.com/security/cve/CVE-2025-38415.html * https://www.suse.com/security/cve/CVE-2025-38416.html * https://www.suse.com/security/cve/CVE-2025-38420.html * https://www.suse.com/security/cve/CVE-2025-38424.html * https://www.suse.com/security/cve/CVE-2025-38425.html * https://www.suse.com/security/cve/CVE-2025-38426.html * https://www.suse.com/security/cve/CVE-2025-38428.html * https://www.suse.com/security/cve/CVE-2025-38429.html * https://www.suse.com/security/cve/CVE-2025-38430.html * https://www.suse.com/security/cve/CVE-2025-38436.html * https://www.suse.com/security/cve/CVE-2025-38443.html * https://www.suse.com/security/cve/CVE-2025-38448.html * https://www.suse.com/security/cve/CVE-2025-38449.html * https://www.suse.com/security/cve/CVE-2025-38455.html * https://www.suse.com/security/cve/CVE-2025-38457.html * https://www.suse.com/security/cve/CVE-2025-38460.html * https://www.suse.com/security/cve/CVE-2025-38461.html * https://www.suse.com/security/cve/CVE-2025-38462.html * https://www.suse.com/security/cve/CVE-2025-38463.html * https://www.suse.com/security/cve/CVE-2025-38465.html * https://www.suse.com/security/cve/CVE-2025-38467.html * https://www.suse.com/security/cve/CVE-2025-38468.html * https://www.suse.com/security/cve/CVE-2025-38470.html * https://www.suse.com/security/cve/CVE-2025-38471.html * https://www.suse.com/security/cve/CVE-2025-38473.html * https://www.suse.com/security/cve/CVE-2025-38474.html * https://www.suse.com/security/cve/CVE-2025-38476.html * https://www.suse.com/security/cve/CVE-2025-38477.html * https://www.suse.com/security/cve/CVE-2025-38478.html * https://www.suse.com/security/cve/CVE-2025-38480.html * https://www.suse.com/security/cve/CVE-2025-38481.html * https://www.suse.com/security/cve/CVE-2025-38482.html * https://www.suse.com/security/cve/CVE-2025-38483.html * https://www.suse.com/security/cve/CVE-2025-38485.html * https://www.suse.com/security/cve/CVE-2025-38487.html * https://www.suse.com/security/cve/CVE-2025-38489.html * https://www.suse.com/security/cve/CVE-2025-38490.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://www.suse.com/security/cve/CVE-2025-38496.html * https://www.suse.com/security/cve/CVE-2025-38497.html * https://www.suse.com/security/cve/CVE-2025-38498.html * https://www.suse.com/security/cve/CVE-2025-39735.html * https://www.suse.com/security/cve/CVE-2025-40014.html * https://bugzilla.suse.com/show_bug.cgi?id=1012628 * https://bugzilla.suse.com/show_bug.cgi?id=1139073 * https://bugzilla.suse.com/show_bug.cgi?id=1204142 * https://bugzilla.suse.com/show_bug.cgi?id=1210025 * https://bugzilla.suse.com/show_bug.cgi?id=1211226 * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1218184 * https://bugzilla.suse.com/show_bug.cgi?id=1219338 * https://bugzilla.suse.com/show_bug.cgi?id=1220112 * https://bugzilla.suse.com/show_bug.cgi?id=1223008 * https://bugzilla.suse.com/show_bug.cgi?id=1225707 * https://bugzilla.suse.com/show_bug.cgi?id=1226498 * https://bugzilla.suse.com/show_bug.cgi?id=1228557 * https://bugzilla.suse.com/show_bug.cgi?id=1228854 * https://bugzilla.suse.com/show_bug.cgi?id=1229491 * https://bugzilla.suse.com/show_bug.cgi?id=1230216 * https://bugzilla.suse.com/show_bug.cgi?id=1232504 * https://bugzilla.suse.com/show_bug.cgi?id=1232882 * https://bugzilla.suse.com/show_bug.cgi?id=1233300 * https://bugzilla.suse.com/show_bug.cgi?id=1235490 * https://bugzilla.suse.com/show_bug.cgi?id=1235613 * https://bugzilla.suse.com/show_bug.cgi?id=1235728 * https://bugzilla.suse.com/show_bug.cgi?id=1235837 * https://bugzilla.suse.com/show_bug.cgi?id=1235968 * https://bugzilla.suse.com/show_bug.cgi?id=1236208 * https://bugzilla.suse.com/show_bug.cgi?id=1236333 * https://bugzilla.suse.com/show_bug.cgi?id=1236897 * https://bugzilla.suse.com/show_bug.cgi?id=1237312 * https://bugzilla.suse.com/show_bug.cgi?id=1237913 * https://bugzilla.suse.com/show_bug.cgi?id=1238212 * https://bugzilla.suse.com/show_bug.cgi?id=1238859 * https://bugzilla.suse.com/show_bug.cgi?id=1238896 * https://bugzilla.suse.com/show_bug.cgi?id=1238982 * https://bugzilla.suse.com/show_bug.cgi?id=1239061 * https://bugzilla.suse.com/show_bug.cgi?id=1239470 * https://bugzilla.suse.com/show_bug.cgi?id=1239925 * https://bugzilla.suse.com/show_bug.cgi?id=1240180 * https://bugzilla.suse.com/show_bug.cgi?id=1240323 * https://bugzilla.suse.com/show_bug.cgi?id=1240577 * https://bugzilla.suse.com/show_bug.cgi?id=1240610 * https://bugzilla.suse.com/show_bug.cgi?id=1240686 * https://bugzilla.suse.com/show_bug.cgi?id=1240723 * https://bugzilla.suse.com/show_bug.cgi?id=1240814 * https://bugzilla.suse.com/show_bug.cgi?id=1240823 * https://bugzilla.suse.com/show_bug.cgi?id=1240866 * https://bugzilla.suse.com/show_bug.cgi?id=1240885 * https://bugzilla.suse.com/show_bug.cgi?id=1240966 * https://bugzilla.suse.com/show_bug.cgi?id=1241166 * https://bugzilla.suse.com/show_bug.cgi?id=1241278 * https://bugzilla.suse.com/show_bug.cgi?id=1241340 * https://bugzilla.suse.com/show_bug.cgi?id=1241345 * https://bugzilla.suse.com/show_bug.cgi?id=1241414 * https://bugzilla.suse.com/show_bug.cgi?id=1241457 * https://bugzilla.suse.com/show_bug.cgi?id=1241492 * https://bugzilla.suse.com/show_bug.cgi?id=1241519 * https://bugzilla.suse.com/show_bug.cgi?id=1241537 * https://bugzilla.suse.com/show_bug.cgi?id=1241538 * https://bugzilla.suse.com/show_bug.cgi?id=1241544 * https://bugzilla.suse.com/show_bug.cgi?id=1241572 * https://bugzilla.suse.com/show_bug.cgi?id=1241576 * https://bugzilla.suse.com/show_bug.cgi?id=1241590 * https://bugzilla.suse.com/show_bug.cgi?id=1241592 * https://bugzilla.suse.com/show_bug.cgi?id=1241595 * https://bugzilla.suse.com/show_bug.cgi?id=1241617 * https://bugzilla.suse.com/show_bug.cgi?id=1241625 * https://bugzilla.suse.com/show_bug.cgi?id=1241635 * https://bugzilla.suse.com/show_bug.cgi?id=1241644 * https://bugzilla.suse.com/show_bug.cgi?id=1241654 * https://bugzilla.suse.com/show_bug.cgi?id=1242035 * https://bugzilla.suse.com/show_bug.cgi?id=1242044 * https://bugzilla.suse.com/show_bug.cgi?id=1242086 * https://bugzilla.suse.com/show_bug.cgi?id=1242163 * https://bugzilla.suse.com/show_bug.cgi?id=1242343 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242501 * https://bugzilla.suse.com/show_bug.cgi?id=1242504 * https://bugzilla.suse.com/show_bug.cgi?id=1242512 * https://bugzilla.suse.com/show_bug.cgi?id=1242514 * https://bugzilla.suse.com/show_bug.cgi?id=1242515 * https://bugzilla.suse.com/show_bug.cgi?id=1242520 * https://bugzilla.suse.com/show_bug.cgi?id=1242521 * https://bugzilla.suse.com/show_bug.cgi?id=1242524 * https://bugzilla.suse.com/show_bug.cgi?id=1242529 * https://bugzilla.suse.com/show_bug.cgi?id=1242530 * https://bugzilla.suse.com/show_bug.cgi?id=1242531 * https://bugzilla.suse.com/show_bug.cgi?id=1242532 * https://bugzilla.suse.com/show_bug.cgi?id=1242556 * https://bugzilla.suse.com/show_bug.cgi?id=1242559 * https://bugzilla.suse.com/show_bug.cgi?id=1242563 * https://bugzilla.suse.com/show_bug.cgi?id=1242564 * https://bugzilla.suse.com/show_bug.cgi?id=1242565 * https://bugzilla.suse.com/show_bug.cgi?id=1242566 * https://bugzilla.suse.com/show_bug.cgi?id=1242567 * https://bugzilla.suse.com/show_bug.cgi?id=1242568 * https://bugzilla.suse.com/show_bug.cgi?id=1242569 * https://bugzilla.suse.com/show_bug.cgi?id=1242573 * https://bugzilla.suse.com/show_bug.cgi?id=1242574 * https://bugzilla.suse.com/show_bug.cgi?id=1242575 * https://bugzilla.suse.com/show_bug.cgi?id=1242578 * https://bugzilla.suse.com/show_bug.cgi?id=1242584 * https://bugzilla.suse.com/show_bug.cgi?id=1242587 * https://bugzilla.suse.com/show_bug.cgi?id=1242591 * https://bugzilla.suse.com/show_bug.cgi?id=1242709 * https://bugzilla.suse.com/show_bug.cgi?id=1242725 * https://bugzilla.suse.com/show_bug.cgi?id=1242727 * https://bugzilla.suse.com/show_bug.cgi?id=1242758 * https://bugzilla.suse.com/show_bug.cgi?id=1242760 * https://bugzilla.suse.com/show_bug.cgi?id=1242761 * https://bugzilla.suse.com/show_bug.cgi?id=1242764 * https://bugzilla.suse.com/show_bug.cgi?id=1242766 * https://bugzilla.suse.com/show_bug.cgi?id=1242770 * https://bugzilla.suse.com/show_bug.cgi?id=1242781 * https://bugzilla.suse.com/show_bug.cgi?id=1242782 * https://bugzilla.suse.com/show_bug.cgi?id=1242785 * https://bugzilla.suse.com/show_bug.cgi?id=1242792 * https://bugzilla.suse.com/show_bug.cgi?id=1242837 * https://bugzilla.suse.com/show_bug.cgi?id=1242846 * https://bugzilla.suse.com/show_bug.cgi?id=1242849 * https://bugzilla.suse.com/show_bug.cgi?id=1242850 * https://bugzilla.suse.com/show_bug.cgi?id=1242871 * https://bugzilla.suse.com/show_bug.cgi?id=1242873 * https://bugzilla.suse.com/show_bug.cgi?id=1242906 * https://bugzilla.suse.com/show_bug.cgi?id=1242907 * https://bugzilla.suse.com/show_bug.cgi?id=1242908 * https://bugzilla.suse.com/show_bug.cgi?id=1242930 * https://bugzilla.suse.com/show_bug.cgi?id=1242940 * https://bugzilla.suse.com/show_bug.cgi?id=1242945 * https://bugzilla.suse.com/show_bug.cgi?id=1242946 * https://bugzilla.suse.com/show_bug.cgi?id=1242948 * https://bugzilla.suse.com/show_bug.cgi?id=1242949 * https://bugzilla.suse.com/show_bug.cgi?id=1242953 * https://bugzilla.suse.com/show_bug.cgi?id=1242954 * https://bugzilla.suse.com/show_bug.cgi?id=1242955 * https://bugzilla.suse.com/show_bug.cgi?id=1242957 * https://bugzilla.suse.com/show_bug.cgi?id=1242959 * https://bugzilla.suse.com/show_bug.cgi?id=1242960 * https://bugzilla.suse.com/show_bug.cgi?id=1242961 * https://bugzilla.suse.com/show_bug.cgi?id=1242965 * https://bugzilla.suse.com/show_bug.cgi?id=1242973 * https://bugzilla.suse.com/show_bug.cgi?id=1242974 * https://bugzilla.suse.com/show_bug.cgi?id=1242977 * https://bugzilla.suse.com/show_bug.cgi?id=1242982 * https://bugzilla.suse.com/show_bug.cgi?id=1242990 * https://bugzilla.suse.com/show_bug.cgi?id=1242993 * https://bugzilla.suse.com/show_bug.cgi?id=1243000 * https://bugzilla.suse.com/show_bug.cgi?id=1243006 * https://bugzilla.suse.com/show_bug.cgi?id=1243011 * https://bugzilla.suse.com/show_bug.cgi?id=1243015 * https://bugzilla.suse.com/show_bug.cgi?id=1243049 * https://bugzilla.suse.com/show_bug.cgi?id=1243051 * https://bugzilla.suse.com/show_bug.cgi?id=1243060 * https://bugzilla.suse.com/show_bug.cgi?id=1243068 * https://bugzilla.suse.com/show_bug.cgi?id=1243074 * https://bugzilla.suse.com/show_bug.cgi?id=1243076 * https://bugzilla.suse.com/show_bug.cgi?id=1243082 * https://bugzilla.suse.com/show_bug.cgi?id=1243100 * https://bugzilla.suse.com/show_bug.cgi?id=1243330 * https://bugzilla.suse.com/show_bug.cgi?id=1243342 * https://bugzilla.suse.com/show_bug.cgi?id=1243456 * https://bugzilla.suse.com/show_bug.cgi?id=1243467 * https://bugzilla.suse.com/show_bug.cgi?id=1243469 * https://bugzilla.suse.com/show_bug.cgi?id=1243470 * https://bugzilla.suse.com/show_bug.cgi?id=1243471 * https://bugzilla.suse.com/show_bug.cgi?id=1243472 * https://bugzilla.suse.com/show_bug.cgi?id=1243473 * https://bugzilla.suse.com/show_bug.cgi?id=1243475 * https://bugzilla.suse.com/show_bug.cgi?id=1243476 * https://bugzilla.suse.com/show_bug.cgi?id=1243479 * https://bugzilla.suse.com/show_bug.cgi?id=1243480 * https://bugzilla.suse.com/show_bug.cgi?id=1243506 * https://bugzilla.suse.com/show_bug.cgi?id=1243509 * https://bugzilla.suse.com/show_bug.cgi?id=1243511 * https://bugzilla.suse.com/show_bug.cgi?id=1243515 * https://bugzilla.suse.com/show_bug.cgi?id=1243516 * https://bugzilla.suse.com/show_bug.cgi?id=1243517 * https://bugzilla.suse.com/show_bug.cgi?id=1243522 * https://bugzilla.suse.com/show_bug.cgi?id=1243523 * https://bugzilla.suse.com/show_bug.cgi?id=1243524 * https://bugzilla.suse.com/show_bug.cgi?id=1243528 * https://bugzilla.suse.com/show_bug.cgi?id=1243529 * https://bugzilla.suse.com/show_bug.cgi?id=1243530 * https://bugzilla.suse.com/show_bug.cgi?id=1243534 * https://bugzilla.suse.com/show_bug.cgi?id=1243536 * https://bugzilla.suse.com/show_bug.cgi?id=1243537 * https://bugzilla.suse.com/show_bug.cgi?id=1243538 * https://bugzilla.suse.com/show_bug.cgi?id=1243540 * https://bugzilla.suse.com/show_bug.cgi?id=1243542 * https://bugzilla.suse.com/show_bug.cgi?id=1243543 * https://bugzilla.suse.com/show_bug.cgi?id=1243544 * https://bugzilla.suse.com/show_bug.cgi?id=1243545 * https://bugzilla.suse.com/show_bug.cgi?id=1243551 * https://bugzilla.suse.com/show_bug.cgi?id=1243559 * https://bugzilla.suse.com/show_bug.cgi?id=1243560 * https://bugzilla.suse.com/show_bug.cgi?id=1243562 * https://bugzilla.suse.com/show_bug.cgi?id=1243567 * https://bugzilla.suse.com/show_bug.cgi?id=1243571 * https://bugzilla.suse.com/show_bug.cgi?id=1243572 * https://bugzilla.suse.com/show_bug.cgi?id=1243573 * https://bugzilla.suse.com/show_bug.cgi?id=1243574 * https://bugzilla.suse.com/show_bug.cgi?id=1243575 * https://bugzilla.suse.com/show_bug.cgi?id=1243589 * https://bugzilla.suse.com/show_bug.cgi?id=1243620 * https://bugzilla.suse.com/show_bug.cgi?id=1243621 * https://bugzilla.suse.com/show_bug.cgi?id=1243624 * https://bugzilla.suse.com/show_bug.cgi?id=1243625 * https://bugzilla.suse.com/show_bug.cgi?id=1243626 * https://bugzilla.suse.com/show_bug.cgi?id=1243627 * https://bugzilla.suse.com/show_bug.cgi?id=1243628 * https://bugzilla.suse.com/show_bug.cgi?id=1243649 * https://bugzilla.suse.com/show_bug.cgi?id=1243659 * https://bugzilla.suse.com/show_bug.cgi?id=1243660 * https://bugzilla.suse.com/show_bug.cgi?id=1243664 * https://bugzilla.suse.com/show_bug.cgi?id=1243669 * https://bugzilla.suse.com/show_bug.cgi?id=1243698 * https://bugzilla.suse.com/show_bug.cgi?id=1243774 * https://bugzilla.suse.com/show_bug.cgi?id=1243782 * https://bugzilla.suse.com/show_bug.cgi?id=1243806 * https://bugzilla.suse.com/show_bug.cgi?id=1243823 * https://bugzilla.suse.com/show_bug.cgi?id=1243827 * https://bugzilla.suse.com/show_bug.cgi?id=1243832 * https://bugzilla.suse.com/show_bug.cgi?id=1243836 * https://bugzilla.suse.com/show_bug.cgi?id=1243847 * https://bugzilla.suse.com/show_bug.cgi?id=1244100 * https://bugzilla.suse.com/show_bug.cgi?id=1244145 * https://bugzilla.suse.com/show_bug.cgi?id=1244172 * https://bugzilla.suse.com/show_bug.cgi?id=1244176 * https://bugzilla.suse.com/show_bug.cgi?id=1244229 * https://bugzilla.suse.com/show_bug.cgi?id=1244234 * https://bugzilla.suse.com/show_bug.cgi?id=1244241 * https://bugzilla.suse.com/show_bug.cgi?id=1244261 * https://bugzilla.suse.com/show_bug.cgi?id=1244274 * https://bugzilla.suse.com/show_bug.cgi?id=1244275 * https://bugzilla.suse.com/show_bug.cgi?id=1244277 * https://bugzilla.suse.com/show_bug.cgi?id=1244309 * https://bugzilla.suse.com/show_bug.cgi?id=1244313 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1244457 * https://bugzilla.suse.com/show_bug.cgi?id=1244626 * https://bugzilla.suse.com/show_bug.cgi?id=1244725 * https://bugzilla.suse.com/show_bug.cgi?id=1244727 * https://bugzilla.suse.com/show_bug.cgi?id=1244729 * https://bugzilla.suse.com/show_bug.cgi?id=1244731 * https://bugzilla.suse.com/show_bug.cgi?id=1244732 * https://bugzilla.suse.com/show_bug.cgi?id=1244735 * https://bugzilla.suse.com/show_bug.cgi?id=1244736 * https://bugzilla.suse.com/show_bug.cgi?id=1244737 * https://bugzilla.suse.com/show_bug.cgi?id=1244738 * https://bugzilla.suse.com/show_bug.cgi?id=1244739 * https://bugzilla.suse.com/show_bug.cgi?id=1244743 * https://bugzilla.suse.com/show_bug.cgi?id=1244746 * https://bugzilla.suse.com/show_bug.cgi?id=1244749 * https://bugzilla.suse.com/show_bug.cgi?id=1244750 * https://bugzilla.suse.com/show_bug.cgi?id=1244759 * https://bugzilla.suse.com/show_bug.cgi?id=1244789 * https://bugzilla.suse.com/show_bug.cgi?id=1244792 * https://bugzilla.suse.com/show_bug.cgi?id=1244801 * https://bugzilla.suse.com/show_bug.cgi?id=1244862 * https://bugzilla.suse.com/show_bug.cgi?id=1244906 * https://bugzilla.suse.com/show_bug.cgi?id=1244938 * https://bugzilla.suse.com/show_bug.cgi?id=1244995 * https://bugzilla.suse.com/show_bug.cgi?id=1244996 * https://bugzilla.suse.com/show_bug.cgi?id=1244999 * https://bugzilla.suse.com/show_bug.cgi?id=1245001 * https://bugzilla.suse.com/show_bug.cgi?id=1245003 * https://bugzilla.suse.com/show_bug.cgi?id=1245004 * https://bugzilla.suse.com/show_bug.cgi?id=1245025 * https://bugzilla.suse.com/show_bug.cgi?id=1245042 * https://bugzilla.suse.com/show_bug.cgi?id=1245046 * https://bugzilla.suse.com/show_bug.cgi?id=1245078 * https://bugzilla.suse.com/show_bug.cgi?id=1245081 * https://bugzilla.suse.com/show_bug.cgi?id=1245082 * https://bugzilla.suse.com/show_bug.cgi?id=1245083 * https://bugzilla.suse.com/show_bug.cgi?id=1245151 * https://bugzilla.suse.com/show_bug.cgi?id=1245155 * https://bugzilla.suse.com/show_bug.cgi?id=1245183 * https://bugzilla.suse.com/show_bug.cgi?id=1245193 * https://bugzilla.suse.com/show_bug.cgi?id=1245201 * https://bugzilla.suse.com/show_bug.cgi?id=1245202 * https://bugzilla.suse.com/show_bug.cgi?id=1245210 * https://bugzilla.suse.com/show_bug.cgi?id=1245216 * https://bugzilla.suse.com/show_bug.cgi?id=1245217 * https://bugzilla.suse.com/show_bug.cgi?id=1245225 * https://bugzilla.suse.com/show_bug.cgi?id=1245226 * https://bugzilla.suse.com/show_bug.cgi?id=1245228 * https://bugzilla.suse.com/show_bug.cgi?id=1245260 * https://bugzilla.suse.com/show_bug.cgi?id=1245431 * https://bugzilla.suse.com/show_bug.cgi?id=1245440 * https://bugzilla.suse.com/show_bug.cgi?id=1245455 * https://bugzilla.suse.com/show_bug.cgi?id=1245457 * https://bugzilla.suse.com/show_bug.cgi?id=1245498 * https://bugzilla.suse.com/show_bug.cgi?id=1245499 * https://bugzilla.suse.com/show_bug.cgi?id=1245504 * https://bugzilla.suse.com/show_bug.cgi?id=1245506 * https://bugzilla.suse.com/show_bug.cgi?id=1245508 * https://bugzilla.suse.com/show_bug.cgi?id=1245510 * https://bugzilla.suse.com/show_bug.cgi?id=1245540 * https://bugzilla.suse.com/show_bug.cgi?id=1245598 * https://bugzilla.suse.com/show_bug.cgi?id=1245599 * https://bugzilla.suse.com/show_bug.cgi?id=1245646 * https://bugzilla.suse.com/show_bug.cgi?id=1245647 * https://bugzilla.suse.com/show_bug.cgi?id=1245649 * https://bugzilla.suse.com/show_bug.cgi?id=1245650 * https://bugzilla.suse.com/show_bug.cgi?id=1245654 * https://bugzilla.suse.com/show_bug.cgi?id=1245658 * https://bugzilla.suse.com/show_bug.cgi?id=1245660 * https://bugzilla.suse.com/show_bug.cgi?id=1245665 * https://bugzilla.suse.com/show_bug.cgi?id=1245666 * https://bugzilla.suse.com/show_bug.cgi?id=1245668 * https://bugzilla.suse.com/show_bug.cgi?id=1245669 * https://bugzilla.suse.com/show_bug.cgi?id=1245670 * https://bugzilla.suse.com/show_bug.cgi?id=1245671 * https://bugzilla.suse.com/show_bug.cgi?id=1245675 * https://bugzilla.suse.com/show_bug.cgi?id=1245676 * https://bugzilla.suse.com/show_bug.cgi?id=1245677 * https://bugzilla.suse.com/show_bug.cgi?id=1245679 * https://bugzilla.suse.com/show_bug.cgi?id=1245682 * https://bugzilla.suse.com/show_bug.cgi?id=1245683 * https://bugzilla.suse.com/show_bug.cgi?id=1245684 * https://bugzilla.suse.com/show_bug.cgi?id=1245688 * https://bugzilla.suse.com/show_bug.cgi?id=1245689 * https://bugzilla.suse.com/show_bug.cgi?id=1245690 * https://bugzilla.suse.com/show_bug.cgi?id=1245691 * https://bugzilla.suse.com/show_bug.cgi?id=1245695 * https://bugzilla.suse.com/show_bug.cgi?id=1245705 * https://bugzilla.suse.com/show_bug.cgi?id=1245708 * https://bugzilla.suse.com/show_bug.cgi?id=1245711 * https://bugzilla.suse.com/show_bug.cgi?id=1245713 * https://bugzilla.suse.com/show_bug.cgi?id=1245714 * https://bugzilla.suse.com/show_bug.cgi?id=1245719 * https://bugzilla.suse.com/show_bug.cgi?id=1245723 * https://bugzilla.suse.com/show_bug.cgi?id=1245729 * https://bugzilla.suse.com/show_bug.cgi?id=1245730 * https://bugzilla.suse.com/show_bug.cgi?id=1245731 * https://bugzilla.suse.com/show_bug.cgi?id=1245735 * https://bugzilla.suse.com/show_bug.cgi?id=1245737 * https://bugzilla.suse.com/show_bug.cgi?id=1245744 * https://bugzilla.suse.com/show_bug.cgi?id=1245745 * https://bugzilla.suse.com/show_bug.cgi?id=1245746 * https://bugzilla.suse.com/show_bug.cgi?id=1245747 * https://bugzilla.suse.com/show_bug.cgi?id=1245748 * https://bugzilla.suse.com/show_bug.cgi?id=1245749 * https://bugzilla.suse.com/show_bug.cgi?id=1245750 * https://bugzilla.suse.com/show_bug.cgi?id=1245751 * https://bugzilla.suse.com/show_bug.cgi?id=1245752 * https://bugzilla.suse.com/show_bug.cgi?id=1245757 * https://bugzilla.suse.com/show_bug.cgi?id=1245758 * https://bugzilla.suse.com/show_bug.cgi?id=1245765 * https://bugzilla.suse.com/show_bug.cgi?id=1245768 * https://bugzilla.suse.com/show_bug.cgi?id=1245769 * https://bugzilla.suse.com/show_bug.cgi?id=1245777 * https://bugzilla.suse.com/show_bug.cgi?id=1245781 * https://bugzilla.suse.com/show_bug.cgi?id=1245789 * https://bugzilla.suse.com/show_bug.cgi?id=1245937 * https://bugzilla.suse.com/show_bug.cgi?id=1245945 * https://bugzilla.suse.com/show_bug.cgi?id=1245951 * https://bugzilla.suse.com/show_bug.cgi?id=1245952 * https://bugzilla.suse.com/show_bug.cgi?id=1245954 * https://bugzilla.suse.com/show_bug.cgi?id=1245957 * https://bugzilla.suse.com/show_bug.cgi?id=1245966 * https://bugzilla.suse.com/show_bug.cgi?id=1245970 * https://bugzilla.suse.com/show_bug.cgi?id=1245976 * https://bugzilla.suse.com/show_bug.cgi?id=1245980 * https://bugzilla.suse.com/show_bug.cgi?id=1245983 * https://bugzilla.suse.com/show_bug.cgi?id=1245986 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246002 * https://bugzilla.suse.com/show_bug.cgi?id=1246006 * https://bugzilla.suse.com/show_bug.cgi?id=1246008 * https://bugzilla.suse.com/show_bug.cgi?id=1246020 * https://bugzilla.suse.com/show_bug.cgi?id=1246023 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246031 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246041 * https://bugzilla.suse.com/show_bug.cgi?id=1246042 * https://bugzilla.suse.com/show_bug.cgi?id=1246044 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246047 * https://bugzilla.suse.com/show_bug.cgi?id=1246049 * https://bugzilla.suse.com/show_bug.cgi?id=1246050 * https://bugzilla.suse.com/show_bug.cgi?id=1246055 * https://bugzilla.suse.com/show_bug.cgi?id=1246073 * https://bugzilla.suse.com/show_bug.cgi?id=1246093 * https://bugzilla.suse.com/show_bug.cgi?id=1246098 * https://bugzilla.suse.com/show_bug.cgi?id=1246109 * https://bugzilla.suse.com/show_bug.cgi?id=1246122 * https://bugzilla.suse.com/show_bug.cgi?id=1246125 * https://bugzilla.suse.com/show_bug.cgi?id=1246171 * https://bugzilla.suse.com/show_bug.cgi?id=1246173 * https://bugzilla.suse.com/show_bug.cgi?id=1246178 * https://bugzilla.suse.com/show_bug.cgi?id=1246182 * https://bugzilla.suse.com/show_bug.cgi?id=1246183 * https://bugzilla.suse.com/show_bug.cgi?id=1246186 * https://bugzilla.suse.com/show_bug.cgi?id=1246195 * https://bugzilla.suse.com/show_bug.cgi?id=1246203 * https://bugzilla.suse.com/show_bug.cgi?id=1246212 * https://bugzilla.suse.com/show_bug.cgi?id=1246220 * https://bugzilla.suse.com/show_bug.cgi?id=1246236 * https://bugzilla.suse.com/show_bug.cgi?id=1246240 * https://bugzilla.suse.com/show_bug.cgi?id=1246243 * https://bugzilla.suse.com/show_bug.cgi?id=1246246 * https://bugzilla.suse.com/show_bug.cgi?id=1246249 * https://bugzilla.suse.com/show_bug.cgi?id=1246250 * https://bugzilla.suse.com/show_bug.cgi?id=1246253 * https://bugzilla.suse.com/show_bug.cgi?id=1246258 * https://bugzilla.suse.com/show_bug.cgi?id=1246262 * https://bugzilla.suse.com/show_bug.cgi?id=1246264 * https://bugzilla.suse.com/show_bug.cgi?id=1246266 * https://bugzilla.suse.com/show_bug.cgi?id=1246268 * https://bugzilla.suse.com/show_bug.cgi?id=1246273 * https://bugzilla.suse.com/show_bug.cgi?id=1246283 * https://bugzilla.suse.com/show_bug.cgi?id=1246287 * https://bugzilla.suse.com/show_bug.cgi?id=1246292 * https://bugzilla.suse.com/show_bug.cgi?id=1246293 * https://bugzilla.suse.com/show_bug.cgi?id=1246295 * https://bugzilla.suse.com/show_bug.cgi?id=1246334 * https://bugzilla.suse.com/show_bug.cgi?id=1246337 * https://bugzilla.suse.com/show_bug.cgi?id=1246342 * https://bugzilla.suse.com/show_bug.cgi?id=1246349 * https://bugzilla.suse.com/show_bug.cgi?id=1246354 * https://bugzilla.suse.com/show_bug.cgi?id=1246358 * https://bugzilla.suse.com/show_bug.cgi?id=1246361 * https://bugzilla.suse.com/show_bug.cgi?id=1246364 * https://bugzilla.suse.com/show_bug.cgi?id=1246370 * https://bugzilla.suse.com/show_bug.cgi?id=1246375 * https://bugzilla.suse.com/show_bug.cgi?id=1246384 * https://bugzilla.suse.com/show_bug.cgi?id=1246386 * https://bugzilla.suse.com/show_bug.cgi?id=1246387 * https://bugzilla.suse.com/show_bug.cgi?id=1246438 * https://bugzilla.suse.com/show_bug.cgi?id=1246453 * https://bugzilla.suse.com/show_bug.cgi?id=1246473 * https://bugzilla.suse.com/show_bug.cgi?id=1246490 * https://bugzilla.suse.com/show_bug.cgi?id=1246506 * https://bugzilla.suse.com/show_bug.cgi?id=1246547 * https://bugzilla.suse.com/show_bug.cgi?id=1246777 * https://bugzilla.suse.com/show_bug.cgi?id=1246781 * https://bugzilla.suse.com/show_bug.cgi?id=1246870 * https://bugzilla.suse.com/show_bug.cgi?id=1246879 * https://bugzilla.suse.com/show_bug.cgi?id=1246911 * https://bugzilla.suse.com/show_bug.cgi?id=1247018 * https://bugzilla.suse.com/show_bug.cgi?id=1247023 * https://bugzilla.suse.com/show_bug.cgi?id=1247028 * https://bugzilla.suse.com/show_bug.cgi?id=1247031 * https://bugzilla.suse.com/show_bug.cgi?id=1247033 * https://bugzilla.suse.com/show_bug.cgi?id=1247035 * https://bugzilla.suse.com/show_bug.cgi?id=1247061 * https://bugzilla.suse.com/show_bug.cgi?id=1247089 * https://bugzilla.suse.com/show_bug.cgi?id=1247091 * https://bugzilla.suse.com/show_bug.cgi?id=1247097 * https://bugzilla.suse.com/show_bug.cgi?id=1247098 * https://bugzilla.suse.com/show_bug.cgi?id=1247101 * https://bugzilla.suse.com/show_bug.cgi?id=1247103 * https://bugzilla.suse.com/show_bug.cgi?id=1247104 * https://bugzilla.suse.com/show_bug.cgi?id=1247113 * https://bugzilla.suse.com/show_bug.cgi?id=1247118 * https://bugzilla.suse.com/show_bug.cgi?id=1247123 * https://bugzilla.suse.com/show_bug.cgi?id=1247125 * https://bugzilla.suse.com/show_bug.cgi?id=1247128 * https://bugzilla.suse.com/show_bug.cgi?id=1247132 * https://bugzilla.suse.com/show_bug.cgi?id=1247138 * https://bugzilla.suse.com/show_bug.cgi?id=1247141 * https://bugzilla.suse.com/show_bug.cgi?id=1247143 * https://bugzilla.suse.com/show_bug.cgi?id=1247145 * https://bugzilla.suse.com/show_bug.cgi?id=1247146 * https://bugzilla.suse.com/show_bug.cgi?id=1247147 * https://bugzilla.suse.com/show_bug.cgi?id=1247149 * https://bugzilla.suse.com/show_bug.cgi?id=1247150 * https://bugzilla.suse.com/show_bug.cgi?id=1247151 * https://bugzilla.suse.com/show_bug.cgi?id=1247153 * https://bugzilla.suse.com/show_bug.cgi?id=1247154 * https://bugzilla.suse.com/show_bug.cgi?id=1247156 * https://bugzilla.suse.com/show_bug.cgi?id=1247160 * https://bugzilla.suse.com/show_bug.cgi?id=1247164 * https://bugzilla.suse.com/show_bug.cgi?id=1247169 * https://bugzilla.suse.com/show_bug.cgi?id=1247170 * https://bugzilla.suse.com/show_bug.cgi?id=1247171 * https://bugzilla.suse.com/show_bug.cgi?id=1247172 * https://bugzilla.suse.com/show_bug.cgi?id=1247174 * https://bugzilla.suse.com/show_bug.cgi?id=1247176 * https://bugzilla.suse.com/show_bug.cgi?id=1247177 * https://bugzilla.suse.com/show_bug.cgi?id=1247178 * https://bugzilla.suse.com/show_bug.cgi?id=1247181 * https://bugzilla.suse.com/show_bug.cgi?id=1247209 * https://bugzilla.suse.com/show_bug.cgi?id=1247210 * https://bugzilla.suse.com/show_bug.cgi?id=1247227 * https://bugzilla.suse.com/show_bug.cgi?id=1247233 * https://bugzilla.suse.com/show_bug.cgi?id=1247236 * https://bugzilla.suse.com/show_bug.cgi?id=1247238 * https://bugzilla.suse.com/show_bug.cgi?id=1247241 * https://bugzilla.suse.com/show_bug.cgi?id=1247243 * https://bugzilla.suse.com/show_bug.cgi?id=1247251 * https://bugzilla.suse.com/show_bug.cgi?id=1247252 * https://bugzilla.suse.com/show_bug.cgi?id=1247253 * https://bugzilla.suse.com/show_bug.cgi?id=1247255 * https://bugzilla.suse.com/show_bug.cgi?id=1247271 * https://bugzilla.suse.com/show_bug.cgi?id=1247273 * https://bugzilla.suse.com/show_bug.cgi?id=1247274 * https://bugzilla.suse.com/show_bug.cgi?id=1247276 * https://bugzilla.suse.com/show_bug.cgi?id=1247277 * https://bugzilla.suse.com/show_bug.cgi?id=1247278 * https://bugzilla.suse.com/show_bug.cgi?id=1247279 * https://bugzilla.suse.com/show_bug.cgi?id=1247284 * https://bugzilla.suse.com/show_bug.cgi?id=1247285 * https://bugzilla.suse.com/show_bug.cgi?id=1247288 * https://bugzilla.suse.com/show_bug.cgi?id=1247289 * https://bugzilla.suse.com/show_bug.cgi?id=1247293 * https://bugzilla.suse.com/show_bug.cgi?id=1247311 * https://bugzilla.suse.com/show_bug.cgi?id=1247314 * https://bugzilla.suse.com/show_bug.cgi?id=1247317 * https://bugzilla.suse.com/show_bug.cgi?id=1247347 * https://bugzilla.suse.com/show_bug.cgi?id=1247348 * https://bugzilla.suse.com/show_bug.cgi?id=1247349 * https://bugzilla.suse.com/show_bug.cgi?id=1247374 * https://bugzilla.suse.com/show_bug.cgi?id=1247437 * https://bugzilla.suse.com/show_bug.cgi?id=1247450 * https://bugzilla.suse.com/show_bug.cgi?id=1247712 * https://jira.suse.com/browse/PED-10253 * https://jira.suse.com/browse/PED-12551 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 20 12:30:24 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 20 Aug 2025 12:30:24 -0000 Subject: SUSE-SU-2025:02926-1: important: Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP6) Message-ID: <175569302448.17159.14903052749206754458@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02926-1 Release Date: 2025-08-20T10:36:25Z Rating: important References: * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_50 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2929=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-2926=1 SUSE-SLE-Module-Live- Patching-15-SP6-2025-2928=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2929=1 SUSE-2025-2928=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_26-rt-5-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_8-debugsource-5-150600.2.1 * kernel-livepatch-6_4_0-150600_10_26-rt-debuginfo-5-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_50-default-3-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_11-debugsource-3-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_9-debugsource-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_42-default-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_42-default-debuginfo-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_50-default-debuginfo-3-150600.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_50-default-3-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_11-debugsource-3-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_9-debugsource-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_42-default-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_42-default-debuginfo-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_50-default-debuginfo-3-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 20 12:30:34 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 20 Aug 2025 12:30:34 -0000 Subject: SUSE-SU-2025:02718-2: moderate: Security update for libarchive Message-ID: <175569303450.17159.7932980397952681393@smelt2.prg2.suse.org> # Security update for libarchive Announcement ID: SUSE-SU-2025:02718-2 Release Date: 2025-08-20T09:47:03Z Rating: moderate References: * bsc#1244270 * bsc#1244272 * bsc#1244273 * bsc#1244279 * bsc#1244336 Cross-References: * CVE-2025-5914 * CVE-2025-5915 * CVE-2025-5916 * CVE-2025-5917 * CVE-2025-5918 CVSS scores: * CVE-2025-5914 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-5914 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-5914 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-5914 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-5915 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-5915 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5915 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5915 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H * CVE-2025-5916 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-5916 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5916 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5916 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H * CVE-2025-5917 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-5917 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2025-5917 ( NVD ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2025-5917 ( NVD ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2025-5918 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-5918 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5918 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5918 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS An update that solves five vulnerabilities can now be installed. ## Description: This update for libarchive fixes the following issues: * CVE-2025-5914: Fixed double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272) * CVE-2025-5915: Fixed heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c (bsc#1244273) * CVE-2025-5916: Fixed integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270) * CVE-2025-5917: Fixed off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c (bsc#1244336) * CVE-2025-5918: Fixed reading past EOF may be triggered for piped file streams (bsc#1244279) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2718=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2718=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2718=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-2718=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-2718=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-2718=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2718=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2718=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2718=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2718=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2718=1 ## Package List: * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libarchive13-3.5.1-150400.3.21.1 * bsdtar-3.5.1-150400.3.21.1 * libarchive13-debuginfo-3.5.1-150400.3.21.1 * bsdtar-debuginfo-3.5.1-150400.3.21.1 * libarchive-devel-3.5.1-150400.3.21.1 * libarchive-debugsource-3.5.1-150400.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libarchive13-3.5.1-150400.3.21.1 * bsdtar-3.5.1-150400.3.21.1 * libarchive13-debuginfo-3.5.1-150400.3.21.1 * bsdtar-debuginfo-3.5.1-150400.3.21.1 * libarchive-devel-3.5.1-150400.3.21.1 * libarchive-debugsource-3.5.1-150400.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libarchive13-3.5.1-150400.3.21.1 * bsdtar-3.5.1-150400.3.21.1 * libarchive13-debuginfo-3.5.1-150400.3.21.1 * bsdtar-debuginfo-3.5.1-150400.3.21.1 * libarchive-devel-3.5.1-150400.3.21.1 * libarchive-debugsource-3.5.1-150400.3.21.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * libarchive-debugsource-3.5.1-150400.3.21.1 * libarchive13-debuginfo-3.5.1-150400.3.21.1 * libarchive-devel-3.5.1-150400.3.21.1 * libarchive13-3.5.1-150400.3.21.1 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * libarchive-debugsource-3.5.1-150400.3.21.1 * libarchive13-debuginfo-3.5.1-150400.3.21.1 * libarchive-devel-3.5.1-150400.3.21.1 * libarchive13-3.5.1-150400.3.21.1 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * libarchive-debugsource-3.5.1-150400.3.21.1 * libarchive13-debuginfo-3.5.1-150400.3.21.1 * libarchive-devel-3.5.1-150400.3.21.1 * libarchive13-3.5.1-150400.3.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libarchive13-3.5.1-150400.3.21.1 * bsdtar-3.5.1-150400.3.21.1 * libarchive13-debuginfo-3.5.1-150400.3.21.1 * bsdtar-debuginfo-3.5.1-150400.3.21.1 * libarchive-devel-3.5.1-150400.3.21.1 * libarchive-debugsource-3.5.1-150400.3.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libarchive13-3.5.1-150400.3.21.1 * bsdtar-3.5.1-150400.3.21.1 * libarchive13-debuginfo-3.5.1-150400.3.21.1 * bsdtar-debuginfo-3.5.1-150400.3.21.1 * libarchive-devel-3.5.1-150400.3.21.1 * libarchive-debugsource-3.5.1-150400.3.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libarchive13-3.5.1-150400.3.21.1 * bsdtar-3.5.1-150400.3.21.1 * libarchive13-debuginfo-3.5.1-150400.3.21.1 * bsdtar-debuginfo-3.5.1-150400.3.21.1 * libarchive-devel-3.5.1-150400.3.21.1 * libarchive-debugsource-3.5.1-150400.3.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libarchive13-3.5.1-150400.3.21.1 * bsdtar-3.5.1-150400.3.21.1 * libarchive13-debuginfo-3.5.1-150400.3.21.1 * bsdtar-debuginfo-3.5.1-150400.3.21.1 * libarchive-devel-3.5.1-150400.3.21.1 * libarchive-debugsource-3.5.1-150400.3.21.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libarchive13-3.5.1-150400.3.21.1 * bsdtar-3.5.1-150400.3.21.1 * libarchive13-debuginfo-3.5.1-150400.3.21.1 * bsdtar-debuginfo-3.5.1-150400.3.21.1 * libarchive-devel-3.5.1-150400.3.21.1 * libarchive-debugsource-3.5.1-150400.3.21.1 ## References: * https://www.suse.com/security/cve/CVE-2025-5914.html * https://www.suse.com/security/cve/CVE-2025-5915.html * https://www.suse.com/security/cve/CVE-2025-5916.html * https://www.suse.com/security/cve/CVE-2025-5917.html * https://www.suse.com/security/cve/CVE-2025-5918.html * https://bugzilla.suse.com/show_bug.cgi?id=1244270 * https://bugzilla.suse.com/show_bug.cgi?id=1244272 * https://bugzilla.suse.com/show_bug.cgi?id=1244273 * https://bugzilla.suse.com/show_bug.cgi?id=1244279 * https://bugzilla.suse.com/show_bug.cgi?id=1244336 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 20 16:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 20 Aug 2025 16:30:09 -0000 Subject: SUSE-SU-2025:02930-1: important: Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3) Message-ID: <175570740958.8838.6912551575463281397@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:02930-1 Release Date: 2025-08-20T12:03:43Z Rating: important References: * bsc#1244631 * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2024-36978 * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2024-36978 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36978 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_179 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1244631). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2930=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2930=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-14-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_49-debugsource-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_179-default-14-150300.2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-14-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_49-debugsource-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_179-default-14-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_179-preempt-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_179-preempt-debuginfo-14-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1244631 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 20 20:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 20 Aug 2025 20:30:07 -0000 Subject: SUSE-SU-2025:02932-1: important: Security update for the Linux Kernel (Live Patch 55 for SLE 15 SP3) Message-ID: <175572180781.10542.3458260692144348527@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 55 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:02932-1 Release Date: 2025-08-20T18:03:36Z Rating: important References: * bsc#1244631 * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2024-36978 * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2024-36978 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36978 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_198 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1244631). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2932=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2932=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_55-debugsource-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_198-default-debuginfo-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_198-default-6-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_198-preempt-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_198-preempt-debuginfo-6-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_198-default-6-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1244631 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 21 08:30:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 21 Aug 2025 08:30:14 -0000 Subject: SUSE-SU-2025:02934-1: important: Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP6) Message-ID: <175576501418.8868.12894242318798730250@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02934-1 Release Date: 2025-08-20T21:33:53Z Rating: important References: * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_47 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2934=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2934=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_47-default-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_47-default-debuginfo-4-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_10-debugsource-4-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_47-default-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_47-default-debuginfo-4-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_10-debugsource-4-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 21 08:30:18 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 21 Aug 2025 08:30:18 -0000 Subject: SUSE-SU-2025:02933-1: important: Security update for the Linux Kernel (Live Patch 59 for SLE 15 SP3) Message-ID: <175576501837.8868.8349553377191738293@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 59 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:02933-1 Release Date: 2025-08-20T20:03:42Z Rating: important References: * bsc#1245218 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38079 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_211 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2933=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2933=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_59-debugsource-3-150300.2.1 * kernel-livepatch-5_3_18-150300_59_211-default-debuginfo-3-150300.2.1 * kernel-livepatch-5_3_18-150300_59_211-default-3-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_211-preempt-debuginfo-3-150300.2.1 * kernel-livepatch-5_3_18-150300_59_211-preempt-3-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_59-debugsource-3-150300.2.1 * kernel-livepatch-5_3_18-150300_59_211-default-debuginfo-3-150300.2.1 * kernel-livepatch-5_3_18-150300_59_211-default-3-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 21 12:30:23 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 21 Aug 2025 12:30:23 -0000 Subject: SUSE-SU-2025:02945-1: important: Security update for the Linux Kernel (Live Patch 51 for SLE 15 SP3) Message-ID: <175577942303.26916.5444690570627435267@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 51 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:02945-1 Release Date: 2025-08-21T11:33:43Z Rating: important References: * bsc#1244631 * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2024-36978 * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2024-36978 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36978 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_185 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1244631). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2945=1 SUSE-2025-2946=1 SUSE-2025-2947=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2945=1 SUSE-SLE- Module-Live-Patching-15-SP3-2025-2946=1 SUSE-SLE-Module-Live- Patching-15-SP3-2025-2947=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-16-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_50-debugsource-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_185-default-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_182-default-debuginfo-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_185-default-debuginfo-10-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_51-debugsource-10-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_47-debugsource-16-150300.2.1 * kernel-livepatch-5_3_18-150300_59_182-default-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-default-16-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_185-preempt-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_182-preempt-debuginfo-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_182-preempt-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-preempt-16-150300.2.1 * kernel-livepatch-5_3_18-150300_59_185-preempt-debuginfo-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo-16-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-16-150300.2.1 * kernel-livepatch-5_3_18-150300_59_185-default-10-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_47-debugsource-16-150300.2.1 * kernel-livepatch-5_3_18-150300_59_182-default-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-default-16-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1244631 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 21 12:30:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 21 Aug 2025 12:30:28 -0000 Subject: SUSE-SU-2025:02944-1: important: Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP7) Message-ID: <175577942891.26916.10674460408116583931@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP7) Announcement ID: SUSE-SU-2025:02944-1 Release Date: 2025-08-21T09:33:44Z Rating: important References: * bsc#1244337 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150700_53_6 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2025-2944=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150700_53_6-default-debuginfo-2-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_2-debugsource-2-150700.2.1 * kernel-livepatch-6_4_0-150700_53_6-default-2-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 21 12:30:34 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 21 Aug 2025 12:30:34 -0000 Subject: SUSE-SU-2025:02943-1: important: Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP7) Message-ID: <175577943414.26916.15841628723202439752@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP7) Announcement ID: SUSE-SU-2025:02943-1 Release Date: 2025-08-21T09:33:38Z Rating: important References: * bsc#1244337 * bsc#1245350 * bsc#1245776 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-37752 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150700_53_3 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2025-2943=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150700_53_3-default-2-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_1-debugsource-2-150700.2.1 * kernel-livepatch-6_4_0-150700_53_3-default-debuginfo-2-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 21 12:30:41 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 21 Aug 2025 12:30:41 -0000 Subject: SUSE-SU-2025:02942-1: important: Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP7) Message-ID: <175577944175.26916.15946583235524719986@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP7) Announcement ID: SUSE-SU-2025:02942-1 Release Date: 2025-08-21T09:33:32Z Rating: important References: * bsc#1244337 * bsc#1245218 * bsc#1245350 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves seven vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150700_51 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776). * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2025-2942=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150700_51-default-debuginfo-2-150700.3.3.2 * kernel-livepatch-SLE15-SP7_Update_0-debugsource-2-150700.3.3.2 * kernel-livepatch-6_4_0-150700_51-default-2-150700.3.3.2 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 21 12:30:46 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 21 Aug 2025 12:30:46 -0000 Subject: SUSE-SU-2025:02938-1: important: Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP6) Message-ID: <175577944647.26916.14374110376323840032@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02938-1 Release Date: 2025-08-21T09:04:12Z Rating: important References: * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_53 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2938=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2938=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_53-default-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_53-default-debuginfo-3-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_12-debugsource-3-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_53-default-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_53-default-debuginfo-3-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_12-debugsource-3-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 21 12:30:53 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 21 Aug 2025 12:30:53 -0000 Subject: SUSE-SU-2025:02937-1: important: Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP6) Message-ID: <175577945303.26916.17559734924132894944@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:02937-1 Release Date: 2025-08-21T09:04:04Z Rating: important References: * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_30 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2937=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2937=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_30-default-debuginfo-10-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_6-debugsource-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_30-default-10-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_30-default-debuginfo-10-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_6-debugsource-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_30-default-10-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 21 12:30:57 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 21 Aug 2025 12:30:57 -0000 Subject: SUSE-SU-2025:02936-1: important: Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP4) Message-ID: <175577945780.26916.2594941630788944064@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:02936-1 Release Date: 2025-08-21T09:03:55Z Rating: important References: * bsc#1232927 * bsc#1245218 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2025-38079 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_170 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-2936=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2936=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_42-debugsource-2-150400.2.1 * kernel-livepatch-5_14_21-150400_24_170-default-2-150400.2.1 * kernel-livepatch-5_14_21-150400_24_170-default-debuginfo-2-150400.2.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_42-debugsource-2-150400.2.1 * kernel-livepatch-5_14_21-150400_24_170-default-2-150400.2.1 * kernel-livepatch-5_14_21-150400_24_170-default-debuginfo-2-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1232927 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 21 12:31:01 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 21 Aug 2025 12:31:01 -0000 Subject: SUSE-SU-2025:02948-1: moderate: Security update for python310 Message-ID: <175577946140.26916.14208859374106596605@smelt2.prg2.suse.org> # Security update for python310 Announcement ID: SUSE-SU-2025:02948-1 Release Date: 2025-08-21T11:47:52Z Rating: moderate References: * bsc#1247249 Cross-References: * CVE-2025-8194 CVSS scores: * CVE-2025-8194 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-8194 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-8194 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for python310 fixes the following issues: * CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets (bsc#1247249). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2948=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2948=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libpython3_10-1_0-debuginfo-3.10.18-150400.4.88.1 * python310-3.10.18-150400.4.88.1 * python310-debuginfo-3.10.18-150400.4.88.1 * python310-core-debugsource-3.10.18-150400.4.88.1 * python310-dbm-3.10.18-150400.4.88.1 * python310-idle-3.10.18-150400.4.88.1 * python310-curses-3.10.18-150400.4.88.1 * python310-base-3.10.18-150400.4.88.1 * python310-testsuite-debuginfo-3.10.18-150400.4.88.1 * python310-curses-debuginfo-3.10.18-150400.4.88.1 * python310-dbm-debuginfo-3.10.18-150400.4.88.1 * python310-tools-3.10.18-150400.4.88.1 * python310-doc-devhelp-3.10.18-150400.4.88.1 * python310-testsuite-3.10.18-150400.4.88.1 * python310-tk-3.10.18-150400.4.88.1 * python310-tk-debuginfo-3.10.18-150400.4.88.1 * python310-devel-3.10.18-150400.4.88.1 * python310-debugsource-3.10.18-150400.4.88.1 * python310-doc-3.10.18-150400.4.88.1 * libpython3_10-1_0-3.10.18-150400.4.88.1 * python310-base-debuginfo-3.10.18-150400.4.88.1 * openSUSE Leap 15.4 (x86_64) * libpython3_10-1_0-32bit-3.10.18-150400.4.88.1 * python310-32bit-3.10.18-150400.4.88.1 * python310-32bit-debuginfo-3.10.18-150400.4.88.1 * python310-base-32bit-3.10.18-150400.4.88.1 * libpython3_10-1_0-32bit-debuginfo-3.10.18-150400.4.88.1 * python310-base-32bit-debuginfo-3.10.18-150400.4.88.1 * openSUSE Leap 15.4 (aarch64_ilp32) * python310-64bit-debuginfo-3.10.18-150400.4.88.1 * python310-64bit-3.10.18-150400.4.88.1 * libpython3_10-1_0-64bit-debuginfo-3.10.18-150400.4.88.1 * python310-base-64bit-3.10.18-150400.4.88.1 * python310-base-64bit-debuginfo-3.10.18-150400.4.88.1 * libpython3_10-1_0-64bit-3.10.18-150400.4.88.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libpython3_10-1_0-debuginfo-3.10.18-150400.4.88.1 * python310-3.10.18-150400.4.88.1 * python310-debuginfo-3.10.18-150400.4.88.1 * python310-core-debugsource-3.10.18-150400.4.88.1 * python310-dbm-3.10.18-150400.4.88.1 * python310-idle-3.10.18-150400.4.88.1 * python310-curses-3.10.18-150400.4.88.1 * libpython3_10-1_0-3.10.18-150400.4.88.1 * python310-base-3.10.18-150400.4.88.1 * python310-testsuite-debuginfo-3.10.18-150400.4.88.1 * python310-curses-debuginfo-3.10.18-150400.4.88.1 * python310-tools-3.10.18-150400.4.88.1 * python310-doc-devhelp-3.10.18-150400.4.88.1 * python310-testsuite-3.10.18-150400.4.88.1 * python310-tk-3.10.18-150400.4.88.1 * python310-tk-debuginfo-3.10.18-150400.4.88.1 * python310-devel-3.10.18-150400.4.88.1 * python310-debugsource-3.10.18-150400.4.88.1 * python310-doc-3.10.18-150400.4.88.1 * python310-dbm-debuginfo-3.10.18-150400.4.88.1 * python310-base-debuginfo-3.10.18-150400.4.88.1 * openSUSE Leap 15.6 (x86_64) * libpython3_10-1_0-32bit-3.10.18-150400.4.88.1 * python310-32bit-3.10.18-150400.4.88.1 * python310-32bit-debuginfo-3.10.18-150400.4.88.1 * python310-base-32bit-3.10.18-150400.4.88.1 * libpython3_10-1_0-32bit-debuginfo-3.10.18-150400.4.88.1 * python310-base-32bit-debuginfo-3.10.18-150400.4.88.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8194.html * https://bugzilla.suse.com/show_bug.cgi?id=1247249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 21 16:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 21 Aug 2025 16:30:08 -0000 Subject: SUSE-SU-2025:02955-1: important: Security update for the Linux Kernel (Live Patch 52 for SLE 15 SP3) Message-ID: <175579380841.9147.4540091768511309162@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 52 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:02955-1 Release Date: 2025-08-21T14:03:52Z Rating: important References: * bsc#1244631 * bsc#1245218 * bsc#1245350 * bsc#1247350 * bsc#1247351 Cross-References: * CVE-2024-36978 * CVE-2025-38079 * CVE-2025-38083 * CVE-2025-38494 * CVE-2025-38495 CVSS scores: * CVE-2024-36978 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36978 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_188 fixes several issues. The following security issues were fixed: * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218). * CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1244631). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2955=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-2955=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_188-default-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_188-default-debuginfo-9-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_52-debugsource-9-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_188-preempt-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_188-preempt-debuginfo-9-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_188-default-9-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://bugzilla.suse.com/show_bug.cgi?id=1244631 * https://bugzilla.suse.com/show_bug.cgi?id=1245218 * https://bugzilla.suse.com/show_bug.cgi?id=1245350 * https://bugzilla.suse.com/show_bug.cgi?id=1247350 * https://bugzilla.suse.com/show_bug.cgi?id=1247351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 21 16:30:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 21 Aug 2025 16:30:14 -0000 Subject: SUSE-SU-2025:02954-1: important: Security update for gdk-pixbuf Message-ID: <175579381435.9147.12851845200627276574@smelt2.prg2.suse.org> # Security update for gdk-pixbuf Announcement ID: SUSE-SU-2025:02954-1 Release Date: 2025-08-21T13:43:04Z Rating: important References: * bsc#1245227 * bsc#1246114 Cross-References: * CVE-2025-6199 * CVE-2025-7345 CVSS scores: * CVE-2025-6199 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-6199 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2025-6199 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2025-6199 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2025-7345 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-7345 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-7345 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for gdk-pixbuf fixes the following issues: * CVE-2025-6199: Fixed uninitialized memory leading to arbitrary memory contents leak (bsc#1245227) * CVE-2025-7345: Fixed heap buffer overflow within the gdk_pixbuf__jpeg_image_load_increment function (bsc#1246114) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2954=1 SUSE-2025-2954=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2954=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2954=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * gdk-pixbuf-devel-2.42.12-150600.3.8.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150600.3.8.1 * gdk-pixbuf-debugsource-2.42.12-150600.3.8.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150600.3.8.1 * gdk-pixbuf-devel-debuginfo-2.42.12-150600.3.8.1 * gdk-pixbuf-query-loaders-2.42.12-150600.3.8.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150600.3.8.1 * gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150600.3.8.1 * gdk-pixbuf-thumbnailer-2.42.12-150600.3.8.1 * typelib-1_0-GdkPixdata-2_0-2.42.12-150600.3.8.1 * libgdk_pixbuf-2_0-0-2.42.12-150600.3.8.1 * openSUSE Leap 15.6 (x86_64) * libgdk_pixbuf-2_0-0-32bit-2.42.12-150600.3.8.1 * gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150600.3.8.1 * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150600.3.8.1 * gdk-pixbuf-devel-32bit-debuginfo-2.42.12-150600.3.8.1 * gdk-pixbuf-query-loaders-32bit-2.42.12-150600.3.8.1 * gdk-pixbuf-devel-32bit-2.42.12-150600.3.8.1 * openSUSE Leap 15.6 (noarch) * gdk-pixbuf-lang-2.42.12-150600.3.8.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libgdk_pixbuf-2_0-0-64bit-2.42.12-150600.3.8.1 * gdk-pixbuf-devel-64bit-debuginfo-2.42.12-150600.3.8.1 * gdk-pixbuf-query-loaders-64bit-2.42.12-150600.3.8.1 * gdk-pixbuf-query-loaders-64bit-debuginfo-2.42.12-150600.3.8.1 * gdk-pixbuf-devel-64bit-2.42.12-150600.3.8.1 * libgdk_pixbuf-2_0-0-64bit-debuginfo-2.42.12-150600.3.8.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * gdk-pixbuf-devel-2.42.12-150600.3.8.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150600.3.8.1 * gdk-pixbuf-debugsource-2.42.12-150600.3.8.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150600.3.8.1 * gdk-pixbuf-devel-debuginfo-2.42.12-150600.3.8.1 * gdk-pixbuf-query-loaders-2.42.12-150600.3.8.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150600.3.8.1 * gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150600.3.8.1 * gdk-pixbuf-thumbnailer-2.42.12-150600.3.8.1 * typelib-1_0-GdkPixdata-2_0-2.42.12-150600.3.8.1 * libgdk_pixbuf-2_0-0-2.42.12-150600.3.8.1 * Basesystem Module 15-SP6 (noarch) * gdk-pixbuf-lang-2.42.12-150600.3.8.1 * Basesystem Module 15-SP6 (x86_64) * libgdk_pixbuf-2_0-0-32bit-2.42.12-150600.3.8.1 * gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150600.3.8.1 * gdk-pixbuf-query-loaders-32bit-2.42.12-150600.3.8.1 * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150600.3.8.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * gdk-pixbuf-devel-2.42.12-150600.3.8.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150600.3.8.1 * gdk-pixbuf-debugsource-2.42.12-150600.3.8.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150600.3.8.1 * gdk-pixbuf-devel-debuginfo-2.42.12-150600.3.8.1 * gdk-pixbuf-query-loaders-2.42.12-150600.3.8.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150600.3.8.1 * gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150600.3.8.1 * gdk-pixbuf-thumbnailer-2.42.12-150600.3.8.1 * typelib-1_0-GdkPixdata-2_0-2.42.12-150600.3.8.1 * libgdk_pixbuf-2_0-0-2.42.12-150600.3.8.1 * Basesystem Module 15-SP7 (noarch) * gdk-pixbuf-lang-2.42.12-150600.3.8.1 * Basesystem Module 15-SP7 (x86_64) * libgdk_pixbuf-2_0-0-32bit-2.42.12-150600.3.8.1 * gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150600.3.8.1 * gdk-pixbuf-query-loaders-32bit-2.42.12-150600.3.8.1 * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150600.3.8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6199.html * https://www.suse.com/security/cve/CVE-2025-7345.html * https://bugzilla.suse.com/show_bug.cgi?id=1245227 * https://bugzilla.suse.com/show_bug.cgi?id=1246114 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 22 08:30:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 22 Aug 2025 08:30:05 -0000 Subject: SUSE-SU-2025:02957-1: moderate: Security update for rust-keylime Message-ID: <175585140585.9158.2130429879610067002@smelt2.prg2.suse.org> # Security update for rust-keylime Announcement ID: SUSE-SU-2025:02957-1 Release Date: 2025-08-22T07:56:12Z Rating: moderate References: * bsc#1248006 Cross-References: * CVE-2025-55159 CVSS scores: * CVE-2025-55159 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-55159 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2025-55159 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro for Rancher 5.3 An update that solves one vulnerability can now be installed. ## Description: This update for rust-keylime fixes the following issues: * Update slab to version 0.4.11: * CVE-2025-55159: Fixed incorrect bounds check in get_disjoint_mut function (bsc#1248006) * Update to version 0.2.8+12: * build(deps): bump actions/checkout from 4 to 5 * build(deps): bump cfg-if from 1.0.0 to 1.0.1 * build(deps): bump openssl from 0.10.72 to 0.10.73 * build(deps): bump clap from 4.5.39 to 4.5.45 * build(deps): bump pest from 2.8.0 to 2.8.1 * Fix clippy warnings * Use verifier-provided interval for continuous attestation timing * Add meta object with seconds_to_next_attestation to evidence response * Fix boot time retrieval * Fix IMA log format (it must be ['text/plain']) (#1073) * Remove unnecessary configuration fields * cargo: Bump retry-policies to version 0.4.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2957=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2957=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * rust-keylime-0.2.8+12-150400.3.10.1 * rust-keylime-debuginfo-0.2.8+12-150400.3.10.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * rust-keylime-0.2.8+12-150400.3.10.1 * rust-keylime-debuginfo-0.2.8+12-150400.3.10.1 ## References: * https://www.suse.com/security/cve/CVE-2025-55159.html * https://bugzilla.suse.com/show_bug.cgi?id=1248006 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 22 12:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 22 Aug 2025 12:30:09 -0000 Subject: SUSE-SU-2025:02961-1: moderate: Security update for rust-keylime Message-ID: <175586580974.8868.1067015520046363695@smelt2.prg2.suse.org> # Security update for rust-keylime Announcement ID: SUSE-SU-2025:02961-1 Release Date: 2025-08-22T10:07:36Z Rating: moderate References: * bsc#1248006 Cross-References: * CVE-2025-55159 CVSS scores: * CVE-2025-55159 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-55159 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2025-55159 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for rust-keylime fixes the following issues: * Update slab to version 0.4.11: * CVE-2025-55159: Fixed incorrect bounds check in get_disjoint_mut function (bsc#1248006) * Update to version 0.2.8+12: * build(deps): bump actions/checkout from 4 to 5 * build(deps): bump cfg-if from 1.0.0 to 1.0.1 * build(deps): bump openssl from 0.10.72 to 0.10.73 * build(deps): bump clap from 4.5.39 to 4.5.45 * build(deps): bump pest from 2.8.0 to 2.8.1 * Fix clippy warnings * Use verifier-provided interval for continuous attestation timing * Add meta object with seconds_to_next_attestation to evidence response * Fix boot time retrieval * Fix IMA log format (it must be ['text/plain']) (#1073) * Remove unnecessary configuration fields * cargo: Bump retry-policies to version 0.4.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2961=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2961=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * rust-keylime-0.2.8+12-150400.3.8.1 * rust-keylime-debuginfo-0.2.8+12-150400.3.8.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * rust-keylime-0.2.8+12-150400.3.8.1 * rust-keylime-debuginfo-0.2.8+12-150400.3.8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-55159.html * https://bugzilla.suse.com/show_bug.cgi?id=1248006 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 22 16:30:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 22 Aug 2025 16:30:12 -0000 Subject: SUSE-SU-2025:02964-1: moderate: Security update for glibc Message-ID: <175588021216.16656.14449643871219264611@smelt2.prg2.suse.org> # Security update for glibc Announcement ID: SUSE-SU-2025:02964-1 Release Date: 2025-08-22T12:53:00Z Rating: moderate References: * bsc#1240058 * bsc#1246965 Cross-References: * CVE-2025-8058 CVSS scores: * CVE-2025-8058 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H * CVE-2025-8058 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H * CVE-2025-8058 ( NVD ): 5.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for glibc fixes the following issues: * CVE-2025-8058: Fixed double-free after allocation failure in regcomp. (bsc#1246965) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2964=1 openSUSE-SLE-15.6-2025-2964=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2964=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2964=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-2964=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-2964=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586 i686) * glibc-profile-2.38-150600.14.37.1 * glibc-locale-2.38-150600.14.37.1 * glibc-locale-base-2.38-150600.14.37.1 * glibc-debugsource-2.38-150600.14.37.1 * glibc-devel-static-2.38-150600.14.37.1 * glibc-devel-2.38-150600.14.37.1 * libnsl1-2.38-150600.14.37.1 * glibc-locale-base-debuginfo-2.38-150600.14.37.1 * glibc-debuginfo-2.38-150600.14.37.1 * libnsl1-debuginfo-2.38-150600.14.37.1 * glibc-2.38-150600.14.37.1 * glibc-devel-debuginfo-2.38-150600.14.37.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * nscd-debuginfo-2.38-150600.14.37.1 * glibc-utils-debuginfo-2.38-150600.14.37.1 * glibc-extra-2.38-150600.14.37.1 * glibc-utils-src-debugsource-2.38-150600.14.37.1 * glibc-extra-debuginfo-2.38-150600.14.37.1 * nscd-2.38-150600.14.37.1 * glibc-utils-2.38-150600.14.37.1 * openSUSE Leap 15.6 (noarch) * glibc-html-2.38-150600.14.37.1 * glibc-lang-2.38-150600.14.37.1 * glibc-info-2.38-150600.14.37.1 * glibc-i18ndata-2.38-150600.14.37.1 * openSUSE Leap 15.6 (x86_64) * glibc-locale-base-32bit-2.38-150600.14.37.1 * glibc-devel-32bit-debuginfo-2.38-150600.14.37.1 * glibc-profile-32bit-2.38-150600.14.37.1 * glibc-utils-32bit-2.38-150600.14.37.1 * glibc-utils-32bit-debuginfo-2.38-150600.14.37.1 * glibc-32bit-2.38-150600.14.37.1 * libnsl1-32bit-debuginfo-2.38-150600.14.37.1 * glibc-devel-32bit-2.38-150600.14.37.1 * glibc-locale-base-32bit-debuginfo-2.38-150600.14.37.1 * libnsl1-32bit-2.38-150600.14.37.1 * glibc-32bit-debuginfo-2.38-150600.14.37.1 * glibc-devel-static-32bit-2.38-150600.14.37.1 * openSUSE Leap 15.6 (aarch64_ilp32) * glibc-locale-base-64bit-debuginfo-2.38-150600.14.37.1 * glibc-locale-base-64bit-2.38-150600.14.37.1 * glibc-utils-64bit-debuginfo-2.38-150600.14.37.1 * glibc-devel-static-64bit-2.38-150600.14.37.1 * glibc-devel-64bit-2.38-150600.14.37.1 * glibc-64bit-2.38-150600.14.37.1 * glibc-utils-64bit-2.38-150600.14.37.1 * libnsl1-64bit-2.38-150600.14.37.1 * glibc-devel-64bit-debuginfo-2.38-150600.14.37.1 * libnsl1-64bit-debuginfo-2.38-150600.14.37.1 * glibc-profile-64bit-2.38-150600.14.37.1 * glibc-64bit-debuginfo-2.38-150600.14.37.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * glibc-profile-2.38-150600.14.37.1 * glibc-locale-2.38-150600.14.37.1 * nscd-debuginfo-2.38-150600.14.37.1 * glibc-extra-2.38-150600.14.37.1 * nscd-2.38-150600.14.37.1 * glibc-locale-base-2.38-150600.14.37.1 * glibc-debugsource-2.38-150600.14.37.1 * glibc-extra-debuginfo-2.38-150600.14.37.1 * glibc-devel-2.38-150600.14.37.1 * libnsl1-2.38-150600.14.37.1 * glibc-locale-base-debuginfo-2.38-150600.14.37.1 * glibc-debuginfo-2.38-150600.14.37.1 * libnsl1-debuginfo-2.38-150600.14.37.1 * glibc-2.38-150600.14.37.1 * glibc-devel-debuginfo-2.38-150600.14.37.1 * Basesystem Module 15-SP6 (noarch) * glibc-lang-2.38-150600.14.37.1 * glibc-info-2.38-150600.14.37.1 * glibc-i18ndata-2.38-150600.14.37.1 * Basesystem Module 15-SP6 (x86_64) * glibc-locale-base-32bit-2.38-150600.14.37.1 * glibc-32bit-2.38-150600.14.37.1 * libnsl1-32bit-debuginfo-2.38-150600.14.37.1 * glibc-locale-base-32bit-debuginfo-2.38-150600.14.37.1 * libnsl1-32bit-2.38-150600.14.37.1 * glibc-32bit-debuginfo-2.38-150600.14.37.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * glibc-profile-2.38-150600.14.37.1 * glibc-locale-2.38-150600.14.37.1 * nscd-debuginfo-2.38-150600.14.37.1 * glibc-extra-2.38-150600.14.37.1 * nscd-2.38-150600.14.37.1 * glibc-locale-base-2.38-150600.14.37.1 * glibc-debugsource-2.38-150600.14.37.1 * glibc-extra-debuginfo-2.38-150600.14.37.1 * glibc-devel-2.38-150600.14.37.1 * libnsl1-2.38-150600.14.37.1 * glibc-locale-base-debuginfo-2.38-150600.14.37.1 * glibc-debuginfo-2.38-150600.14.37.1 * libnsl1-debuginfo-2.38-150600.14.37.1 * glibc-2.38-150600.14.37.1 * glibc-devel-debuginfo-2.38-150600.14.37.1 * Basesystem Module 15-SP7 (noarch) * glibc-lang-2.38-150600.14.37.1 * glibc-info-2.38-150600.14.37.1 * glibc-i18ndata-2.38-150600.14.37.1 * Basesystem Module 15-SP7 (x86_64) * glibc-locale-base-32bit-2.38-150600.14.37.1 * glibc-32bit-2.38-150600.14.37.1 * libnsl1-32bit-debuginfo-2.38-150600.14.37.1 * glibc-locale-base-32bit-debuginfo-2.38-150600.14.37.1 * libnsl1-32bit-2.38-150600.14.37.1 * glibc-32bit-debuginfo-2.38-150600.14.37.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * glibc-utils-debuginfo-2.38-150600.14.37.1 * glibc-utils-src-debugsource-2.38-150600.14.37.1 * glibc-debugsource-2.38-150600.14.37.1 * glibc-devel-static-2.38-150600.14.37.1 * glibc-debuginfo-2.38-150600.14.37.1 * glibc-utils-2.38-150600.14.37.1 * Development Tools Module 15-SP6 (x86_64) * glibc-32bit-debuginfo-2.38-150600.14.37.1 * glibc-devel-32bit-debuginfo-2.38-150600.14.37.1 * glibc-devel-32bit-2.38-150600.14.37.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * glibc-utils-debuginfo-2.38-150600.14.37.1 * glibc-utils-src-debugsource-2.38-150600.14.37.1 * glibc-debugsource-2.38-150600.14.37.1 * glibc-devel-static-2.38-150600.14.37.1 * glibc-debuginfo-2.38-150600.14.37.1 * glibc-utils-2.38-150600.14.37.1 * Development Tools Module 15-SP7 (x86_64) * glibc-32bit-debuginfo-2.38-150600.14.37.1 * glibc-devel-32bit-debuginfo-2.38-150600.14.37.1 * glibc-devel-32bit-2.38-150600.14.37.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8058.html * https://bugzilla.suse.com/show_bug.cgi?id=1240058 * https://bugzilla.suse.com/show_bug.cgi?id=1246965 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 22 16:30:17 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 22 Aug 2025 16:30:17 -0000 Subject: SUSE-SU-2025:02963-1: important: Security update for gdk-pixbuf Message-ID: <175588021783.16656.4489959935973505109@smelt2.prg2.suse.org> # Security update for gdk-pixbuf Announcement ID: SUSE-SU-2025:02963-1 Release Date: 2025-08-22T12:52:14Z Rating: important References: * bsc#1245227 * bsc#1246114 Cross-References: * CVE-2025-6199 * CVE-2025-7345 CVSS scores: * CVE-2025-6199 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-6199 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2025-6199 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2025-6199 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2025-7345 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-7345 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-7345 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS An update that solves two vulnerabilities can now be installed. ## Description: This update for gdk-pixbuf fixes the following issues: * CVE-2025-6199: Fixed uninitialized memory leading to arbitrary memory contents leak (bsc#1245227) * CVE-2025-7345: Fixed heap buffer overflow within the gdk_pixbuf__jpeg_image_load_increment function (bsc#1246114) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2963=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2963=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2963=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2963=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2963=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2963=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2963=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2963=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2963=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2963=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2963=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2963=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2963=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2963=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-2963=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-2963=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-2963=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1 * gdk-pixbuf-debugsource-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1 * gdk-pixbuf-devel-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1 * openSUSE Leap 15.4 (x86_64) * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-devel-32bit-2.42.12-150400.5.14.1 * gdk-pixbuf-devel-32bit-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1 * openSUSE Leap 15.4 (noarch) * gdk-pixbuf-lang-2.42.12-150400.5.14.1 * openSUSE Leap 15.4 (aarch64_ilp32) * gdk-pixbuf-query-loaders-64bit-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-64bit-2.42.12-150400.5.14.1 * gdk-pixbuf-devel-64bit-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-devel-64bit-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-64bit-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-64bit-debuginfo-2.42.12-150400.5.14.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1 * gdk-pixbuf-debugsource-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1 * gdk-pixbuf-debugsource-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1 * gdk-pixbuf-debugsource-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1 * gdk-pixbuf-debugsource-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1 * gdk-pixbuf-debugsource-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1 * gdk-pixbuf-debugsource-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1 * gdk-pixbuf-devel-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * gdk-pixbuf-lang-2.42.12-150400.5.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1 * gdk-pixbuf-debugsource-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1 * gdk-pixbuf-devel-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * gdk-pixbuf-lang-2.42.12-150400.5.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1 * gdk-pixbuf-debugsource-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1 * gdk-pixbuf-devel-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * gdk-pixbuf-lang-2.42.12-150400.5.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1 * gdk-pixbuf-debugsource-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1 * gdk-pixbuf-devel-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * gdk-pixbuf-lang-2.42.12-150400.5.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1 * gdk-pixbuf-debugsource-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1 * gdk-pixbuf-devel-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * gdk-pixbuf-lang-2.42.12-150400.5.14.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1 * gdk-pixbuf-debugsource-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1 * gdk-pixbuf-devel-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * gdk-pixbuf-lang-2.42.12-150400.5.14.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1 * gdk-pixbuf-debugsource-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1 * gdk-pixbuf-devel-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * gdk-pixbuf-lang-2.42.12-150400.5.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1 * gdk-pixbuf-debugsource-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1 * gdk-pixbuf-devel-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * gdk-pixbuf-lang-2.42.12-150400.5.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1 * gdk-pixbuf-debugsource-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-devel-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1 * SUSE Manager Proxy 4.3 LTS (noarch) * gdk-pixbuf-lang-2.42.12-150400.5.14.1 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1 * gdk-pixbuf-debugsource-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-devel-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1 * SUSE Manager Retail Branch Server 4.3 LTS (noarch) * gdk-pixbuf-lang-2.42.12-150400.5.14.1 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * gdk-pixbuf-devel-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-2.42.12-150400.5.14.1 * gdk-pixbuf-debugsource-2.42.12-150400.5.14.1 * gdk-pixbuf-thumbnailer-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-2.42.12-150400.5.14.1 * gdk-pixbuf-devel-2.42.12-150400.5.14.1 * typelib-1_0-GdkPixdata-2_0-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.14.1 * SUSE Manager Server 4.3 LTS (noarch) * gdk-pixbuf-lang-2.42.12-150400.5.14.1 * SUSE Manager Server 4.3 LTS (x86_64) * libgdk_pixbuf-2_0-0-32bit-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-debuginfo-2.42.12-150400.5.14.1 * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.42.12-150400.5.14.1 * gdk-pixbuf-query-loaders-32bit-2.42.12-150400.5.14.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6199.html * https://www.suse.com/security/cve/CVE-2025-7345.html * https://bugzilla.suse.com/show_bug.cgi?id=1245227 * https://bugzilla.suse.com/show_bug.cgi?id=1246114 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 22 16:30:20 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 22 Aug 2025 16:30:20 -0000 Subject: SUSE-SU-2025:02962-1: moderate: Security update for rust-keylime Message-ID: <175588022070.16656.12601952504427551454@smelt2.prg2.suse.org> # Security update for rust-keylime Announcement ID: SUSE-SU-2025:02962-1 Release Date: 2025-08-22T12:50:28Z Rating: moderate References: * bsc#1248006 Cross-References: * CVE-2025-55159 CVSS scores: * CVE-2025-55159 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-55159 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2025-55159 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for rust-keylime fixes the following issues: * Update slab to version 0.4.11: * CVE-2025-55159: Fixed incorrect bounds check in get_disjoint_mut function (bsc#1248006) * Update to version 0.2.8+12: * build(deps): bump actions/checkout from 4 to 5 * build(deps): bump cfg-if from 1.0.0 to 1.0.1 * build(deps): bump openssl from 0.10.72 to 0.10.73 * build(deps): bump clap from 4.5.39 to 4.5.45 * build(deps): bump pest from 2.8.0 to 2.8.1 * Fix clippy warnings * Use verifier-provided interval for continuous attestation timing * Add meta object with seconds_to_next_attestation to evidence response * Fix boot time retrieval * Fix IMA log format (it must be ['text/plain']) (#1073) * Remove unnecessary configuration fields * cargo: Bump retry-policies to version 0.4.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2962=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * rust-keylime-0.2.8+12-150500.3.8.1 * rust-keylime-debuginfo-0.2.8+12-150500.3.8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-55159.html * https://bugzilla.suse.com/show_bug.cgi?id=1248006 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 25 08:34:06 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Aug 2025 08:34:06 -0000 Subject: SUSE-SU-2025:02969-1: important: Security update for the Linux Kernel Message-ID: <175611084677.8869.17714062150233261356@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:02969-1 Release Date: 2025-08-25T06:22:25Z Rating: important References: * bsc#1139073 * bsc#1204142 * bsc#1219338 * bsc#1225707 * bsc#1230216 * bsc#1233300 * bsc#1235613 * bsc#1235837 * bsc#1236333 * bsc#1236897 * bsc#1238896 * bsc#1239061 * bsc#1239470 * bsc#1240323 * bsc#1240885 * bsc#1240966 * bsc#1241166 * bsc#1241345 * bsc#1241537 * bsc#1242086 * bsc#1242414 * bsc#1242837 * bsc#1242960 * bsc#1242965 * bsc#1242993 * bsc#1243068 * bsc#1243100 * bsc#1243479 * bsc#1243669 * bsc#1243806 * bsc#1244309 * bsc#1244337 * bsc#1244457 * bsc#1244735 * bsc#1244749 * bsc#1244750 * bsc#1244792 * bsc#1244801 * bsc#1245151 * bsc#1245201 * bsc#1245202 * bsc#1245216 * bsc#1245260 * bsc#1245431 * bsc#1245440 * bsc#1245457 * bsc#1245498 * bsc#1245499 * bsc#1245504 * bsc#1245506 * bsc#1245508 * bsc#1245510 * bsc#1245540 * bsc#1245598 * bsc#1245599 * bsc#1245646 * bsc#1245647 * bsc#1245649 * bsc#1245650 * bsc#1245654 * bsc#1245658 * bsc#1245660 * bsc#1245665 * bsc#1245666 * bsc#1245668 * bsc#1245669 * bsc#1245670 * bsc#1245671 * bsc#1245675 * bsc#1245676 * bsc#1245677 * bsc#1245679 * bsc#1245682 * bsc#1245683 * bsc#1245684 * bsc#1245688 * bsc#1245689 * bsc#1245690 * bsc#1245691 * bsc#1245695 * bsc#1245705 * bsc#1245708 * bsc#1245711 * bsc#1245713 * bsc#1245714 * bsc#1245719 * bsc#1245723 * bsc#1245729 * bsc#1245730 * bsc#1245731 * bsc#1245735 * bsc#1245737 * bsc#1245744 * bsc#1245745 * bsc#1245746 * bsc#1245747 * bsc#1245748 * bsc#1245749 * bsc#1245750 * bsc#1245751 * bsc#1245752 * bsc#1245757 * bsc#1245758 * bsc#1245765 * bsc#1245768 * bsc#1245769 * bsc#1245777 * bsc#1245781 * bsc#1245789 * bsc#1245937 * bsc#1245945 * bsc#1245951 * bsc#1245952 * bsc#1245954 * bsc#1245957 * bsc#1245966 * bsc#1245970 * bsc#1245976 * bsc#1245980 * bsc#1245983 * bsc#1245986 * bsc#1246000 * bsc#1246002 * bsc#1246006 * bsc#1246008 * bsc#1246020 * bsc#1246023 * bsc#1246029 * bsc#1246031 * bsc#1246037 * bsc#1246041 * bsc#1246042 * bsc#1246044 * bsc#1246045 * bsc#1246047 * bsc#1246049 * bsc#1246050 * bsc#1246055 * bsc#1246073 * bsc#1246093 * bsc#1246098 * bsc#1246109 * bsc#1246122 * bsc#1246125 * bsc#1246171 * bsc#1246173 * bsc#1246178 * bsc#1246182 * bsc#1246183 * bsc#1246186 * bsc#1246195 * bsc#1246203 * bsc#1246212 * bsc#1246220 * bsc#1246236 * bsc#1246240 * bsc#1246243 * bsc#1246246 * bsc#1246249 * bsc#1246250 * bsc#1246253 * bsc#1246258 * bsc#1246262 * bsc#1246264 * bsc#1246266 * bsc#1246268 * bsc#1246273 * bsc#1246283 * bsc#1246287 * bsc#1246292 * bsc#1246293 * bsc#1246295 * bsc#1246334 * bsc#1246337 * bsc#1246342 * bsc#1246349 * bsc#1246354 * bsc#1246358 * bsc#1246361 * bsc#1246364 * bsc#1246370 * bsc#1246375 * bsc#1246384 * bsc#1246386 * bsc#1246387 * bsc#1246438 * bsc#1246453 * bsc#1246473 * bsc#1246490 * bsc#1246506 * bsc#1246547 * bsc#1246777 * bsc#1246781 * bsc#1246870 * bsc#1246879 * bsc#1246911 * bsc#1247018 * bsc#1247023 * bsc#1247028 * bsc#1247031 * bsc#1247033 * bsc#1247035 * bsc#1247061 * bsc#1247089 * bsc#1247091 * bsc#1247097 * bsc#1247098 * bsc#1247101 * bsc#1247103 * bsc#1247104 * bsc#1247113 * bsc#1247118 * bsc#1247123 * bsc#1247125 * bsc#1247128 * bsc#1247132 * bsc#1247138 * bsc#1247141 * bsc#1247143 * bsc#1247145 * bsc#1247146 * bsc#1247147 * bsc#1247149 * bsc#1247150 * bsc#1247151 * bsc#1247153 * bsc#1247154 * bsc#1247156 * bsc#1247160 * bsc#1247164 * bsc#1247169 * bsc#1247170 * bsc#1247171 * bsc#1247172 * bsc#1247174 * bsc#1247176 * bsc#1247177 * bsc#1247178 * bsc#1247181 * bsc#1247209 * bsc#1247210 * bsc#1247227 * bsc#1247233 * bsc#1247236 * bsc#1247238 * bsc#1247241 * bsc#1247251 * bsc#1247252 * bsc#1247253 * bsc#1247255 * bsc#1247271 * bsc#1247273 * bsc#1247274 * bsc#1247276 * bsc#1247277 * bsc#1247278 * bsc#1247279 * bsc#1247284 * bsc#1247285 * bsc#1247288 * bsc#1247289 * bsc#1247293 * bsc#1247311 * bsc#1247314 * bsc#1247317 * bsc#1247347 * bsc#1247348 * bsc#1247349 * bsc#1247374 * bsc#1247437 * bsc#1247450 Cross-References: * CVE-2019-11135 * CVE-2024-36028 * CVE-2024-36348 * CVE-2024-36349 * CVE-2024-36350 * CVE-2024-36357 * CVE-2024-44963 * CVE-2024-49861 * CVE-2024-56742 * CVE-2024-57947 * CVE-2025-21839 * CVE-2025-21854 * CVE-2025-21872 * CVE-2025-22090 * CVE-2025-23163 * CVE-2025-37798 * CVE-2025-37856 * CVE-2025-37864 * CVE-2025-37885 * CVE-2025-37920 * CVE-2025-37984 * CVE-2025-38034 * CVE-2025-38035 * CVE-2025-38051 * CVE-2025-38052 * CVE-2025-38058 * CVE-2025-38061 * CVE-2025-38062 * CVE-2025-38063 * CVE-2025-38064 * CVE-2025-38074 * CVE-2025-38084 * CVE-2025-38085 * CVE-2025-38087 * CVE-2025-38088 * CVE-2025-38089 * CVE-2025-38090 * CVE-2025-38094 * CVE-2025-38095 * CVE-2025-38097 * CVE-2025-38098 * CVE-2025-38099 * CVE-2025-38100 * CVE-2025-38102 * CVE-2025-38105 * CVE-2025-38107 * CVE-2025-38108 * CVE-2025-38109 * CVE-2025-38110 * CVE-2025-38111 * CVE-2025-38112 * CVE-2025-38113 * CVE-2025-38115 * CVE-2025-38117 * CVE-2025-38118 * CVE-2025-38120 * CVE-2025-38122 * CVE-2025-38123 * CVE-2025-38124 * CVE-2025-38126 * CVE-2025-38127 * CVE-2025-38129 * CVE-2025-38131 * CVE-2025-38132 * CVE-2025-38135 * CVE-2025-38136 * CVE-2025-38138 * CVE-2025-38142 * CVE-2025-38143 * CVE-2025-38145 * CVE-2025-38147 * CVE-2025-38148 * CVE-2025-38149 * CVE-2025-38151 * CVE-2025-38153 * CVE-2025-38154 * CVE-2025-38155 * CVE-2025-38157 * CVE-2025-38158 * CVE-2025-38159 * CVE-2025-38161 * CVE-2025-38162 * CVE-2025-38165 * CVE-2025-38166 * CVE-2025-38173 * CVE-2025-38174 * CVE-2025-38177 * CVE-2025-38180 * CVE-2025-38181 * CVE-2025-38182 * CVE-2025-38183 * CVE-2025-38187 * CVE-2025-38188 * CVE-2025-38192 * CVE-2025-38193 * CVE-2025-38194 * CVE-2025-38197 * CVE-2025-38198 * CVE-2025-38200 * CVE-2025-38202 * CVE-2025-38203 * CVE-2025-38204 * CVE-2025-38206 * CVE-2025-38210 * CVE-2025-38211 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38214 * CVE-2025-38215 * CVE-2025-38217 * CVE-2025-38220 * CVE-2025-38222 * CVE-2025-38225 * CVE-2025-38226 * CVE-2025-38227 * CVE-2025-38229 * CVE-2025-38231 * CVE-2025-38236 * CVE-2025-38239 * CVE-2025-38244 * CVE-2025-38246 * CVE-2025-38248 * CVE-2025-38249 * CVE-2025-38250 * CVE-2025-38257 * CVE-2025-38259 * CVE-2025-38264 * CVE-2025-38272 * CVE-2025-38273 * CVE-2025-38275 * CVE-2025-38277 * CVE-2025-38279 * CVE-2025-38283 * CVE-2025-38286 * CVE-2025-38289 * CVE-2025-38290 * CVE-2025-38292 * CVE-2025-38293 * CVE-2025-38300 * CVE-2025-38303 * CVE-2025-38304 * CVE-2025-38305 * CVE-2025-38307 * CVE-2025-38310 * CVE-2025-38312 * CVE-2025-38313 * CVE-2025-38319 * CVE-2025-38323 * CVE-2025-38326 * CVE-2025-38328 * CVE-2025-38332 * CVE-2025-38334 * CVE-2025-38335 * CVE-2025-38336 * CVE-2025-38337 * CVE-2025-38338 * CVE-2025-38342 * CVE-2025-38343 * CVE-2025-38344 * CVE-2025-38345 * CVE-2025-38348 * CVE-2025-38349 * CVE-2025-38350 * CVE-2025-38352 * CVE-2025-38354 * CVE-2025-38362 * CVE-2025-38363 * CVE-2025-38364 * CVE-2025-38365 * CVE-2025-38369 * CVE-2025-38371 * CVE-2025-38373 * CVE-2025-38375 * CVE-2025-38376 * CVE-2025-38377 * CVE-2025-38380 * CVE-2025-38382 * CVE-2025-38384 * CVE-2025-38385 * CVE-2025-38386 * CVE-2025-38387 * CVE-2025-38389 * CVE-2025-38391 * CVE-2025-38392 * CVE-2025-38393 * CVE-2025-38395 * CVE-2025-38396 * CVE-2025-38399 * CVE-2025-38400 * CVE-2025-38401 * CVE-2025-38403 * CVE-2025-38404 * CVE-2025-38406 * CVE-2025-38409 * CVE-2025-38410 * CVE-2025-38412 * CVE-2025-38414 * CVE-2025-38415 * CVE-2025-38416 * CVE-2025-38420 * CVE-2025-38424 * CVE-2025-38425 * CVE-2025-38426 * CVE-2025-38428 * CVE-2025-38429 * CVE-2025-38430 * CVE-2025-38436 * CVE-2025-38443 * CVE-2025-38448 * CVE-2025-38449 * CVE-2025-38455 * CVE-2025-38457 * CVE-2025-38460 * CVE-2025-38461 * CVE-2025-38462 * CVE-2025-38463 * CVE-2025-38465 * CVE-2025-38467 * CVE-2025-38468 * CVE-2025-38470 * CVE-2025-38471 * CVE-2025-38473 * CVE-2025-38474 * CVE-2025-38476 * CVE-2025-38477 * CVE-2025-38478 * CVE-2025-38480 * CVE-2025-38481 * CVE-2025-38482 * CVE-2025-38483 * CVE-2025-38485 * CVE-2025-38487 * CVE-2025-38489 * CVE-2025-38494 * CVE-2025-38495 * CVE-2025-38496 * CVE-2025-38497 * CVE-2025-38498 CVSS scores: * CVE-2019-11135 ( SUSE ): 6.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2019-11135 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36348 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36349 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36350 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36357 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-44963 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-44963 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49861 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49861 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49861 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-56742 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56742 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56742 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57947 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57947 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21872 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22090 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23163 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23163 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37856 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37856 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37864 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37920 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37920 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-37984 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-37984 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38034 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38034 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38035 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38035 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38051 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38052 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38058 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38058 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38061 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38062 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38062 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38063 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38063 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38064 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38064 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38074 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38084 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38084 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38085 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38085 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38087 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38088 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38088 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38089 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38089 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38090 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38090 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38095 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38097 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38097 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38098 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38098 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38099 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38099 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38100 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38102 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38102 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38105 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38105 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38107 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38107 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38108 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38108 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38109 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38109 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38110 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38110 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38111 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38111 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38112 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38112 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38113 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38115 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38115 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38117 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38117 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38118 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38120 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-38120 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-38122 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38123 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38124 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38126 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38126 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38127 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38127 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38129 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38129 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38131 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38131 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38132 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38132 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38135 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38136 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38138 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38142 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38142 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38143 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38143 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38145 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38145 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38147 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38148 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38149 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38149 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38151 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38151 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38153 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38153 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38154 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38154 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38155 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38155 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38157 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38157 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38158 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38158 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38159 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38159 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38161 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38162 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38165 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38166 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38166 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38173 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38173 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38174 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38174 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38180 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38180 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38182 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38183 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38183 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38187 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38187 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38188 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38192 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38192 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38193 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38193 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38194 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38197 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38197 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38198 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38203 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38203 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38204 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38204 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38206 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38206 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38211 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38211 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38214 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38214 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38215 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38217 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38217 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38220 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38220 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38222 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-38222 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2025-38225 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38226 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38226 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38227 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38227 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38229 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38229 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-38231 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38231 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38239 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38239 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38244 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38244 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38246 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38248 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38248 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38249 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38249 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38250 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38250 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38257 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38259 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38259 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38264 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38272 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38273 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38273 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38275 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38277 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38277 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38279 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38279 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38283 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38283 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38286 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38286 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38289 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38289 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38290 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38290 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38292 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38292 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38293 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38293 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38300 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38300 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38303 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38303 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38304 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38305 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38307 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38310 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38310 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38312 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38313 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38319 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38323 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38323 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38326 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38326 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38328 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38332 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38334 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38334 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38335 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38335 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38336 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38337 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38338 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38338 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38342 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-38344 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38344 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38345 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38345 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38348 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38349 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38349 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38350 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38350 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38352 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38352 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38354 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38354 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38362 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38363 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38364 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38364 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38365 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38365 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38369 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38369 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38371 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38371 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38373 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38373 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38375 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38376 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38376 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38377 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38377 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38380 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38380 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38382 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38382 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38384 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38384 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38385 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38385 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38386 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38386 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38387 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38387 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38389 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38389 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38391 ( SUSE ): 5.2 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38391 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38392 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38392 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38393 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38393 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38395 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38395 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38396 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38396 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38399 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38399 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38400 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38400 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38401 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38401 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38403 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38406 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38406 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38409 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38409 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38410 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38410 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38412 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38412 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38414 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38414 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38415 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38415 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38416 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38416 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38425 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38425 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38426 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38426 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38428 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38428 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38429 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38429 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38430 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38430 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38436 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38436 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38448 ( SUSE ): 4.1 CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38448 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38455 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38455 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38457 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38457 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38460 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38460 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38461 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38461 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38462 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38462 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38463 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38463 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38465 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38465 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38467 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38467 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38470 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38471 ( SUSE ): 8.4 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38471 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2025-38473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38474 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38474 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38476 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38476 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38477 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38477 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38478 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38478 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38480 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38480 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38481 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38481 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38482 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38482 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38483 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38483 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38485 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38485 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38487 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38487 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38489 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38489 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38496 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38496 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38497 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38497 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38498 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38498 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 238 vulnerabilities and has 33 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-36028: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() (bsc#1225707). * CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357: x86/process: Move the buffer clearing before MONITOR (bsc#1238896). * CVE-2024-44963: btrfs: do not BUG_ON() when freeing tree block after error (bsc#1230216). * CVE-2024-49861: net: clear the dst when changing skb protocol (bsc#1245954). * CVE-2024-56742: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() (bsc#1235613). * CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061). * CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470). * CVE-2025-21872: efi/mokvar-table: Avoid repeated map/unmap of the same page (bsc#1240323). * CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537). * CVE-2025-23163: net: vlan: do not propagate flags on open (bsc#1242837). * CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068). * CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965). * CVE-2025-37885: KVM: x86: Reset IRTE to host control if _new_ route isn't postable (bsc#1242960). * CVE-2025-37920: kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (bsc#1243479). * CVE-2025-37984: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (bsc#1243669). * CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792). * CVE-2025-38035: nvmet-tcp: do not restore null sk_state_change (bsc#1244801). * CVE-2025-38051: smb: client: Fix use-after-free in cifs_fill_dirent (bsc#1244750). * CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151). * CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() (bsc#1245440). * CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216). * CVE-2025-38063: dm: fix unconditional IO throttle caused by REQ_PREFLUSH (bsc#1245202). * CVE-2025-38064: virtio: break and reset virtio devices on device_shutdown() (bsc#1245201). * CVE-2025-38074: vhost-scsi: protect vq->log_used with vq->mutex (bsc#1244735). * CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macb_halt_tx (bsc#1245649). * CVE-2025-38097: kabi: restore encap_sk in struct xfrm_state (bsc#1245660). * CVE-2025-38098: drm/amd/display: Do not treat wb connector as physical in (bsc#1245654). * CVE-2025-38099: Bluetooth: btusb: Fix regression in the initialization of fake Bluetooth controllers (bsc#1245671). * CVE-2025-38100: x86/iopl: Cure TIF_IO_BITMAP inconsistencies (bsc#1245650). * CVE-2025-38105: ALSA: usb-audio: Kill timer properly at removal (bsc#1245682). * CVE-2025-38115: net_sched: sch_sfq: fix a potential crash on gso_skb handling (bsc#1245689). * CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695). * CVE-2025-38126: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (bsc#1245708). * CVE-2025-38131: coresight: prevent deactivate active config while enabling the config (bsc#1245677). * CVE-2025-38132: coresight: holding cscfg_csdev_lock while removing cscfg from csdev (bsc#1245679). * CVE-2025-38147: calipso: unlock rcu before returning -EAFNOSUPPORT (bsc#1245768). * CVE-2025-38158: hisi_acc_vfio_pci: fix XQE dma address error (bsc#1245750). * CVE-2025-38162: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (bsc#1245752). * CVE-2025-38166: bpf: fix ktls panic with sockmap (bsc#1245758). * CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970). * CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937). * CVE-2025-38183: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (bsc#1246006). * CVE-2025-38187: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951). * CVE-2025-38188: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (bsc#1246098). * CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045). * CVE-2025-38202: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980). * CVE-2025-38203: jfs: Fix null-ptr-deref in jfs_ioc_trim (bsc#1246044). * CVE-2025-38204: jfs: fix array-index-out-of-bounds read in add_missing_indices (bsc#1245983). * CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073). * CVE-2025-38210: configfs-tsm-report: Fix NULL dereference of tsm_ops (bsc#1246020). * CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029). * CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966). * CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976). * CVE-2025-38236: af_unix: Disable MSG_OOB for unprivileged users (bsc#1246093). * CVE-2025-38239: scsi: megaraid_sas: Fix invalid node index (bsc#1246178). * CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183). * CVE-2025-38248: bridge: mcast: Fix use-after-free during router port configuration (bsc#1246173). * CVE-2025-38250: kABI workaround for bluetooth hci_dev changes (bsc#1246182). * CVE-2025-38264: llist: add interface to check if a node is on a list (bsc#1246387). * CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268). * CVE-2025-38279: selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264). * CVE-2025-38283: hisi_acc_vfio_pci: bugfix live migration function without VF device driver (bsc#1246273). * CVE-2025-38303: Bluetooth: eir: Fix possible crashes on eir_create_adv_data (bsc#1246354). * CVE-2025-38310: seg6: Fix validation of nexthop addresses (bsc#1246361). * CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473). * CVE-2025-38334: x86/sgx: Prevent attempts to reclaim poisoned pages (bsc#1246384). * CVE-2025-38335: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (bsc#1246250). * CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253). * CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777). * CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781). * CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911). * CVE-2025-38364: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (bsc#1247091). * CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023). * CVE-2025-38371: drm/v3d: Disable interrupts before resetting the GPU (bsc#1247178). * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177). * CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031). * CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169). * CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156). * CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (bsc#1247097). * CVE-2025-38403: vsock/vmci: Clear the vmci transport packet properly when initializing it (bsc#1247141). * CVE-2025-38414: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (bsc#1247145). * CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252). * CVE-2025-38429: bus: mhi: ep: Update read pointer only after buffer is written (bsc#1247253). * CVE-2025-38455: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (bsc#1247101). * CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098). * CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143). * CVE-2025-38461: vsock: Fix transport_* TOCTOU (bsc#1247103). * CVE-2025-38462: vsock: Fix transport_{g2h,h2g} TOCTOU (bsc#1247104). * CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113). * CVE-2025-38465: netlink: make sure we allow at least one dump skb (bsc#1247118). * CVE-2025-38470: kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (bsc#1247288). * CVE-2025-38471: tls: always refresh the queue when reading sock (bsc#1247450). * CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). * CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374). The following non-security bugs were fixed: * Documentation: ACPI: Fix parent device references (git-fixes). * Documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes). * Fix dma_unmap_sg() nents value (git-fixes) * Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes). * Revert "ACPI: battery: negate current when discharging" (stable-fixes). * Revert "cgroup_freezer: cgroup_freezing: Check if not frozen" (bsc#1219338). * Revert "drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1" (stable-fixes). * Revert "mmc: sdhci: Disable SD card clock before changing parameters" (git- fixes). * Revert "usb: xhci: Implement xhci_handshake_check_state() helper" (git- fixes). * Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" (stable-fixes). * acpi: LPSS: Remove AudioDSP related ID (git-fixes). * acpi: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122). * acpi: processor: perflib: Fix initial _PPC limit application (git-fixes). * acpica: Refuse to evaluate a method if arguments are missing (stable-fixes). * af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes). * af_unix: Add a prompt to CONFIG_AF_UNIX_OOB (bsc#1246093). * alsa: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes). * alsa: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable- fixes). * alsa: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable- fixes). * alsa: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes). * alsa: hda/tegra: Add Tegra264 support (stable-fixes). * alsa: hda: Add missing NVIDIA HDA codec IDs (stable-fixes). * alsa: hda: Add new pci id for AMD GPU display HD audio controller (stable- fixes). * alsa: hda: Ignore unsol events for cards being shut down (stable-fixes). * alsa: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git- fixes). * alsa: sb: Do not allow changing the DMA mode during operations (stable- fixes). * alsa: sb: Force to disable DMAs once when DMA mode is changed (stable- fixes). * amd/amdkfd: fix a kfd_process ref leak (stable-fixes). * aoe: clean device rq_list in aoedev_downdev() (git-fixes). * apple-mfi-fastcharge: protect first device name (git-fixes). * asoc: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes). * asoc: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes). * asoc: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable- fixes). * asoc: amd: yc: update quirk data for HP Victus (stable-fixes). * asoc: codec: wcd9335: Convert to GPIO descriptors (stable-fixes). * asoc: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes). * asoc: codecs: wcd9335: Handle nicer probe deferral and simplify with dev_err_probe() (stable-fixes). * asoc: cs35l56: probe() should fail if the device ID is not recognized (git- fixes). * asoc: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git- fixes). * asoc: fsl_xcvr: get channel status data when PHY is not exists (git-fixes). * asoc: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes). * asoc: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git- fixes). * ata: pata_cs5536: fix build on 32-bit UML (stable-fixes). * audit,module: restore audit logging in load failure case (git-fixes). * bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes). * bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes). * bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes). * bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT (git-fixes). * bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes). * bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes). * bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes). * bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes). * bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes). * bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes). * bluetooth: hci_conn: Fix sending BT_HCI_CMD_LE_CREATE_CONN_CANCEL (git- fixes). * bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git- fixes). * bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes). * bluetooth: hci_sync: Attempt to dequeue connection attempt (git-fixes). * bluetooth: hci_sync: Fix UAF on create_le_conn_complete (git-fixes). * bluetooth: hci_sync: Fix handling of HCI_OP_CREATE_CONN_CANCEL (git-fixes). * bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes). * bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes). * bluetooth: hci_sync: revert some mesh modifications (git-fixes). * bpf, sockmap: Fix sk_msg_reset_curr (git-fixes). * bpf/lpm_trie: Inline longest_prefix_match for fastpath (git-fixes). * bpf/selftests: Check errno when percpu map value size exceeds (git-fixes). * bpf: Add a possibly-zero-sized read test (git-fixes). * bpf: Avoid **hidden** attribute in static object (git-fixes). * bpf: Check percpu map value size first (git-fixes). * bpf: Disable some `attribute ignored' warnings in GCC (git-fixes). * bpf: Fix memory leak in bpf_core_apply (git-fixes). * bpf: Fix potential integer overflow in resolve_btfids (git-fixes). * bpf: Harden __bpf_kfunc tag against linker kfunc removal (git-fixes). * bpf: Make the pointer returned by iter next method valid (git-fixes). * bpf: Simplify checking size of helper accesses (git-fixes). * bpf: fix order of args in call to bpf_map_kvcalloc (git-fixes). * bpf: sockmap, updating the sg structure should also update curr (git-fixes). * bpftool: Fix missing pids during link show (git-fixes). * bpftool: Fix undefined behavior caused by shifting into the sign bit (git- fixes). * bpftool: Mount bpffs on provided dir instead of parent dir (git-fixes). * bpftool: Remove unnecessary source files from bootstrap version (git-fixes). * bpftool: Un-const bpf_func_info to fix it for llvm 17 and newer (git-fixes). * btrfs: do not ignore inode missing when replaying log tree (git-fixes). * btrfs: do not silently ignore unexpected extent type when replaying log (git-fixes). * btrfs: do not skip remaining extrefs if dir not found during log replay (git-fixes). * btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068) * btrfs: fix assertion when building free space tree (git-fixes). * btrfs: fix inode lookup error handling during log replay (git-fixes). * btrfs: fix invalid inode pointer dereferences during log replay (git-fixes). * btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes). * btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes). * btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes). * btrfs: fix ssd_spread overallocation (git-fixes). * btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068) * btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes). * btrfs: rename err to ret in btrfs_rmdir() (git-fixes). * btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes). * btrfs: return a btrfs_inode from read_one_inode() (git-fixes). * btrfs: tests: fix chunk map leak after failure to add it to the tree (git- fixes). * btrfs: update superblock's device bytes_used when dropping chunk (git- fixes). * btrfs: use NOFS context when getting inodes during logging and log replay (git-fixes). * btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes). * bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes). * bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes). * can: dev: can_restart(): move debug message and stats after successful restart (stable-fixes). * can: dev: can_restart(): reverse logic to remove need for goto (stable- fixes). * can: kvaser_pciefd: Store device channel index (git-fixes). * can: kvaser_usb: Assign netdev.dev_port based on device channel index (git- fixes). * can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes). * can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes). * can: peak_usb: fix USB FD devices potential malfunction (git-fixes). * cdc-acm: fix race between initial clearing halt and open (git-fixes). * cgroup,freezer: fix incomplete freezing when attaching tasks (bsc#1245789). * cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166). * cifs: reconnect helper should set reconnect for the right channel (git- fixes). * clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes). * clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes). * clk: sunxi-ng: v3s: Fix de clock definition (git-fixes). * clk: xilinx: vcu: unregister pll_post only if registered correctly (git- fixes). * clocksource: Scale the watchdog read retries automatically (bsc#1241345 bsc#1244457). * clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin (bsc#1241345 bsc#1244457). * comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes). * comedi: Fix initialization of data for instructions that write to subdevice (git-fixes). * comedi: Fix some signed shift left operations (git-fixes). * comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes). * comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes). * comedi: das16m1: Fix bit shift out of bounds (git-fixes). * comedi: das6402: Fix bit shift out of bounds (git-fixes). * comedi: pcl812: Fix bit shift out of bounds (git-fixes). * compiler_types.h: Define **retain for __attribute** (( **retain** )) (git- fixes). * crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes). * crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes). * crypto: ccp - Fix locking on alloc failure handling (git-fixes). * crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes). * crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes). * crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes). * crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes). * crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes). * crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes). * crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes). * crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes). * crypto: qat - fix state restore for banks with exceptions (git-fixes). * crypto: qat - flush misc workqueue during device shutdown (git-fixes). * crypto: qat - use unmanaged allocation for dc_data (git-fixes). * crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes). * dm-bufio: fix sched in atomic context (git-fixes). * dm-flakey: error all IOs when num_features is absent (git-fixes). * dm-flakey: make corrupting read bios work (git-fixes). * dm-mirror: fix a tiny race condition (git-fixes). * dm-raid: fix variable in journal device check (git-fixes). * dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes). * dm: do not change md if dm_table_set_restrictions() fails (git-fixes). * dm: free table mempools if not used in __bind (git-fixes). * dm: restrict dm device size to 2^63-512 bytes (git-fixes). * dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes). * dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes). * dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes). * dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git- fixes). * dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes). * dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes). * dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes). * dmaengine: xilinx_dma: Set dma_device directions (stable-fixes). * docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes). * drm/amd/display: Do not overwrite dce60_clk_mgr (git-fixes). * drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git- fixes). * drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes). * drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes). * drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes). * drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes). * drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git- fixes). * drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes). * drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes). * drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes). * drm/exynos: fimd: Guard display clock control with runtime PM calls (git- fixes). * drm/framebuffer: Acquire internal references on GEM handles (git-fixes). * drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes). * drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes). * drm/i915/gsc: mei interrupt top half should be in irq disabled context (git- fixes). * drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes). * drm/i915/selftests: Change mock_request() to return error pointers (git- fixes). * drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes). * drm/msm: Fix a fence leak in submit error path (stable-fixes). * drm/msm: Fix another leak in the submit error path (stable-fixes). * drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes). * drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes). * drm/sched: Increment job count before swapping tail spsc queue (git-fixes). * drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes). * drm/scheduler: signal scheduled fence when kill job (stable-fixes). * drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes). * drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes). * drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes). * exfat: fdatasync flag should be same like generic_write_sync() (git-fixes). * fbcon: Fix outdated registered_fb reference in comment (git-fixes). * fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes). * firewire: ohci: correct code comments about bus_reset tasklet (git-fixes). * fs/jfs: consolidate sanity checking in dbMount (git-fixes). * fs/orangefs: Allow 2 more characters in do_c_string() (git-fixes). * gpio: mlxbf2: use platform_get_irq_optional() (git-fixes). * gpio: pca953x: log an error when failing to get the reset GPIO (git-fixes). * gpio: sim: include a missing header (git-fixes). * gpio: vf610: add locking to gpio direction functions (git-fixes). * gpio: virtio: Fix config space reading (git-fixes). * gpiolib: Fix debug messaging in gpiod_find_and_request() (git-fixes). * gpiolib: Handle no pin_ranges in gpiochip_generic_config() (git-fixes). * gpiolib: acpi: Do not use GPIO chip fwnode in acpi_gpiochip_find() (bsc#1233300). * gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match (bsc#1233300). * gpiolib: cdev: Ignore reconfiguration without direction (git-fixes). * gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes). * hfs: make splice write available again (git-fixes). * hfsplus: make splice write available again (git-fixes). * hfsplus: remove mutex_lock check in hfsplus_free_extents (git-fixes). * hid: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes). * hid: core: do not bypass hid_hw_raw_request (stable-fixes). * hid: core: ensure __hid_request reserves the report ID as the first byte (git-fixes). * hid: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes). * hid: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable- fixes). * hid: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable- fixes). * hv_netvsc: Use VF's tso_max_size value when data path is VF (bsc#1246203). * hwmon: (corsair-cpro) Validate the size of the received input buffer (git- fixes). * hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes). * hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes). * hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes). * i2c/designware: Fix an initialization issue (git-fixes). * i2c: qup: jump out of the loop in case of timeout (git-fixes). * i2c: stm32: fix the device used for the DMA map (git-fixes). * i2c: tegra: Fix reset error handling with ACPI (git-fixes). * i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes). * i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes). * ib/mlx5: Fix potential deadlock in MR deregistration (git-fixes) * iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git- fixes). * iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes). * iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable- fixes). * iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes). * iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes). * iio: adc: max1363: Reorder mode_list[] entries (stable-fixes). * iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes). * iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes). * iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes). * input: iqs7222 - explicitly define number of external channels (git-fixes). * input: xpad - adjust error handling for disconnect (git-fixes). * input: xpad - set correct controller type for Acer NGR200 (git-fixes). * input: xpad - support Acer NGR 200 Controller (stable-fixes). * iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes). * iommu/amd: Set the pgsize_bitmap correctly (git-fixes). * iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes). * iommu/vt-d: Fix possible circular locking dependency (git-fixes). * iommu/vt-d: Fix system hang on reboot -f (git-fixes). * ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes). * ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (git-fixes). * ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes). * ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes). * iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes). * jfs: fix metapage reference count leak in dbAllocCtl (git-fixes). * kABI workaround for struct drm_framebuffer changes (git-fixes). * kABI: Fix the module::name type in audit_context (git-fixes). * kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes). * kernel-obs-qa: Do not depend on srchash when qemu emulation is used In this case the dependency is never fulfilled Fixes: 485ae1da2b88 ("kernel-obs-qa: Use srchash for dependency as well") * kernel-syms.spec: Drop old rpm release number hack (bsc#1247172). * leds: multicolor: Fix intensity setting while SW blinking (stable-fixes). * lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1236897). * lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897). * logitech C-270 even more broken (stable-fixes). * maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes). * md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes). * media: gspca: Add bounds checking to firmware parser (git-fixes). * media: hi556: correct the test pattern configuration (git-fixes). * media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes). * media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes). * media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git- fixes). * media: usbtv: Lock resolution while streaming (git-fixes). * media: uvcvideo: Do not mark valid metadata as invalid (git-fixes). * media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git- fixes). * media: v4l2-ctrls: Do not reset handler's error in v4l2_ctrl_handler_free() (git-fixes). * media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes). * media: venus: Add a check for packet size after reading from shared memory (git-fixes). * media: venus: hfi: explicitly release IRQ during teardown (git-fixes). * media: venus: protect against spurious interrupts during probe (git-fixes). * media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git- fixes). * media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git- fixes). * media: vivid: fix wrong pixel_array control size (git-fixes). * memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git- fixes). * mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes). * misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes). * mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes). * mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes). * mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes). * mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes). * mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes). * module: Fix memory deallocation on error path in move_module() (git-fixes). * module: Remove unnecessary +1 from last_unloaded_module::name size (git- fixes). * module: Restore the moduleparam prefix length check (git-fixes). * mtd: fix possible integer overflow in erase_xfer() (git-fixes). * mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes). * mtd: rawnand: atmel: set pmecc data setup time (git-fixes). * mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes). * mtd: rawnand: renesas: Add missing check after DMA map (git-fixes). * mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes). * mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes). * mtd: spinand: fix memory leak of ECC engine conf (stable-fixes). * mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes). * mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes). * mtk-sd: Prevent memory corruption from DMA map failure (git-fixes). * mtk-sd: reset host->mrq on prepare_data() error (git-fixes). * mwl8k: Add missing check after DMA map (git-fixes). * nbd: fix uaf in nbd_genl_connect() error path (git-fixes). * net/packet: fix a race in packet_set_ring() and packet_notifier() (git- fixes). * net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes). * net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git- fixes). * net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git- fixes). * net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes). * net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes). * net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes). * net: mana: Add debug logs in MANA network driver (bsc#1246212). * net: mana: Add handler for hardware servicing events (bsc#1245730). * net: mana: Allocate MSI-X vectors dynamically (bsc#1245457). * net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457). * net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (bsc#1246203). * net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729). * net: mana: Set tx_packets to post gso processing packet count (bsc#1245731). * net: mana: explain irq_setup() algorithm (bsc#1245457). * net: phy: Do not register LEDs for genphy (git-fixes). * net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes). * net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes). * net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git- fixes). * net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes). * net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git- fixes). * net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes). * net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes). * net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes). * netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes). * nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git- fixes). * nfs: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes). * nfs: Fix the setting of capabilities when automounting a new filesystem (git-fixes). * nfs: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git- fixes). * nfs: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes). * nfsd: detect mismatch of file handle and delegation stateid in OPEN op (git- fixes). * nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes). * nfsv4.2: another fix for listxattr (git-fixes). * nfsv4.2: fix listxattr to return selinux security label (git-fixes). * nfsv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes). * nfsv4: Always set NLINK even if the server does not support it (git-fixes). * nfsv4: xattr handlers should check for absent nfs filehandles (git-fixes). * nilfs2: reject invalid file types when reading inodes (git-fixes). * nvme-pci: refresh visible attrs after being checked (git-fixes). * nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes). * nvme: fix endianness of command word prints in nvme_log_err_passthru() (git- fixes). * nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes). * nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes). * nvmet-tcp: fix callback lock for TLS handshake (git-fixes). * objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes). * objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks (git-fixes). * objtool: Fix _THIS_IP_ detection for cold functions (git-fixes). * objtool: Fix error handling inconsistencies in check() (git-fixes). * objtool: Ignore dangling jump table entries (git-fixes). * objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes). * objtool: Properly disable uaccess validation (git-fixes). * objtool: Silence more KCOV warnings (git-fixes). * objtool: Silence more KCOV warnings, part 2 (git-fixes). * objtool: Stop UNRET validation on UD2 (git-fixes). * pNFS/flexfiles: do not attempt pnfs on fatal DS errors (git-fixes). * pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes). * pci/MSI: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457). * pci: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes). * pci: endpoint: Fix configfs group list head handling (git-fixes). * pci: endpoint: Fix configfs group removal on driver teardown (git-fixes). * pci: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes). * pci: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes). * pci: hv: Allow dynamic MSI-X vector allocation (bsc#1245457). * pci: rockchip-host: Fix "Unexpected Completion" log message (git-fixes). * perf: Fix sample vs do_exit() (bsc#1246547). * phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git- fixes). * pinctrl: amd: Clear GPIO debounce for suspend (git-fixes). * pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes). * pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes). * pinmux: fix race causing mux_owner NULL with active mux_usecount (git- fixes). * platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git- fixes). * platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git- fixes). * platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes). * platform/mellanox: mlxreg-lc: Fix logic error in power state check (git- fixes). * platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes). * platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes). * platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes). * platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes). * platform/x86: think-lmi: Create ksets consecutively (stable-fixes). * platform/x86: think-lmi: Fix kobject cleanup (git-fixes). * platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes). * pm / devfreq: Check governor before using governor->name (git-fixes). * power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes). * power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git- fixes). * powercap: call put_device() on an error path in powercap_register_control_type() (stable-fixes). * powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git- fixes). * powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes). * powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH (git-fixes). * ptp: fix breakage after ptp_vclock_in_use() rework (bsc#1246506). * pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes). * pwm: mediatek: Ensure to disable clocks in error path (git-fixes). * rdma/core: Rate limit GID cache warning messages (git-fixes) * rdma/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes) * rdma/hns: Drop GFP_NOWARN (git-fixes) * rdma/hns: Fix -Wframe-larger-than issue (git-fixes) * rdma/hns: Fix HW configurations not cleared in error flow (git-fixes) * rdma/hns: Fix accessing uninitialized resources (git-fixes) * rdma/hns: Fix double destruction of rsv_qp (git-fixes) * rdma/hns: Get message length of ack_req from FW (git-fixes) * rdma/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes) * rdma/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes) * rdma/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes) * rdma/mlx5: Fix CC counters query for MPV (git-fixes) * rdma/mlx5: Fix HW counters query for non-representor devices (git-fixes) * rdma/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes) * rdma/mlx5: Fix vport loopback for MPV device (git-fixes) * rdma/mlx5: Initialize obj_event->obj_sub_list before xa_insert (git-fixes) * rdma/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes) * rdma/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes) * rdma/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes) * rdma/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes) * rdma/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git- fixes) * rdma/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes) * regmap: fix potential memory leak of regmap_bus (git-fixes). * regulator: fan53555: add enable_time support and soft-start times (stable- fixes). * regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git- fixes). * regulator: pwm-regulator: Calculate the output voltage for disabled PWMs (stable-fixes). * resource: fix false warning in __request_region() (git-fixes). * restore UCSI_CONNECTOR_RESET_HARD definition (git-fixes). * ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes). * rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes). * rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes). * rpm/kernel-subpackage-spec: Skip brp-strip-debug to avoid file truncation (bsc#1246879) Put the same workaround to avoid file truncation of vmlinux and co in kernel-default-base package, too. * rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337) * rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes). * rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes). * rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes). * rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes). * rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes). * rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes). * s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246870). * s390/entry: Fix last breaking event handling in case of stack corruption (git-fixes bsc#1243806). * s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245646). * s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245647). * s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245598). * s390: Add z17 elf platform (LTC#214086 bsc#1245540). * samples: mei: Fix building on musl libc (git-fixes). * sched,freezer: Remove unnecessary warning in __thaw_task (bsc#1219338). * sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up() (git- fixes). * scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes). * scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Modify end-of-life adapters' model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142). * scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: megaraid_sas: Fix invalid node index (git-fixes). * scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git- fixes). * scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git- fixes). * scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245599). * selftests/bpf: Add CFLAGS per source file and runner (git-fixes). * selftests/bpf: Add tests for iter next method returning valid pointer (git- fixes). * selftests/bpf: Change functions definitions to support GCC (git-fixes). * selftests/bpf: Fix a few tests for GCC related warnings (git-fixes). * selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect (git-fixes). * selftests/bpf: Fix prog numbers in test_sockmap (git-fixes). * smb3: move server check earlier when setting channel sequence number (git- fixes). * smb3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion (git-fixes). * smb3: send channel sequence number in SMB3 requests after reconnects (git- fixes). * smb: client: fix parsing of device numbers (git-fixes). * soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes). * soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes). * soc: aspeed: lpc-snoop: Do not disable channels that are not enabled (git- fixes). * soc: qcom: QMI encoding/decoding for big endian (git-fixes). * soc: qcom: fix endianness for QMI header (git-fixes). * soc: qcom: pmic_glink: fix OF node leak (git-fixes). * soundwire: amd: fix for clearing command status register (git-fixes). * soundwire: stream: restore params when prepare ports fail (git-fixes). * spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git- fixes). * staging: axis-fifo: remove sysfs interface (git-fixes). * staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git- fixes). * staging: nvec: Fix incorrect null termination of battery manufacturer (git- fixes). * struct cdns: move new member to the end (git-fixes). * struct ucsi_operations: use padding for new operation (git-fixes). * sunrpc: do not immediately retransmit on seqno miss (git-fixes). * sunrpc: fix client side handling of tls alerts (git-fixes). * sunrpc: fix handling of server side tls alerts (git-fixes). * supported.conf: add missing entries for armv7hl * supported.conf: move nvme-apple to optional again * supported.conf: sort entries again * tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes). * thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes). * thunderbolt: Fix copy+paste error in match_service_id() (git-fixes). * thunderbolt: Fix wake on connect at runtime (git-fixes). * tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes). * tracing/kprobes: Fix to free objects when failed to copy a symbol (git- fixes). * types: Complement the aligned types with signed 64-bit one (stable-fixes). * ucount: fix atomic_long_inc_below() argument type (git-fixes). * ucsi-glink: adapt to kABI consistency (git-fixes). * ucsi_ccg: Refine the UCSI Interrupt handling (git-fixes). * ucsi_operations: add stubs for all operations (git-fixes). * ucsi_ops: adapt update_connector to kABI consistency (git-fixes). * usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes). * usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes). * usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes). * usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes). * usb: cdnsp: Fix issue with resuming from L1 (git-fixes). * usb: cdnsp: Replace snprintf() with the safer scnprintf() variant (stable- fixes). * usb: cdnsp: do not disable slot for disabled slot (git-fixes). * usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes). * usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes). * usb: dwc2: also exit clock_gating when stopping udc while suspended (stable- fixes). * usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes). * usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes). * usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes). * usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes). * usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes). * usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes). * usb: hub: Do not try to recover devices lost during warm reset (git-fixes). * usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes). * usb: musb: fix gadget state on disconnect (git-fixes). * usb: musb: omap2430: fix device leak at unbind (git-fixes). * usb: net: sierra: check for no status endpoint (git-fixes). * usb: potential integer overflow in usbg_make_tpg() (stable-fixes). * usb: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes). * usb: serial: option: add Foxconn T99W640 (stable-fixes). * usb: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable- fixes). * usb: typec: Update sysfs when setting ops (git-fixes). * usb: typec: altmodes/displayport: do not index invalid pin_assignments (git- fixes). * usb: typec: displayport: Fix potential deadlock (git-fixes). * usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes). * usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable- fixes). * usb: typec: tcpm: allow switching to mode accessory to mux properly (stable- fixes). * usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes). * usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git- fixes). * usb: typec: ucsi: Add DATA_RESET option of Connector Reset command (git- fixes). * usb: typec: ucsi: Add qcm6490-pmic-glink as needing PDOS quirk (git-fixes). * usb: typec: ucsi: Delay alternate mode discovery (git-fixes). * usb: typec: ucsi: Fix busy loop on ASUS VivoBooks (git-fixes). * usb: typec: ucsi: Fix the partner PD revision (git-fixes). * usb: typec: ucsi: Get PD revision for partner (git-fixes). * usb: typec: ucsi: Set orientation as none when connector is unplugged (git- fixes). * usb: typec: ucsi: Update power_supply on power role change (git-fixes). * usb: typec: ucsi: add callback for connector status updates (git-fixes). * usb: typec: ucsi: add update_connector callback (git-fixes). * usb: typec: ucsi: do not retrieve PDOs if not supported (git-fixes). * usb: typec: ucsi: extract code to read PD caps (git-fixes). * usb: typec: ucsi: fix UCSI on SM8550 & SM8650 Qualcomm devices (git-fixes). * usb: typec: ucsi: glink: fix off-by-one in connector_status (git-fixes). * usb: typec: ucsi: glink: increase max ports for x1e80100 (git-fixes). * usb: typec: ucsi: glink: move GPIO reading into connector_status callback (git-fixes). * usb: typec: ucsi: glink: use typec_set_orientation (git-fixes). * usb: typec: ucsi: move ucsi_acknowledge() from ucsi_read_error() (git- fixes). * usb: typec: ucsi: properly register partner's PD device (git-fixes). * usb: typec: ucsi: support delaying GET_PDOS for device (git-fixes). * usb: typec: ucsi_acpi: Add LG Gram quirk (git-fixes). * usb: typec: ucsi_glink: drop NO_PARTNER_PDOS quirk for sm8550 / sm8650 (git- fixes). * usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk (git-fixes). * usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk on qcm6490 (git-fixes). * usb: typec: ucsi_glink: rework quirks implementation (git-fixes). * usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git- fixes). * usb: xhci: quirk for data loss in ISOC transfers (stable-fixes). * usb:cdnsp: remove TRB_FLUSH_ENDPOINT command (stable-fixes). * virtgpu: do not reset on shutdown (git-fixes). * vmci: Prevent the dispatching of uninitialized payloads (git-fixes). * vt: add missing notification when switching back to text mode (stable- fixes). * vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes). * vt: keyboard: Do not process Unicode characters in K_OFF mode (git-fixes). * watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git- fixes). * wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes). * wifi: ath11k: fix dest ring-buffer corruption (git-fixes). * wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes). * wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes). * wifi: ath11k: fix source ring-buffer corruption (git-fixes). * wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes). * wifi: ath12k: fix dest ring-buffer corruption (git-fixes). * wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes). * wifi: ath12k: fix endianness handling while accessing wmi service bit (git- fixes). * wifi: ath12k: fix source ring-buffer corruption (git-fixes). * wifi: ath6kl: remove WARN on bad firmware input (stable-fixes). * wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes). * wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes). * wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes). * wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes). * wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes). * wifi: mac80211: Add link iteration macro for link data (stable-fixes). * wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes). * wifi: mac80211: Do not call fq_flow_idx() for management frames (git-fixes). * wifi: mac80211: Do not schedule stopped TXQs (git-fixes). * wifi: mac80211: chan: chandef is non-NULL for reserved (stable-fixes). * wifi: mac80211: drop invalid source address OCB frames (stable-fixes). * wifi: mac80211: reject TDLS operations when station is not associated (git- fixes). * wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes). * wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes). * wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes). * wifi: plfxlc: Fix error handling in usb driver probe (git-fixes). * wifi: prevent A-MSDU attacks in mesh networks (stable-fixes). * wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes). * wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes). * wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes). * x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes). * x86/mce/amd: Add default names for MCA banks and blocks (git-fixes). * x86/mce/amd: Fix threshold limit reset (git-fixes). * x86/mce: Do not remove sysfs if thresholding sysfs init fails (git-fixes). * x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git- fixes). * x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git- fixes). * x86/traps: Initialize DR6 by writing its architectural reset value (git- fixes). * x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes). * x86: UV RTC: Add parameter to disable RTC clocksource (bsc#1241345). * xfs: fix off-by-one error in fsmap's end_daddr usage (bsc#1235837). * xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes). * xfs: remove unused event xfs_alloc_near_error (git-fixes). * xfs: remove unused event xfs_alloc_near_nominleft (git-fixes). * xfs: remove unused event xfs_attr_node_removename (git-fixes). * xfs: remove unused event xfs_ioctl_clone (git-fixes). * xfs: remove unused event xfs_pagecache_inval (git-fixes). * xfs: remove unused event xlog_iclog_want_sync (git-fixes). * xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes). * xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes). * xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes). * xfs: remove unused xfs_attr events (git-fixes). * xfs: remove unused xfs_reflink_compare_extents events (git-fixes). * xfs: remove usused xfs_end_io_direct events (git-fixes). * xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git- fixes). * xhci: dbc: Flush queued requests before stopping dbc (git-fixes). * xhci: dbctty: disable ECHO flag by default (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2969=1 openSUSE-SLE-15.6-2025-2969=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-2969=1 ## Package List: * openSUSE Leap 15.6 (noarch) * kernel-devel-azure-6.4.0-150600.8.48.1 * kernel-source-azure-6.4.0-150600.8.48.1 * openSUSE Leap 15.6 (aarch64 x86_64) * reiserfs-kmp-azure-debuginfo-6.4.0-150600.8.48.1 * kselftests-kmp-azure-debuginfo-6.4.0-150600.8.48.1 * reiserfs-kmp-azure-6.4.0-150600.8.48.1 * kernel-azure-devel-6.4.0-150600.8.48.1 * kernel-azure-debugsource-6.4.0-150600.8.48.1 * kernel-azure-optional-debuginfo-6.4.0-150600.8.48.1 * dlm-kmp-azure-6.4.0-150600.8.48.1 * gfs2-kmp-azure-debuginfo-6.4.0-150600.8.48.1 * kselftests-kmp-azure-6.4.0-150600.8.48.1 * kernel-syms-azure-6.4.0-150600.8.48.1 * cluster-md-kmp-azure-6.4.0-150600.8.48.1 * kernel-azure-optional-6.4.0-150600.8.48.1 * cluster-md-kmp-azure-debuginfo-6.4.0-150600.8.48.1 * dlm-kmp-azure-debuginfo-6.4.0-150600.8.48.1 * gfs2-kmp-azure-6.4.0-150600.8.48.1 * ocfs2-kmp-azure-6.4.0-150600.8.48.1 * kernel-azure-extra-6.4.0-150600.8.48.1 * kernel-azure-devel-debuginfo-6.4.0-150600.8.48.1 * kernel-azure-debuginfo-6.4.0-150600.8.48.1 * ocfs2-kmp-azure-debuginfo-6.4.0-150600.8.48.1 * kernel-azure-extra-debuginfo-6.4.0-150600.8.48.1 * openSUSE Leap 15.6 (aarch64 nosrc x86_64) * kernel-azure-6.4.0-150600.8.48.1 * openSUSE Leap 15.6 (x86_64) * kernel-azure-vdso-6.4.0-150600.8.48.1 * kernel-azure-vdso-debuginfo-6.4.0-150600.8.48.1 * Public Cloud Module 15-SP6 (aarch64 nosrc x86_64) * kernel-azure-6.4.0-150600.8.48.1 * Public Cloud Module 15-SP6 (aarch64 x86_64) * kernel-azure-debuginfo-6.4.0-150600.8.48.1 * kernel-azure-debugsource-6.4.0-150600.8.48.1 * kernel-syms-azure-6.4.0-150600.8.48.1 * kernel-azure-devel-debuginfo-6.4.0-150600.8.48.1 * kernel-azure-devel-6.4.0-150600.8.48.1 * Public Cloud Module 15-SP6 (noarch) * kernel-devel-azure-6.4.0-150600.8.48.1 * kernel-source-azure-6.4.0-150600.8.48.1 ## References: * https://www.suse.com/security/cve/CVE-2019-11135.html * https://www.suse.com/security/cve/CVE-2024-36028.html * https://www.suse.com/security/cve/CVE-2024-36348.html * https://www.suse.com/security/cve/CVE-2024-36349.html * https://www.suse.com/security/cve/CVE-2024-36350.html * https://www.suse.com/security/cve/CVE-2024-36357.html * https://www.suse.com/security/cve/CVE-2024-44963.html * https://www.suse.com/security/cve/CVE-2024-49861.html * https://www.suse.com/security/cve/CVE-2024-56742.html * https://www.suse.com/security/cve/CVE-2024-57947.html * https://www.suse.com/security/cve/CVE-2025-21839.html * https://www.suse.com/security/cve/CVE-2025-21854.html * https://www.suse.com/security/cve/CVE-2025-21872.html * https://www.suse.com/security/cve/CVE-2025-22090.html * https://www.suse.com/security/cve/CVE-2025-23163.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-37856.html * https://www.suse.com/security/cve/CVE-2025-37864.html * https://www.suse.com/security/cve/CVE-2025-37885.html * https://www.suse.com/security/cve/CVE-2025-37920.html * https://www.suse.com/security/cve/CVE-2025-37984.html * https://www.suse.com/security/cve/CVE-2025-38034.html * https://www.suse.com/security/cve/CVE-2025-38035.html * https://www.suse.com/security/cve/CVE-2025-38051.html * https://www.suse.com/security/cve/CVE-2025-38052.html * https://www.suse.com/security/cve/CVE-2025-38058.html * https://www.suse.com/security/cve/CVE-2025-38061.html * https://www.suse.com/security/cve/CVE-2025-38062.html * https://www.suse.com/security/cve/CVE-2025-38063.html * https://www.suse.com/security/cve/CVE-2025-38064.html * https://www.suse.com/security/cve/CVE-2025-38074.html * https://www.suse.com/security/cve/CVE-2025-38084.html * https://www.suse.com/security/cve/CVE-2025-38085.html * https://www.suse.com/security/cve/CVE-2025-38087.html * https://www.suse.com/security/cve/CVE-2025-38088.html * https://www.suse.com/security/cve/CVE-2025-38089.html * https://www.suse.com/security/cve/CVE-2025-38090.html * https://www.suse.com/security/cve/CVE-2025-38094.html * https://www.suse.com/security/cve/CVE-2025-38095.html * https://www.suse.com/security/cve/CVE-2025-38097.html * https://www.suse.com/security/cve/CVE-2025-38098.html * https://www.suse.com/security/cve/CVE-2025-38099.html * https://www.suse.com/security/cve/CVE-2025-38100.html * https://www.suse.com/security/cve/CVE-2025-38102.html * https://www.suse.com/security/cve/CVE-2025-38105.html * https://www.suse.com/security/cve/CVE-2025-38107.html * https://www.suse.com/security/cve/CVE-2025-38108.html * https://www.suse.com/security/cve/CVE-2025-38109.html * https://www.suse.com/security/cve/CVE-2025-38110.html * https://www.suse.com/security/cve/CVE-2025-38111.html * https://www.suse.com/security/cve/CVE-2025-38112.html * https://www.suse.com/security/cve/CVE-2025-38113.html * https://www.suse.com/security/cve/CVE-2025-38115.html * https://www.suse.com/security/cve/CVE-2025-38117.html * https://www.suse.com/security/cve/CVE-2025-38118.html * https://www.suse.com/security/cve/CVE-2025-38120.html * https://www.suse.com/security/cve/CVE-2025-38122.html * https://www.suse.com/security/cve/CVE-2025-38123.html * https://www.suse.com/security/cve/CVE-2025-38124.html * https://www.suse.com/security/cve/CVE-2025-38126.html * https://www.suse.com/security/cve/CVE-2025-38127.html * https://www.suse.com/security/cve/CVE-2025-38129.html * https://www.suse.com/security/cve/CVE-2025-38131.html * https://www.suse.com/security/cve/CVE-2025-38132.html * https://www.suse.com/security/cve/CVE-2025-38135.html * https://www.suse.com/security/cve/CVE-2025-38136.html * https://www.suse.com/security/cve/CVE-2025-38138.html * https://www.suse.com/security/cve/CVE-2025-38142.html * https://www.suse.com/security/cve/CVE-2025-38143.html * https://www.suse.com/security/cve/CVE-2025-38145.html * https://www.suse.com/security/cve/CVE-2025-38147.html * https://www.suse.com/security/cve/CVE-2025-38148.html * https://www.suse.com/security/cve/CVE-2025-38149.html * https://www.suse.com/security/cve/CVE-2025-38151.html * https://www.suse.com/security/cve/CVE-2025-38153.html * https://www.suse.com/security/cve/CVE-2025-38154.html * https://www.suse.com/security/cve/CVE-2025-38155.html * https://www.suse.com/security/cve/CVE-2025-38157.html * https://www.suse.com/security/cve/CVE-2025-38158.html * https://www.suse.com/security/cve/CVE-2025-38159.html * https://www.suse.com/security/cve/CVE-2025-38161.html * https://www.suse.com/security/cve/CVE-2025-38162.html * https://www.suse.com/security/cve/CVE-2025-38165.html * https://www.suse.com/security/cve/CVE-2025-38166.html * https://www.suse.com/security/cve/CVE-2025-38173.html * https://www.suse.com/security/cve/CVE-2025-38174.html * https://www.suse.com/security/cve/CVE-2025-38177.html * https://www.suse.com/security/cve/CVE-2025-38180.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38182.html * https://www.suse.com/security/cve/CVE-2025-38183.html * https://www.suse.com/security/cve/CVE-2025-38187.html * https://www.suse.com/security/cve/CVE-2025-38188.html * https://www.suse.com/security/cve/CVE-2025-38192.html * https://www.suse.com/security/cve/CVE-2025-38193.html * https://www.suse.com/security/cve/CVE-2025-38194.html * https://www.suse.com/security/cve/CVE-2025-38197.html * https://www.suse.com/security/cve/CVE-2025-38198.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38202.html * https://www.suse.com/security/cve/CVE-2025-38203.html * https://www.suse.com/security/cve/CVE-2025-38204.html * https://www.suse.com/security/cve/CVE-2025-38206.html * https://www.suse.com/security/cve/CVE-2025-38210.html * https://www.suse.com/security/cve/CVE-2025-38211.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38214.html * https://www.suse.com/security/cve/CVE-2025-38215.html * https://www.suse.com/security/cve/CVE-2025-38217.html * https://www.suse.com/security/cve/CVE-2025-38220.html * https://www.suse.com/security/cve/CVE-2025-38222.html * https://www.suse.com/security/cve/CVE-2025-38225.html * https://www.suse.com/security/cve/CVE-2025-38226.html * https://www.suse.com/security/cve/CVE-2025-38227.html * https://www.suse.com/security/cve/CVE-2025-38229.html * https://www.suse.com/security/cve/CVE-2025-38231.html * https://www.suse.com/security/cve/CVE-2025-38236.html * https://www.suse.com/security/cve/CVE-2025-38239.html * https://www.suse.com/security/cve/CVE-2025-38244.html * https://www.suse.com/security/cve/CVE-2025-38246.html * https://www.suse.com/security/cve/CVE-2025-38248.html * https://www.suse.com/security/cve/CVE-2025-38249.html * https://www.suse.com/security/cve/CVE-2025-38250.html * https://www.suse.com/security/cve/CVE-2025-38257.html * https://www.suse.com/security/cve/CVE-2025-38259.html * https://www.suse.com/security/cve/CVE-2025-38264.html * https://www.suse.com/security/cve/CVE-2025-38272.html * https://www.suse.com/security/cve/CVE-2025-38273.html * https://www.suse.com/security/cve/CVE-2025-38275.html * https://www.suse.com/security/cve/CVE-2025-38277.html * https://www.suse.com/security/cve/CVE-2025-38279.html * https://www.suse.com/security/cve/CVE-2025-38283.html * https://www.suse.com/security/cve/CVE-2025-38286.html * https://www.suse.com/security/cve/CVE-2025-38289.html * https://www.suse.com/security/cve/CVE-2025-38290.html * https://www.suse.com/security/cve/CVE-2025-38292.html * https://www.suse.com/security/cve/CVE-2025-38293.html * https://www.suse.com/security/cve/CVE-2025-38300.html * https://www.suse.com/security/cve/CVE-2025-38303.html * https://www.suse.com/security/cve/CVE-2025-38304.html * https://www.suse.com/security/cve/CVE-2025-38305.html * https://www.suse.com/security/cve/CVE-2025-38307.html * https://www.suse.com/security/cve/CVE-2025-38310.html * https://www.suse.com/security/cve/CVE-2025-38312.html * https://www.suse.com/security/cve/CVE-2025-38313.html * https://www.suse.com/security/cve/CVE-2025-38319.html * https://www.suse.com/security/cve/CVE-2025-38323.html * https://www.suse.com/security/cve/CVE-2025-38326.html * https://www.suse.com/security/cve/CVE-2025-38328.html * https://www.suse.com/security/cve/CVE-2025-38332.html * https://www.suse.com/security/cve/CVE-2025-38334.html * https://www.suse.com/security/cve/CVE-2025-38335.html * https://www.suse.com/security/cve/CVE-2025-38336.html * https://www.suse.com/security/cve/CVE-2025-38337.html * https://www.suse.com/security/cve/CVE-2025-38338.html * https://www.suse.com/security/cve/CVE-2025-38342.html * https://www.suse.com/security/cve/CVE-2025-38343.html * https://www.suse.com/security/cve/CVE-2025-38344.html * https://www.suse.com/security/cve/CVE-2025-38345.html * https://www.suse.com/security/cve/CVE-2025-38348.html * https://www.suse.com/security/cve/CVE-2025-38349.html * https://www.suse.com/security/cve/CVE-2025-38350.html * https://www.suse.com/security/cve/CVE-2025-38352.html * https://www.suse.com/security/cve/CVE-2025-38354.html * https://www.suse.com/security/cve/CVE-2025-38362.html * https://www.suse.com/security/cve/CVE-2025-38363.html * https://www.suse.com/security/cve/CVE-2025-38364.html * https://www.suse.com/security/cve/CVE-2025-38365.html * https://www.suse.com/security/cve/CVE-2025-38369.html * https://www.suse.com/security/cve/CVE-2025-38371.html * https://www.suse.com/security/cve/CVE-2025-38373.html * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-38376.html * https://www.suse.com/security/cve/CVE-2025-38377.html * https://www.suse.com/security/cve/CVE-2025-38380.html * https://www.suse.com/security/cve/CVE-2025-38382.html * https://www.suse.com/security/cve/CVE-2025-38384.html * https://www.suse.com/security/cve/CVE-2025-38385.html * https://www.suse.com/security/cve/CVE-2025-38386.html * https://www.suse.com/security/cve/CVE-2025-38387.html * https://www.suse.com/security/cve/CVE-2025-38389.html * https://www.suse.com/security/cve/CVE-2025-38391.html * https://www.suse.com/security/cve/CVE-2025-38392.html * https://www.suse.com/security/cve/CVE-2025-38393.html * https://www.suse.com/security/cve/CVE-2025-38395.html * https://www.suse.com/security/cve/CVE-2025-38396.html * https://www.suse.com/security/cve/CVE-2025-38399.html * https://www.suse.com/security/cve/CVE-2025-38400.html * https://www.suse.com/security/cve/CVE-2025-38401.html * https://www.suse.com/security/cve/CVE-2025-38403.html * https://www.suse.com/security/cve/CVE-2025-38404.html * https://www.suse.com/security/cve/CVE-2025-38406.html * https://www.suse.com/security/cve/CVE-2025-38409.html * https://www.suse.com/security/cve/CVE-2025-38410.html * https://www.suse.com/security/cve/CVE-2025-38412.html * https://www.suse.com/security/cve/CVE-2025-38414.html * https://www.suse.com/security/cve/CVE-2025-38415.html * https://www.suse.com/security/cve/CVE-2025-38416.html * https://www.suse.com/security/cve/CVE-2025-38420.html * https://www.suse.com/security/cve/CVE-2025-38424.html * https://www.suse.com/security/cve/CVE-2025-38425.html * https://www.suse.com/security/cve/CVE-2025-38426.html * https://www.suse.com/security/cve/CVE-2025-38428.html * https://www.suse.com/security/cve/CVE-2025-38429.html * https://www.suse.com/security/cve/CVE-2025-38430.html * https://www.suse.com/security/cve/CVE-2025-38436.html * https://www.suse.com/security/cve/CVE-2025-38443.html * https://www.suse.com/security/cve/CVE-2025-38448.html * https://www.suse.com/security/cve/CVE-2025-38449.html * https://www.suse.com/security/cve/CVE-2025-38455.html * https://www.suse.com/security/cve/CVE-2025-38457.html * https://www.suse.com/security/cve/CVE-2025-38460.html * https://www.suse.com/security/cve/CVE-2025-38461.html * https://www.suse.com/security/cve/CVE-2025-38462.html * https://www.suse.com/security/cve/CVE-2025-38463.html * https://www.suse.com/security/cve/CVE-2025-38465.html * https://www.suse.com/security/cve/CVE-2025-38467.html * https://www.suse.com/security/cve/CVE-2025-38468.html * https://www.suse.com/security/cve/CVE-2025-38470.html * https://www.suse.com/security/cve/CVE-2025-38471.html * https://www.suse.com/security/cve/CVE-2025-38473.html * https://www.suse.com/security/cve/CVE-2025-38474.html * https://www.suse.com/security/cve/CVE-2025-38476.html * https://www.suse.com/security/cve/CVE-2025-38477.html * https://www.suse.com/security/cve/CVE-2025-38478.html * https://www.suse.com/security/cve/CVE-2025-38480.html * https://www.suse.com/security/cve/CVE-2025-38481.html * https://www.suse.com/security/cve/CVE-2025-38482.html * https://www.suse.com/security/cve/CVE-2025-38483.html * https://www.suse.com/security/cve/CVE-2025-38485.html * https://www.suse.com/security/cve/CVE-2025-38487.html * https://www.suse.com/security/cve/CVE-2025-38489.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://www.suse.com/security/cve/CVE-2025-38496.html * https://www.suse.com/security/cve/CVE-2025-38497.html * https://www.suse.com/security/cve/CVE-2025-38498.html * https://bugzilla.suse.com/show_bug.cgi?id=1139073 * https://bugzilla.suse.com/show_bug.cgi?id=1204142 * https://bugzilla.suse.com/show_bug.cgi?id=1219338 * https://bugzilla.suse.com/show_bug.cgi?id=1225707 * https://bugzilla.suse.com/show_bug.cgi?id=1230216 * https://bugzilla.suse.com/show_bug.cgi?id=1233300 * https://bugzilla.suse.com/show_bug.cgi?id=1235613 * https://bugzilla.suse.com/show_bug.cgi?id=1235837 * https://bugzilla.suse.com/show_bug.cgi?id=1236333 * https://bugzilla.suse.com/show_bug.cgi?id=1236897 * https://bugzilla.suse.com/show_bug.cgi?id=1238896 * https://bugzilla.suse.com/show_bug.cgi?id=1239061 * https://bugzilla.suse.com/show_bug.cgi?id=1239470 * https://bugzilla.suse.com/show_bug.cgi?id=1240323 * https://bugzilla.suse.com/show_bug.cgi?id=1240885 * https://bugzilla.suse.com/show_bug.cgi?id=1240966 * https://bugzilla.suse.com/show_bug.cgi?id=1241166 * https://bugzilla.suse.com/show_bug.cgi?id=1241345 * https://bugzilla.suse.com/show_bug.cgi?id=1241537 * https://bugzilla.suse.com/show_bug.cgi?id=1242086 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242837 * https://bugzilla.suse.com/show_bug.cgi?id=1242960 * https://bugzilla.suse.com/show_bug.cgi?id=1242965 * https://bugzilla.suse.com/show_bug.cgi?id=1242993 * https://bugzilla.suse.com/show_bug.cgi?id=1243068 * https://bugzilla.suse.com/show_bug.cgi?id=1243100 * https://bugzilla.suse.com/show_bug.cgi?id=1243479 * https://bugzilla.suse.com/show_bug.cgi?id=1243669 * https://bugzilla.suse.com/show_bug.cgi?id=1243806 * https://bugzilla.suse.com/show_bug.cgi?id=1244309 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1244457 * https://bugzilla.suse.com/show_bug.cgi?id=1244735 * https://bugzilla.suse.com/show_bug.cgi?id=1244749 * https://bugzilla.suse.com/show_bug.cgi?id=1244750 * https://bugzilla.suse.com/show_bug.cgi?id=1244792 * https://bugzilla.suse.com/show_bug.cgi?id=1244801 * https://bugzilla.suse.com/show_bug.cgi?id=1245151 * https://bugzilla.suse.com/show_bug.cgi?id=1245201 * https://bugzilla.suse.com/show_bug.cgi?id=1245202 * https://bugzilla.suse.com/show_bug.cgi?id=1245216 * https://bugzilla.suse.com/show_bug.cgi?id=1245260 * https://bugzilla.suse.com/show_bug.cgi?id=1245431 * https://bugzilla.suse.com/show_bug.cgi?id=1245440 * https://bugzilla.suse.com/show_bug.cgi?id=1245457 * https://bugzilla.suse.com/show_bug.cgi?id=1245498 * https://bugzilla.suse.com/show_bug.cgi?id=1245499 * https://bugzilla.suse.com/show_bug.cgi?id=1245504 * https://bugzilla.suse.com/show_bug.cgi?id=1245506 * https://bugzilla.suse.com/show_bug.cgi?id=1245508 * https://bugzilla.suse.com/show_bug.cgi?id=1245510 * https://bugzilla.suse.com/show_bug.cgi?id=1245540 * https://bugzilla.suse.com/show_bug.cgi?id=1245598 * https://bugzilla.suse.com/show_bug.cgi?id=1245599 * https://bugzilla.suse.com/show_bug.cgi?id=1245646 * https://bugzilla.suse.com/show_bug.cgi?id=1245647 * https://bugzilla.suse.com/show_bug.cgi?id=1245649 * https://bugzilla.suse.com/show_bug.cgi?id=1245650 * https://bugzilla.suse.com/show_bug.cgi?id=1245654 * https://bugzilla.suse.com/show_bug.cgi?id=1245658 * https://bugzilla.suse.com/show_bug.cgi?id=1245660 * https://bugzilla.suse.com/show_bug.cgi?id=1245665 * https://bugzilla.suse.com/show_bug.cgi?id=1245666 * https://bugzilla.suse.com/show_bug.cgi?id=1245668 * https://bugzilla.suse.com/show_bug.cgi?id=1245669 * https://bugzilla.suse.com/show_bug.cgi?id=1245670 * https://bugzilla.suse.com/show_bug.cgi?id=1245671 * https://bugzilla.suse.com/show_bug.cgi?id=1245675 * https://bugzilla.suse.com/show_bug.cgi?id=1245676 * https://bugzilla.suse.com/show_bug.cgi?id=1245677 * https://bugzilla.suse.com/show_bug.cgi?id=1245679 * https://bugzilla.suse.com/show_bug.cgi?id=1245682 * https://bugzilla.suse.com/show_bug.cgi?id=1245683 * https://bugzilla.suse.com/show_bug.cgi?id=1245684 * https://bugzilla.suse.com/show_bug.cgi?id=1245688 * https://bugzilla.suse.com/show_bug.cgi?id=1245689 * https://bugzilla.suse.com/show_bug.cgi?id=1245690 * https://bugzilla.suse.com/show_bug.cgi?id=1245691 * https://bugzilla.suse.com/show_bug.cgi?id=1245695 * https://bugzilla.suse.com/show_bug.cgi?id=1245705 * https://bugzilla.suse.com/show_bug.cgi?id=1245708 * https://bugzilla.suse.com/show_bug.cgi?id=1245711 * https://bugzilla.suse.com/show_bug.cgi?id=1245713 * https://bugzilla.suse.com/show_bug.cgi?id=1245714 * https://bugzilla.suse.com/show_bug.cgi?id=1245719 * https://bugzilla.suse.com/show_bug.cgi?id=1245723 * https://bugzilla.suse.com/show_bug.cgi?id=1245729 * https://bugzilla.suse.com/show_bug.cgi?id=1245730 * https://bugzilla.suse.com/show_bug.cgi?id=1245731 * https://bugzilla.suse.com/show_bug.cgi?id=1245735 * https://bugzilla.suse.com/show_bug.cgi?id=1245737 * https://bugzilla.suse.com/show_bug.cgi?id=1245744 * https://bugzilla.suse.com/show_bug.cgi?id=1245745 * https://bugzilla.suse.com/show_bug.cgi?id=1245746 * https://bugzilla.suse.com/show_bug.cgi?id=1245747 * https://bugzilla.suse.com/show_bug.cgi?id=1245748 * https://bugzilla.suse.com/show_bug.cgi?id=1245749 * https://bugzilla.suse.com/show_bug.cgi?id=1245750 * https://bugzilla.suse.com/show_bug.cgi?id=1245751 * https://bugzilla.suse.com/show_bug.cgi?id=1245752 * https://bugzilla.suse.com/show_bug.cgi?id=1245757 * https://bugzilla.suse.com/show_bug.cgi?id=1245758 * https://bugzilla.suse.com/show_bug.cgi?id=1245765 * https://bugzilla.suse.com/show_bug.cgi?id=1245768 * https://bugzilla.suse.com/show_bug.cgi?id=1245769 * https://bugzilla.suse.com/show_bug.cgi?id=1245777 * https://bugzilla.suse.com/show_bug.cgi?id=1245781 * https://bugzilla.suse.com/show_bug.cgi?id=1245789 * https://bugzilla.suse.com/show_bug.cgi?id=1245937 * https://bugzilla.suse.com/show_bug.cgi?id=1245945 * https://bugzilla.suse.com/show_bug.cgi?id=1245951 * https://bugzilla.suse.com/show_bug.cgi?id=1245952 * https://bugzilla.suse.com/show_bug.cgi?id=1245954 * https://bugzilla.suse.com/show_bug.cgi?id=1245957 * https://bugzilla.suse.com/show_bug.cgi?id=1245966 * https://bugzilla.suse.com/show_bug.cgi?id=1245970 * https://bugzilla.suse.com/show_bug.cgi?id=1245976 * https://bugzilla.suse.com/show_bug.cgi?id=1245980 * https://bugzilla.suse.com/show_bug.cgi?id=1245983 * https://bugzilla.suse.com/show_bug.cgi?id=1245986 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246002 * https://bugzilla.suse.com/show_bug.cgi?id=1246006 * https://bugzilla.suse.com/show_bug.cgi?id=1246008 * https://bugzilla.suse.com/show_bug.cgi?id=1246020 * https://bugzilla.suse.com/show_bug.cgi?id=1246023 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246031 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246041 * https://bugzilla.suse.com/show_bug.cgi?id=1246042 * https://bugzilla.suse.com/show_bug.cgi?id=1246044 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246047 * https://bugzilla.suse.com/show_bug.cgi?id=1246049 * https://bugzilla.suse.com/show_bug.cgi?id=1246050 * https://bugzilla.suse.com/show_bug.cgi?id=1246055 * https://bugzilla.suse.com/show_bug.cgi?id=1246073 * https://bugzilla.suse.com/show_bug.cgi?id=1246093 * https://bugzilla.suse.com/show_bug.cgi?id=1246098 * https://bugzilla.suse.com/show_bug.cgi?id=1246109 * https://bugzilla.suse.com/show_bug.cgi?id=1246122 * https://bugzilla.suse.com/show_bug.cgi?id=1246125 * https://bugzilla.suse.com/show_bug.cgi?id=1246171 * https://bugzilla.suse.com/show_bug.cgi?id=1246173 * https://bugzilla.suse.com/show_bug.cgi?id=1246178 * https://bugzilla.suse.com/show_bug.cgi?id=1246182 * https://bugzilla.suse.com/show_bug.cgi?id=1246183 * https://bugzilla.suse.com/show_bug.cgi?id=1246186 * https://bugzilla.suse.com/show_bug.cgi?id=1246195 * https://bugzilla.suse.com/show_bug.cgi?id=1246203 * https://bugzilla.suse.com/show_bug.cgi?id=1246212 * https://bugzilla.suse.com/show_bug.cgi?id=1246220 * https://bugzilla.suse.com/show_bug.cgi?id=1246236 * https://bugzilla.suse.com/show_bug.cgi?id=1246240 * https://bugzilla.suse.com/show_bug.cgi?id=1246243 * https://bugzilla.suse.com/show_bug.cgi?id=1246246 * https://bugzilla.suse.com/show_bug.cgi?id=1246249 * https://bugzilla.suse.com/show_bug.cgi?id=1246250 * https://bugzilla.suse.com/show_bug.cgi?id=1246253 * https://bugzilla.suse.com/show_bug.cgi?id=1246258 * https://bugzilla.suse.com/show_bug.cgi?id=1246262 * https://bugzilla.suse.com/show_bug.cgi?id=1246264 * https://bugzilla.suse.com/show_bug.cgi?id=1246266 * https://bugzilla.suse.com/show_bug.cgi?id=1246268 * https://bugzilla.suse.com/show_bug.cgi?id=1246273 * https://bugzilla.suse.com/show_bug.cgi?id=1246283 * https://bugzilla.suse.com/show_bug.cgi?id=1246287 * https://bugzilla.suse.com/show_bug.cgi?id=1246292 * https://bugzilla.suse.com/show_bug.cgi?id=1246293 * https://bugzilla.suse.com/show_bug.cgi?id=1246295 * https://bugzilla.suse.com/show_bug.cgi?id=1246334 * https://bugzilla.suse.com/show_bug.cgi?id=1246337 * https://bugzilla.suse.com/show_bug.cgi?id=1246342 * https://bugzilla.suse.com/show_bug.cgi?id=1246349 * https://bugzilla.suse.com/show_bug.cgi?id=1246354 * https://bugzilla.suse.com/show_bug.cgi?id=1246358 * https://bugzilla.suse.com/show_bug.cgi?id=1246361 * https://bugzilla.suse.com/show_bug.cgi?id=1246364 * https://bugzilla.suse.com/show_bug.cgi?id=1246370 * https://bugzilla.suse.com/show_bug.cgi?id=1246375 * https://bugzilla.suse.com/show_bug.cgi?id=1246384 * https://bugzilla.suse.com/show_bug.cgi?id=1246386 * https://bugzilla.suse.com/show_bug.cgi?id=1246387 * https://bugzilla.suse.com/show_bug.cgi?id=1246438 * https://bugzilla.suse.com/show_bug.cgi?id=1246453 * https://bugzilla.suse.com/show_bug.cgi?id=1246473 * https://bugzilla.suse.com/show_bug.cgi?id=1246490 * https://bugzilla.suse.com/show_bug.cgi?id=1246506 * https://bugzilla.suse.com/show_bug.cgi?id=1246547 * https://bugzilla.suse.com/show_bug.cgi?id=1246777 * https://bugzilla.suse.com/show_bug.cgi?id=1246781 * https://bugzilla.suse.com/show_bug.cgi?id=1246870 * https://bugzilla.suse.com/show_bug.cgi?id=1246879 * https://bugzilla.suse.com/show_bug.cgi?id=1246911 * https://bugzilla.suse.com/show_bug.cgi?id=1247018 * https://bugzilla.suse.com/show_bug.cgi?id=1247023 * https://bugzilla.suse.com/show_bug.cgi?id=1247028 * https://bugzilla.suse.com/show_bug.cgi?id=1247031 * https://bugzilla.suse.com/show_bug.cgi?id=1247033 * https://bugzilla.suse.com/show_bug.cgi?id=1247035 * https://bugzilla.suse.com/show_bug.cgi?id=1247061 * https://bugzilla.suse.com/show_bug.cgi?id=1247089 * https://bugzilla.suse.com/show_bug.cgi?id=1247091 * https://bugzilla.suse.com/show_bug.cgi?id=1247097 * https://bugzilla.suse.com/show_bug.cgi?id=1247098 * https://bugzilla.suse.com/show_bug.cgi?id=1247101 * https://bugzilla.suse.com/show_bug.cgi?id=1247103 * https://bugzilla.suse.com/show_bug.cgi?id=1247104 * https://bugzilla.suse.com/show_bug.cgi?id=1247113 * https://bugzilla.suse.com/show_bug.cgi?id=1247118 * https://bugzilla.suse.com/show_bug.cgi?id=1247123 * https://bugzilla.suse.com/show_bug.cgi?id=1247125 * https://bugzilla.suse.com/show_bug.cgi?id=1247128 * https://bugzilla.suse.com/show_bug.cgi?id=1247132 * https://bugzilla.suse.com/show_bug.cgi?id=1247138 * https://bugzilla.suse.com/show_bug.cgi?id=1247141 * https://bugzilla.suse.com/show_bug.cgi?id=1247143 * https://bugzilla.suse.com/show_bug.cgi?id=1247145 * https://bugzilla.suse.com/show_bug.cgi?id=1247146 * https://bugzilla.suse.com/show_bug.cgi?id=1247147 * https://bugzilla.suse.com/show_bug.cgi?id=1247149 * https://bugzilla.suse.com/show_bug.cgi?id=1247150 * https://bugzilla.suse.com/show_bug.cgi?id=1247151 * https://bugzilla.suse.com/show_bug.cgi?id=1247153 * https://bugzilla.suse.com/show_bug.cgi?id=1247154 * https://bugzilla.suse.com/show_bug.cgi?id=1247156 * https://bugzilla.suse.com/show_bug.cgi?id=1247160 * https://bugzilla.suse.com/show_bug.cgi?id=1247164 * https://bugzilla.suse.com/show_bug.cgi?id=1247169 * https://bugzilla.suse.com/show_bug.cgi?id=1247170 * https://bugzilla.suse.com/show_bug.cgi?id=1247171 * https://bugzilla.suse.com/show_bug.cgi?id=1247172 * https://bugzilla.suse.com/show_bug.cgi?id=1247174 * https://bugzilla.suse.com/show_bug.cgi?id=1247176 * https://bugzilla.suse.com/show_bug.cgi?id=1247177 * https://bugzilla.suse.com/show_bug.cgi?id=1247178 * https://bugzilla.suse.com/show_bug.cgi?id=1247181 * https://bugzilla.suse.com/show_bug.cgi?id=1247209 * https://bugzilla.suse.com/show_bug.cgi?id=1247210 * https://bugzilla.suse.com/show_bug.cgi?id=1247227 * https://bugzilla.suse.com/show_bug.cgi?id=1247233 * https://bugzilla.suse.com/show_bug.cgi?id=1247236 * https://bugzilla.suse.com/show_bug.cgi?id=1247238 * https://bugzilla.suse.com/show_bug.cgi?id=1247241 * https://bugzilla.suse.com/show_bug.cgi?id=1247251 * https://bugzilla.suse.com/show_bug.cgi?id=1247252 * https://bugzilla.suse.com/show_bug.cgi?id=1247253 * https://bugzilla.suse.com/show_bug.cgi?id=1247255 * https://bugzilla.suse.com/show_bug.cgi?id=1247271 * https://bugzilla.suse.com/show_bug.cgi?id=1247273 * https://bugzilla.suse.com/show_bug.cgi?id=1247274 * https://bugzilla.suse.com/show_bug.cgi?id=1247276 * https://bugzilla.suse.com/show_bug.cgi?id=1247277 * https://bugzilla.suse.com/show_bug.cgi?id=1247278 * https://bugzilla.suse.com/show_bug.cgi?id=1247279 * https://bugzilla.suse.com/show_bug.cgi?id=1247284 * https://bugzilla.suse.com/show_bug.cgi?id=1247285 * https://bugzilla.suse.com/show_bug.cgi?id=1247288 * https://bugzilla.suse.com/show_bug.cgi?id=1247289 * https://bugzilla.suse.com/show_bug.cgi?id=1247293 * https://bugzilla.suse.com/show_bug.cgi?id=1247311 * https://bugzilla.suse.com/show_bug.cgi?id=1247314 * https://bugzilla.suse.com/show_bug.cgi?id=1247317 * https://bugzilla.suse.com/show_bug.cgi?id=1247347 * https://bugzilla.suse.com/show_bug.cgi?id=1247348 * https://bugzilla.suse.com/show_bug.cgi?id=1247349 * https://bugzilla.suse.com/show_bug.cgi?id=1247374 * https://bugzilla.suse.com/show_bug.cgi?id=1247437 * https://bugzilla.suse.com/show_bug.cgi?id=1247450 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 25 08:34:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Aug 2025 08:34:21 -0000 Subject: SUSE-SU-2025:02968-1: important: Security update for libqt4 Message-ID: <175611086134.8869.4160292899408019869@smelt2.prg2.suse.org> # Security update for libqt4 Announcement ID: SUSE-SU-2025:02968-1 Release Date: 2025-08-25T06:20:49Z Rating: important References: * bsc#1196654 * bsc#1211298 * bsc#1211798 * bsc#1211994 * bsc#1213326 * bsc#1214327 * bsc#1245609 * bsc#357727 * bsc#552218 * bsc#656144 * bsc#717127 * bsc#875470 Cross-References: * CVE-2021-45930 * CVE-2023-32573 * CVE-2023-32763 * CVE-2023-34410 * CVE-2023-37369 * CVE-2023-38197 * CVE-2025-5455 CVSS scores: * CVE-2021-45930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2021-45930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-32573 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2023-32573 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-32573 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-32763 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-32763 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-34410 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-34410 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-34410 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-37369 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-37369 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38197 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-38197 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-5455 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-5455 ( NVD ): 8.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:X/RE:M/U:Clear Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves seven vulnerabilities and has five security fixes can now be installed. ## Description: This update for libqt4 fixes the following issues: * CVE-2021-45930: Fixed out-of-bounds write leading to DoS (bsc#1196654) * CVE-2023-32573: Fixed missing initialization of QtSvg QSvgFont m_unitsPerEm (bsc#1211298) * CVE-2023-32763: Fixed buffer overflow on QTextLayout during rendering of an SVG file with an image inside (bsc#1211798) * CVE-2023-34410: Fixed certificate validation not always considering whether the root of a chain is a configured CA certificate (bsc#1211994) * CVE-2023-37369: Fixed buffer overflow in QXmlStreamReader (bsc#1214327) * CVE-2023-38197: Fixed infinite loops in QXmlStreamReader (bsc#1213326) * CVE-2025-5455: Fixed denial of service when qDecodeDataUrl() is called with malformed data and assertions are enabled (bsc#1245609) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2968=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libqt4-devel-doc-debugsource-4.8.7-8.22.1 * libqt4-sql-debuginfo-4.8.7-8.22.1 * libqt4-sql-plugins-debugsource-4.8.7-8.22.1 * libqt4-devel-debuginfo-4.8.7-8.22.1 * libqt4-4.8.7-8.22.1 * libqt4-devel-doc-4.8.7-8.22.1 * libqt4-sql-4.8.7-8.22.1 * libqt4-sql-sqlite-4.8.7-8.22.1 * libqt4-32bit-4.8.7-8.22.1 * libqt4-qt3support-4.8.7-8.22.1 * libqt4-x11-debuginfo-32bit-4.8.7-8.22.1 * libqt4-x11-debuginfo-4.8.7-8.22.1 * libqt4-sql-sqlite-debuginfo-4.8.7-8.22.1 * libqt4-qt3support-32bit-4.8.7-8.22.1 * libqt4-qt3support-debuginfo-4.8.7-8.22.1 * qt4-x11-tools-4.8.7-8.22.1 * libqt4-devel-doc-debuginfo-4.8.7-8.22.1 * libqt4-qt3support-debuginfo-32bit-4.8.7-8.22.1 * libqt4-sql-debuginfo-32bit-4.8.7-8.22.1 * libqt4-sql-mysql-4.8.7-8.22.1 * libqt4-x11-4.8.7-8.22.1 * libqt4-devel-4.8.7-8.22.1 * libqt4-sql-mysql-debuginfo-4.8.7-8.22.1 * qt4-x11-tools-debuginfo-4.8.7-8.22.1 * libqt4-debugsource-4.8.7-8.22.1 * libqt4-x11-32bit-4.8.7-8.22.1 * libqt4-debuginfo-4.8.7-8.22.1 * libqt4-debuginfo-32bit-4.8.7-8.22.1 * libqt4-private-headers-devel-4.8.7-8.22.1 * libqt4-sql-32bit-4.8.7-8.22.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * libqt4-devel-doc-data-4.8.7-8.22.1 ## References: * https://www.suse.com/security/cve/CVE-2021-45930.html * https://www.suse.com/security/cve/CVE-2023-32573.html * https://www.suse.com/security/cve/CVE-2023-32763.html * https://www.suse.com/security/cve/CVE-2023-34410.html * https://www.suse.com/security/cve/CVE-2023-37369.html * https://www.suse.com/security/cve/CVE-2023-38197.html * https://www.suse.com/security/cve/CVE-2025-5455.html * https://bugzilla.suse.com/show_bug.cgi?id=1196654 * https://bugzilla.suse.com/show_bug.cgi?id=1211298 * https://bugzilla.suse.com/show_bug.cgi?id=1211798 * https://bugzilla.suse.com/show_bug.cgi?id=1211994 * https://bugzilla.suse.com/show_bug.cgi?id=1213326 * https://bugzilla.suse.com/show_bug.cgi?id=1214327 * https://bugzilla.suse.com/show_bug.cgi?id=1245609 * https://bugzilla.suse.com/show_bug.cgi?id=357727 * https://bugzilla.suse.com/show_bug.cgi?id=552218 * https://bugzilla.suse.com/show_bug.cgi?id=656144 * https://bugzilla.suse.com/show_bug.cgi?id=717127 * https://bugzilla.suse.com/show_bug.cgi?id=875470 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 25 12:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Aug 2025 12:30:07 -0000 Subject: SUSE-SU-2025:02975-1: low: Security update for cmake3 Message-ID: <175612500708.20215.11229951264564180867@smelt2.prg2.suse.org> # Security update for cmake3 Announcement ID: SUSE-SU-2025:02975-1 Release Date: 2025-08-25T10:42:20Z Rating: low References: * bsc#1248461 Cross-References: * CVE-2025-9301 CVSS scores: * CVE-2025-9301 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-9301 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-9301 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-9301 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for cmake3 fixes the following issues: * CVE-2025-9301: Fixed assertion failure due to improper validation (bsc#1248461) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2975=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * cmake3-full-debugsource-3.20.0-150200.6.6.1 * cmake3-full-debuginfo-3.20.0-150200.6.6.1 * cmake3-full-3.20.0-150200.6.6.1 * cmake3-3.20.0-150200.6.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-9301.html * https://bugzilla.suse.com/show_bug.cgi?id=1248461 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 25 12:30:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Aug 2025 12:30:14 -0000 Subject: SUSE-SU-2025:02974-1: moderate: Security update for net-tools Message-ID: <175612501414.20215.14163403446686797651@smelt2.prg2.suse.org> # Security update for net-tools Announcement ID: SUSE-SU-2025:02974-1 Release Date: 2025-08-25T09:23:54Z Rating: moderate References: * bsc#1243581 * bsc#1246608 Cross-References: * CVE-2025-46836 CVSS scores: * CVE-2025-46836 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-46836 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-46836 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for net-tools fixes the following issues: * CVE-2025-46836: Fixed absence of bound check that might lead to a stack buffer overflow (bsc#1243581) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2974=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * net-tools-debuginfo-1.60-765.12.1 * net-tools-debugsource-1.60-765.12.1 * net-tools-1.60-765.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-46836.html * https://bugzilla.suse.com/show_bug.cgi?id=1243581 * https://bugzilla.suse.com/show_bug.cgi?id=1246608 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 25 12:30:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Aug 2025 12:30:28 -0000 Subject: SUSE-SU-2025:02973-1: important: Security update for webkit2gtk3 Message-ID: <175612502888.20215.12996951644798295376@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:02973-1 Release Date: 2025-08-25T08:49:20Z Rating: important References: * bsc#1239547 * bsc#1239863 * bsc#1239864 * bsc#1247562 * bsc#1247563 * bsc#1247564 * bsc#1247565 * bsc#1247595 * bsc#1247596 * bsc#1247597 * bsc#1247598 * bsc#1247599 * bsc#1247600 * bsc#1247742 Cross-References: * CVE-2024-44192 * CVE-2024-54467 * CVE-2025-24189 * CVE-2025-24201 * CVE-2025-31273 * CVE-2025-31278 * CVE-2025-43211 * CVE-2025-43212 * CVE-2025-43216 * CVE-2025-43227 * CVE-2025-43228 * CVE-2025-43240 * CVE-2025-43265 * CVE-2025-6558 CVSS scores: * CVE-2024-44192 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44192 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44192 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44192 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54467 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-54467 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-54467 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-54467 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-24189 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-24189 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24189 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31273 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-31273 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31273 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31278 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-31278 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31278 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-43211 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-43211 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43211 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-43212 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43212 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43216 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43216 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-43227 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-43227 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-43228 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-43228 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-43240 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-43240 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-43265 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-43265 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-6558 ( SUSE ): 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2025-6558 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 14 vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: * Update to version 2.48.5: * CVE-2025-31273: Fixed processing maliciously crafted web content leading to memory corruption (bsc#1247564) * CVE-2025-43265: Fixed processing maliciously crafted web content disclosing internal states of the app (bsc#1247600) * CVE-2025-43216: Fixed processing maliciously crafted web content leading to an unexpected Safari crash (bsc#1247596) * CVE-2025-31278: Fixed processing maliciously crafted web content leading to memory corruption (bsc#1247563) * CVE-2025-6558: Fixed processing maliciously crafted web content leading to an unexpected Safari crash. (bsc#1247742) * CVE-2025-43227: Fixed Processing maliciously crafted web content disclosing sensitive user information (bsc#1247597) * CVE-2025-43240: Fixed download?s origin incorrectly associated (bsc#1247599) * CVE-2025-43228: Fixed visiting a malicious website leading to address bar spoofing (bsc#1247598) * CVE-2025-43212: Fixed processing maliciously crafted web content leading to an unexpected Safari crash (bsc#1247595) * CVE-2025-43211: Fixed processing web content leading to a denial-of-service (bsc#1247562) * Fix several crashes. * Changes in version 2.48.4: * Improve emoji font selection with USE_SKIA=ON. * Improve playback of multimedia streams from blob URLs. * Fix the build with USE_SKIA_OPENTYPE_SVG=ON and USE_SYSPROF_CAPTURE=ON. * Fix the build on LoongArch with USE_SKIA=ON. * Fix crash when using a WebKitWebView widget in an offscreen window. * Fix several crashes and rendering issues. * Changes in version 2.48.3: * Fix a crash introduced by the new threaded rendering implementation using Skia API. * Improve rendering performance by recording layers once and replaying every dirty region in different worker threads. * Fix a crash when setting WEBKIT_SKIA_GPU_PAINTING_THREADS=0. * Fix a reference cycle in webkitmediastreamsrc preventing its disposal. * CVE-2024-44192:Fixed processing maliciously crafted web content leading to an unexpected process crash (bsc#1239863) * CVE-2024-54467: Fixed data cross-origin exfiltration due to a cookie management issue (bsc#1239864) * CVE-2025-24201: Fixed out-of-bounds write vulnerability (bsc#1239547) * CVE-2025-24189: Fixed processing maliciously crafted web content leading to memory corruption (bsc#1247565) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-2973=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2973=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-4.41.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-4.41.1 * webkit2gtk3-devel-2.48.5-4.41.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-4.41.1 * webkit2gtk3-debugsource-2.48.5-4.41.1 * typelib-1_0-WebKit2-4_0-2.48.5-4.41.1 * libwebkit2gtk-4_0-37-2.48.5-4.41.1 * libjavascriptcoregtk-4_0-18-2.48.5-4.41.1 * typelib-1_0-JavaScriptCore-4_0-2.48.5-4.41.1 * webkit2gtk-4_0-injected-bundles-2.48.5-4.41.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * libwebkit2gtk3-lang-2.48.5-4.41.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-4.41.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * typelib-1_0-WebKit2WebExtension-4_0-2.48.5-4.41.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.5-4.41.1 * webkit2gtk3-devel-2.48.5-4.41.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.5-4.41.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.5-4.41.1 * webkit2gtk3-debugsource-2.48.5-4.41.1 * typelib-1_0-WebKit2-4_0-2.48.5-4.41.1 * libwebkit2gtk-4_0-37-2.48.5-4.41.1 * libjavascriptcoregtk-4_0-18-2.48.5-4.41.1 * typelib-1_0-JavaScriptCore-4_0-2.48.5-4.41.1 * webkit2gtk-4_0-injected-bundles-2.48.5-4.41.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * libwebkit2gtk3-lang-2.48.5-4.41.1 ## References: * https://www.suse.com/security/cve/CVE-2024-44192.html * https://www.suse.com/security/cve/CVE-2024-54467.html * https://www.suse.com/security/cve/CVE-2025-24189.html * https://www.suse.com/security/cve/CVE-2025-24201.html * https://www.suse.com/security/cve/CVE-2025-31273.html * https://www.suse.com/security/cve/CVE-2025-31278.html * https://www.suse.com/security/cve/CVE-2025-43211.html * https://www.suse.com/security/cve/CVE-2025-43212.html * https://www.suse.com/security/cve/CVE-2025-43216.html * https://www.suse.com/security/cve/CVE-2025-43227.html * https://www.suse.com/security/cve/CVE-2025-43228.html * https://www.suse.com/security/cve/CVE-2025-43240.html * https://www.suse.com/security/cve/CVE-2025-43265.html * https://www.suse.com/security/cve/CVE-2025-6558.html * https://bugzilla.suse.com/show_bug.cgi?id=1239547 * https://bugzilla.suse.com/show_bug.cgi?id=1239863 * https://bugzilla.suse.com/show_bug.cgi?id=1239864 * https://bugzilla.suse.com/show_bug.cgi?id=1247562 * https://bugzilla.suse.com/show_bug.cgi?id=1247563 * https://bugzilla.suse.com/show_bug.cgi?id=1247564 * https://bugzilla.suse.com/show_bug.cgi?id=1247565 * https://bugzilla.suse.com/show_bug.cgi?id=1247595 * https://bugzilla.suse.com/show_bug.cgi?id=1247596 * https://bugzilla.suse.com/show_bug.cgi?id=1247597 * https://bugzilla.suse.com/show_bug.cgi?id=1247598 * https://bugzilla.suse.com/show_bug.cgi?id=1247599 * https://bugzilla.suse.com/show_bug.cgi?id=1247600 * https://bugzilla.suse.com/show_bug.cgi?id=1247742 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 25 12:30:34 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Aug 2025 12:30:34 -0000 Subject: SUSE-SU-2025:02972-1: moderate: Security update for ffmpeg-4 Message-ID: <175612503431.20215.7308070225562217096@smelt2.prg2.suse.org> # Security update for ffmpeg-4 Announcement ID: SUSE-SU-2025:02972-1 Release Date: 2025-08-25T08:46:44Z Rating: moderate References: * bsc#1234018 * bsc#1234019 * bsc#1234020 * bsc#1245313 * bsc#1246790 Cross-References: * CVE-2024-36618 * CVE-2025-7700 CVSS scores: * CVE-2024-36618 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-36618 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-36618 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-7700 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-7700 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves two vulnerabilities and has three security fixes can now be installed. ## Description: This update for ffmpeg-4 fixes the following issues: * CVE-2024-36618: Fixed integer overflow iff ULONG_MAX < INT64_MAX (bsc#1234020). * CVE-2025-7700: Fixed potential NULL pointer dereference (bsc#1246790). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2972=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2972=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2972=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2972=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2972=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * ffmpeg-4-4.4.6-150400.3.52.1 * ffmpeg-4-private-devel-4.4.6-150400.3.52.1 * libswscale5_9-4.4.6-150400.3.52.1 * libavformat58_76-4.4.6-150400.3.52.1 * ffmpeg-4-libavdevice-devel-4.4.6-150400.3.52.1 * libavformat58_76-debuginfo-4.4.6-150400.3.52.1 * libavutil56_70-debuginfo-4.4.6-150400.3.52.1 * libavcodec58_134-4.4.6-150400.3.52.1 * ffmpeg-4-libswresample-devel-4.4.6-150400.3.52.1 * ffmpeg-4-libavutil-devel-4.4.6-150400.3.52.1 * libavdevice58_13-debuginfo-4.4.6-150400.3.52.1 * ffmpeg-4-debugsource-4.4.6-150400.3.52.1 * libavutil56_70-4.4.6-150400.3.52.1 * ffmpeg-4-libavresample-devel-4.4.6-150400.3.52.1 * libavcodec58_134-debuginfo-4.4.6-150400.3.52.1 * libswresample3_9-debuginfo-4.4.6-150400.3.52.1 * ffmpeg-4-libpostproc-devel-4.4.6-150400.3.52.1 * libavdevice58_13-4.4.6-150400.3.52.1 * libpostproc55_9-4.4.6-150400.3.52.1 * libavresample4_0-debuginfo-4.4.6-150400.3.52.1 * libavfilter7_110-debuginfo-4.4.6-150400.3.52.1 * ffmpeg-4-libavfilter-devel-4.4.6-150400.3.52.1 * libpostproc55_9-debuginfo-4.4.6-150400.3.52.1 * libswresample3_9-4.4.6-150400.3.52.1 * ffmpeg-4-libswscale-devel-4.4.6-150400.3.52.1 * ffmpeg-4-libavcodec-devel-4.4.6-150400.3.52.1 * libavfilter7_110-4.4.6-150400.3.52.1 * ffmpeg-4-libavformat-devel-4.4.6-150400.3.52.1 * libswscale5_9-debuginfo-4.4.6-150400.3.52.1 * libavresample4_0-4.4.6-150400.3.52.1 * ffmpeg-4-debuginfo-4.4.6-150400.3.52.1 * openSUSE Leap 15.4 (x86_64) * libpostproc55_9-32bit-debuginfo-4.4.6-150400.3.52.1 * libpostproc55_9-32bit-4.4.6-150400.3.52.1 * libswresample3_9-32bit-4.4.6-150400.3.52.1 * libavformat58_76-32bit-4.4.6-150400.3.52.1 * libswresample3_9-32bit-debuginfo-4.4.6-150400.3.52.1 * libavdevice58_13-32bit-4.4.6-150400.3.52.1 * libavformat58_76-32bit-debuginfo-4.4.6-150400.3.52.1 * libavfilter7_110-32bit-debuginfo-4.4.6-150400.3.52.1 * libavutil56_70-32bit-4.4.6-150400.3.52.1 * libavresample4_0-32bit-debuginfo-4.4.6-150400.3.52.1 * libswscale5_9-32bit-debuginfo-4.4.6-150400.3.52.1 * libavutil56_70-32bit-debuginfo-4.4.6-150400.3.52.1 * libavdevice58_13-32bit-debuginfo-4.4.6-150400.3.52.1 * libswscale5_9-32bit-4.4.6-150400.3.52.1 * libavcodec58_134-32bit-debuginfo-4.4.6-150400.3.52.1 * libavfilter7_110-32bit-4.4.6-150400.3.52.1 * libavcodec58_134-32bit-4.4.6-150400.3.52.1 * libavresample4_0-32bit-4.4.6-150400.3.52.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libavutil56_70-64bit-debuginfo-4.4.6-150400.3.52.1 * libavfilter7_110-64bit-4.4.6-150400.3.52.1 * libswresample3_9-64bit-4.4.6-150400.3.52.1 * libavformat58_76-64bit-debuginfo-4.4.6-150400.3.52.1 * libpostproc55_9-64bit-debuginfo-4.4.6-150400.3.52.1 * libpostproc55_9-64bit-4.4.6-150400.3.52.1 * libswscale5_9-64bit-debuginfo-4.4.6-150400.3.52.1 * libavutil56_70-64bit-4.4.6-150400.3.52.1 * libswresample3_9-64bit-debuginfo-4.4.6-150400.3.52.1 * libavcodec58_134-64bit-debuginfo-4.4.6-150400.3.52.1 * libavformat58_76-64bit-4.4.6-150400.3.52.1 * libavfilter7_110-64bit-debuginfo-4.4.6-150400.3.52.1 * libswscale5_9-64bit-4.4.6-150400.3.52.1 * libavdevice58_13-64bit-debuginfo-4.4.6-150400.3.52.1 * libavcodec58_134-64bit-4.4.6-150400.3.52.1 * libavdevice58_13-64bit-4.4.6-150400.3.52.1 * libavresample4_0-64bit-debuginfo-4.4.6-150400.3.52.1 * libavresample4_0-64bit-4.4.6-150400.3.52.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libpostproc55_9-debuginfo-4.4.6-150400.3.52.1 * libpostproc55_9-4.4.6-150400.3.52.1 * ffmpeg-4-debugsource-4.4.6-150400.3.52.1 * libavutil56_70-4.4.6-150400.3.52.1 * libavcodec58_134-debuginfo-4.4.6-150400.3.52.1 * libswscale5_9-4.4.6-150400.3.52.1 * libavformat58_76-4.4.6-150400.3.52.1 * libswresample3_9-debuginfo-4.4.6-150400.3.52.1 * libavformat58_76-debuginfo-4.4.6-150400.3.52.1 * libavutil56_70-debuginfo-4.4.6-150400.3.52.1 * libswresample3_9-4.4.6-150400.3.52.1 * libavcodec58_134-4.4.6-150400.3.52.1 * ffmpeg-4-debuginfo-4.4.6-150400.3.52.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libpostproc55_9-debuginfo-4.4.6-150400.3.52.1 * libpostproc55_9-4.4.6-150400.3.52.1 * ffmpeg-4-debugsource-4.4.6-150400.3.52.1 * libavutil56_70-4.4.6-150400.3.52.1 * libavcodec58_134-debuginfo-4.4.6-150400.3.52.1 * libswscale5_9-4.4.6-150400.3.52.1 * libavformat58_76-4.4.6-150400.3.52.1 * libswresample3_9-debuginfo-4.4.6-150400.3.52.1 * libavformat58_76-debuginfo-4.4.6-150400.3.52.1 * libavutil56_70-debuginfo-4.4.6-150400.3.52.1 * libswresample3_9-4.4.6-150400.3.52.1 * libavcodec58_134-4.4.6-150400.3.52.1 * ffmpeg-4-debuginfo-4.4.6-150400.3.52.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libpostproc55_9-debuginfo-4.4.6-150400.3.52.1 * libpostproc55_9-4.4.6-150400.3.52.1 * ffmpeg-4-debugsource-4.4.6-150400.3.52.1 * libavutil56_70-4.4.6-150400.3.52.1 * libavcodec58_134-debuginfo-4.4.6-150400.3.52.1 * libswscale5_9-4.4.6-150400.3.52.1 * libavformat58_76-4.4.6-150400.3.52.1 * libswresample3_9-debuginfo-4.4.6-150400.3.52.1 * libavformat58_76-debuginfo-4.4.6-150400.3.52.1 * libavutil56_70-debuginfo-4.4.6-150400.3.52.1 * libswresample3_9-4.4.6-150400.3.52.1 * libavcodec58_134-4.4.6-150400.3.52.1 * ffmpeg-4-debuginfo-4.4.6-150400.3.52.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libpostproc55_9-debuginfo-4.4.6-150400.3.52.1 * libpostproc55_9-4.4.6-150400.3.52.1 * ffmpeg-4-debugsource-4.4.6-150400.3.52.1 * libavutil56_70-4.4.6-150400.3.52.1 * libavcodec58_134-debuginfo-4.4.6-150400.3.52.1 * libswscale5_9-4.4.6-150400.3.52.1 * libavformat58_76-4.4.6-150400.3.52.1 * libswresample3_9-debuginfo-4.4.6-150400.3.52.1 * libavformat58_76-debuginfo-4.4.6-150400.3.52.1 * libavutil56_70-debuginfo-4.4.6-150400.3.52.1 * libswresample3_9-4.4.6-150400.3.52.1 * libavcodec58_134-4.4.6-150400.3.52.1 * ffmpeg-4-debuginfo-4.4.6-150400.3.52.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36618.html * https://www.suse.com/security/cve/CVE-2025-7700.html * https://bugzilla.suse.com/show_bug.cgi?id=1234018 * https://bugzilla.suse.com/show_bug.cgi?id=1234019 * https://bugzilla.suse.com/show_bug.cgi?id=1234020 * https://bugzilla.suse.com/show_bug.cgi?id=1245313 * https://bugzilla.suse.com/show_bug.cgi?id=1246790 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 25 12:30:39 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Aug 2025 12:30:39 -0000 Subject: SUSE-SU-2025:02971-1: moderate: Security update for pam Message-ID: <175612503990.20215.18186357885489651675@smelt2.prg2.suse.org> # Security update for pam Announcement ID: SUSE-SU-2025:02971-1 Release Date: 2025-08-25T08:28:35Z Rating: moderate References: * bsc#1232234 * bsc#1246221 Cross-References: * CVE-2024-10041 CVSS scores: * CVE-2024-10041 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-10041 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-10041 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for pam fixes the following issues: * Improve previous CVE-2024-10041 fix which led to CPU performance issues (bsc#1232234) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2971=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * pam-extra-32bit-1.1.8-24.77.1 * pam-extra-debuginfo-1.1.8-24.77.1 * pam-devel-1.1.8-24.77.1 * pam-32bit-1.1.8-24.77.1 * pam-1.1.8-24.77.1 * pam-debugsource-1.1.8-24.77.1 * pam-extra-debuginfo-32bit-1.1.8-24.77.1 * pam-extra-1.1.8-24.77.1 * pam-debuginfo-1.1.8-24.77.1 * pam-debuginfo-32bit-1.1.8-24.77.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * pam-doc-1.1.8-24.77.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10041.html * https://bugzilla.suse.com/show_bug.cgi?id=1232234 * https://bugzilla.suse.com/show_bug.cgi?id=1246221 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 25 12:30:44 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Aug 2025 12:30:44 -0000 Subject: SUSE-SU-2025:02970-1: moderate: Security update for pam Message-ID: <175612504412.20215.2134524000341322579@smelt2.prg2.suse.org> # Security update for pam Announcement ID: SUSE-SU-2025:02970-1 Release Date: 2025-08-25T08:28:24Z Rating: moderate References: * bsc#1232234 * bsc#1246221 Cross-References: * CVE-2024-10041 CVSS scores: * CVE-2024-10041 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-10041 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-10041 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for pam fixes the following issues: * Improve previous CVE-2024-10041 fix which led to CPU performance issues (bsc#1232234) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2970=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2970=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2970=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2970=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2970=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2970=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2970=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2970=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-2970=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-2970=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2970=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2970=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2970=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * pam-devel-1.3.0-150000.6.86.1 * pam-1.3.0-150000.6.86.1 * pam-debuginfo-1.3.0-150000.6.86.1 * pam-extra-1.3.0-150000.6.86.1 * pam-extra-debuginfo-1.3.0-150000.6.86.1 * pam-debugsource-1.3.0-150000.6.86.1 * openSUSE Leap 15.6 (x86_64) * pam-devel-32bit-1.3.0-150000.6.86.1 * pam-extra-32bit-debuginfo-1.3.0-150000.6.86.1 * pam-32bit-1.3.0-150000.6.86.1 * pam-32bit-debuginfo-1.3.0-150000.6.86.1 * pam-extra-32bit-1.3.0-150000.6.86.1 * openSUSE Leap 15.6 (noarch) * pam-doc-1.3.0-150000.6.86.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * pam-debuginfo-1.3.0-150000.6.86.1 * pam-debugsource-1.3.0-150000.6.86.1 * pam-1.3.0-150000.6.86.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * pam-debuginfo-1.3.0-150000.6.86.1 * pam-debugsource-1.3.0-150000.6.86.1 * pam-1.3.0-150000.6.86.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * pam-debuginfo-1.3.0-150000.6.86.1 * pam-debugsource-1.3.0-150000.6.86.1 * pam-1.3.0-150000.6.86.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * pam-debuginfo-1.3.0-150000.6.86.1 * pam-debugsource-1.3.0-150000.6.86.1 * pam-1.3.0-150000.6.86.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * pam-debuginfo-1.3.0-150000.6.86.1 * pam-debugsource-1.3.0-150000.6.86.1 * pam-1.3.0-150000.6.86.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * pam-devel-1.3.0-150000.6.86.1 * pam-1.3.0-150000.6.86.1 * pam-debuginfo-1.3.0-150000.6.86.1 * pam-extra-1.3.0-150000.6.86.1 * pam-extra-debuginfo-1.3.0-150000.6.86.1 * pam-debugsource-1.3.0-150000.6.86.1 * Basesystem Module 15-SP6 (noarch) * pam-doc-1.3.0-150000.6.86.1 * Basesystem Module 15-SP6 (x86_64) * pam-32bit-1.3.0-150000.6.86.1 * pam-32bit-debuginfo-1.3.0-150000.6.86.1 * pam-extra-32bit-debuginfo-1.3.0-150000.6.86.1 * pam-extra-32bit-1.3.0-150000.6.86.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * pam-devel-1.3.0-150000.6.86.1 * pam-1.3.0-150000.6.86.1 * pam-debuginfo-1.3.0-150000.6.86.1 * pam-extra-1.3.0-150000.6.86.1 * pam-extra-debuginfo-1.3.0-150000.6.86.1 * pam-debugsource-1.3.0-150000.6.86.1 * Basesystem Module 15-SP7 (noarch) * pam-doc-1.3.0-150000.6.86.1 * Basesystem Module 15-SP7 (x86_64) * pam-32bit-1.3.0-150000.6.86.1 * pam-32bit-debuginfo-1.3.0-150000.6.86.1 * pam-extra-32bit-debuginfo-1.3.0-150000.6.86.1 * pam-extra-32bit-1.3.0-150000.6.86.1 * Development Tools Module 15-SP6 (x86_64) * pam-devel-32bit-1.3.0-150000.6.86.1 * pam-32bit-debuginfo-1.3.0-150000.6.86.1 * Development Tools Module 15-SP7 (x86_64) * pam-devel-32bit-1.3.0-150000.6.86.1 * pam-32bit-debuginfo-1.3.0-150000.6.86.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * pam-debuginfo-1.3.0-150000.6.86.1 * pam-debugsource-1.3.0-150000.6.86.1 * pam-1.3.0-150000.6.86.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * pam-debuginfo-1.3.0-150000.6.86.1 * pam-debugsource-1.3.0-150000.6.86.1 * pam-1.3.0-150000.6.86.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * pam-debuginfo-1.3.0-150000.6.86.1 * pam-debugsource-1.3.0-150000.6.86.1 * pam-1.3.0-150000.6.86.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10041.html * https://bugzilla.suse.com/show_bug.cgi?id=1232234 * https://bugzilla.suse.com/show_bug.cgi?id=1246221 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 25 16:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Aug 2025 16:30:07 -0000 Subject: SUSE-SU-2025:02985-1: moderate: Security update for python-urllib3 Message-ID: <175613940732.10940.1791696064837695712@smelt2.prg2.suse.org> # Security update for python-urllib3 Announcement ID: SUSE-SU-2025:02985-1 Release Date: 2025-08-25T13:55:30Z Rating: moderate References: * bsc#1244925 Cross-References: * CVE-2025-50181 CVSS scores: * CVE-2025-50181 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-50181 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-50181 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.3 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for python-urllib3 fixes the following issues: * CVE-2025-50181: Pool managers now properly control redirects when retries is passed. (bsc#1244925) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2985=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2985=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2985=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2985=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-2985=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2985=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2985=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2985=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2985=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2985=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2985=1 ## Package List: * openSUSE Leap 15.3 (noarch) * python3-urllib3-1.25.10-150300.4.18.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * python3-urllib3-1.25.10-150300.4.18.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * python3-urllib3-1.25.10-150300.4.18.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * python3-urllib3-1.25.10-150300.4.18.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * python3-urllib3-1.25.10-150300.4.18.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * python3-urllib3-1.25.10-150300.4.18.1 * Basesystem Module 15-SP6 (noarch) * python3-urllib3-1.25.10-150300.4.18.1 * Basesystem Module 15-SP7 (noarch) * python3-urllib3-1.25.10-150300.4.18.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * python3-urllib3-1.25.10-150300.4.18.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * python3-urllib3-1.25.10-150300.4.18.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * python3-urllib3-1.25.10-150300.4.18.1 ## References: * https://www.suse.com/security/cve/CVE-2025-50181.html * https://bugzilla.suse.com/show_bug.cgi?id=1244925 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 25 16:30:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Aug 2025 16:30:11 -0000 Subject: SUSE-SU-2025:02984-1: moderate: Security update for python311 Message-ID: <175613941139.10940.17376639492768284051@smelt2.prg2.suse.org> # Security update for python311 Announcement ID: SUSE-SU-2025:02984-1 Release Date: 2025-08-25T13:48:54Z Rating: moderate References: * bsc#1247249 Cross-References: * CVE-2025-8194 CVSS scores: * CVE-2025-8194 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-8194 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-8194 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * Public Cloud Module 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python311 fixes the following issues: * CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets (bsc#1247249). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2984=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-2984=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-testsuite-debuginfo-3.11.13-150400.9.66.1 * libpython3_11-1_0-3.11.13-150400.9.66.1 * python311-tk-debuginfo-3.11.13-150400.9.66.2 * python311-doc-devhelp-3.11.13-150400.9.66.1 * python311-tk-3.11.13-150400.9.66.2 * python311-3.11.13-150400.9.66.2 * python311-core-debugsource-3.11.13-150400.9.66.1 * python311-curses-debuginfo-3.11.13-150400.9.66.2 * python311-base-debuginfo-3.11.13-150400.9.66.1 * python311-tools-3.11.13-150400.9.66.1 * python311-curses-3.11.13-150400.9.66.2 * python311-testsuite-3.11.13-150400.9.66.1 * python311-idle-3.11.13-150400.9.66.2 * python311-dbm-3.11.13-150400.9.66.2 * python311-doc-3.11.13-150400.9.66.1 * python311-debuginfo-3.11.13-150400.9.66.2 * python311-base-3.11.13-150400.9.66.1 * libpython3_11-1_0-debuginfo-3.11.13-150400.9.66.1 * python311-debugsource-3.11.13-150400.9.66.2 * python311-dbm-debuginfo-3.11.13-150400.9.66.2 * python311-devel-3.11.13-150400.9.66.1 * openSUSE Leap 15.4 (x86_64) * python311-base-32bit-3.11.13-150400.9.66.1 * libpython3_11-1_0-32bit-3.11.13-150400.9.66.1 * python311-32bit-debuginfo-3.11.13-150400.9.66.2 * python311-base-32bit-debuginfo-3.11.13-150400.9.66.1 * python311-32bit-3.11.13-150400.9.66.2 * libpython3_11-1_0-32bit-debuginfo-3.11.13-150400.9.66.1 * openSUSE Leap 15.4 (aarch64_ilp32) * python311-base-64bit-debuginfo-3.11.13-150400.9.66.1 * libpython3_11-1_0-64bit-3.11.13-150400.9.66.1 * python311-64bit-3.11.13-150400.9.66.2 * python311-64bit-debuginfo-3.11.13-150400.9.66.2 * libpython3_11-1_0-64bit-debuginfo-3.11.13-150400.9.66.1 * python311-base-64bit-3.11.13-150400.9.66.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-base-3.11.13-150400.9.66.1 * libpython3_11-1_0-3.11.13-150400.9.66.1 * python311-3.11.13-150400.9.66.2 ## References: * https://www.suse.com/security/cve/CVE-2025-8194.html * https://bugzilla.suse.com/show_bug.cgi?id=1247249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 25 16:30:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Aug 2025 16:30:14 -0000 Subject: SUSE-SU-2025:02983-1: moderate: Security update for python36 Message-ID: <175613941422.10940.9717692789477484606@smelt2.prg2.suse.org> # Security update for python36 Announcement ID: SUSE-SU-2025:02983-1 Release Date: 2025-08-25T13:48:42Z Rating: moderate References: * bsc#1247249 Cross-References: * CVE-2025-8194 CVSS scores: * CVE-2025-8194 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-8194 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-8194 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python36 fixes the following issues: * CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets (bsc#1247249). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2983=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libpython3_6m1_0-3.6.15-89.1 * python36-3.6.15-89.1 * libpython3_6m1_0-32bit-3.6.15-89.1 * python36-base-debuginfo-3.6.15-89.1 * python36-debugsource-3.6.15-89.1 * libpython3_6m1_0-debuginfo-32bit-3.6.15-89.1 * python36-debuginfo-3.6.15-89.1 * libpython3_6m1_0-debuginfo-3.6.15-89.1 * python36-base-3.6.15-89.1 * python36-devel-3.6.15-89.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8194.html * https://bugzilla.suse.com/show_bug.cgi?id=1247249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 25 16:30:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Aug 2025 16:30:16 -0000 Subject: SUSE-SU-2025:02982-1: moderate: Security update for python312 Message-ID: <175613941652.10940.6880866762096005254@smelt2.prg2.suse.org> # Security update for python312 Announcement ID: SUSE-SU-2025:02982-1 Release Date: 2025-08-25T13:48:35Z Rating: moderate References: * bsc#1247249 Cross-References: * CVE-2025-8194 CVSS scores: * CVE-2025-8194 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-8194 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-8194 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python312 fixes the following issues: * CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets (bsc#1247249). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2982=1 openSUSE-SLE-15.6-2025-2982=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-2982=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python312-testsuite-3.12.11-150600.3.36.1 * python312-dbm-debuginfo-3.12.11-150600.3.36.1 * python312-debugsource-3.12.11-150600.3.36.1 * python312-core-debugsource-3.12.11-150600.3.36.1 * python312-curses-3.12.11-150600.3.36.1 * python312-curses-debuginfo-3.12.11-150600.3.36.1 * python312-base-3.12.11-150600.3.36.1 * python312-testsuite-debuginfo-3.12.11-150600.3.36.1 * python312-devel-3.12.11-150600.3.36.1 * python312-base-debuginfo-3.12.11-150600.3.36.1 * python312-tk-debuginfo-3.12.11-150600.3.36.1 * python312-tools-3.12.11-150600.3.36.1 * libpython3_12-1_0-3.12.11-150600.3.36.1 * python312-dbm-3.12.11-150600.3.36.1 * python312-doc-3.12.11-150600.3.36.1 * python312-doc-devhelp-3.12.11-150600.3.36.1 * python312-idle-3.12.11-150600.3.36.1 * libpython3_12-1_0-debuginfo-3.12.11-150600.3.36.1 * python312-tk-3.12.11-150600.3.36.1 * python312-3.12.11-150600.3.36.1 * python312-debuginfo-3.12.11-150600.3.36.1 * openSUSE Leap 15.6 (x86_64) * python312-base-32bit-3.12.11-150600.3.36.1 * python312-base-32bit-debuginfo-3.12.11-150600.3.36.1 * python312-32bit-3.12.11-150600.3.36.1 * libpython3_12-1_0-32bit-debuginfo-3.12.11-150600.3.36.1 * libpython3_12-1_0-32bit-3.12.11-150600.3.36.1 * python312-32bit-debuginfo-3.12.11-150600.3.36.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libpython3_12-1_0-64bit-debuginfo-3.12.11-150600.3.36.1 * python312-64bit-debuginfo-3.12.11-150600.3.36.1 * libpython3_12-1_0-64bit-3.12.11-150600.3.36.1 * python312-base-64bit-debuginfo-3.12.11-150600.3.36.1 * python312-64bit-3.12.11-150600.3.36.1 * python312-base-64bit-3.12.11-150600.3.36.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python312-base-3.12.11-150600.3.36.1 * python312-3.12.11-150600.3.36.1 * python312-devel-3.12.11-150600.3.36.1 * python312-tk-debuginfo-3.12.11-150600.3.36.1 * libpython3_12-1_0-3.12.11-150600.3.36.1 * python312-dbm-debuginfo-3.12.11-150600.3.36.1 * python312-tools-3.12.11-150600.3.36.1 * python312-dbm-3.12.11-150600.3.36.1 * python312-tk-3.12.11-150600.3.36.1 * python312-debugsource-3.12.11-150600.3.36.1 * python312-debuginfo-3.12.11-150600.3.36.1 * python312-core-debugsource-3.12.11-150600.3.36.1 * python312-base-debuginfo-3.12.11-150600.3.36.1 * python312-curses-3.12.11-150600.3.36.1 * python312-idle-3.12.11-150600.3.36.1 * python312-curses-debuginfo-3.12.11-150600.3.36.1 * libpython3_12-1_0-debuginfo-3.12.11-150600.3.36.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8194.html * https://bugzilla.suse.com/show_bug.cgi?id=1247249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 25 16:30:20 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Aug 2025 16:30:20 -0000 Subject: SUSE-SU-2025:02981-1: important: Security update for postgresql16 Message-ID: <175613942086.10940.10691550202894111030@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2025:02981-1 Release Date: 2025-08-25T13:48:13Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql16 fixes the following issues: Upgraded to 16.10: * CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table (bsc#1248120) * CVE-2025-8714: Fixed untrusted data inclusion in pg_dump allows superuser of origin server to execute arbitrary code in psql client (bsc#1248122) * CVE-2025-8715: Fixed improper neutralization of newlines in pg_dump leading to arbitrary code execution in the psql client and in the restore target server (bsc#1248119) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2981=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2981=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2981=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2981=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2981=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2981=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2981=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2981=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2981=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2981=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2981=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-2981=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-2981=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-2981=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2981=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql16-debuginfo-16.10-150200.5.32.1 * postgresql16-debugsource-16.10-150200.5.32.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql16-server-debuginfo-16.10-150200.5.32.1 * postgresql16-debugsource-16.10-150200.5.32.1 * postgresql16-plperl-debuginfo-16.10-150200.5.32.1 * postgresql16-pltcl-16.10-150200.5.32.1 * postgresql16-debuginfo-16.10-150200.5.32.1 * postgresql16-plpython-16.10-150200.5.32.1 * postgresql16-plperl-16.10-150200.5.32.1 * postgresql16-server-devel-16.10-150200.5.32.1 * postgresql16-server-devel-debuginfo-16.10-150200.5.32.1 * postgresql16-contrib-debuginfo-16.10-150200.5.32.1 * postgresql16-devel-16.10-150200.5.32.1 * postgresql16-contrib-16.10-150200.5.32.1 * postgresql16-plpython-debuginfo-16.10-150200.5.32.1 * postgresql16-server-16.10-150200.5.32.1 * postgresql16-pltcl-debuginfo-16.10-150200.5.32.1 * postgresql16-16.10-150200.5.32.1 * postgresql16-devel-debuginfo-16.10-150200.5.32.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * postgresql16-docs-16.10-150200.5.32.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql16-server-debuginfo-16.10-150200.5.32.1 * postgresql16-debugsource-16.10-150200.5.32.1 * postgresql16-plperl-debuginfo-16.10-150200.5.32.1 * postgresql16-pltcl-16.10-150200.5.32.1 * postgresql16-debuginfo-16.10-150200.5.32.1 * postgresql16-plpython-16.10-150200.5.32.1 * postgresql16-plperl-16.10-150200.5.32.1 * postgresql16-server-devel-16.10-150200.5.32.1 * postgresql16-server-devel-debuginfo-16.10-150200.5.32.1 * postgresql16-contrib-debuginfo-16.10-150200.5.32.1 * postgresql16-devel-16.10-150200.5.32.1 * postgresql16-contrib-16.10-150200.5.32.1 * postgresql16-plpython-debuginfo-16.10-150200.5.32.1 * postgresql16-server-16.10-150200.5.32.1 * postgresql16-pltcl-debuginfo-16.10-150200.5.32.1 * postgresql16-16.10-150200.5.32.1 * postgresql16-devel-debuginfo-16.10-150200.5.32.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * postgresql16-docs-16.10-150200.5.32.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * postgresql16-server-debuginfo-16.10-150200.5.32.1 * postgresql16-debugsource-16.10-150200.5.32.1 * postgresql16-plperl-debuginfo-16.10-150200.5.32.1 * postgresql16-pltcl-16.10-150200.5.32.1 * postgresql16-debuginfo-16.10-150200.5.32.1 * postgresql16-plpython-16.10-150200.5.32.1 * postgresql16-plperl-16.10-150200.5.32.1 * postgresql16-server-devel-16.10-150200.5.32.1 * postgresql16-server-devel-debuginfo-16.10-150200.5.32.1 * postgresql16-contrib-debuginfo-16.10-150200.5.32.1 * postgresql16-devel-16.10-150200.5.32.1 * postgresql16-contrib-16.10-150200.5.32.1 * postgresql16-plpython-debuginfo-16.10-150200.5.32.1 * postgresql16-server-16.10-150200.5.32.1 * postgresql16-pltcl-debuginfo-16.10-150200.5.32.1 * postgresql16-16.10-150200.5.32.1 * postgresql16-devel-debuginfo-16.10-150200.5.32.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * postgresql16-docs-16.10-150200.5.32.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * postgresql16-server-debuginfo-16.10-150200.5.32.1 * postgresql16-debugsource-16.10-150200.5.32.1 * postgresql16-plperl-debuginfo-16.10-150200.5.32.1 * postgresql16-pltcl-16.10-150200.5.32.1 * postgresql16-debuginfo-16.10-150200.5.32.1 * postgresql16-plpython-16.10-150200.5.32.1 * postgresql16-plperl-16.10-150200.5.32.1 * postgresql16-server-devel-16.10-150200.5.32.1 * postgresql16-server-devel-debuginfo-16.10-150200.5.32.1 * postgresql16-contrib-debuginfo-16.10-150200.5.32.1 * postgresql16-devel-16.10-150200.5.32.1 * postgresql16-contrib-16.10-150200.5.32.1 * postgresql16-plpython-debuginfo-16.10-150200.5.32.1 * postgresql16-server-16.10-150200.5.32.1 * postgresql16-pltcl-debuginfo-16.10-150200.5.32.1 * postgresql16-16.10-150200.5.32.1 * postgresql16-devel-debuginfo-16.10-150200.5.32.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * postgresql16-docs-16.10-150200.5.32.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * postgresql16-debuginfo-16.10-150200.5.32.1 * postgresql16-debugsource-16.10-150200.5.32.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * postgresql16-server-debuginfo-16.10-150200.5.32.1 * postgresql16-debugsource-16.10-150200.5.32.1 * postgresql16-plperl-debuginfo-16.10-150200.5.32.1 * postgresql16-pltcl-16.10-150200.5.32.1 * postgresql16-debuginfo-16.10-150200.5.32.1 * postgresql16-plpython-16.10-150200.5.32.1 * postgresql16-plperl-16.10-150200.5.32.1 * postgresql16-server-devel-16.10-150200.5.32.1 * postgresql16-server-devel-debuginfo-16.10-150200.5.32.1 * postgresql16-contrib-debuginfo-16.10-150200.5.32.1 * postgresql16-devel-16.10-150200.5.32.1 * postgresql16-contrib-16.10-150200.5.32.1 * postgresql16-plpython-debuginfo-16.10-150200.5.32.1 * postgresql16-server-16.10-150200.5.32.1 * postgresql16-pltcl-debuginfo-16.10-150200.5.32.1 * postgresql16-16.10-150200.5.32.1 * postgresql16-devel-debuginfo-16.10-150200.5.32.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * postgresql16-docs-16.10-150200.5.32.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql16-server-debuginfo-16.10-150200.5.32.1 * postgresql16-debugsource-16.10-150200.5.32.1 * postgresql16-plperl-debuginfo-16.10-150200.5.32.1 * postgresql16-pltcl-16.10-150200.5.32.1 * postgresql16-debuginfo-16.10-150200.5.32.1 * postgresql16-plpython-16.10-150200.5.32.1 * postgresql16-plperl-16.10-150200.5.32.1 * postgresql16-server-devel-16.10-150200.5.32.1 * postgresql16-server-devel-debuginfo-16.10-150200.5.32.1 * postgresql16-contrib-debuginfo-16.10-150200.5.32.1 * postgresql16-devel-16.10-150200.5.32.1 * postgresql16-contrib-16.10-150200.5.32.1 * postgresql16-plpython-debuginfo-16.10-150200.5.32.1 * postgresql16-server-16.10-150200.5.32.1 * postgresql16-pltcl-debuginfo-16.10-150200.5.32.1 * postgresql16-16.10-150200.5.32.1 * postgresql16-devel-debuginfo-16.10-150200.5.32.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * postgresql16-docs-16.10-150200.5.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql16-debuginfo-16.10-150200.5.32.1 * postgresql16-debugsource-16.10-150200.5.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql16-server-debuginfo-16.10-150200.5.32.1 * postgresql16-debugsource-16.10-150200.5.32.1 * postgresql16-plperl-debuginfo-16.10-150200.5.32.1 * postgresql16-pltcl-16.10-150200.5.32.1 * postgresql16-debuginfo-16.10-150200.5.32.1 * postgresql16-plpython-16.10-150200.5.32.1 * postgresql16-plperl-16.10-150200.5.32.1 * postgresql16-server-devel-16.10-150200.5.32.1 * postgresql16-server-devel-debuginfo-16.10-150200.5.32.1 * postgresql16-contrib-debuginfo-16.10-150200.5.32.1 * postgresql16-devel-16.10-150200.5.32.1 * postgresql16-contrib-16.10-150200.5.32.1 * postgresql16-plpython-debuginfo-16.10-150200.5.32.1 * postgresql16-server-16.10-150200.5.32.1 * postgresql16-pltcl-debuginfo-16.10-150200.5.32.1 * postgresql16-16.10-150200.5.32.1 * postgresql16-devel-debuginfo-16.10-150200.5.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql16-docs-16.10-150200.5.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * postgresql16-server-debuginfo-16.10-150200.5.32.1 * postgresql16-debugsource-16.10-150200.5.32.1 * postgresql16-plperl-debuginfo-16.10-150200.5.32.1 * postgresql16-pltcl-16.10-150200.5.32.1 * postgresql16-debuginfo-16.10-150200.5.32.1 * postgresql16-plpython-16.10-150200.5.32.1 * postgresql16-plperl-16.10-150200.5.32.1 * postgresql16-server-devel-16.10-150200.5.32.1 * postgresql16-server-devel-debuginfo-16.10-150200.5.32.1 * postgresql16-contrib-debuginfo-16.10-150200.5.32.1 * postgresql16-devel-16.10-150200.5.32.1 * postgresql16-contrib-16.10-150200.5.32.1 * postgresql16-plpython-debuginfo-16.10-150200.5.32.1 * postgresql16-server-16.10-150200.5.32.1 * postgresql16-pltcl-debuginfo-16.10-150200.5.32.1 * postgresql16-16.10-150200.5.32.1 * postgresql16-devel-debuginfo-16.10-150200.5.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * postgresql16-docs-16.10-150200.5.32.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * postgresql16-server-debuginfo-16.10-150200.5.32.1 * postgresql16-debugsource-16.10-150200.5.32.1 * postgresql16-plperl-debuginfo-16.10-150200.5.32.1 * postgresql16-pltcl-16.10-150200.5.32.1 * postgresql16-debuginfo-16.10-150200.5.32.1 * postgresql16-plpython-16.10-150200.5.32.1 * postgresql16-plperl-16.10-150200.5.32.1 * postgresql16-server-devel-16.10-150200.5.32.1 * postgresql16-server-devel-debuginfo-16.10-150200.5.32.1 * postgresql16-contrib-debuginfo-16.10-150200.5.32.1 * postgresql16-devel-16.10-150200.5.32.1 * postgresql16-contrib-16.10-150200.5.32.1 * postgresql16-plpython-debuginfo-16.10-150200.5.32.1 * postgresql16-server-16.10-150200.5.32.1 * postgresql16-pltcl-debuginfo-16.10-150200.5.32.1 * postgresql16-16.10-150200.5.32.1 * postgresql16-devel-debuginfo-16.10-150200.5.32.1 * SUSE Manager Proxy 4.3 LTS (noarch) * postgresql16-docs-16.10-150200.5.32.1 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * postgresql16-server-debuginfo-16.10-150200.5.32.1 * postgresql16-debugsource-16.10-150200.5.32.1 * postgresql16-plperl-debuginfo-16.10-150200.5.32.1 * postgresql16-pltcl-16.10-150200.5.32.1 * postgresql16-debuginfo-16.10-150200.5.32.1 * postgresql16-plpython-16.10-150200.5.32.1 * postgresql16-plperl-16.10-150200.5.32.1 * postgresql16-server-devel-16.10-150200.5.32.1 * postgresql16-server-devel-debuginfo-16.10-150200.5.32.1 * postgresql16-contrib-debuginfo-16.10-150200.5.32.1 * postgresql16-devel-16.10-150200.5.32.1 * postgresql16-contrib-16.10-150200.5.32.1 * postgresql16-plpython-debuginfo-16.10-150200.5.32.1 * postgresql16-server-16.10-150200.5.32.1 * postgresql16-pltcl-debuginfo-16.10-150200.5.32.1 * postgresql16-16.10-150200.5.32.1 * postgresql16-devel-debuginfo-16.10-150200.5.32.1 * SUSE Manager Retail Branch Server 4.3 LTS (noarch) * postgresql16-docs-16.10-150200.5.32.1 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * postgresql16-server-debuginfo-16.10-150200.5.32.1 * postgresql16-debugsource-16.10-150200.5.32.1 * postgresql16-plperl-debuginfo-16.10-150200.5.32.1 * postgresql16-pltcl-16.10-150200.5.32.1 * postgresql16-debuginfo-16.10-150200.5.32.1 * postgresql16-plpython-16.10-150200.5.32.1 * postgresql16-plperl-16.10-150200.5.32.1 * postgresql16-server-devel-16.10-150200.5.32.1 * postgresql16-server-devel-debuginfo-16.10-150200.5.32.1 * postgresql16-contrib-debuginfo-16.10-150200.5.32.1 * postgresql16-devel-16.10-150200.5.32.1 * postgresql16-contrib-16.10-150200.5.32.1 * postgresql16-plpython-debuginfo-16.10-150200.5.32.1 * postgresql16-server-16.10-150200.5.32.1 * postgresql16-pltcl-debuginfo-16.10-150200.5.32.1 * postgresql16-16.10-150200.5.32.1 * postgresql16-devel-debuginfo-16.10-150200.5.32.1 * SUSE Manager Server 4.3 LTS (noarch) * postgresql16-docs-16.10-150200.5.32.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql16-debuginfo-16.10-150200.5.32.1 * postgresql16-debugsource-16.10-150200.5.32.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 25 16:30:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Aug 2025 16:30:25 -0000 Subject: SUSE-SU-2025:02980-1: important: Security update for postgresql16 Message-ID: <175613942592.10940.10136627737895891760@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2025:02980-1 Release Date: 2025-08-25T13:46:48Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql16 fixes the following issues: Upgraded to 16.10: * CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table (bsc#1248120) * CVE-2025-8714: Fixed untrusted data inclusion in pg_dump allows superuser of origin server to execute arbitrary code in psql client (bsc#1248122) * CVE-2025-8715: Fixed improper neutralization of newlines in pg_dump leading to arbitrary code execution in the psql client and in the restore target server (bsc#1248119) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2980=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-2980=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * postgresql16-debuginfo-16.10-3.32.1 * postgresql16-server-devel-debuginfo-16.10-3.32.1 * postgresql16-contrib-debuginfo-16.10-3.32.1 * postgresql16-server-devel-16.10-3.32.1 * postgresql16-pltcl-debuginfo-16.10-3.32.1 * postgresql16-server-16.10-3.32.1 * postgresql16-plperl-debuginfo-16.10-3.32.1 * postgresql16-plpython-16.10-3.32.1 * postgresql16-devel-debuginfo-16.10-3.32.1 * postgresql16-devel-16.10-3.32.1 * postgresql16-plpython-debuginfo-16.10-3.32.1 * postgresql16-debugsource-16.10-3.32.1 * postgresql16-server-debuginfo-16.10-3.32.1 * postgresql16-16.10-3.32.1 * postgresql16-contrib-16.10-3.32.1 * postgresql16-pltcl-16.10-3.32.1 * postgresql16-plperl-16.10-3.32.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * postgresql16-docs-16.10-3.32.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql16-debuginfo-16.10-3.32.1 * postgresql16-server-devel-debuginfo-16.10-3.32.1 * postgresql16-contrib-debuginfo-16.10-3.32.1 * postgresql16-server-devel-16.10-3.32.1 * postgresql16-pltcl-debuginfo-16.10-3.32.1 * postgresql16-server-16.10-3.32.1 * postgresql16-plperl-debuginfo-16.10-3.32.1 * postgresql16-plpython-16.10-3.32.1 * postgresql16-devel-debuginfo-16.10-3.32.1 * postgresql16-devel-16.10-3.32.1 * postgresql16-plpython-debuginfo-16.10-3.32.1 * postgresql16-debugsource-16.10-3.32.1 * postgresql16-server-debuginfo-16.10-3.32.1 * postgresql16-16.10-3.32.1 * postgresql16-contrib-16.10-3.32.1 * postgresql16-pltcl-16.10-3.32.1 * postgresql16-plperl-16.10-3.32.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * postgresql16-docs-16.10-3.32.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 25 16:30:30 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Aug 2025 16:30:30 -0000 Subject: SUSE-SU-2025:02979-1: important: Security update for tomcat11 Message-ID: <175613943093.10940.16352355540903332038@smelt2.prg2.suse.org> # Security update for tomcat11 Announcement ID: SUSE-SU-2025:02979-1 Release Date: 2025-08-25T13:46:33Z Rating: important References: * bsc#1246318 * bsc#1246388 Cross-References: * CVE-2025-49125 * CVE-2025-52520 * CVE-2025-53506 CVSS scores: * CVE-2025-49125 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-49125 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-49125 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-52520 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-52520 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-52520 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-53506 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-53506 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-53506 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * Web and Scripting Module 15-SP6 * Web and Scripting Module 15-SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for tomcat11 fixes the following issues: Updated to Tomcat 11.0.9 \- CVE-2025-52520: Fixed integer overflow can lead to DoS for some unlikely configurations of multipart upload (bsc#1246388) \- CVE-2025-53506: Fixed uncontrolled resource HTTP/2 client consumption vulnerability (bsc#1246318) Other: \- Correct a regression in the fix for CVE-2025-49125 that prevented access to PreResources and PostResources when mounted below the web application root with a path that was terminated with a file separator. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2979=1 openSUSE-SLE-15.6-2025-2979=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2025-2979=1 * Web and Scripting Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP7-2025-2979=1 ## Package List: * openSUSE Leap 15.6 (noarch) * tomcat11-embed-11.0.9-150600.13.6.1 * tomcat11-el-6_0-api-11.0.9-150600.13.6.1 * tomcat11-admin-webapps-11.0.9-150600.13.6.1 * tomcat11-jsvc-11.0.9-150600.13.6.1 * tomcat11-doc-11.0.9-150600.13.6.1 * tomcat11-jsp-4_0-api-11.0.9-150600.13.6.1 * tomcat11-webapps-11.0.9-150600.13.6.1 * tomcat11-servlet-6_1-api-11.0.9-150600.13.6.1 * tomcat11-11.0.9-150600.13.6.1 * tomcat11-lib-11.0.9-150600.13.6.1 * tomcat11-docs-webapp-11.0.9-150600.13.6.1 * Web and Scripting Module 15-SP6 (noarch) * tomcat11-el-6_0-api-11.0.9-150600.13.6.1 * tomcat11-admin-webapps-11.0.9-150600.13.6.1 * tomcat11-jsp-4_0-api-11.0.9-150600.13.6.1 * tomcat11-webapps-11.0.9-150600.13.6.1 * tomcat11-servlet-6_1-api-11.0.9-150600.13.6.1 * tomcat11-11.0.9-150600.13.6.1 * tomcat11-lib-11.0.9-150600.13.6.1 * Web and Scripting Module 15-SP7 (noarch) * tomcat11-el-6_0-api-11.0.9-150600.13.6.1 * tomcat11-admin-webapps-11.0.9-150600.13.6.1 * tomcat11-jsp-4_0-api-11.0.9-150600.13.6.1 * tomcat11-webapps-11.0.9-150600.13.6.1 * tomcat11-servlet-6_1-api-11.0.9-150600.13.6.1 * tomcat11-11.0.9-150600.13.6.1 * tomcat11-lib-11.0.9-150600.13.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-49125.html * https://www.suse.com/security/cve/CVE-2025-52520.html * https://www.suse.com/security/cve/CVE-2025-53506.html * https://bugzilla.suse.com/show_bug.cgi?id=1246318 * https://bugzilla.suse.com/show_bug.cgi?id=1246388 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 25 16:30:36 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Aug 2025 16:30:36 -0000 Subject: SUSE-SU-2025:02978-1: important: Security update for tomcat10 Message-ID: <175613943611.10940.15013100727176181317@smelt2.prg2.suse.org> # Security update for tomcat10 Announcement ID: SUSE-SU-2025:02978-1 Release Date: 2025-08-25T13:46:06Z Rating: important References: * bsc#1246318 * bsc#1246388 Cross-References: * CVE-2025-49125 * CVE-2025-52520 * CVE-2025-53506 CVSS scores: * CVE-2025-49125 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-49125 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-49125 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-52520 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-52520 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-52520 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-53506 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-53506 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-53506 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * Web and Scripting Module 15-SP6 * Web and Scripting Module 15-SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for tomcat10 fixes the following issues: Updated to Tomcat 10.1.43i: \- CVE-2025-52520: Fixed integer overflow can lead to DoS for some unlikely configurations of multipart upload (bsc#1246388) \- CVE-2025-53506: Fixed uncontrolled resource HTTP/2 client consumption vulnerability (bsc#1246318) Other: \- Correct a regression in the fix for CVE-2025-49125 that prevented access to PreResources and PostResources when mounted below the web application root with a path that was terminated with a file separator. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2978=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2025-2978=1 * Web and Scripting Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP7-2025-2978=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2978=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2978=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2978=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2978=1 ## Package List: * openSUSE Leap 15.6 (noarch) * tomcat10-doc-10.1.43-150200.5.48.1 * tomcat10-10.1.43-150200.5.48.1 * tomcat10-admin-webapps-10.1.43-150200.5.48.1 * tomcat10-jsp-3_1-api-10.1.43-150200.5.48.1 * tomcat10-embed-10.1.43-150200.5.48.1 * tomcat10-lib-10.1.43-150200.5.48.1 * tomcat10-el-5_0-api-10.1.43-150200.5.48.1 * tomcat10-jsvc-10.1.43-150200.5.48.1 * tomcat10-servlet-6_0-api-10.1.43-150200.5.48.1 * tomcat10-webapps-10.1.43-150200.5.48.1 * tomcat10-docs-webapp-10.1.43-150200.5.48.1 * Web and Scripting Module 15-SP6 (noarch) * tomcat10-10.1.43-150200.5.48.1 * tomcat10-admin-webapps-10.1.43-150200.5.48.1 * tomcat10-lib-10.1.43-150200.5.48.1 * tomcat10-el-5_0-api-10.1.43-150200.5.48.1 * tomcat10-servlet-6_0-api-10.1.43-150200.5.48.1 * tomcat10-webapps-10.1.43-150200.5.48.1 * tomcat10-jsp-3_1-api-10.1.43-150200.5.48.1 * Web and Scripting Module 15-SP7 (noarch) * tomcat10-10.1.43-150200.5.48.1 * tomcat10-admin-webapps-10.1.43-150200.5.48.1 * tomcat10-lib-10.1.43-150200.5.48.1 * tomcat10-el-5_0-api-10.1.43-150200.5.48.1 * tomcat10-servlet-6_0-api-10.1.43-150200.5.48.1 * tomcat10-webapps-10.1.43-150200.5.48.1 * tomcat10-jsp-3_1-api-10.1.43-150200.5.48.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * tomcat10-10.1.43-150200.5.48.1 * tomcat10-admin-webapps-10.1.43-150200.5.48.1 * tomcat10-lib-10.1.43-150200.5.48.1 * tomcat10-el-5_0-api-10.1.43-150200.5.48.1 * tomcat10-servlet-6_0-api-10.1.43-150200.5.48.1 * tomcat10-webapps-10.1.43-150200.5.48.1 * tomcat10-jsp-3_1-api-10.1.43-150200.5.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * tomcat10-10.1.43-150200.5.48.1 * tomcat10-admin-webapps-10.1.43-150200.5.48.1 * tomcat10-lib-10.1.43-150200.5.48.1 * tomcat10-el-5_0-api-10.1.43-150200.5.48.1 * tomcat10-servlet-6_0-api-10.1.43-150200.5.48.1 * tomcat10-webapps-10.1.43-150200.5.48.1 * tomcat10-jsp-3_1-api-10.1.43-150200.5.48.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * tomcat10-10.1.43-150200.5.48.1 * tomcat10-admin-webapps-10.1.43-150200.5.48.1 * tomcat10-lib-10.1.43-150200.5.48.1 * tomcat10-el-5_0-api-10.1.43-150200.5.48.1 * tomcat10-servlet-6_0-api-10.1.43-150200.5.48.1 * tomcat10-webapps-10.1.43-150200.5.48.1 * tomcat10-jsp-3_1-api-10.1.43-150200.5.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * tomcat10-10.1.43-150200.5.48.1 * tomcat10-admin-webapps-10.1.43-150200.5.48.1 * tomcat10-lib-10.1.43-150200.5.48.1 * tomcat10-el-5_0-api-10.1.43-150200.5.48.1 * tomcat10-servlet-6_0-api-10.1.43-150200.5.48.1 * tomcat10-webapps-10.1.43-150200.5.48.1 * tomcat10-jsp-3_1-api-10.1.43-150200.5.48.1 ## References: * https://www.suse.com/security/cve/CVE-2025-49125.html * https://www.suse.com/security/cve/CVE-2025-52520.html * https://www.suse.com/security/cve/CVE-2025-53506.html * https://bugzilla.suse.com/show_bug.cgi?id=1246318 * https://bugzilla.suse.com/show_bug.cgi?id=1246388 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 25 16:30:41 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Aug 2025 16:30:41 -0000 Subject: SUSE-SU-2025:02977-1: important: Security update for kubernetes1.18 Message-ID: <175613944171.10940.7911039800336211777@smelt2.prg2.suse.org> # Security update for kubernetes1.18 Announcement ID: SUSE-SU-2025:02977-1 Release Date: 2025-08-25T12:18:40Z Rating: important References: * bsc#1182185 * bsc#1246989 Cross-References: * CVE-2021-3121 CVSS scores: * CVE-2021-3121 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-3121 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for kubernetes1.18 fixes the following issues: * Update to version 1.18.20: * CVE-2021-3121: Fixed a lack of certain index validation in plugin/unmarshal/unmarshal.go. (bsc#1182185) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2977=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2977=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2977=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2977=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2977=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2977=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2977=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2977=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2977=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.18-client-1.18.20-150200.5.25.1 * kubernetes1.18-client-common-1.18.20-150200.5.25.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * kubernetes1.18-client-1.18.20-150200.5.25.1 * kubernetes1.18-client-common-1.18.20-150200.5.25.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.18-client-1.18.20-150200.5.25.1 * kubernetes1.18-client-common-1.18.20-150200.5.25.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * kubernetes1.18-client-1.18.20-150200.5.25.1 * kubernetes1.18-client-common-1.18.20-150200.5.25.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.18-client-1.18.20-150200.5.25.1 * kubernetes1.18-client-common-1.18.20-150200.5.25.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * kubernetes1.18-client-1.18.20-150200.5.25.1 * kubernetes1.18-client-common-1.18.20-150200.5.25.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.18-client-1.18.20-150200.5.25.1 * kubernetes1.18-client-common-1.18.20-150200.5.25.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.18-client-1.18.20-150200.5.25.1 * kubernetes1.18-client-common-1.18.20-150200.5.25.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * kubernetes1.18-client-1.18.20-150200.5.25.1 * kubernetes1.18-client-common-1.18.20-150200.5.25.1 ## References: * https://www.suse.com/security/cve/CVE-2021-3121.html * https://bugzilla.suse.com/show_bug.cgi?id=1182185 * https://bugzilla.suse.com/show_bug.cgi?id=1246989 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Aug 25 16:30:44 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Aug 2025 16:30:44 -0000 Subject: SUSE-SU-2025:02976-1: low: Security update for cmake3 Message-ID: <175613944429.10940.6890405124104907406@smelt2.prg2.suse.org> # Security update for cmake3 Announcement ID: SUSE-SU-2025:02976-1 Release Date: 2025-08-25T12:03:08Z Rating: low References: * bsc#1248461 Cross-References: * CVE-2025-9301 CVSS scores: * CVE-2025-9301 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-9301 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-9301 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-9301 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for cmake3 fixes the following issues: * CVE-2025-9301: Fixed assertion failure due to improper validation (bsc#1248461) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2976=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * cmake3-ui-debugsource-3.17.0-150000.1.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-9301.html * https://bugzilla.suse.com/show_bug.cgi?id=1248461 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 26 12:30:06 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 26 Aug 2025 12:30:06 -0000 Subject: SUSE-SU-2025:02987-1: important: Security update for postgresql17 Message-ID: <175621140695.31230.12734105830084627082@smelt2.prg2.suse.org> # Security update for postgresql17 Announcement ID: SUSE-SU-2025:02987-1 Release Date: 2025-08-26T10:41:50Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql17 fixes the following issues: Updated to 17.6: * CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table (bsc#1248120) * CVE-2025-8714: Fixed untrusted data inclusion in pg_dump allows superuser of origin server to execute arbitrary code in psql client (bsc#1248122) * CVE-2025-8715: Fixed improper neutralization of newlines in pg_dump leading to arbitrary code execution in the psql client and in the restore target server (bsc#1248119) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-2987=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2987=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libecpg6-debuginfo-17.6-3.16.1 * libecpg6-17.6-3.16.1 * libpq5-debuginfo-17.6-3.16.1 * libpq5-17.6-3.16.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libpq5-32bit-17.6-3.16.1 * libecpg6-32bit-17.6-3.16.1 * libpq5-debuginfo-32bit-17.6-3.16.1 * libecpg6-debuginfo-32bit-17.6-3.16.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libecpg6-17.6-3.16.1 * libpq5-debuginfo-32bit-17.6-3.16.1 * libpq5-debuginfo-17.6-3.16.1 * libpq5-17.6-3.16.1 * libpq5-32bit-17.6-3.16.1 * libecpg6-32bit-17.6-3.16.1 * libecpg6-debuginfo-17.6-3.16.1 * libecpg6-debuginfo-32bit-17.6-3.16.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 26 12:30:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 26 Aug 2025 12:30:12 -0000 Subject: SUSE-SU-2025:02986-1: important: Security update for postgresql17 Message-ID: <175621141216.31230.1601175122280512305@smelt2.prg2.suse.org> # Security update for postgresql17 Announcement ID: SUSE-SU-2025:02986-1 Release Date: 2025-08-26T10:41:37Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql17 fixes the following issues: Updated to 17.6: * CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table (bsc#1248120) * CVE-2025-8714: Fixed untrusted data inclusion in pg_dump allows superuser of origin server to execute arbitrary code in psql client (bsc#1248122) * CVE-2025-8715: Fixed improper neutralization of newlines in pg_dump leading to arbitrary code execution in the psql client and in the restore target server (bsc#1248119) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2986=1 openSUSE-SLE-15.6-2025-2986=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2986=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2986=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2986=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2986=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-2986=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-2986=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql17-devel-mini-17.6-150600.13.16.1 * postgresql17-plpython-17.6-150600.13.16.1 * postgresql17-llvmjit-debuginfo-17.6-150600.13.16.1 * postgresql17-plperl-17.6-150600.13.16.1 * postgresql17-debugsource-17.6-150600.13.16.1 * postgresql17-contrib-debuginfo-17.6-150600.13.16.1 * postgresql17-17.6-150600.13.16.1 * postgresql17-mini-debugsource-17.6-150600.13.16.1 * postgresql17-pltcl-17.6-150600.13.16.1 * libpq5-17.6-150600.13.16.1 * postgresql17-contrib-17.6-150600.13.16.1 * postgresql17-devel-17.6-150600.13.16.1 * postgresql17-devel-debuginfo-17.6-150600.13.16.1 * postgresql17-pltcl-debuginfo-17.6-150600.13.16.1 * postgresql17-test-17.6-150600.13.16.1 * postgresql17-plperl-debuginfo-17.6-150600.13.16.1 * postgresql17-llvmjit-17.6-150600.13.16.1 * postgresql17-plpython-debuginfo-17.6-150600.13.16.1 * postgresql17-server-17.6-150600.13.16.1 * libecpg6-debuginfo-17.6-150600.13.16.1 * postgresql17-llvmjit-devel-17.6-150600.13.16.1 * libecpg6-17.6-150600.13.16.1 * postgresql17-server-devel-17.6-150600.13.16.1 * postgresql17-server-debuginfo-17.6-150600.13.16.1 * postgresql17-devel-mini-debuginfo-17.6-150600.13.16.1 * libpq5-debuginfo-17.6-150600.13.16.1 * postgresql17-debuginfo-17.6-150600.13.16.1 * postgresql17-server-devel-debuginfo-17.6-150600.13.16.1 * openSUSE Leap 15.6 (x86_64) * libecpg6-32bit-17.6-150600.13.16.1 * libpq5-32bit-17.6-150600.13.16.1 * libpq5-32bit-debuginfo-17.6-150600.13.16.1 * libecpg6-32bit-debuginfo-17.6-150600.13.16.1 * openSUSE Leap 15.6 (noarch) * postgresql17-docs-17.6-150600.13.16.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libecpg6-64bit-debuginfo-17.6-150600.13.16.1 * libpq5-64bit-debuginfo-17.6-150600.13.16.1 * libpq5-64bit-17.6-150600.13.16.1 * libecpg6-64bit-17.6-150600.13.16.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql17-17.6-150600.13.16.1 * libpq5-17.6-150600.13.16.1 * libpq5-debuginfo-17.6-150600.13.16.1 * postgresql17-debuginfo-17.6-150600.13.16.1 * postgresql17-debugsource-17.6-150600.13.16.1 * Basesystem Module 15-SP6 (x86_64) * libpq5-32bit-17.6-150600.13.16.1 * libpq5-32bit-debuginfo-17.6-150600.13.16.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql17-17.6-150600.13.16.1 * libpq5-17.6-150600.13.16.1 * libpq5-debuginfo-17.6-150600.13.16.1 * postgresql17-debuginfo-17.6-150600.13.16.1 * postgresql17-debugsource-17.6-150600.13.16.1 * Basesystem Module 15-SP7 (x86_64) * libpq5-32bit-17.6-150600.13.16.1 * libpq5-32bit-debuginfo-17.6-150600.13.16.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql17-test-17.6-150600.13.16.1 * postgresql17-llvmjit-17.6-150600.13.16.1 * postgresql17-llvmjit-debuginfo-17.6-150600.13.16.1 * postgresql17-debuginfo-17.6-150600.13.16.1 * postgresql17-debugsource-17.6-150600.13.16.1 * postgresql17-llvmjit-devel-17.6-150600.13.16.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql17-test-17.6-150600.13.16.1 * postgresql17-llvmjit-17.6-150600.13.16.1 * postgresql17-llvmjit-debuginfo-17.6-150600.13.16.1 * postgresql17-debuginfo-17.6-150600.13.16.1 * postgresql17-debugsource-17.6-150600.13.16.1 * postgresql17-llvmjit-devel-17.6-150600.13.16.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql17-server-debuginfo-17.6-150600.13.16.1 * postgresql17-pltcl-debuginfo-17.6-150600.13.16.1 * postgresql17-plperl-debuginfo-17.6-150600.13.16.1 * postgresql17-plpython-17.6-150600.13.16.1 * postgresql17-pltcl-17.6-150600.13.16.1 * postgresql17-plperl-17.6-150600.13.16.1 * postgresql17-debuginfo-17.6-150600.13.16.1 * postgresql17-contrib-17.6-150600.13.16.1 * postgresql17-devel-17.6-150600.13.16.1 * postgresql17-plpython-debuginfo-17.6-150600.13.16.1 * postgresql17-debugsource-17.6-150600.13.16.1 * postgresql17-devel-debuginfo-17.6-150600.13.16.1 * postgresql17-server-17.6-150600.13.16.1 * postgresql17-server-devel-debuginfo-17.6-150600.13.16.1 * libecpg6-debuginfo-17.6-150600.13.16.1 * postgresql17-contrib-debuginfo-17.6-150600.13.16.1 * libecpg6-17.6-150600.13.16.1 * postgresql17-server-devel-17.6-150600.13.16.1 * Server Applications Module 15-SP6 (noarch) * postgresql17-docs-17.6-150600.13.16.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql17-server-debuginfo-17.6-150600.13.16.1 * postgresql17-pltcl-debuginfo-17.6-150600.13.16.1 * postgresql17-plperl-debuginfo-17.6-150600.13.16.1 * postgresql17-plpython-17.6-150600.13.16.1 * postgresql17-pltcl-17.6-150600.13.16.1 * postgresql17-plperl-17.6-150600.13.16.1 * postgresql17-debuginfo-17.6-150600.13.16.1 * postgresql17-contrib-17.6-150600.13.16.1 * postgresql17-devel-17.6-150600.13.16.1 * postgresql17-plpython-debuginfo-17.6-150600.13.16.1 * postgresql17-debugsource-17.6-150600.13.16.1 * postgresql17-devel-debuginfo-17.6-150600.13.16.1 * postgresql17-server-17.6-150600.13.16.1 * postgresql17-server-devel-debuginfo-17.6-150600.13.16.1 * libecpg6-debuginfo-17.6-150600.13.16.1 * postgresql17-contrib-debuginfo-17.6-150600.13.16.1 * libecpg6-17.6-150600.13.16.1 * postgresql17-server-devel-17.6-150600.13.16.1 * Server Applications Module 15-SP7 (noarch) * postgresql17-docs-17.6-150600.13.16.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Aug 26 16:30:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 26 Aug 2025 16:30:04 -0000 Subject: SUSE-SU-2025:02988-1: moderate: Security update for govulncheck-vulndb Message-ID: <175622580438.10940.10449557374082945469@smelt2.prg2.suse.org> # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2025:02988-1 Release Date: 2025-08-26T15:48:17Z Rating: moderate References: * jsc#PED-11136 Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: * Update to version 0.0.20250820T174735 2025-08-20T17:47:35Z. (jsc#PED-11136) * GO-2025-3783 GHSA-prpj-rchp-9j5h * GO-2023-2385 GHSA-5844-q3fc-56rh * GO-2025-3861 GHSA-cmpr-8prq-w5p5 * GO-2025-3862 GHSA-rfg4-2m63-fw2q * GO-2025-3863 GHSA-vpcr-fqpc-386h * GO-2025-3864 GHSA-42m6-5vm7-fjv2 * GO-2025-3865 GHSA-6ff3-jgxh-vffj * GO-2025-3866 GHSA-gjpm-6w34-ppvf * GO-2025-3867 GHSA-j66h-xhpr-7q5g * GO-2025-3868 GHSA-qjrx-j8wm-xf83 * GO-2025-3869 GHSA-v6c8-g53h-mc2h * GO-2025-3870 GHSA-vc77-c2hx-h5x2 * GO-2025-3871 GHSA-w92j-c6gr-hj8r * GO-2025-3872 GHSA-3cg3-3mmr-w8hj * GO-2025-3873 GHSA-jhmr-57cj-q6g9 * GO-2025-3874 GHSA-q355-h244-969h * GO-2025-3875 GHSA-qpjq-c5hr-7925 * GO-2025-3885 GHSA-fcxq-v2r3-cc8h * GO-2025-3886 GHSA-p3qf-84rg-jxfc * GO-2025-3887 GHSA-9h84-qmv7-982p * GO-2025-3888 GHSA-f9f8-9pmf-xv68 * GO-2025-3891 GHSA-wm7x-ww72-r77q ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2988=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2988=1 ## Package List: * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20250820T174735-150000.1.101.1 * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20250820T174735-150000.1.101.1 ## References: * https://jira.suse.com/browse/PED-11136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 27 12:30:19 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Aug 2025 12:30:19 -0000 Subject: SUSE-SU-2025:02992-1: important: Security update for tomcat11 Message-ID: <175629781918.28135.10831038850609513246@smelt2.prg2.suse.org> # Security update for tomcat11 Announcement ID: SUSE-SU-2025:02992-1 Release Date: 2025-08-27T11:57:17Z Rating: important References: * bsc#1243895 Cross-References: * CVE-2025-48989 CVSS scores: * CVE-2025-48989 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-48989 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-48989 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * Web and Scripting Module 15-SP6 * Web and Scripting Module 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for tomcat11 fixes the following issues: Updated to Tomcat 11.0.10 \- CVE-2025-48989: Fixed "MadeYouReset" DoS in HTTP/2 due to client triggered stream reset (bsc#1243895) Other fixes: * Catalina \+ Fix: Fix bloom filter population for archive indexing when using a packed WAR containing one or more JAR files. (markt) * Coyote \+ Fix: 69748: Add missing call to set keep-alive timeout when using HTTP/1.1 following an async request, which was present for AJP. (remm/markt) \+ Fix: 69762: Fix possible overflow during HPACK decoding of integers. Note that the maximum permitted value of an HPACK decoded integer is Integer.MAX_VALUE. (markt) \+ Fix: Update the HTTP/2 overhead documentation - particularly the code comments - to reflect the deprecation of the PRIORITY frame and clarify that a stream reset always triggers an overhead increase. (markt) * Cluster \+ Update: Add enableStatistics configuration attribute for the DeltaManager, defaulting to true. (remm) * WebSocket \+ Fix: Align the WebSocket extension handling for WebSocket client connections with WebSocket server connections. The WebSocket client now only includes an extension requested by an endpoint in the opening handshake if the WebSocket client supports that extension. (markt) * Web applications \+ Fix: Manager and Host Manager. Provide the Manager and Host Manager web applications with a dedicated favicon file rather than using the one from the ROOT web application which might not be present or may represent something entirely different. Pull requests #876 and #878 by Simon Arame. * Other \+ Update: Update Checkstyle to 10.26.1. (markt) \+ Add: Improvements to French translations. (remm) \+ Add: Improvements to Japanese translations by tak7iji. (markt) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP7-2025-2992=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2992=1 openSUSE-SLE-15.6-2025-2992=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2025-2992=1 ## Package List: * Web and Scripting Module 15-SP7 (noarch) * tomcat11-el-6_0-api-11.0.10-150600.13.9.1 * tomcat11-servlet-6_1-api-11.0.10-150600.13.9.1 * tomcat11-webapps-11.0.10-150600.13.9.1 * tomcat11-11.0.10-150600.13.9.1 * tomcat11-jsp-4_0-api-11.0.10-150600.13.9.1 * tomcat11-admin-webapps-11.0.10-150600.13.9.1 * tomcat11-lib-11.0.10-150600.13.9.1 * openSUSE Leap 15.6 (noarch) * tomcat11-el-6_0-api-11.0.10-150600.13.9.1 * tomcat11-embed-11.0.10-150600.13.9.1 * tomcat11-doc-11.0.10-150600.13.9.1 * tomcat11-servlet-6_1-api-11.0.10-150600.13.9.1 * tomcat11-docs-webapp-11.0.10-150600.13.9.1 * tomcat11-webapps-11.0.10-150600.13.9.1 * tomcat11-11.0.10-150600.13.9.1 * tomcat11-jsp-4_0-api-11.0.10-150600.13.9.1 * tomcat11-admin-webapps-11.0.10-150600.13.9.1 * tomcat11-lib-11.0.10-150600.13.9.1 * tomcat11-jsvc-11.0.10-150600.13.9.1 * Web and Scripting Module 15-SP6 (noarch) * tomcat11-el-6_0-api-11.0.10-150600.13.9.1 * tomcat11-servlet-6_1-api-11.0.10-150600.13.9.1 * tomcat11-webapps-11.0.10-150600.13.9.1 * tomcat11-11.0.10-150600.13.9.1 * tomcat11-jsp-4_0-api-11.0.10-150600.13.9.1 * tomcat11-admin-webapps-11.0.10-150600.13.9.1 * tomcat11-lib-11.0.10-150600.13.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-48989.html * https://bugzilla.suse.com/show_bug.cgi?id=1243895 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 27 12:30:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Aug 2025 12:30:21 -0000 Subject: SUSE-SU-2025:02991-1: important: Security update for firebird Message-ID: <175629782191.28135.17621994266546103443@smelt2.prg2.suse.org> # Security update for firebird Announcement ID: SUSE-SU-2025:02991-1 Release Date: 2025-08-27T11:56:44Z Rating: important References: * bsc#1248143 Cross-References: * CVE-2025-54989 CVSS scores: * CVE-2025-54989 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-54989 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-54989 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-54989 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for firebird fixes the following issues: * CVE-2025-54989: Fixed NULL pointer dereference in XDR message parsing leading to denial-of-service (ZDI-CAN-26486, bsc#1248143) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2991=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2991=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2991=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * firebird-utils-debuginfo-3.0.4.33054-150200.3.3.1 * libfbclient2-3.0.4.33054-150200.3.3.1 * libib_util-debuginfo-3.0.4.33054-150200.3.3.1 * firebird-debugsource-3.0.4.33054-150200.3.3.1 * firebird-server-3.0.4.33054-150200.3.3.1 * firebird-debuginfo-3.0.4.33054-150200.3.3.1 * firebird-examples-3.0.4.33054-150200.3.3.1 * firebird-utils-3.0.4.33054-150200.3.3.1 * libib_util-devel-3.0.4.33054-150200.3.3.1 * firebird-server-debuginfo-3.0.4.33054-150200.3.3.1 * libfbclient2-debuginfo-3.0.4.33054-150200.3.3.1 * libfbclient-devel-3.0.4.33054-150200.3.3.1 * libib_util-3.0.4.33054-150200.3.3.1 * firebird-3.0.4.33054-150200.3.3.1 * openSUSE Leap 15.6 (noarch) * firebird-doc-3.0.4.33054-150200.3.3.1 * openSUSE Leap 15.6 (x86_64) * libib_util-32bit-3.0.4.33054-150200.3.3.1 * libib_util-32bit-debuginfo-3.0.4.33054-150200.3.3.1 * libfbclient2-32bit-debuginfo-3.0.4.33054-150200.3.3.1 * libfbclient2-32bit-3.0.4.33054-150200.3.3.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * firebird-utils-debuginfo-3.0.4.33054-150200.3.3.1 * libfbclient2-3.0.4.33054-150200.3.3.1 * libib_util-debuginfo-3.0.4.33054-150200.3.3.1 * firebird-debugsource-3.0.4.33054-150200.3.3.1 * firebird-server-3.0.4.33054-150200.3.3.1 * firebird-debuginfo-3.0.4.33054-150200.3.3.1 * firebird-examples-3.0.4.33054-150200.3.3.1 * firebird-utils-3.0.4.33054-150200.3.3.1 * libib_util-devel-3.0.4.33054-150200.3.3.1 * firebird-server-debuginfo-3.0.4.33054-150200.3.3.1 * libfbclient2-debuginfo-3.0.4.33054-150200.3.3.1 * libfbclient-devel-3.0.4.33054-150200.3.3.1 * libib_util-3.0.4.33054-150200.3.3.1 * firebird-3.0.4.33054-150200.3.3.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * firebird-utils-debuginfo-3.0.4.33054-150200.3.3.1 * libfbclient2-3.0.4.33054-150200.3.3.1 * libib_util-debuginfo-3.0.4.33054-150200.3.3.1 * firebird-debugsource-3.0.4.33054-150200.3.3.1 * firebird-server-3.0.4.33054-150200.3.3.1 * firebird-debuginfo-3.0.4.33054-150200.3.3.1 * firebird-examples-3.0.4.33054-150200.3.3.1 * firebird-utils-3.0.4.33054-150200.3.3.1 * libib_util-devel-3.0.4.33054-150200.3.3.1 * firebird-server-debuginfo-3.0.4.33054-150200.3.3.1 * libfbclient2-debuginfo-3.0.4.33054-150200.3.3.1 * libfbclient-devel-3.0.4.33054-150200.3.3.1 * libib_util-3.0.4.33054-150200.3.3.1 * firebird-3.0.4.33054-150200.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54989.html * https://bugzilla.suse.com/show_bug.cgi?id=1248143 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 27 12:30:27 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Aug 2025 12:30:27 -0000 Subject: SUSE-SU-2025:02990-1: moderate: Security update for ffmpeg Message-ID: <175629782718.28135.3956217323632444749@smelt2.prg2.suse.org> # Security update for ffmpeg Announcement ID: SUSE-SU-2025:02990-1 Release Date: 2025-08-27T10:29:43Z Rating: moderate References: * bsc#1246790 Cross-References: * CVE-2025-7700 CVSS scores: * CVE-2025-7700 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-7700 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Desktop Applications Module 15-SP6 * Desktop Applications Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for ffmpeg fixes the following issues: * CVE-2025-7700: Fixed NULL Pointer Dereference in FFmpeg ALS Decoder (libavcodec/alsdec.c) (bsc#1246790). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-2990=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2025-2990=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2990=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-2990=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-2990=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2990=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2990=1 ## Package List: * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * ffmpeg-debugsource-3.4.2-150200.11.67.1 * libavformat57-debuginfo-3.4.2-150200.11.67.1 * ffmpeg-debuginfo-3.4.2-150200.11.67.1 * libavresample3-3.4.2-150200.11.67.1 * libavformat-devel-3.4.2-150200.11.67.1 * libavcodec-devel-3.4.2-150200.11.67.1 * libavresample-devel-3.4.2-150200.11.67.1 * libavresample3-debuginfo-3.4.2-150200.11.67.1 * libavformat57-3.4.2-150200.11.67.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * ffmpeg-debugsource-3.4.2-150200.11.67.1 * libavformat57-debuginfo-3.4.2-150200.11.67.1 * ffmpeg-debuginfo-3.4.2-150200.11.67.1 * libavresample3-3.4.2-150200.11.67.1 * libavformat-devel-3.4.2-150200.11.67.1 * libavcodec-devel-3.4.2-150200.11.67.1 * libavresample-devel-3.4.2-150200.11.67.1 * libavresample3-debuginfo-3.4.2-150200.11.67.1 * libavformat57-3.4.2-150200.11.67.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libavformat57-debuginfo-3.4.2-150200.11.67.1 * libavcodec57-3.4.2-150200.11.67.1 * libavdevice-devel-3.4.2-150200.11.67.1 * libavresample3-3.4.2-150200.11.67.1 * libavformat-devel-3.4.2-150200.11.67.1 * libswscale4-3.4.2-150200.11.67.1 * libswresample2-debuginfo-3.4.2-150200.11.67.1 * libavutil55-3.4.2-150200.11.67.1 * libswscale-devel-3.4.2-150200.11.67.1 * libavformat57-3.4.2-150200.11.67.1 * libpostproc54-debuginfo-3.4.2-150200.11.67.1 * libavcodec57-debuginfo-3.4.2-150200.11.67.1 * libswscale4-debuginfo-3.4.2-150200.11.67.1 * libavdevice57-debuginfo-3.4.2-150200.11.67.1 * libavfilter6-3.4.2-150200.11.67.1 * libavutil-devel-3.4.2-150200.11.67.1 * libavresample3-debuginfo-3.4.2-150200.11.67.1 * libavutil55-debuginfo-3.4.2-150200.11.67.1 * libavdevice57-3.4.2-150200.11.67.1 * ffmpeg-private-devel-3.4.2-150200.11.67.1 * ffmpeg-3.4.2-150200.11.67.1 * ffmpeg-debugsource-3.4.2-150200.11.67.1 * libavfilter-devel-3.4.2-150200.11.67.1 * libavcodec-devel-3.4.2-150200.11.67.1 * libpostproc54-3.4.2-150200.11.67.1 * libswresample2-3.4.2-150200.11.67.1 * libswresample-devel-3.4.2-150200.11.67.1 * ffmpeg-debuginfo-3.4.2-150200.11.67.1 * libavfilter6-debuginfo-3.4.2-150200.11.67.1 * libavresample-devel-3.4.2-150200.11.67.1 * libpostproc-devel-3.4.2-150200.11.67.1 * openSUSE Leap 15.6 (x86_64) * libavdevice57-32bit-3.4.2-150200.11.67.1 * libpostproc54-32bit-3.4.2-150200.11.67.1 * libavfilter6-32bit-debuginfo-3.4.2-150200.11.67.1 * libavutil55-32bit-3.4.2-150200.11.67.1 * libavdevice57-32bit-debuginfo-3.4.2-150200.11.67.1 * libswresample2-32bit-3.4.2-150200.11.67.1 * libavformat57-32bit-3.4.2-150200.11.67.1 * libpostproc54-32bit-debuginfo-3.4.2-150200.11.67.1 * libavresample3-32bit-3.4.2-150200.11.67.1 * libswscale4-32bit-3.4.2-150200.11.67.1 * libavfilter6-32bit-3.4.2-150200.11.67.1 * libavformat57-32bit-debuginfo-3.4.2-150200.11.67.1 * libavresample3-32bit-debuginfo-3.4.2-150200.11.67.1 * libswresample2-32bit-debuginfo-3.4.2-150200.11.67.1 * libavcodec57-32bit-debuginfo-3.4.2-150200.11.67.1 * libswscale4-32bit-debuginfo-3.4.2-150200.11.67.1 * libavcodec57-32bit-3.4.2-150200.11.67.1 * libavutil55-32bit-debuginfo-3.4.2-150200.11.67.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libswscale4-debuginfo-3.4.2-150200.11.67.1 * ffmpeg-debugsource-3.4.2-150200.11.67.1 * libswresample-devel-3.4.2-150200.11.67.1 * libavcodec57-3.4.2-150200.11.67.1 * ffmpeg-debuginfo-3.4.2-150200.11.67.1 * libavutil-devel-3.4.2-150200.11.67.1 * libswscale4-3.4.2-150200.11.67.1 * libavutil55-debuginfo-3.4.2-150200.11.67.1 * libpostproc-devel-3.4.2-150200.11.67.1 * libavutil55-3.4.2-150200.11.67.1 * libpostproc54-3.4.2-150200.11.67.1 * libswresample2-debuginfo-3.4.2-150200.11.67.1 * libswscale-devel-3.4.2-150200.11.67.1 * libswresample2-3.4.2-150200.11.67.1 * libpostproc54-debuginfo-3.4.2-150200.11.67.1 * libavcodec57-debuginfo-3.4.2-150200.11.67.1 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libswscale4-debuginfo-3.4.2-150200.11.67.1 * ffmpeg-debugsource-3.4.2-150200.11.67.1 * libswresample-devel-3.4.2-150200.11.67.1 * libavcodec57-3.4.2-150200.11.67.1 * ffmpeg-debuginfo-3.4.2-150200.11.67.1 * libavutil-devel-3.4.2-150200.11.67.1 * libswscale4-3.4.2-150200.11.67.1 * libavutil55-debuginfo-3.4.2-150200.11.67.1 * libpostproc-devel-3.4.2-150200.11.67.1 * libavutil55-3.4.2-150200.11.67.1 * libpostproc54-3.4.2-150200.11.67.1 * libswresample2-debuginfo-3.4.2-150200.11.67.1 * libswscale-devel-3.4.2-150200.11.67.1 * libswresample2-3.4.2-150200.11.67.1 * libpostproc54-debuginfo-3.4.2-150200.11.67.1 * libavcodec57-debuginfo-3.4.2-150200.11.67.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * ffmpeg-3.4.2-150200.11.67.1 * libavdevice57-debuginfo-3.4.2-150200.11.67.1 * ffmpeg-debugsource-3.4.2-150200.11.67.1 * libavformat57-debuginfo-3.4.2-150200.11.67.1 * libavfilter6-3.4.2-150200.11.67.1 * ffmpeg-debuginfo-3.4.2-150200.11.67.1 * libavfilter6-debuginfo-3.4.2-150200.11.67.1 * libavresample3-3.4.2-150200.11.67.1 * libavresample3-debuginfo-3.4.2-150200.11.67.1 * libavdevice57-3.4.2-150200.11.67.1 * libavformat57-3.4.2-150200.11.67.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * ffmpeg-3.4.2-150200.11.67.1 * libavdevice57-debuginfo-3.4.2-150200.11.67.1 * ffmpeg-debugsource-3.4.2-150200.11.67.1 * libavformat57-debuginfo-3.4.2-150200.11.67.1 * libavfilter6-3.4.2-150200.11.67.1 * ffmpeg-debuginfo-3.4.2-150200.11.67.1 * libavfilter6-debuginfo-3.4.2-150200.11.67.1 * libavresample3-3.4.2-150200.11.67.1 * libavresample3-debuginfo-3.4.2-150200.11.67.1 * libavdevice57-3.4.2-150200.11.67.1 * libavformat57-3.4.2-150200.11.67.1 ## References: * https://www.suse.com/security/cve/CVE-2025-7700.html * https://bugzilla.suse.com/show_bug.cgi?id=1246790 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 27 16:34:39 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Aug 2025 16:34:39 -0000 Subject: SUSE-SU-2025:02997-1: important: Security update for the Linux Kernel Message-ID: <175631247990.11230.6414825413321329298@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:02997-1 Release Date: 2025-08-27T12:04:25Z Rating: important References: * bsc#1139073 * bsc#1204142 * bsc#1219338 * bsc#1225707 * bsc#1227082 * bsc#1228664 * bsc#1230216 * bsc#1233300 * bsc#1235515 * bsc#1235613 * bsc#1235837 * bsc#1236333 * bsc#1236897 * bsc#1238896 * bsc#1239061 * bsc#1239470 * bsc#1240323 * bsc#1240696 * bsc#1240885 * bsc#1240966 * bsc#1240998 * bsc#1241166 * bsc#1241200 * bsc#1241345 * bsc#1241537 * bsc#1242086 * bsc#1242414 * bsc#1242837 * bsc#1242960 * bsc#1242965 * bsc#1242993 * bsc#1243042 * bsc#1243068 * bsc#1243100 * bsc#1243479 * bsc#1243669 * bsc#1243678 * bsc#1243806 * bsc#1244309 * bsc#1244337 * bsc#1244457 * bsc#1244735 * bsc#1244749 * bsc#1244750 * bsc#1244792 * bsc#1244801 * bsc#1245084 * bsc#1245151 * bsc#1245201 * bsc#1245202 * bsc#1245216 * bsc#1245260 * bsc#1245431 * bsc#1245440 * bsc#1245457 * bsc#1245498 * bsc#1245499 * bsc#1245504 * bsc#1245506 * bsc#1245508 * bsc#1245510 * bsc#1245540 * bsc#1245598 * bsc#1245599 * bsc#1245621 * bsc#1245646 * bsc#1245647 * bsc#1245649 * bsc#1245650 * bsc#1245654 * bsc#1245658 * bsc#1245660 * bsc#1245664 * bsc#1245665 * bsc#1245666 * bsc#1245668 * bsc#1245669 * bsc#1245670 * bsc#1245671 * bsc#1245675 * bsc#1245676 * bsc#1245677 * bsc#1245679 * bsc#1245682 * bsc#1245683 * bsc#1245684 * bsc#1245686 * bsc#1245688 * bsc#1245689 * bsc#1245690 * bsc#1245691 * bsc#1245695 * bsc#1245705 * bsc#1245708 * bsc#1245711 * bsc#1245713 * bsc#1245714 * bsc#1245719 * bsc#1245723 * bsc#1245729 * bsc#1245730 * bsc#1245731 * bsc#1245735 * bsc#1245737 * bsc#1245744 * bsc#1245745 * bsc#1245746 * bsc#1245747 * bsc#1245748 * bsc#1245749 * bsc#1245750 * bsc#1245751 * bsc#1245752 * bsc#1245757 * bsc#1245758 * bsc#1245765 * bsc#1245768 * bsc#1245769 * bsc#1245777 * bsc#1245781 * bsc#1245789 * bsc#1245812 * bsc#1245937 * bsc#1245945 * bsc#1245951 * bsc#1245952 * bsc#1245954 * bsc#1245955 * bsc#1245957 * bsc#1245966 * bsc#1245970 * bsc#1245976 * bsc#1245980 * bsc#1245983 * bsc#1245986 * bsc#1246000 * bsc#1246002 * bsc#1246006 * bsc#1246008 * bsc#1246020 * bsc#1246023 * bsc#1246029 * bsc#1246031 * bsc#1246037 * bsc#1246041 * bsc#1246042 * bsc#1246044 * bsc#1246045 * bsc#1246047 * bsc#1246049 * bsc#1246050 * bsc#1246055 * bsc#1246073 * bsc#1246093 * bsc#1246098 * bsc#1246109 * bsc#1246113 * bsc#1246122 * bsc#1246125 * bsc#1246134 * bsc#1246171 * bsc#1246173 * bsc#1246178 * bsc#1246179 * bsc#1246182 * bsc#1246183 * bsc#1246186 * bsc#1246188 * bsc#1246195 * bsc#1246203 * bsc#1246212 * bsc#1246217 * bsc#1246220 * bsc#1246236 * bsc#1246240 * bsc#1246243 * bsc#1246244 * bsc#1246246 * bsc#1246249 * bsc#1246250 * bsc#1246253 * bsc#1246258 * bsc#1246262 * bsc#1246264 * bsc#1246266 * bsc#1246268 * bsc#1246273 * bsc#1246283 * bsc#1246285 * bsc#1246286 * bsc#1246287 * bsc#1246290 * bsc#1246292 * bsc#1246293 * bsc#1246295 * bsc#1246297 * bsc#1246333 * bsc#1246334 * bsc#1246337 * bsc#1246342 * bsc#1246349 * bsc#1246354 * bsc#1246358 * bsc#1246361 * bsc#1246364 * bsc#1246370 * bsc#1246375 * bsc#1246384 * bsc#1246385 * bsc#1246386 * bsc#1246387 * bsc#1246438 * bsc#1246443 * bsc#1246449 * bsc#1246453 * bsc#1246473 * bsc#1246490 * bsc#1246506 * bsc#1246547 * bsc#1246644 * bsc#1246695 * bsc#1246777 * bsc#1246781 * bsc#1246870 * bsc#1246879 * bsc#1246911 * bsc#1247018 * bsc#1247021 * bsc#1247023 * bsc#1247028 * bsc#1247031 * bsc#1247033 * bsc#1247035 * bsc#1247061 * bsc#1247062 * bsc#1247064 * bsc#1247079 * bsc#1247089 * bsc#1247091 * bsc#1247097 * bsc#1247098 * bsc#1247101 * bsc#1247103 * bsc#1247104 * bsc#1247113 * bsc#1247118 * bsc#1247123 * bsc#1247125 * bsc#1247128 * bsc#1247132 * bsc#1247138 * bsc#1247141 * bsc#1247143 * bsc#1247145 * bsc#1247146 * bsc#1247147 * bsc#1247149 * bsc#1247150 * bsc#1247151 * bsc#1247152 * bsc#1247153 * bsc#1247154 * bsc#1247156 * bsc#1247160 * bsc#1247164 * bsc#1247169 * bsc#1247170 * bsc#1247171 * bsc#1247172 * bsc#1247174 * bsc#1247176 * bsc#1247177 * bsc#1247178 * bsc#1247181 * bsc#1247209 * bsc#1247210 * bsc#1247227 * bsc#1247233 * bsc#1247234 * bsc#1247236 * bsc#1247238 * bsc#1247241 * bsc#1247251 * bsc#1247252 * bsc#1247253 * bsc#1247255 * bsc#1247265 * bsc#1247271 * bsc#1247273 * bsc#1247274 * bsc#1247276 * bsc#1247277 * bsc#1247278 * bsc#1247279 * bsc#1247282 * bsc#1247284 * bsc#1247285 * bsc#1247288 * bsc#1247289 * bsc#1247293 * bsc#1247308 * bsc#1247311 * bsc#1247314 * bsc#1247317 * bsc#1247347 * bsc#1247348 * bsc#1247349 * bsc#1247374 * bsc#1247437 * bsc#1247450 * bsc#1247712 * bsc#1247831 * jsc#PED-12731 * jsc#PED-12745 * jsc#PED-13248 Cross-References: * CVE-2019-11135 * CVE-2024-36028 * CVE-2024-36348 * CVE-2024-36349 * CVE-2024-36350 * CVE-2024-36357 * CVE-2024-39298 * CVE-2024-42134 * CVE-2024-44963 * CVE-2024-49861 * CVE-2024-56742 * CVE-2024-57947 * CVE-2025-21839 * CVE-2025-21854 * CVE-2025-21872 * CVE-2025-22090 * CVE-2025-23163 * CVE-2025-37798 * CVE-2025-37856 * CVE-2025-37864 * CVE-2025-37885 * CVE-2025-37920 * CVE-2025-37984 * CVE-2025-38034 * CVE-2025-38035 * CVE-2025-38047 * CVE-2025-38051 * CVE-2025-38052 * CVE-2025-38058 * CVE-2025-38061 * CVE-2025-38062 * CVE-2025-38063 * CVE-2025-38064 * CVE-2025-38074 * CVE-2025-38084 * CVE-2025-38085 * CVE-2025-38087 * CVE-2025-38088 * CVE-2025-38089 * CVE-2025-38090 * CVE-2025-38091 * CVE-2025-38094 * CVE-2025-38095 * CVE-2025-38097 * CVE-2025-38098 * CVE-2025-38099 * CVE-2025-38100 * CVE-2025-38102 * CVE-2025-38105 * CVE-2025-38106 * CVE-2025-38107 * CVE-2025-38108 * CVE-2025-38109 * CVE-2025-38110 * CVE-2025-38111 * CVE-2025-38112 * CVE-2025-38113 * CVE-2025-38114 * CVE-2025-38115 * CVE-2025-38117 * CVE-2025-38118 * CVE-2025-38120 * CVE-2025-38122 * CVE-2025-38123 * CVE-2025-38124 * CVE-2025-38126 * CVE-2025-38127 * CVE-2025-38129 * CVE-2025-38131 * CVE-2025-38132 * CVE-2025-38135 * CVE-2025-38136 * CVE-2025-38138 * CVE-2025-38142 * CVE-2025-38143 * CVE-2025-38145 * CVE-2025-38147 * CVE-2025-38148 * CVE-2025-38149 * CVE-2025-38151 * CVE-2025-38153 * CVE-2025-38154 * CVE-2025-38155 * CVE-2025-38157 * CVE-2025-38158 * CVE-2025-38159 * CVE-2025-38161 * CVE-2025-38162 * CVE-2025-38165 * CVE-2025-38166 * CVE-2025-38173 * CVE-2025-38174 * CVE-2025-38177 * CVE-2025-38180 * CVE-2025-38181 * CVE-2025-38182 * CVE-2025-38183 * CVE-2025-38186 * CVE-2025-38187 * CVE-2025-38188 * CVE-2025-38189 * CVE-2025-38192 * CVE-2025-38193 * CVE-2025-38194 * CVE-2025-38197 * CVE-2025-38198 * CVE-2025-38200 * CVE-2025-38202 * CVE-2025-38203 * CVE-2025-38204 * CVE-2025-38206 * CVE-2025-38210 * CVE-2025-38211 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38214 * CVE-2025-38215 * CVE-2025-38217 * CVE-2025-38220 * CVE-2025-38222 * CVE-2025-38225 * CVE-2025-38226 * CVE-2025-38227 * CVE-2025-38229 * CVE-2025-38231 * CVE-2025-38236 * CVE-2025-38238 * CVE-2025-38239 * CVE-2025-38244 * CVE-2025-38246 * CVE-2025-38248 * CVE-2025-38249 * CVE-2025-38250 * CVE-2025-38256 * CVE-2025-38257 * CVE-2025-38259 * CVE-2025-38264 * CVE-2025-38265 * CVE-2025-38268 * CVE-2025-38272 * CVE-2025-38273 * CVE-2025-38275 * CVE-2025-38277 * CVE-2025-38279 * CVE-2025-38283 * CVE-2025-38286 * CVE-2025-38287 * CVE-2025-38288 * CVE-2025-38289 * CVE-2025-38290 * CVE-2025-38291 * CVE-2025-38292 * CVE-2025-38293 * CVE-2025-38299 * CVE-2025-38300 * CVE-2025-38303 * CVE-2025-38304 * CVE-2025-38305 * CVE-2025-38307 * CVE-2025-38310 * CVE-2025-38312 * CVE-2025-38313 * CVE-2025-38315 * CVE-2025-38317 * CVE-2025-38319 * CVE-2025-38323 * CVE-2025-38326 * CVE-2025-38328 * CVE-2025-38332 * CVE-2025-38334 * CVE-2025-38335 * CVE-2025-38336 * CVE-2025-38337 * CVE-2025-38338 * CVE-2025-38342 * CVE-2025-38343 * CVE-2025-38344 * CVE-2025-38345 * CVE-2025-38348 * CVE-2025-38349 * CVE-2025-38350 * CVE-2025-38352 * CVE-2025-38353 * CVE-2025-38354 * CVE-2025-38355 * CVE-2025-38356 * CVE-2025-38361 * CVE-2025-38362 * CVE-2025-38363 * CVE-2025-38364 * CVE-2025-38365 * CVE-2025-38369 * CVE-2025-38371 * CVE-2025-38373 * CVE-2025-38375 * CVE-2025-38376 * CVE-2025-38377 * CVE-2025-38380 * CVE-2025-38382 * CVE-2025-38384 * CVE-2025-38385 * CVE-2025-38386 * CVE-2025-38387 * CVE-2025-38389 * CVE-2025-38391 * CVE-2025-38392 * CVE-2025-38393 * CVE-2025-38395 * CVE-2025-38396 * CVE-2025-38399 * CVE-2025-38400 * CVE-2025-38401 * CVE-2025-38403 * CVE-2025-38404 * CVE-2025-38406 * CVE-2025-38409 * CVE-2025-38410 * CVE-2025-38412 * CVE-2025-38414 * CVE-2025-38415 * CVE-2025-38416 * CVE-2025-38417 * CVE-2025-38420 * CVE-2025-38424 * CVE-2025-38425 * CVE-2025-38426 * CVE-2025-38427 * CVE-2025-38428 * CVE-2025-38429 * CVE-2025-38430 * CVE-2025-38436 * CVE-2025-38443 * CVE-2025-38448 * CVE-2025-38449 * CVE-2025-38453 * CVE-2025-38455 * CVE-2025-38457 * CVE-2025-38460 * CVE-2025-38461 * CVE-2025-38462 * CVE-2025-38463 * CVE-2025-38465 * CVE-2025-38467 * CVE-2025-38468 * CVE-2025-38470 * CVE-2025-38471 * CVE-2025-38473 * CVE-2025-38474 * CVE-2025-38475 * CVE-2025-38476 * CVE-2025-38477 * CVE-2025-38478 * CVE-2025-38480 * CVE-2025-38481 * CVE-2025-38482 * CVE-2025-38483 * CVE-2025-38485 * CVE-2025-38487 * CVE-2025-38489 * CVE-2025-38494 * CVE-2025-38495 * CVE-2025-38496 * CVE-2025-38497 * CVE-2025-38498 CVSS scores: * CVE-2019-11135 ( SUSE ): 6.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2019-11135 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36348 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36349 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36350 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36357 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-39298 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42134 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42134 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42134 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44963 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-44963 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49861 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49861 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49861 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-56742 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56742 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-57947 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57947 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21872 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22090 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23163 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23163 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37856 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37856 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37864 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37920 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37920 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-37984 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-37984 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38034 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38034 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38035 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38035 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38047 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38047 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38051 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38052 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38058 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38058 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38061 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38062 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38062 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38063 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38063 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38064 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38064 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38074 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38084 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38084 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38085 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38085 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38087 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38088 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38088 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38089 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38089 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38090 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38090 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38091 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38091 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38095 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38097 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38097 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38098 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38098 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38099 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38099 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38100 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38102 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38102 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38105 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38105 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38106 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38106 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38107 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38107 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38108 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38108 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38109 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38109 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38110 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38110 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38111 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38111 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38112 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38112 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38113 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38114 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38114 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38115 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38115 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38117 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38117 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38118 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38120 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-38120 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-38122 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38123 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38124 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38126 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38126 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38127 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38127 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38129 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38129 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38131 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38131 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38132 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38132 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38135 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38136 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38138 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38142 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38142 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38143 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38143 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38145 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38145 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38147 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38148 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38149 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38149 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38151 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38151 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38153 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38153 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38154 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38154 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38155 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38155 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38157 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38157 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38158 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38158 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38159 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38159 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38161 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38162 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38165 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38166 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38166 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38173 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38173 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38174 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38174 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38180 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38180 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38182 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38183 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38183 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38186 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38186 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38187 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38187 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38188 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38189 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38189 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38192 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38192 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38193 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38193 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38194 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38197 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38197 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38198 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38203 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38203 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38204 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38204 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38206 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38206 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38211 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38211 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38214 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38214 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38215 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38217 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38217 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38220 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38220 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38222 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-38222 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2025-38225 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38226 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38226 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38227 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38227 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38229 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38229 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-38231 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38231 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38238 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38238 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38239 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38239 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38244 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38244 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38246 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38248 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38248 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38249 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38249 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38250 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38250 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38256 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38256 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38257 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38259 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38259 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38264 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38265 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38265 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38268 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38268 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38272 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38273 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38273 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38275 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38277 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38277 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38279 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38279 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38283 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38283 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38286 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38286 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38287 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38288 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38289 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38289 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38290 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38290 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38291 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38291 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38292 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38292 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38293 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38293 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38299 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38299 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38300 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38300 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38303 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38303 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38304 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38305 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38307 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38310 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38310 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38312 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38313 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38315 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38315 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38317 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-38317 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2025-38319 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38323 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38323 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38326 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38326 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38328 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38332 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38334 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38334 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38335 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38335 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38336 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38337 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38338 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38338 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38342 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-38344 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38344 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38345 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38345 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38348 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38349 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38349 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38350 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38350 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38352 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38352 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38353 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38353 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38354 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38354 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38355 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38355 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38356 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38356 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38361 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38361 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38362 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38363 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38364 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38364 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38365 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38365 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38369 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38369 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38371 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38371 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38373 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38373 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38375 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38376 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38376 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38377 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38377 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38380 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38380 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38382 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38382 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38384 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38384 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38385 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38385 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38386 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38386 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38387 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38387 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38389 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38389 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38391 ( SUSE ): 5.2 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38391 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38392 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38392 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38393 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38393 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38395 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38395 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38396 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38396 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38399 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38399 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38400 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38400 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38401 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38401 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38403 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38406 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38406 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38409 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38409 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38410 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38410 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38412 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38412 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38414 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38414 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38415 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38415 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38416 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38416 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38417 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38417 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38425 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38425 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38426 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38426 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38427 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38427 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38428 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38428 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38429 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38429 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38430 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38430 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38436 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38436 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38448 ( SUSE ): 4.1 CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38448 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38453 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38453 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38455 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38455 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38457 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38457 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38460 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38460 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38461 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38461 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38462 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38462 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38463 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38463 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38465 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38465 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38467 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38467 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38470 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38471 ( SUSE ): 8.4 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38471 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2025-38473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38474 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38474 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38475 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38475 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38476 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38476 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38477 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38477 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38478 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38478 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38480 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38480 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38481 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38481 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38482 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38482 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38483 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38483 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38485 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38485 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38487 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38487 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38489 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38489 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38496 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38496 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38497 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38497 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38498 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38498 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * Development Tools Module 15-SP7 * Legacy Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Availability Extension 15 SP7 * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 An update that solves 264 vulnerabilities, contains three features and has 48 security fixes can now be installed. ## Description: This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-2997=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-2997=1 * Legacy Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2025-2997=1 * SUSE Linux Enterprise High Availability Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-HA-15-SP7-2025-2997=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2025-2997=1 * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2025-2997=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. ## Package List: * Basesystem Module 15-SP7 (aarch64 nosrc) * kernel-64kb-6.4.0-150700.53.11.1 * Basesystem Module 15-SP7 (aarch64) * kernel-64kb-devel-6.4.0-150700.53.11.1 * kernel-64kb-devel-debuginfo-6.4.0-150700.53.11.1 * kernel-64kb-debugsource-6.4.0-150700.53.11.1 * kernel-64kb-debuginfo-6.4.0-150700.53.11.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150700.53.11.1 * Basesystem Module 15-SP7 (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-150700.53.11.1.150700.17.9.4 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-debuginfo-6.4.0-150700.53.11.1 * kernel-default-debuginfo-6.4.0-150700.53.11.1 * kernel-default-devel-6.4.0-150700.53.11.1 * kernel-default-debugsource-6.4.0-150700.53.11.1 * Basesystem Module 15-SP7 (noarch) * kernel-devel-6.4.0-150700.53.11.1 * kernel-macros-6.4.0-150700.53.11.1 * Basesystem Module 15-SP7 (nosrc s390x) * kernel-zfcpdump-6.4.0-150700.53.11.1 * Basesystem Module 15-SP7 (s390x) * kernel-zfcpdump-debugsource-6.4.0-150700.53.11.1 * kernel-zfcpdump-debuginfo-6.4.0-150700.53.11.1 * Development Tools Module 15-SP7 (noarch nosrc) * kernel-docs-6.4.0-150700.53.11.3 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-6.4.0-150700.53.11.1 * kernel-obs-build-debugsource-6.4.0-150700.53.11.1 * kernel-syms-6.4.0-150700.53.11.1 * Development Tools Module 15-SP7 (noarch) * kernel-source-6.4.0-150700.53.11.1 * Legacy Module 15-SP7 (nosrc) * kernel-default-6.4.0-150700.53.11.1 * Legacy Module 15-SP7 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-6.4.0-150700.53.11.1 * kernel-default-debugsource-6.4.0-150700.53.11.1 * reiserfs-kmp-default-6.4.0-150700.53.11.1 * reiserfs-kmp-default-debuginfo-6.4.0-150700.53.11.1 * SUSE Linux Enterprise High Availability Extension 15 SP7 (aarch64 ppc64le s390x x86_64) * dlm-kmp-default-debuginfo-6.4.0-150700.53.11.1 * gfs2-kmp-default-6.4.0-150700.53.11.1 * dlm-kmp-default-6.4.0-150700.53.11.1 * kernel-default-debuginfo-6.4.0-150700.53.11.1 * cluster-md-kmp-default-debuginfo-6.4.0-150700.53.11.1 * kernel-default-debugsource-6.4.0-150700.53.11.1 * ocfs2-kmp-default-6.4.0-150700.53.11.1 * gfs2-kmp-default-debuginfo-6.4.0-150700.53.11.1 * cluster-md-kmp-default-6.4.0-150700.53.11.1 * ocfs2-kmp-default-debuginfo-6.4.0-150700.53.11.1 * SUSE Linux Enterprise High Availability Extension 15 SP7 (nosrc) * kernel-default-6.4.0-150700.53.11.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (nosrc) * kernel-default-6.4.0-150700.53.11.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * kernel-default-debuginfo-6.4.0-150700.53.11.1 * kernel-default-debugsource-6.4.0-150700.53.11.1 * kernel-default-extra-debuginfo-6.4.0-150700.53.11.1 * kernel-default-extra-6.4.0-150700.53.11.1 * SUSE Linux Enterprise Live Patching 15-SP7 (nosrc) * kernel-default-6.4.0-150700.53.11.1 * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150700_53_11-default-debuginfo-1-150700.15.3.4 * kernel-default-debuginfo-6.4.0-150700.53.11.1 * kernel-livepatch-6_4_0-150700_53_11-default-1-150700.15.3.4 * kernel-default-debugsource-6.4.0-150700.53.11.1 * kernel-default-livepatch-6.4.0-150700.53.11.1 * kernel-livepatch-SLE15-SP7_Update_3-debugsource-1-150700.15.3.4 * kernel-default-livepatch-devel-6.4.0-150700.53.11.1 ## References: * https://www.suse.com/security/cve/CVE-2019-11135.html * https://www.suse.com/security/cve/CVE-2024-36028.html * https://www.suse.com/security/cve/CVE-2024-36348.html * https://www.suse.com/security/cve/CVE-2024-36349.html * https://www.suse.com/security/cve/CVE-2024-36350.html * https://www.suse.com/security/cve/CVE-2024-36357.html * https://www.suse.com/security/cve/CVE-2024-39298.html * https://www.suse.com/security/cve/CVE-2024-42134.html * https://www.suse.com/security/cve/CVE-2024-44963.html * https://www.suse.com/security/cve/CVE-2024-49861.html * https://www.suse.com/security/cve/CVE-2024-56742.html * https://www.suse.com/security/cve/CVE-2024-57947.html * https://www.suse.com/security/cve/CVE-2025-21839.html * https://www.suse.com/security/cve/CVE-2025-21854.html * https://www.suse.com/security/cve/CVE-2025-21872.html * https://www.suse.com/security/cve/CVE-2025-22090.html * https://www.suse.com/security/cve/CVE-2025-23163.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-37856.html * https://www.suse.com/security/cve/CVE-2025-37864.html * https://www.suse.com/security/cve/CVE-2025-37885.html * https://www.suse.com/security/cve/CVE-2025-37920.html * https://www.suse.com/security/cve/CVE-2025-37984.html * https://www.suse.com/security/cve/CVE-2025-38034.html * https://www.suse.com/security/cve/CVE-2025-38035.html * https://www.suse.com/security/cve/CVE-2025-38047.html * https://www.suse.com/security/cve/CVE-2025-38051.html * https://www.suse.com/security/cve/CVE-2025-38052.html * https://www.suse.com/security/cve/CVE-2025-38058.html * https://www.suse.com/security/cve/CVE-2025-38061.html * https://www.suse.com/security/cve/CVE-2025-38062.html * https://www.suse.com/security/cve/CVE-2025-38063.html * https://www.suse.com/security/cve/CVE-2025-38064.html * https://www.suse.com/security/cve/CVE-2025-38074.html * https://www.suse.com/security/cve/CVE-2025-38084.html * https://www.suse.com/security/cve/CVE-2025-38085.html * https://www.suse.com/security/cve/CVE-2025-38087.html * https://www.suse.com/security/cve/CVE-2025-38088.html * https://www.suse.com/security/cve/CVE-2025-38089.html * https://www.suse.com/security/cve/CVE-2025-38090.html * https://www.suse.com/security/cve/CVE-2025-38091.html * https://www.suse.com/security/cve/CVE-2025-38094.html * https://www.suse.com/security/cve/CVE-2025-38095.html * https://www.suse.com/security/cve/CVE-2025-38097.html * https://www.suse.com/security/cve/CVE-2025-38098.html * https://www.suse.com/security/cve/CVE-2025-38099.html * https://www.suse.com/security/cve/CVE-2025-38100.html * https://www.suse.com/security/cve/CVE-2025-38102.html * https://www.suse.com/security/cve/CVE-2025-38105.html * https://www.suse.com/security/cve/CVE-2025-38106.html * https://www.suse.com/security/cve/CVE-2025-38107.html * https://www.suse.com/security/cve/CVE-2025-38108.html * https://www.suse.com/security/cve/CVE-2025-38109.html * https://www.suse.com/security/cve/CVE-2025-38110.html * https://www.suse.com/security/cve/CVE-2025-38111.html * https://www.suse.com/security/cve/CVE-2025-38112.html * https://www.suse.com/security/cve/CVE-2025-38113.html * https://www.suse.com/security/cve/CVE-2025-38114.html * https://www.suse.com/security/cve/CVE-2025-38115.html * https://www.suse.com/security/cve/CVE-2025-38117.html * https://www.suse.com/security/cve/CVE-2025-38118.html * https://www.suse.com/security/cve/CVE-2025-38120.html * https://www.suse.com/security/cve/CVE-2025-38122.html * https://www.suse.com/security/cve/CVE-2025-38123.html * https://www.suse.com/security/cve/CVE-2025-38124.html * https://www.suse.com/security/cve/CVE-2025-38126.html * https://www.suse.com/security/cve/CVE-2025-38127.html * https://www.suse.com/security/cve/CVE-2025-38129.html * https://www.suse.com/security/cve/CVE-2025-38131.html * https://www.suse.com/security/cve/CVE-2025-38132.html * https://www.suse.com/security/cve/CVE-2025-38135.html * https://www.suse.com/security/cve/CVE-2025-38136.html * https://www.suse.com/security/cve/CVE-2025-38138.html * https://www.suse.com/security/cve/CVE-2025-38142.html * https://www.suse.com/security/cve/CVE-2025-38143.html * https://www.suse.com/security/cve/CVE-2025-38145.html * https://www.suse.com/security/cve/CVE-2025-38147.html * https://www.suse.com/security/cve/CVE-2025-38148.html * https://www.suse.com/security/cve/CVE-2025-38149.html * https://www.suse.com/security/cve/CVE-2025-38151.html * https://www.suse.com/security/cve/CVE-2025-38153.html * https://www.suse.com/security/cve/CVE-2025-38154.html * https://www.suse.com/security/cve/CVE-2025-38155.html * https://www.suse.com/security/cve/CVE-2025-38157.html * https://www.suse.com/security/cve/CVE-2025-38158.html * https://www.suse.com/security/cve/CVE-2025-38159.html * https://www.suse.com/security/cve/CVE-2025-38161.html * https://www.suse.com/security/cve/CVE-2025-38162.html * https://www.suse.com/security/cve/CVE-2025-38165.html * https://www.suse.com/security/cve/CVE-2025-38166.html * https://www.suse.com/security/cve/CVE-2025-38173.html * https://www.suse.com/security/cve/CVE-2025-38174.html * https://www.suse.com/security/cve/CVE-2025-38177.html * https://www.suse.com/security/cve/CVE-2025-38180.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38182.html * https://www.suse.com/security/cve/CVE-2025-38183.html * https://www.suse.com/security/cve/CVE-2025-38186.html * https://www.suse.com/security/cve/CVE-2025-38187.html * https://www.suse.com/security/cve/CVE-2025-38188.html * https://www.suse.com/security/cve/CVE-2025-38189.html * https://www.suse.com/security/cve/CVE-2025-38192.html * https://www.suse.com/security/cve/CVE-2025-38193.html * https://www.suse.com/security/cve/CVE-2025-38194.html * https://www.suse.com/security/cve/CVE-2025-38197.html * https://www.suse.com/security/cve/CVE-2025-38198.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38202.html * https://www.suse.com/security/cve/CVE-2025-38203.html * https://www.suse.com/security/cve/CVE-2025-38204.html * https://www.suse.com/security/cve/CVE-2025-38206.html * https://www.suse.com/security/cve/CVE-2025-38210.html * https://www.suse.com/security/cve/CVE-2025-38211.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38214.html * https://www.suse.com/security/cve/CVE-2025-38215.html * https://www.suse.com/security/cve/CVE-2025-38217.html * https://www.suse.com/security/cve/CVE-2025-38220.html * https://www.suse.com/security/cve/CVE-2025-38222.html * https://www.suse.com/security/cve/CVE-2025-38225.html * https://www.suse.com/security/cve/CVE-2025-38226.html * https://www.suse.com/security/cve/CVE-2025-38227.html * https://www.suse.com/security/cve/CVE-2025-38229.html * https://www.suse.com/security/cve/CVE-2025-38231.html * https://www.suse.com/security/cve/CVE-2025-38236.html * https://www.suse.com/security/cve/CVE-2025-38238.html * https://www.suse.com/security/cve/CVE-2025-38239.html * https://www.suse.com/security/cve/CVE-2025-38244.html * https://www.suse.com/security/cve/CVE-2025-38246.html * https://www.suse.com/security/cve/CVE-2025-38248.html * https://www.suse.com/security/cve/CVE-2025-38249.html * https://www.suse.com/security/cve/CVE-2025-38250.html * https://www.suse.com/security/cve/CVE-2025-38256.html * https://www.suse.com/security/cve/CVE-2025-38257.html * https://www.suse.com/security/cve/CVE-2025-38259.html * https://www.suse.com/security/cve/CVE-2025-38264.html * https://www.suse.com/security/cve/CVE-2025-38265.html * https://www.suse.com/security/cve/CVE-2025-38268.html * https://www.suse.com/security/cve/CVE-2025-38272.html * https://www.suse.com/security/cve/CVE-2025-38273.html * https://www.suse.com/security/cve/CVE-2025-38275.html * https://www.suse.com/security/cve/CVE-2025-38277.html * https://www.suse.com/security/cve/CVE-2025-38279.html * https://www.suse.com/security/cve/CVE-2025-38283.html * https://www.suse.com/security/cve/CVE-2025-38286.html * https://www.suse.com/security/cve/CVE-2025-38287.html * https://www.suse.com/security/cve/CVE-2025-38288.html * https://www.suse.com/security/cve/CVE-2025-38289.html * https://www.suse.com/security/cve/CVE-2025-38290.html * https://www.suse.com/security/cve/CVE-2025-38291.html * https://www.suse.com/security/cve/CVE-2025-38292.html * https://www.suse.com/security/cve/CVE-2025-38293.html * https://www.suse.com/security/cve/CVE-2025-38299.html * https://www.suse.com/security/cve/CVE-2025-38300.html * https://www.suse.com/security/cve/CVE-2025-38303.html * https://www.suse.com/security/cve/CVE-2025-38304.html * https://www.suse.com/security/cve/CVE-2025-38305.html * https://www.suse.com/security/cve/CVE-2025-38307.html * https://www.suse.com/security/cve/CVE-2025-38310.html * https://www.suse.com/security/cve/CVE-2025-38312.html * https://www.suse.com/security/cve/CVE-2025-38313.html * https://www.suse.com/security/cve/CVE-2025-38315.html * https://www.suse.com/security/cve/CVE-2025-38317.html * https://www.suse.com/security/cve/CVE-2025-38319.html * https://www.suse.com/security/cve/CVE-2025-38323.html * https://www.suse.com/security/cve/CVE-2025-38326.html * https://www.suse.com/security/cve/CVE-2025-38328.html * https://www.suse.com/security/cve/CVE-2025-38332.html * https://www.suse.com/security/cve/CVE-2025-38334.html * https://www.suse.com/security/cve/CVE-2025-38335.html * https://www.suse.com/security/cve/CVE-2025-38336.html * https://www.suse.com/security/cve/CVE-2025-38337.html * https://www.suse.com/security/cve/CVE-2025-38338.html * https://www.suse.com/security/cve/CVE-2025-38342.html * https://www.suse.com/security/cve/CVE-2025-38343.html * https://www.suse.com/security/cve/CVE-2025-38344.html * https://www.suse.com/security/cve/CVE-2025-38345.html * https://www.suse.com/security/cve/CVE-2025-38348.html * https://www.suse.com/security/cve/CVE-2025-38349.html * https://www.suse.com/security/cve/CVE-2025-38350.html * https://www.suse.com/security/cve/CVE-2025-38352.html * https://www.suse.com/security/cve/CVE-2025-38353.html * https://www.suse.com/security/cve/CVE-2025-38354.html * https://www.suse.com/security/cve/CVE-2025-38355.html * https://www.suse.com/security/cve/CVE-2025-38356.html * https://www.suse.com/security/cve/CVE-2025-38361.html * https://www.suse.com/security/cve/CVE-2025-38362.html * https://www.suse.com/security/cve/CVE-2025-38363.html * https://www.suse.com/security/cve/CVE-2025-38364.html * https://www.suse.com/security/cve/CVE-2025-38365.html * https://www.suse.com/security/cve/CVE-2025-38369.html * https://www.suse.com/security/cve/CVE-2025-38371.html * https://www.suse.com/security/cve/CVE-2025-38373.html * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-38376.html * https://www.suse.com/security/cve/CVE-2025-38377.html * https://www.suse.com/security/cve/CVE-2025-38380.html * https://www.suse.com/security/cve/CVE-2025-38382.html * https://www.suse.com/security/cve/CVE-2025-38384.html * https://www.suse.com/security/cve/CVE-2025-38385.html * https://www.suse.com/security/cve/CVE-2025-38386.html * https://www.suse.com/security/cve/CVE-2025-38387.html * https://www.suse.com/security/cve/CVE-2025-38389.html * https://www.suse.com/security/cve/CVE-2025-38391.html * https://www.suse.com/security/cve/CVE-2025-38392.html * https://www.suse.com/security/cve/CVE-2025-38393.html * https://www.suse.com/security/cve/CVE-2025-38395.html * https://www.suse.com/security/cve/CVE-2025-38396.html * https://www.suse.com/security/cve/CVE-2025-38399.html * https://www.suse.com/security/cve/CVE-2025-38400.html * https://www.suse.com/security/cve/CVE-2025-38401.html * https://www.suse.com/security/cve/CVE-2025-38403.html * https://www.suse.com/security/cve/CVE-2025-38404.html * https://www.suse.com/security/cve/CVE-2025-38406.html * https://www.suse.com/security/cve/CVE-2025-38409.html * https://www.suse.com/security/cve/CVE-2025-38410.html * https://www.suse.com/security/cve/CVE-2025-38412.html * https://www.suse.com/security/cve/CVE-2025-38414.html * https://www.suse.com/security/cve/CVE-2025-38415.html * https://www.suse.com/security/cve/CVE-2025-38416.html * https://www.suse.com/security/cve/CVE-2025-38417.html * https://www.suse.com/security/cve/CVE-2025-38420.html * https://www.suse.com/security/cve/CVE-2025-38424.html * https://www.suse.com/security/cve/CVE-2025-38425.html * https://www.suse.com/security/cve/CVE-2025-38426.html * https://www.suse.com/security/cve/CVE-2025-38427.html * https://www.suse.com/security/cve/CVE-2025-38428.html * https://www.suse.com/security/cve/CVE-2025-38429.html * https://www.suse.com/security/cve/CVE-2025-38430.html * https://www.suse.com/security/cve/CVE-2025-38436.html * https://www.suse.com/security/cve/CVE-2025-38443.html * https://www.suse.com/security/cve/CVE-2025-38448.html * https://www.suse.com/security/cve/CVE-2025-38449.html * https://www.suse.com/security/cve/CVE-2025-38453.html * https://www.suse.com/security/cve/CVE-2025-38455.html * https://www.suse.com/security/cve/CVE-2025-38457.html * https://www.suse.com/security/cve/CVE-2025-38460.html * https://www.suse.com/security/cve/CVE-2025-38461.html * https://www.suse.com/security/cve/CVE-2025-38462.html * https://www.suse.com/security/cve/CVE-2025-38463.html * https://www.suse.com/security/cve/CVE-2025-38465.html * https://www.suse.com/security/cve/CVE-2025-38467.html * https://www.suse.com/security/cve/CVE-2025-38468.html * https://www.suse.com/security/cve/CVE-2025-38470.html * https://www.suse.com/security/cve/CVE-2025-38471.html * https://www.suse.com/security/cve/CVE-2025-38473.html * https://www.suse.com/security/cve/CVE-2025-38474.html * https://www.suse.com/security/cve/CVE-2025-38475.html * https://www.suse.com/security/cve/CVE-2025-38476.html * https://www.suse.com/security/cve/CVE-2025-38477.html * https://www.suse.com/security/cve/CVE-2025-38478.html * https://www.suse.com/security/cve/CVE-2025-38480.html * https://www.suse.com/security/cve/CVE-2025-38481.html * https://www.suse.com/security/cve/CVE-2025-38482.html * https://www.suse.com/security/cve/CVE-2025-38483.html * https://www.suse.com/security/cve/CVE-2025-38485.html * https://www.suse.com/security/cve/CVE-2025-38487.html * https://www.suse.com/security/cve/CVE-2025-38489.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://www.suse.com/security/cve/CVE-2025-38496.html * https://www.suse.com/security/cve/CVE-2025-38497.html * https://www.suse.com/security/cve/CVE-2025-38498.html * https://bugzilla.suse.com/show_bug.cgi?id=1139073 * https://bugzilla.suse.com/show_bug.cgi?id=1204142 * https://bugzilla.suse.com/show_bug.cgi?id=1219338 * https://bugzilla.suse.com/show_bug.cgi?id=1225707 * https://bugzilla.suse.com/show_bug.cgi?id=1227082 * https://bugzilla.suse.com/show_bug.cgi?id=1228664 * https://bugzilla.suse.com/show_bug.cgi?id=1230216 * https://bugzilla.suse.com/show_bug.cgi?id=1233300 * https://bugzilla.suse.com/show_bug.cgi?id=1235515 * https://bugzilla.suse.com/show_bug.cgi?id=1235613 * https://bugzilla.suse.com/show_bug.cgi?id=1235837 * https://bugzilla.suse.com/show_bug.cgi?id=1236333 * https://bugzilla.suse.com/show_bug.cgi?id=1236897 * https://bugzilla.suse.com/show_bug.cgi?id=1238896 * https://bugzilla.suse.com/show_bug.cgi?id=1239061 * https://bugzilla.suse.com/show_bug.cgi?id=1239470 * https://bugzilla.suse.com/show_bug.cgi?id=1240323 * https://bugzilla.suse.com/show_bug.cgi?id=1240696 * https://bugzilla.suse.com/show_bug.cgi?id=1240885 * https://bugzilla.suse.com/show_bug.cgi?id=1240966 * https://bugzilla.suse.com/show_bug.cgi?id=1240998 * https://bugzilla.suse.com/show_bug.cgi?id=1241166 * https://bugzilla.suse.com/show_bug.cgi?id=1241200 * https://bugzilla.suse.com/show_bug.cgi?id=1241345 * https://bugzilla.suse.com/show_bug.cgi?id=1241537 * https://bugzilla.suse.com/show_bug.cgi?id=1242086 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242837 * https://bugzilla.suse.com/show_bug.cgi?id=1242960 * https://bugzilla.suse.com/show_bug.cgi?id=1242965 * https://bugzilla.suse.com/show_bug.cgi?id=1242993 * https://bugzilla.suse.com/show_bug.cgi?id=1243042 * https://bugzilla.suse.com/show_bug.cgi?id=1243068 * https://bugzilla.suse.com/show_bug.cgi?id=1243100 * https://bugzilla.suse.com/show_bug.cgi?id=1243479 * https://bugzilla.suse.com/show_bug.cgi?id=1243669 * https://bugzilla.suse.com/show_bug.cgi?id=1243678 * https://bugzilla.suse.com/show_bug.cgi?id=1243806 * https://bugzilla.suse.com/show_bug.cgi?id=1244309 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1244457 * https://bugzilla.suse.com/show_bug.cgi?id=1244735 * https://bugzilla.suse.com/show_bug.cgi?id=1244749 * https://bugzilla.suse.com/show_bug.cgi?id=1244750 * https://bugzilla.suse.com/show_bug.cgi?id=1244792 * https://bugzilla.suse.com/show_bug.cgi?id=1244801 * https://bugzilla.suse.com/show_bug.cgi?id=1245084 * https://bugzilla.suse.com/show_bug.cgi?id=1245151 * https://bugzilla.suse.com/show_bug.cgi?id=1245201 * https://bugzilla.suse.com/show_bug.cgi?id=1245202 * https://bugzilla.suse.com/show_bug.cgi?id=1245216 * https://bugzilla.suse.com/show_bug.cgi?id=1245260 * https://bugzilla.suse.com/show_bug.cgi?id=1245431 * https://bugzilla.suse.com/show_bug.cgi?id=1245440 * https://bugzilla.suse.com/show_bug.cgi?id=1245457 * https://bugzilla.suse.com/show_bug.cgi?id=1245498 * https://bugzilla.suse.com/show_bug.cgi?id=1245499 * https://bugzilla.suse.com/show_bug.cgi?id=1245504 * https://bugzilla.suse.com/show_bug.cgi?id=1245506 * https://bugzilla.suse.com/show_bug.cgi?id=1245508 * https://bugzilla.suse.com/show_bug.cgi?id=1245510 * https://bugzilla.suse.com/show_bug.cgi?id=1245540 * https://bugzilla.suse.com/show_bug.cgi?id=1245598 * https://bugzilla.suse.com/show_bug.cgi?id=1245599 * https://bugzilla.suse.com/show_bug.cgi?id=1245621 * https://bugzilla.suse.com/show_bug.cgi?id=1245646 * https://bugzilla.suse.com/show_bug.cgi?id=1245647 * https://bugzilla.suse.com/show_bug.cgi?id=1245649 * https://bugzilla.suse.com/show_bug.cgi?id=1245650 * https://bugzilla.suse.com/show_bug.cgi?id=1245654 * https://bugzilla.suse.com/show_bug.cgi?id=1245658 * https://bugzilla.suse.com/show_bug.cgi?id=1245660 * https://bugzilla.suse.com/show_bug.cgi?id=1245664 * https://bugzilla.suse.com/show_bug.cgi?id=1245665 * https://bugzilla.suse.com/show_bug.cgi?id=1245666 * https://bugzilla.suse.com/show_bug.cgi?id=1245668 * https://bugzilla.suse.com/show_bug.cgi?id=1245669 * https://bugzilla.suse.com/show_bug.cgi?id=1245670 * https://bugzilla.suse.com/show_bug.cgi?id=1245671 * https://bugzilla.suse.com/show_bug.cgi?id=1245675 * https://bugzilla.suse.com/show_bug.cgi?id=1245676 * https://bugzilla.suse.com/show_bug.cgi?id=1245677 * https://bugzilla.suse.com/show_bug.cgi?id=1245679 * https://bugzilla.suse.com/show_bug.cgi?id=1245682 * https://bugzilla.suse.com/show_bug.cgi?id=1245683 * https://bugzilla.suse.com/show_bug.cgi?id=1245684 * https://bugzilla.suse.com/show_bug.cgi?id=1245686 * https://bugzilla.suse.com/show_bug.cgi?id=1245688 * https://bugzilla.suse.com/show_bug.cgi?id=1245689 * https://bugzilla.suse.com/show_bug.cgi?id=1245690 * https://bugzilla.suse.com/show_bug.cgi?id=1245691 * https://bugzilla.suse.com/show_bug.cgi?id=1245695 * https://bugzilla.suse.com/show_bug.cgi?id=1245705 * https://bugzilla.suse.com/show_bug.cgi?id=1245708 * https://bugzilla.suse.com/show_bug.cgi?id=1245711 * https://bugzilla.suse.com/show_bug.cgi?id=1245713 * https://bugzilla.suse.com/show_bug.cgi?id=1245714 * https://bugzilla.suse.com/show_bug.cgi?id=1245719 * https://bugzilla.suse.com/show_bug.cgi?id=1245723 * https://bugzilla.suse.com/show_bug.cgi?id=1245729 * https://bugzilla.suse.com/show_bug.cgi?id=1245730 * https://bugzilla.suse.com/show_bug.cgi?id=1245731 * https://bugzilla.suse.com/show_bug.cgi?id=1245735 * https://bugzilla.suse.com/show_bug.cgi?id=1245737 * https://bugzilla.suse.com/show_bug.cgi?id=1245744 * https://bugzilla.suse.com/show_bug.cgi?id=1245745 * https://bugzilla.suse.com/show_bug.cgi?id=1245746 * https://bugzilla.suse.com/show_bug.cgi?id=1245747 * https://bugzilla.suse.com/show_bug.cgi?id=1245748 * https://bugzilla.suse.com/show_bug.cgi?id=1245749 * https://bugzilla.suse.com/show_bug.cgi?id=1245750 * https://bugzilla.suse.com/show_bug.cgi?id=1245751 * https://bugzilla.suse.com/show_bug.cgi?id=1245752 * https://bugzilla.suse.com/show_bug.cgi?id=1245757 * https://bugzilla.suse.com/show_bug.cgi?id=1245758 * https://bugzilla.suse.com/show_bug.cgi?id=1245765 * https://bugzilla.suse.com/show_bug.cgi?id=1245768 * https://bugzilla.suse.com/show_bug.cgi?id=1245769 * https://bugzilla.suse.com/show_bug.cgi?id=1245777 * https://bugzilla.suse.com/show_bug.cgi?id=1245781 * https://bugzilla.suse.com/show_bug.cgi?id=1245789 * https://bugzilla.suse.com/show_bug.cgi?id=1245812 * https://bugzilla.suse.com/show_bug.cgi?id=1245937 * https://bugzilla.suse.com/show_bug.cgi?id=1245945 * https://bugzilla.suse.com/show_bug.cgi?id=1245951 * https://bugzilla.suse.com/show_bug.cgi?id=1245952 * https://bugzilla.suse.com/show_bug.cgi?id=1245954 * https://bugzilla.suse.com/show_bug.cgi?id=1245955 * https://bugzilla.suse.com/show_bug.cgi?id=1245957 * https://bugzilla.suse.com/show_bug.cgi?id=1245966 * https://bugzilla.suse.com/show_bug.cgi?id=1245970 * https://bugzilla.suse.com/show_bug.cgi?id=1245976 * https://bugzilla.suse.com/show_bug.cgi?id=1245980 * https://bugzilla.suse.com/show_bug.cgi?id=1245983 * https://bugzilla.suse.com/show_bug.cgi?id=1245986 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246002 * https://bugzilla.suse.com/show_bug.cgi?id=1246006 * https://bugzilla.suse.com/show_bug.cgi?id=1246008 * https://bugzilla.suse.com/show_bug.cgi?id=1246020 * https://bugzilla.suse.com/show_bug.cgi?id=1246023 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246031 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246041 * https://bugzilla.suse.com/show_bug.cgi?id=1246042 * https://bugzilla.suse.com/show_bug.cgi?id=1246044 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246047 * https://bugzilla.suse.com/show_bug.cgi?id=1246049 * https://bugzilla.suse.com/show_bug.cgi?id=1246050 * https://bugzilla.suse.com/show_bug.cgi?id=1246055 * https://bugzilla.suse.com/show_bug.cgi?id=1246073 * https://bugzilla.suse.com/show_bug.cgi?id=1246093 * https://bugzilla.suse.com/show_bug.cgi?id=1246098 * https://bugzilla.suse.com/show_bug.cgi?id=1246109 * https://bugzilla.suse.com/show_bug.cgi?id=1246113 * https://bugzilla.suse.com/show_bug.cgi?id=1246122 * https://bugzilla.suse.com/show_bug.cgi?id=1246125 * https://bugzilla.suse.com/show_bug.cgi?id=1246134 * https://bugzilla.suse.com/show_bug.cgi?id=1246171 * https://bugzilla.suse.com/show_bug.cgi?id=1246173 * https://bugzilla.suse.com/show_bug.cgi?id=1246178 * https://bugzilla.suse.com/show_bug.cgi?id=1246179 * https://bugzilla.suse.com/show_bug.cgi?id=1246182 * https://bugzilla.suse.com/show_bug.cgi?id=1246183 * https://bugzilla.suse.com/show_bug.cgi?id=1246186 * https://bugzilla.suse.com/show_bug.cgi?id=1246188 * https://bugzilla.suse.com/show_bug.cgi?id=1246195 * https://bugzilla.suse.com/show_bug.cgi?id=1246203 * https://bugzilla.suse.com/show_bug.cgi?id=1246212 * https://bugzilla.suse.com/show_bug.cgi?id=1246217 * https://bugzilla.suse.com/show_bug.cgi?id=1246220 * https://bugzilla.suse.com/show_bug.cgi?id=1246236 * https://bugzilla.suse.com/show_bug.cgi?id=1246240 * https://bugzilla.suse.com/show_bug.cgi?id=1246243 * https://bugzilla.suse.com/show_bug.cgi?id=1246244 * https://bugzilla.suse.com/show_bug.cgi?id=1246246 * https://bugzilla.suse.com/show_bug.cgi?id=1246249 * https://bugzilla.suse.com/show_bug.cgi?id=1246250 * https://bugzilla.suse.com/show_bug.cgi?id=1246253 * https://bugzilla.suse.com/show_bug.cgi?id=1246258 * https://bugzilla.suse.com/show_bug.cgi?id=1246262 * https://bugzilla.suse.com/show_bug.cgi?id=1246264 * https://bugzilla.suse.com/show_bug.cgi?id=1246266 * https://bugzilla.suse.com/show_bug.cgi?id=1246268 * https://bugzilla.suse.com/show_bug.cgi?id=1246273 * https://bugzilla.suse.com/show_bug.cgi?id=1246283 * https://bugzilla.suse.com/show_bug.cgi?id=1246285 * https://bugzilla.suse.com/show_bug.cgi?id=1246286 * https://bugzilla.suse.com/show_bug.cgi?id=1246287 * https://bugzilla.suse.com/show_bug.cgi?id=1246290 * https://bugzilla.suse.com/show_bug.cgi?id=1246292 * https://bugzilla.suse.com/show_bug.cgi?id=1246293 * https://bugzilla.suse.com/show_bug.cgi?id=1246295 * https://bugzilla.suse.com/show_bug.cgi?id=1246297 * https://bugzilla.suse.com/show_bug.cgi?id=1246333 * https://bugzilla.suse.com/show_bug.cgi?id=1246334 * https://bugzilla.suse.com/show_bug.cgi?id=1246337 * https://bugzilla.suse.com/show_bug.cgi?id=1246342 * https://bugzilla.suse.com/show_bug.cgi?id=1246349 * https://bugzilla.suse.com/show_bug.cgi?id=1246354 * https://bugzilla.suse.com/show_bug.cgi?id=1246358 * https://bugzilla.suse.com/show_bug.cgi?id=1246361 * https://bugzilla.suse.com/show_bug.cgi?id=1246364 * https://bugzilla.suse.com/show_bug.cgi?id=1246370 * https://bugzilla.suse.com/show_bug.cgi?id=1246375 * https://bugzilla.suse.com/show_bug.cgi?id=1246384 * https://bugzilla.suse.com/show_bug.cgi?id=1246385 * https://bugzilla.suse.com/show_bug.cgi?id=1246386 * https://bugzilla.suse.com/show_bug.cgi?id=1246387 * https://bugzilla.suse.com/show_bug.cgi?id=1246438 * https://bugzilla.suse.com/show_bug.cgi?id=1246443 * https://bugzilla.suse.com/show_bug.cgi?id=1246449 * https://bugzilla.suse.com/show_bug.cgi?id=1246453 * https://bugzilla.suse.com/show_bug.cgi?id=1246473 * https://bugzilla.suse.com/show_bug.cgi?id=1246490 * https://bugzilla.suse.com/show_bug.cgi?id=1246506 * https://bugzilla.suse.com/show_bug.cgi?id=1246547 * https://bugzilla.suse.com/show_bug.cgi?id=1246644 * https://bugzilla.suse.com/show_bug.cgi?id=1246695 * https://bugzilla.suse.com/show_bug.cgi?id=1246777 * https://bugzilla.suse.com/show_bug.cgi?id=1246781 * https://bugzilla.suse.com/show_bug.cgi?id=1246870 * https://bugzilla.suse.com/show_bug.cgi?id=1246879 * https://bugzilla.suse.com/show_bug.cgi?id=1246911 * https://bugzilla.suse.com/show_bug.cgi?id=1247018 * https://bugzilla.suse.com/show_bug.cgi?id=1247021 * https://bugzilla.suse.com/show_bug.cgi?id=1247023 * https://bugzilla.suse.com/show_bug.cgi?id=1247028 * https://bugzilla.suse.com/show_bug.cgi?id=1247031 * https://bugzilla.suse.com/show_bug.cgi?id=1247033 * https://bugzilla.suse.com/show_bug.cgi?id=1247035 * https://bugzilla.suse.com/show_bug.cgi?id=1247061 * https://bugzilla.suse.com/show_bug.cgi?id=1247062 * https://bugzilla.suse.com/show_bug.cgi?id=1247064 * https://bugzilla.suse.com/show_bug.cgi?id=1247079 * https://bugzilla.suse.com/show_bug.cgi?id=1247089 * https://bugzilla.suse.com/show_bug.cgi?id=1247091 * https://bugzilla.suse.com/show_bug.cgi?id=1247097 * https://bugzilla.suse.com/show_bug.cgi?id=1247098 * https://bugzilla.suse.com/show_bug.cgi?id=1247101 * https://bugzilla.suse.com/show_bug.cgi?id=1247103 * https://bugzilla.suse.com/show_bug.cgi?id=1247104 * https://bugzilla.suse.com/show_bug.cgi?id=1247113 * https://bugzilla.suse.com/show_bug.cgi?id=1247118 * https://bugzilla.suse.com/show_bug.cgi?id=1247123 * https://bugzilla.suse.com/show_bug.cgi?id=1247125 * https://bugzilla.suse.com/show_bug.cgi?id=1247128 * https://bugzilla.suse.com/show_bug.cgi?id=1247132 * https://bugzilla.suse.com/show_bug.cgi?id=1247138 * https://bugzilla.suse.com/show_bug.cgi?id=1247141 * https://bugzilla.suse.com/show_bug.cgi?id=1247143 * https://bugzilla.suse.com/show_bug.cgi?id=1247145 * https://bugzilla.suse.com/show_bug.cgi?id=1247146 * https://bugzilla.suse.com/show_bug.cgi?id=1247147 * https://bugzilla.suse.com/show_bug.cgi?id=1247149 * https://bugzilla.suse.com/show_bug.cgi?id=1247150 * https://bugzilla.suse.com/show_bug.cgi?id=1247151 * https://bugzilla.suse.com/show_bug.cgi?id=1247152 * https://bugzilla.suse.com/show_bug.cgi?id=1247153 * https://bugzilla.suse.com/show_bug.cgi?id=1247154 * https://bugzilla.suse.com/show_bug.cgi?id=1247156 * https://bugzilla.suse.com/show_bug.cgi?id=1247160 * https://bugzilla.suse.com/show_bug.cgi?id=1247164 * https://bugzilla.suse.com/show_bug.cgi?id=1247169 * https://bugzilla.suse.com/show_bug.cgi?id=1247170 * https://bugzilla.suse.com/show_bug.cgi?id=1247171 * https://bugzilla.suse.com/show_bug.cgi?id=1247172 * https://bugzilla.suse.com/show_bug.cgi?id=1247174 * https://bugzilla.suse.com/show_bug.cgi?id=1247176 * https://bugzilla.suse.com/show_bug.cgi?id=1247177 * https://bugzilla.suse.com/show_bug.cgi?id=1247178 * https://bugzilla.suse.com/show_bug.cgi?id=1247181 * https://bugzilla.suse.com/show_bug.cgi?id=1247209 * https://bugzilla.suse.com/show_bug.cgi?id=1247210 * https://bugzilla.suse.com/show_bug.cgi?id=1247227 * https://bugzilla.suse.com/show_bug.cgi?id=1247233 * https://bugzilla.suse.com/show_bug.cgi?id=1247234 * https://bugzilla.suse.com/show_bug.cgi?id=1247236 * https://bugzilla.suse.com/show_bug.cgi?id=1247238 * https://bugzilla.suse.com/show_bug.cgi?id=1247241 * https://bugzilla.suse.com/show_bug.cgi?id=1247251 * https://bugzilla.suse.com/show_bug.cgi?id=1247252 * https://bugzilla.suse.com/show_bug.cgi?id=1247253 * https://bugzilla.suse.com/show_bug.cgi?id=1247255 * https://bugzilla.suse.com/show_bug.cgi?id=1247265 * https://bugzilla.suse.com/show_bug.cgi?id=1247271 * https://bugzilla.suse.com/show_bug.cgi?id=1247273 * https://bugzilla.suse.com/show_bug.cgi?id=1247274 * https://bugzilla.suse.com/show_bug.cgi?id=1247276 * https://bugzilla.suse.com/show_bug.cgi?id=1247277 * https://bugzilla.suse.com/show_bug.cgi?id=1247278 * https://bugzilla.suse.com/show_bug.cgi?id=1247279 * https://bugzilla.suse.com/show_bug.cgi?id=1247282 * https://bugzilla.suse.com/show_bug.cgi?id=1247284 * https://bugzilla.suse.com/show_bug.cgi?id=1247285 * https://bugzilla.suse.com/show_bug.cgi?id=1247288 * https://bugzilla.suse.com/show_bug.cgi?id=1247289 * https://bugzilla.suse.com/show_bug.cgi?id=1247293 * https://bugzilla.suse.com/show_bug.cgi?id=1247308 * https://bugzilla.suse.com/show_bug.cgi?id=1247311 * https://bugzilla.suse.com/show_bug.cgi?id=1247314 * https://bugzilla.suse.com/show_bug.cgi?id=1247317 * https://bugzilla.suse.com/show_bug.cgi?id=1247347 * https://bugzilla.suse.com/show_bug.cgi?id=1247348 * https://bugzilla.suse.com/show_bug.cgi?id=1247349 * https://bugzilla.suse.com/show_bug.cgi?id=1247374 * https://bugzilla.suse.com/show_bug.cgi?id=1247437 * https://bugzilla.suse.com/show_bug.cgi?id=1247450 * https://bugzilla.suse.com/show_bug.cgi?id=1247712 * https://bugzilla.suse.com/show_bug.cgi?id=1247831 * https://jira.suse.com/browse/PED-12731 * https://jira.suse.com/browse/PED-12745 * https://jira.suse.com/browse/PED-13248 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 27 16:34:43 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Aug 2025 16:34:43 -0000 Subject: SUSE-SU-2025:03005-1: important: Security update for postgresql16 Message-ID: <175631248398.11230.6907078891056266841@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2025:03005-1 Release Date: 2025-08-27T13:43:59Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Legacy Module 15-SP7 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql16 fixes the following issues: Upgraded to 16.10: * CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table (bsc#1248120) * CVE-2025-8714: Fixed untrusted data inclusion in pg_dump allows superuser of origin server to execute arbitrary code in psql client (bsc#1248122) * CVE-2025-8715: Fixed improper neutralization of newlines in pg_dump leading to arbitrary code execution in the psql client and in the restore target server (bsc#1248119) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-3005=1 openSUSE-SLE-15.6-2025-3005=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3005=1 * Legacy Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2025-3005=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-3005=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-3005=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-3005=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-3005=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql16-contrib-16.10-150600.16.21.1 * postgresql16-debuginfo-16.10-150600.16.21.1 * postgresql16-plperl-16.10-150600.16.21.1 * postgresql16-devel-debuginfo-16.10-150600.16.21.1 * postgresql16-server-16.10-150600.16.21.1 * postgresql16-test-16.10-150600.16.21.1 * postgresql16-devel-16.10-150600.16.21.1 * postgresql16-pltcl-debuginfo-16.10-150600.16.21.1 * postgresql16-plperl-debuginfo-16.10-150600.16.21.1 * postgresql16-server-debuginfo-16.10-150600.16.21.1 * postgresql16-server-devel-debuginfo-16.10-150600.16.21.1 * postgresql16-plpython-debuginfo-16.10-150600.16.21.1 * postgresql16-16.10-150600.16.21.1 * postgresql16-server-devel-16.10-150600.16.21.1 * postgresql16-llvmjit-debuginfo-16.10-150600.16.21.1 * postgresql16-contrib-debuginfo-16.10-150600.16.21.1 * postgresql16-plpython-16.10-150600.16.21.1 * postgresql16-pltcl-16.10-150600.16.21.1 * postgresql16-debugsource-16.10-150600.16.21.1 * postgresql16-llvmjit-16.10-150600.16.21.1 * postgresql16-llvmjit-devel-16.10-150600.16.21.1 * openSUSE Leap 15.6 (noarch) * postgresql16-docs-16.10-150600.16.21.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql16-16.10-150600.16.21.1 * postgresql16-debuginfo-16.10-150600.16.21.1 * postgresql16-debugsource-16.10-150600.16.21.1 * Legacy Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql16-contrib-16.10-150600.16.21.1 * postgresql16-debuginfo-16.10-150600.16.21.1 * postgresql16-devel-debuginfo-16.10-150600.16.21.1 * postgresql16-contrib-debuginfo-16.10-150600.16.21.1 * postgresql16-debugsource-16.10-150600.16.21.1 * postgresql16-devel-16.10-150600.16.21.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql16-debuginfo-16.10-150600.16.21.1 * postgresql16-llvmjit-debuginfo-16.10-150600.16.21.1 * postgresql16-llvmjit-16.10-150600.16.21.1 * postgresql16-debugsource-16.10-150600.16.21.1 * postgresql16-test-16.10-150600.16.21.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql16-debuginfo-16.10-150600.16.21.1 * postgresql16-llvmjit-debuginfo-16.10-150600.16.21.1 * postgresql16-llvmjit-16.10-150600.16.21.1 * postgresql16-debugsource-16.10-150600.16.21.1 * postgresql16-test-16.10-150600.16.21.1 * postgresql16-llvmjit-devel-16.10-150600.16.21.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql16-contrib-16.10-150600.16.21.1 * postgresql16-debuginfo-16.10-150600.16.21.1 * postgresql16-plperl-16.10-150600.16.21.1 * postgresql16-plperl-debuginfo-16.10-150600.16.21.1 * postgresql16-devel-debuginfo-16.10-150600.16.21.1 * postgresql16-server-debuginfo-16.10-150600.16.21.1 * postgresql16-contrib-debuginfo-16.10-150600.16.21.1 * postgresql16-server-devel-debuginfo-16.10-150600.16.21.1 * postgresql16-plpython-16.10-150600.16.21.1 * postgresql16-plpython-debuginfo-16.10-150600.16.21.1 * postgresql16-pltcl-16.10-150600.16.21.1 * postgresql16-server-16.10-150600.16.21.1 * postgresql16-server-devel-16.10-150600.16.21.1 * postgresql16-debugsource-16.10-150600.16.21.1 * postgresql16-devel-16.10-150600.16.21.1 * postgresql16-pltcl-debuginfo-16.10-150600.16.21.1 * Server Applications Module 15-SP6 (noarch) * postgresql16-docs-16.10-150600.16.21.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql16-debuginfo-16.10-150600.16.21.1 * postgresql16-server-debuginfo-16.10-150600.16.21.1 * postgresql16-16.10-150600.16.21.1 * postgresql16-debugsource-16.10-150600.16.21.1 * postgresql16-server-16.10-150600.16.21.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 27 16:34:48 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Aug 2025 16:34:48 -0000 Subject: SUSE-SU-2025:03004-1: important: Security update for postgresql15 Message-ID: <175631248853.11230.8221108708810558456@smelt2.prg2.suse.org> # Security update for postgresql15 Announcement ID: SUSE-SU-2025:03004-1 Release Date: 2025-08-27T13:42:47Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql15 fixes the following issues: Upgrade to 15.14: * CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table (bsc#1248120). * CVE-2025-8714: untrusted data inclusion in `pg_dump` lets superuser of origin server execute arbitrary code in psql client (bsc#1248122). * CVE-2025-8715: improper neutralization of newlines in `pg_dump` allows execution of arbitrary code in psql client and in restore target server (bsc#1248119). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-3004=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3004=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql15-devel-debuginfo-15.14-3.44.1 * postgresql15-15.14-3.44.1 * postgresql15-server-devel-15.14-3.44.1 * postgresql15-pltcl-15.14-3.44.1 * postgresql15-contrib-15.14-3.44.1 * postgresql15-plperl-15.14-3.44.1 * postgresql15-debugsource-15.14-3.44.1 * postgresql15-debuginfo-15.14-3.44.1 * postgresql15-contrib-debuginfo-15.14-3.44.1 * postgresql15-plperl-debuginfo-15.14-3.44.1 * postgresql15-pltcl-debuginfo-15.14-3.44.1 * postgresql15-plpython-debuginfo-15.14-3.44.1 * postgresql15-devel-15.14-3.44.1 * postgresql15-server-15.14-3.44.1 * postgresql15-server-debuginfo-15.14-3.44.1 * postgresql15-server-devel-debuginfo-15.14-3.44.1 * postgresql15-plpython-15.14-3.44.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * postgresql15-docs-15.14-3.44.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * postgresql15-devel-debuginfo-15.14-3.44.1 * postgresql15-15.14-3.44.1 * postgresql15-server-devel-15.14-3.44.1 * postgresql15-pltcl-15.14-3.44.1 * postgresql15-contrib-15.14-3.44.1 * postgresql15-plperl-15.14-3.44.1 * postgresql15-debugsource-15.14-3.44.1 * postgresql15-debuginfo-15.14-3.44.1 * postgresql15-contrib-debuginfo-15.14-3.44.1 * postgresql15-plperl-debuginfo-15.14-3.44.1 * postgresql15-pltcl-debuginfo-15.14-3.44.1 * postgresql15-plpython-debuginfo-15.14-3.44.1 * postgresql15-devel-15.14-3.44.1 * postgresql15-server-15.14-3.44.1 * postgresql15-server-debuginfo-15.14-3.44.1 * postgresql15-server-devel-debuginfo-15.14-3.44.1 * postgresql15-plpython-15.14-3.44.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * postgresql15-docs-15.14-3.44.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 27 16:34:55 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Aug 2025 16:34:55 -0000 Subject: SUSE-SU-2025:03001-1: moderate: Security update for ignition Message-ID: <175631249561.11230.1964683394908826259@smelt2.prg2.suse.org> # Security update for ignition Announcement ID: SUSE-SU-2025:03001-1 Release Date: 2025-08-27T12:05:57Z Rating: moderate References: * bsc#1248548 Cross-References: * CVE-2022-28948 CVSS scores: * CVE-2022-28948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2022-28948 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * HPC Module 15-SP6 * HPC Module 15-SP7 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for ignition fixes the following issues: * CVE-2022-28948: Fixed an issue during unmarshaling in Go-Yaml v3 can lead to DoS via invalid input (bsc#1248548) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * HPC Module 15-SP6 zypper in -t patch SUSE-SLE-Module-HPC-15-SP6-2025-3001=1 * HPC Module 15-SP7 zypper in -t patch SUSE-SLE-Module-HPC-15-SP7-2025-3001=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-3001=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-3001=1 ## Package List: * HPC Module 15-SP6 (aarch64 x86_64) * ignition-dracut-grub2-2.14.0-150400.9.12.1 * ignition-debuginfo-2.14.0-150400.9.12.1 * ignition-2.14.0-150400.9.12.1 * HPC Module 15-SP7 (aarch64 x86_64) * ignition-dracut-grub2-2.14.0-150400.9.12.1 * ignition-debuginfo-2.14.0-150400.9.12.1 * ignition-2.14.0-150400.9.12.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * ignition-dracut-grub2-2.14.0-150400.9.12.1 * ignition-debuginfo-2.14.0-150400.9.12.1 * ignition-2.14.0-150400.9.12.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ignition-dracut-grub2-2.14.0-150400.9.12.1 * ignition-debuginfo-2.14.0-150400.9.12.1 * ignition-2.14.0-150400.9.12.1 ## References: * https://www.suse.com/security/cve/CVE-2022-28948.html * https://bugzilla.suse.com/show_bug.cgi?id=1248548 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 27 16:34:53 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Aug 2025 16:34:53 -0000 Subject: SUSE-SU-2025:03003-1: important: Security update for postgresql13 Message-ID: <175631249340.11230.17888375746782860702@smelt2.prg2.suse.org> # Security update for postgresql13 Announcement ID: SUSE-SU-2025:03003-1 Release Date: 2025-08-27T13:42:36Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql13 fixes the following issues: Upgrade to 13.22: * CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table (bsc#1248120). * CVE-2025-8714: untrusted data inclusion in `pg_dump` lets superuser of origin server execute arbitrary code in psql client (bsc#1248122). * CVE-2025-8715: improper neutralization of newlines in `pg_dump` allows execution of arbitrary code in psql client and in restore target server (bsc#1248119). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-3003=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3003=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql13-server-debuginfo-13.22-3.66.1 * postgresql13-13.22-3.66.1 * postgresql13-devel-13.22-3.66.1 * postgresql13-pltcl-debuginfo-13.22-3.66.1 * postgresql13-plpython-13.22-3.66.1 * postgresql13-plpython-debuginfo-13.22-3.66.1 * postgresql13-pltcl-13.22-3.66.1 * postgresql13-plperl-debuginfo-13.22-3.66.1 * postgresql13-devel-debuginfo-13.22-3.66.1 * postgresql13-contrib-13.22-3.66.1 * postgresql13-plperl-13.22-3.66.1 * postgresql13-server-13.22-3.66.1 * postgresql13-debuginfo-13.22-3.66.1 * postgresql13-contrib-debuginfo-13.22-3.66.1 * postgresql13-debugsource-13.22-3.66.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * postgresql13-docs-13.22-3.66.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * postgresql13-server-devel-13.22-3.66.1 * postgresql13-server-devel-debuginfo-13.22-3.66.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * postgresql13-server-debuginfo-13.22-3.66.1 * postgresql13-13.22-3.66.1 * postgresql13-devel-13.22-3.66.1 * postgresql13-pltcl-debuginfo-13.22-3.66.1 * postgresql13-plpython-13.22-3.66.1 * postgresql13-server-devel-debuginfo-13.22-3.66.1 * postgresql13-plpython-debuginfo-13.22-3.66.1 * postgresql13-pltcl-13.22-3.66.1 * postgresql13-plperl-debuginfo-13.22-3.66.1 * postgresql13-devel-debuginfo-13.22-3.66.1 * postgresql13-contrib-13.22-3.66.1 * postgresql13-plperl-13.22-3.66.1 * postgresql13-server-13.22-3.66.1 * postgresql13-debuginfo-13.22-3.66.1 * postgresql13-server-devel-13.22-3.66.1 * postgresql13-contrib-debuginfo-13.22-3.66.1 * postgresql13-debugsource-13.22-3.66.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * postgresql13-docs-13.22-3.66.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 27 16:35:00 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Aug 2025 16:35:00 -0000 Subject: SUSE-SU-2025:03000-1: moderate: Security update for ignition Message-ID: <175631250057.11230.9430376953394990198@smelt2.prg2.suse.org> # Security update for ignition Announcement ID: SUSE-SU-2025:03000-1 Release Date: 2025-08-27T12:05:13Z Rating: moderate References: * bsc#1248548 Cross-References: * CVE-2022-28948 CVSS scores: * CVE-2022-28948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2022-28948 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for ignition fixes the following issues: * CVE-2022-28948: Fixed an issue during unmarshaling in Go-Yaml v3 can lead to DoS via invalid input (bsc#1248548) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-3000=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-3000=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * ignition-2.14.0-150300.6.16.1 * ignition-debuginfo-2.14.0-150300.6.16.1 * ignition-dracut-grub2-2.14.0-150300.6.16.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * ignition-2.14.0-150300.6.16.1 * ignition-debuginfo-2.14.0-150300.6.16.1 * ignition-dracut-grub2-2.14.0-150300.6.16.1 ## References: * https://www.suse.com/security/cve/CVE-2022-28948.html * https://bugzilla.suse.com/show_bug.cgi?id=1248548 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 27 16:35:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Aug 2025 16:35:07 -0000 Subject: SUSE-SU-2025:02998-1: moderate: Security update for ignition Message-ID: <175631250767.11230.2204000767387922532@smelt2.prg2.suse.org> # Security update for ignition Announcement ID: SUSE-SU-2025:02998-1 Release Date: 2025-08-27T12:04:55Z Rating: moderate References: * bsc#1248548 Cross-References: * CVE-2022-28948 CVSS scores: * CVE-2022-28948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2022-28948 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.1 An update that solves one vulnerability can now be installed. ## Description: This update for ignition fixes the following issues: * CVE-2022-28948: Fixed an issue during unmarshaling in Go-Yaml v3 can lead to DoS via invalid input (bsc#1248548) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2998=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * ignition-2.14.0-150300.4.16.1 * ignition-dracut-grub2-2.14.0-150300.4.16.1 * ignition-debuginfo-2.14.0-150300.4.16.1 ## References: * https://www.suse.com/security/cve/CVE-2022-28948.html * https://bugzilla.suse.com/show_bug.cgi?id=1248548 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 27 16:35:03 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Aug 2025 16:35:03 -0000 Subject: SUSE-SU-2025:02999-1: moderate: Security update for ignition Message-ID: <175631250396.11230.4001734065106485086@smelt2.prg2.suse.org> # Security update for ignition Announcement ID: SUSE-SU-2025:02999-1 Release Date: 2025-08-27T12:05:05Z Rating: moderate References: * bsc#1248548 Cross-References: * CVE-2022-28948 CVSS scores: * CVE-2022-28948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2022-28948 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro for Rancher 5.3 An update that solves one vulnerability can now be installed. ## Description: This update for ignition fixes the following issues: * CVE-2022-28948: Fixed an issue during unmarshaling in Go-Yaml v3 can lead to DoS via invalid input (bsc#1248548) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2999=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2999=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * ignition-dracut-grub2-2.14.0-150400.4.12.1 * ignition-2.14.0-150400.4.12.1 * ignition-debuginfo-2.14.0-150400.4.12.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * ignition-dracut-grub2-2.14.0-150400.4.12.1 * ignition-2.14.0-150400.4.12.1 * ignition-debuginfo-2.14.0-150400.4.12.1 ## References: * https://www.suse.com/security/cve/CVE-2022-28948.html * https://bugzilla.suse.com/show_bug.cgi?id=1248548 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 27 16:38:46 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Aug 2025 16:38:46 -0000 Subject: SUSE-SU-2025:02996-1: important: Security update for the Linux Kernel Message-ID: <175631272603.11230.17877122644727752544@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:02996-1 Release Date: 2025-08-27T12:03:11Z Rating: important References: * bsc#1204142 * bsc#1219338 * bsc#1225707 * bsc#1230216 * bsc#1233300 * bsc#1235613 * bsc#1235837 * bsc#1236333 * bsc#1236897 * bsc#1238896 * bsc#1239061 * bsc#1239470 * bsc#1240323 * bsc#1240885 * bsc#1240966 * bsc#1241166 * bsc#1241345 * bsc#1241537 * bsc#1242086 * bsc#1242414 * bsc#1242837 * bsc#1242960 * bsc#1242965 * bsc#1242993 * bsc#1243068 * bsc#1243100 * bsc#1243479 * bsc#1243669 * bsc#1243806 * bsc#1244309 * bsc#1244337 * bsc#1244457 * bsc#1244735 * bsc#1244749 * bsc#1244750 * bsc#1244792 * bsc#1244801 * bsc#1245151 * bsc#1245201 * bsc#1245202 * bsc#1245216 * bsc#1245260 * bsc#1245431 * bsc#1245440 * bsc#1245457 * bsc#1245498 * bsc#1245499 * bsc#1245504 * bsc#1245506 * bsc#1245508 * bsc#1245510 * bsc#1245540 * bsc#1245598 * bsc#1245599 * bsc#1245646 * bsc#1245647 * bsc#1245649 * bsc#1245650 * bsc#1245654 * bsc#1245658 * bsc#1245660 * bsc#1245665 * bsc#1245666 * bsc#1245668 * bsc#1245669 * bsc#1245670 * bsc#1245671 * bsc#1245675 * bsc#1245676 * bsc#1245677 * bsc#1245679 * bsc#1245682 * bsc#1245683 * bsc#1245684 * bsc#1245688 * bsc#1245689 * bsc#1245690 * bsc#1245691 * bsc#1245695 * bsc#1245705 * bsc#1245708 * bsc#1245711 * bsc#1245713 * bsc#1245714 * bsc#1245719 * bsc#1245723 * bsc#1245729 * bsc#1245730 * bsc#1245731 * bsc#1245735 * bsc#1245737 * bsc#1245744 * bsc#1245745 * bsc#1245746 * bsc#1245747 * bsc#1245748 * bsc#1245749 * bsc#1245750 * bsc#1245751 * bsc#1245752 * bsc#1245757 * bsc#1245758 * bsc#1245765 * bsc#1245768 * bsc#1245769 * bsc#1245777 * bsc#1245781 * bsc#1245789 * bsc#1245937 * bsc#1245945 * bsc#1245951 * bsc#1245952 * bsc#1245954 * bsc#1245957 * bsc#1245966 * bsc#1245970 * bsc#1245976 * bsc#1245980 * bsc#1245983 * bsc#1245986 * bsc#1246000 * bsc#1246002 * bsc#1246006 * bsc#1246008 * bsc#1246020 * bsc#1246023 * bsc#1246029 * bsc#1246031 * bsc#1246037 * bsc#1246041 * bsc#1246042 * bsc#1246044 * bsc#1246045 * bsc#1246047 * bsc#1246049 * bsc#1246050 * bsc#1246055 * bsc#1246073 * bsc#1246093 * bsc#1246098 * bsc#1246109 * bsc#1246122 * bsc#1246125 * bsc#1246171 * bsc#1246173 * bsc#1246178 * bsc#1246182 * bsc#1246183 * bsc#1246186 * bsc#1246195 * bsc#1246203 * bsc#1246212 * bsc#1246220 * bsc#1246236 * bsc#1246240 * bsc#1246243 * bsc#1246246 * bsc#1246249 * bsc#1246250 * bsc#1246253 * bsc#1246258 * bsc#1246262 * bsc#1246264 * bsc#1246266 * bsc#1246268 * bsc#1246273 * bsc#1246283 * bsc#1246287 * bsc#1246292 * bsc#1246293 * bsc#1246295 * bsc#1246334 * bsc#1246337 * bsc#1246342 * bsc#1246349 * bsc#1246354 * bsc#1246358 * bsc#1246361 * bsc#1246364 * bsc#1246370 * bsc#1246375 * bsc#1246384 * bsc#1246386 * bsc#1246387 * bsc#1246438 * bsc#1246453 * bsc#1246473 * bsc#1246490 * bsc#1246506 * bsc#1246547 * bsc#1246777 * bsc#1246781 * bsc#1246870 * bsc#1246879 * bsc#1246911 * bsc#1247018 * bsc#1247023 * bsc#1247028 * bsc#1247031 * bsc#1247033 * bsc#1247035 * bsc#1247061 * bsc#1247089 * bsc#1247091 * bsc#1247097 * bsc#1247098 * bsc#1247101 * bsc#1247103 * bsc#1247104 * bsc#1247113 * bsc#1247118 * bsc#1247123 * bsc#1247125 * bsc#1247128 * bsc#1247132 * bsc#1247138 * bsc#1247141 * bsc#1247143 * bsc#1247145 * bsc#1247146 * bsc#1247147 * bsc#1247149 * bsc#1247150 * bsc#1247151 * bsc#1247153 * bsc#1247154 * bsc#1247156 * bsc#1247160 * bsc#1247164 * bsc#1247169 * bsc#1247170 * bsc#1247171 * bsc#1247172 * bsc#1247174 * bsc#1247176 * bsc#1247177 * bsc#1247178 * bsc#1247181 * bsc#1247209 * bsc#1247210 * bsc#1247227 * bsc#1247233 * bsc#1247236 * bsc#1247238 * bsc#1247241 * bsc#1247251 * bsc#1247252 * bsc#1247253 * bsc#1247255 * bsc#1247271 * bsc#1247273 * bsc#1247274 * bsc#1247276 * bsc#1247277 * bsc#1247278 * bsc#1247279 * bsc#1247284 * bsc#1247285 * bsc#1247288 * bsc#1247289 * bsc#1247293 * bsc#1247311 * bsc#1247314 * bsc#1247317 * bsc#1247347 * bsc#1247348 * bsc#1247349 * bsc#1247374 * bsc#1247437 * bsc#1247450 Cross-References: * CVE-2019-11135 * CVE-2024-36028 * CVE-2024-36348 * CVE-2024-36349 * CVE-2024-36350 * CVE-2024-36357 * CVE-2024-44963 * CVE-2024-49861 * CVE-2024-56742 * CVE-2024-57947 * CVE-2025-21839 * CVE-2025-21854 * CVE-2025-21872 * CVE-2025-22090 * CVE-2025-23163 * CVE-2025-37798 * CVE-2025-37856 * CVE-2025-37864 * CVE-2025-37885 * CVE-2025-37920 * CVE-2025-37984 * CVE-2025-38034 * CVE-2025-38035 * CVE-2025-38051 * CVE-2025-38052 * CVE-2025-38058 * CVE-2025-38061 * CVE-2025-38062 * CVE-2025-38063 * CVE-2025-38064 * CVE-2025-38074 * CVE-2025-38084 * CVE-2025-38085 * CVE-2025-38087 * CVE-2025-38088 * CVE-2025-38089 * CVE-2025-38090 * CVE-2025-38094 * CVE-2025-38095 * CVE-2025-38097 * CVE-2025-38098 * CVE-2025-38099 * CVE-2025-38100 * CVE-2025-38102 * CVE-2025-38105 * CVE-2025-38107 * CVE-2025-38108 * CVE-2025-38109 * CVE-2025-38110 * CVE-2025-38111 * CVE-2025-38112 * CVE-2025-38113 * CVE-2025-38115 * CVE-2025-38117 * CVE-2025-38118 * CVE-2025-38120 * CVE-2025-38122 * CVE-2025-38123 * CVE-2025-38124 * CVE-2025-38126 * CVE-2025-38127 * CVE-2025-38129 * CVE-2025-38131 * CVE-2025-38132 * CVE-2025-38135 * CVE-2025-38136 * CVE-2025-38138 * CVE-2025-38142 * CVE-2025-38143 * CVE-2025-38145 * CVE-2025-38147 * CVE-2025-38148 * CVE-2025-38149 * CVE-2025-38151 * CVE-2025-38153 * CVE-2025-38154 * CVE-2025-38155 * CVE-2025-38157 * CVE-2025-38158 * CVE-2025-38159 * CVE-2025-38161 * CVE-2025-38162 * CVE-2025-38165 * CVE-2025-38166 * CVE-2025-38173 * CVE-2025-38174 * CVE-2025-38177 * CVE-2025-38180 * CVE-2025-38181 * CVE-2025-38182 * CVE-2025-38183 * CVE-2025-38187 * CVE-2025-38188 * CVE-2025-38192 * CVE-2025-38193 * CVE-2025-38194 * CVE-2025-38197 * CVE-2025-38198 * CVE-2025-38200 * CVE-2025-38202 * CVE-2025-38203 * CVE-2025-38204 * CVE-2025-38206 * CVE-2025-38210 * CVE-2025-38211 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38214 * CVE-2025-38215 * CVE-2025-38217 * CVE-2025-38220 * CVE-2025-38222 * CVE-2025-38225 * CVE-2025-38226 * CVE-2025-38227 * CVE-2025-38229 * CVE-2025-38231 * CVE-2025-38236 * CVE-2025-38239 * CVE-2025-38244 * CVE-2025-38246 * CVE-2025-38248 * CVE-2025-38249 * CVE-2025-38250 * CVE-2025-38257 * CVE-2025-38259 * CVE-2025-38264 * CVE-2025-38272 * CVE-2025-38273 * CVE-2025-38275 * CVE-2025-38277 * CVE-2025-38279 * CVE-2025-38283 * CVE-2025-38286 * CVE-2025-38289 * CVE-2025-38290 * CVE-2025-38292 * CVE-2025-38293 * CVE-2025-38300 * CVE-2025-38303 * CVE-2025-38304 * CVE-2025-38305 * CVE-2025-38307 * CVE-2025-38310 * CVE-2025-38312 * CVE-2025-38313 * CVE-2025-38319 * CVE-2025-38323 * CVE-2025-38326 * CVE-2025-38328 * CVE-2025-38332 * CVE-2025-38334 * CVE-2025-38335 * CVE-2025-38336 * CVE-2025-38337 * CVE-2025-38338 * CVE-2025-38342 * CVE-2025-38343 * CVE-2025-38344 * CVE-2025-38345 * CVE-2025-38348 * CVE-2025-38349 * CVE-2025-38350 * CVE-2025-38352 * CVE-2025-38354 * CVE-2025-38362 * CVE-2025-38363 * CVE-2025-38364 * CVE-2025-38365 * CVE-2025-38369 * CVE-2025-38371 * CVE-2025-38373 * CVE-2025-38375 * CVE-2025-38376 * CVE-2025-38377 * CVE-2025-38380 * CVE-2025-38382 * CVE-2025-38384 * CVE-2025-38385 * CVE-2025-38386 * CVE-2025-38387 * CVE-2025-38389 * CVE-2025-38391 * CVE-2025-38392 * CVE-2025-38393 * CVE-2025-38395 * CVE-2025-38396 * CVE-2025-38399 * CVE-2025-38400 * CVE-2025-38401 * CVE-2025-38403 * CVE-2025-38404 * CVE-2025-38406 * CVE-2025-38409 * CVE-2025-38410 * CVE-2025-38412 * CVE-2025-38414 * CVE-2025-38415 * CVE-2025-38416 * CVE-2025-38420 * CVE-2025-38424 * CVE-2025-38425 * CVE-2025-38426 * CVE-2025-38428 * CVE-2025-38429 * CVE-2025-38430 * CVE-2025-38436 * CVE-2025-38443 * CVE-2025-38448 * CVE-2025-38449 * CVE-2025-38455 * CVE-2025-38457 * CVE-2025-38460 * CVE-2025-38461 * CVE-2025-38462 * CVE-2025-38463 * CVE-2025-38465 * CVE-2025-38467 * CVE-2025-38468 * CVE-2025-38470 * CVE-2025-38471 * CVE-2025-38473 * CVE-2025-38474 * CVE-2025-38476 * CVE-2025-38477 * CVE-2025-38478 * CVE-2025-38480 * CVE-2025-38481 * CVE-2025-38482 * CVE-2025-38483 * CVE-2025-38485 * CVE-2025-38487 * CVE-2025-38489 * CVE-2025-38494 * CVE-2025-38495 * CVE-2025-38496 * CVE-2025-38497 * CVE-2025-38498 CVSS scores: * CVE-2019-11135 ( SUSE ): 6.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2019-11135 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36348 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36349 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36350 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36357 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-44963 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-44963 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49861 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49861 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49861 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-56742 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56742 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56742 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57947 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57947 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21872 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22090 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23163 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23163 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37856 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37856 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37864 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37920 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37920 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-37984 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-37984 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38034 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38034 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38035 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38035 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38051 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38052 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38058 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38058 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38061 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38062 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38062 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38063 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38063 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38064 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38064 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38074 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38084 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38084 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38085 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38085 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38087 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38088 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38088 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38089 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38089 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38090 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38090 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38095 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38097 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38097 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38098 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38098 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38099 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38099 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38100 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38102 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38102 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38105 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38105 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38107 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38107 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38108 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38108 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38109 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38109 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38110 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38110 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38111 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38111 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38112 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38112 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38113 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38115 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38115 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38117 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38117 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38118 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38120 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-38120 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-38122 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38123 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38124 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38126 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38126 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38127 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38127 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38129 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38129 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38131 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38131 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38132 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38132 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38135 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38136 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38138 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38142 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38142 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38143 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38143 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38145 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38145 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38147 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38148 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38149 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38149 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38151 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38151 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38153 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38153 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38154 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38154 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38155 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38155 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38157 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38157 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38158 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38158 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38159 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38159 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38161 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38162 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38165 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38166 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38166 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38173 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38173 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38174 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38174 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38180 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38180 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38182 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38183 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38183 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38187 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38187 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38188 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38192 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38192 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38193 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38193 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38194 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38197 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38197 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38198 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38203 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38203 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38204 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38204 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38206 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38206 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38211 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38211 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38214 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38214 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38215 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38217 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38217 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38220 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38220 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38222 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-38222 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2025-38225 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38226 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38226 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38227 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38227 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38229 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38229 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-38231 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38231 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38239 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38239 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38244 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38244 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38246 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38248 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38248 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38249 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38249 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38250 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38250 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38257 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38259 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38259 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38264 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38272 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38273 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38273 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38275 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38277 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38277 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38279 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38279 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38283 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38283 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38286 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38286 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38289 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38289 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38290 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38290 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38292 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38292 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38293 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38293 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38300 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38300 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38303 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38303 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38304 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38305 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38307 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38310 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38310 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38312 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38313 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38319 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38323 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38323 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38326 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38326 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38328 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38332 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38334 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38334 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38335 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38335 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38336 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38337 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38338 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38338 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38342 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-38344 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38344 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38345 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38345 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38348 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38349 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38349 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38350 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38350 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38352 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38352 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38354 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38354 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38362 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38363 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38364 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38364 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38365 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38365 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38369 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38369 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38371 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38371 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38373 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38373 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38375 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38376 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38376 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38377 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38377 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38380 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38380 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38382 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38382 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38384 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38384 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38385 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38385 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38386 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38386 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38387 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38387 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38389 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38389 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38391 ( SUSE ): 5.2 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38391 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38392 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38392 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38393 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38393 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38395 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38395 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38396 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38396 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38399 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38399 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38400 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38400 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38401 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38401 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38403 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38406 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38406 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38409 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38409 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38410 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38410 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38412 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38412 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38414 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38414 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38415 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38415 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38416 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38416 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38425 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38425 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38426 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38426 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38428 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38428 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38429 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38429 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38430 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38430 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38436 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38436 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38448 ( SUSE ): 4.1 CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38448 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38455 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38455 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38457 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38457 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38460 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38460 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38461 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38461 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38462 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38462 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38463 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38463 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38465 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38465 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38467 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38467 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38470 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38471 ( SUSE ): 8.4 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38471 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2025-38473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38474 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38474 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38476 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38476 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38477 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38477 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38478 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38478 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38480 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38480 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38481 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38481 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38482 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38482 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38483 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38483 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38485 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38485 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38487 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38487 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38489 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38489 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38496 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38496 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38497 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38497 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38498 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38498 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 An update that solves 238 vulnerabilities and has 32 security fixes can now be installed. ## Description: This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2996=1 openSUSE-SLE-15.6-2025-2996=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2996=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-2996=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-2996=1 * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2025-2996=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-2996=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-2996=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. ## Package List: * openSUSE Leap 15.6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.65.1 * openSUSE Leap 15.6 (noarch) * kernel-source-6.4.0-150600.23.65.1 * kernel-docs-html-6.4.0-150600.23.65.1 * kernel-devel-6.4.0-150600.23.65.1 * kernel-macros-6.4.0-150600.23.65.1 * kernel-source-vanilla-6.4.0-150600.23.65.1 * openSUSE Leap 15.6 (nosrc ppc64le x86_64) * kernel-debug-6.4.0-150600.23.65.1 * openSUSE Leap 15.6 (ppc64le x86_64) * kernel-debug-debugsource-6.4.0-150600.23.65.1 * kernel-debug-debuginfo-6.4.0-150600.23.65.1 * kernel-debug-devel-6.4.0-150600.23.65.1 * kernel-debug-devel-debuginfo-6.4.0-150600.23.65.1 * openSUSE Leap 15.6 (x86_64) * kernel-kvmsmall-vdso-debuginfo-6.4.0-150600.23.65.1 * kernel-default-vdso-debuginfo-6.4.0-150600.23.65.1 * kernel-debug-vdso-debuginfo-6.4.0-150600.23.65.1 * kernel-default-vdso-6.4.0-150600.23.65.1 * kernel-debug-vdso-6.4.0-150600.23.65.1 * kernel-kvmsmall-vdso-6.4.0-150600.23.65.1 * openSUSE Leap 15.6 (aarch64 ppc64le x86_64) * kernel-kvmsmall-devel-6.4.0-150600.23.65.1 * kernel-kvmsmall-debuginfo-6.4.0-150600.23.65.1 * kernel-default-base-rebuild-6.4.0-150600.23.65.1.150600.12.28.4 * kernel-default-base-6.4.0-150600.23.65.1.150600.12.28.4 * kernel-kvmsmall-devel-debuginfo-6.4.0-150600.23.65.1 * kernel-kvmsmall-debugsource-6.4.0-150600.23.65.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-debuginfo-6.4.0-150600.23.65.1 * kernel-default-optional-debuginfo-6.4.0-150600.23.65.1 * kselftests-kmp-default-debuginfo-6.4.0-150600.23.65.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.65.1 * cluster-md-kmp-default-6.4.0-150600.23.65.1 * kernel-default-livepatch-6.4.0-150600.23.65.1 * kernel-default-devel-6.4.0-150600.23.65.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.65.1 * kernel-obs-qa-6.4.0-150600.23.65.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.65.1 * reiserfs-kmp-default-6.4.0-150600.23.65.1 * dlm-kmp-default-6.4.0-150600.23.65.1 * kselftests-kmp-default-6.4.0-150600.23.65.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.65.1 * gfs2-kmp-default-6.4.0-150600.23.65.1 * kernel-default-debuginfo-6.4.0-150600.23.65.1 * kernel-default-optional-6.4.0-150600.23.65.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.65.1 * kernel-syms-6.4.0-150600.23.65.1 * kernel-default-debugsource-6.4.0-150600.23.65.1 * kernel-default-extra-debuginfo-6.4.0-150600.23.65.1 * kernel-default-extra-6.4.0-150600.23.65.1 * kernel-obs-build-6.4.0-150600.23.65.1 * kernel-obs-build-debugsource-6.4.0-150600.23.65.1 * ocfs2-kmp-default-6.4.0-150600.23.65.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.65.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-6.4.0-150600.23.65.1 * kernel-livepatch-6_4_0-150600_23_65-default-debuginfo-1-150600.13.3.4 * kernel-livepatch-SLE15-SP6_Update_14-debugsource-1-150600.13.3.4 * kernel-livepatch-6_4_0-150600_23_65-default-1-150600.13.3.4 * openSUSE Leap 15.6 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-6.4.0-150600.23.65.1 * openSUSE Leap 15.6 (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.65.1 * openSUSE Leap 15.6 (s390x) * kernel-zfcpdump-debuginfo-6.4.0-150600.23.65.1 * kernel-zfcpdump-debugsource-6.4.0-150600.23.65.1 * openSUSE Leap 15.6 (nosrc) * dtb-aarch64-6.4.0-150600.23.65.1 * openSUSE Leap 15.6 (aarch64) * dtb-renesas-6.4.0-150600.23.65.1 * dtb-amazon-6.4.0-150600.23.65.1 * dtb-nvidia-6.4.0-150600.23.65.1 * dtb-sprd-6.4.0-150600.23.65.1 * dtb-apple-6.4.0-150600.23.65.1 * gfs2-kmp-64kb-debuginfo-6.4.0-150600.23.65.1 * kernel-64kb-devel-6.4.0-150600.23.65.1 * ocfs2-kmp-64kb-debuginfo-6.4.0-150600.23.65.1 * kernel-64kb-optional-6.4.0-150600.23.65.1 * dtb-hisilicon-6.4.0-150600.23.65.1 * dtb-allwinner-6.4.0-150600.23.65.1 * dtb-mediatek-6.4.0-150600.23.65.1 * kernel-64kb-extra-6.4.0-150600.23.65.1 * dlm-kmp-64kb-6.4.0-150600.23.65.1 * dtb-amlogic-6.4.0-150600.23.65.1 * reiserfs-kmp-64kb-debuginfo-6.4.0-150600.23.65.1 * dtb-rockchip-6.4.0-150600.23.65.1 * dtb-qcom-6.4.0-150600.23.65.1 * dtb-amd-6.4.0-150600.23.65.1 * dtb-marvell-6.4.0-150600.23.65.1 * dtb-socionext-6.4.0-150600.23.65.1 * kernel-64kb-optional-debuginfo-6.4.0-150600.23.65.1 * ocfs2-kmp-64kb-6.4.0-150600.23.65.1 * reiserfs-kmp-64kb-6.4.0-150600.23.65.1 * dtb-cavium-6.4.0-150600.23.65.1 * gfs2-kmp-64kb-6.4.0-150600.23.65.1 * kselftests-kmp-64kb-debuginfo-6.4.0-150600.23.65.1 * kselftests-kmp-64kb-6.4.0-150600.23.65.1 * dtb-apm-6.4.0-150600.23.65.1 * cluster-md-kmp-64kb-6.4.0-150600.23.65.1 * cluster-md-kmp-64kb-debuginfo-6.4.0-150600.23.65.1 * kernel-64kb-debuginfo-6.4.0-150600.23.65.1 * kernel-64kb-debugsource-6.4.0-150600.23.65.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.65.1 * dtb-freescale-6.4.0-150600.23.65.1 * dlm-kmp-64kb-debuginfo-6.4.0-150600.23.65.1 * dtb-altera-6.4.0-150600.23.65.1 * kernel-64kb-extra-debuginfo-6.4.0-150600.23.65.1 * dtb-lg-6.4.0-150600.23.65.1 * dtb-xilinx-6.4.0-150600.23.65.1 * dtb-arm-6.4.0-150600.23.65.1 * dtb-broadcom-6.4.0-150600.23.65.1 * dtb-exynos-6.4.0-150600.23.65.1 * openSUSE Leap 15.6 (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.65.1 * Basesystem Module 15-SP6 (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.65.1 * Basesystem Module 15-SP6 (aarch64) * kernel-64kb-devel-6.4.0-150600.23.65.1 * kernel-64kb-debuginfo-6.4.0-150600.23.65.1 * kernel-64kb-debugsource-6.4.0-150600.23.65.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.65.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.65.1 * Basesystem Module 15-SP6 (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-150600.23.65.1.150600.12.28.4 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-6.4.0-150600.23.65.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.65.1 * kernel-default-debugsource-6.4.0-150600.23.65.1 * kernel-default-devel-6.4.0-150600.23.65.1 * Basesystem Module 15-SP6 (noarch) * kernel-devel-6.4.0-150600.23.65.1 * kernel-macros-6.4.0-150600.23.65.1 * Basesystem Module 15-SP6 (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.65.1 * Basesystem Module 15-SP6 (s390x) * kernel-zfcpdump-debuginfo-6.4.0-150600.23.65.1 * kernel-zfcpdump-debugsource-6.4.0-150600.23.65.1 * Development Tools Module 15-SP6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.65.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-6.4.0-150600.23.65.1 * kernel-obs-build-6.4.0-150600.23.65.1 * kernel-syms-6.4.0-150600.23.65.1 * Development Tools Module 15-SP6 (noarch) * kernel-source-6.4.0-150600.23.65.1 * Legacy Module 15-SP6 (nosrc) * kernel-default-6.4.0-150600.23.65.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-6.4.0-150600.23.65.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.65.1 * kernel-default-debuginfo-6.4.0-150600.23.65.1 * kernel-default-debugsource-6.4.0-150600.23.65.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * ocfs2-kmp-default-6.4.0-150600.23.65.1 * kernel-default-debugsource-6.4.0-150600.23.65.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.65.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.65.1 * gfs2-kmp-default-6.4.0-150600.23.65.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.65.1 * cluster-md-kmp-default-6.4.0-150600.23.65.1 * kernel-default-debuginfo-6.4.0-150600.23.65.1 * dlm-kmp-default-6.4.0-150600.23.65.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.65.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (nosrc) * kernel-default-6.4.0-150600.23.65.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (nosrc) * kernel-default-6.4.0-150600.23.65.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * kernel-default-extra-6.4.0-150600.23.65.1 * kernel-default-extra-debuginfo-6.4.0-150600.23.65.1 * kernel-default-debuginfo-6.4.0-150600.23.65.1 * kernel-default-debugsource-6.4.0-150600.23.65.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-default-debugsource-6.4.0-150600.23.65.1 * kernel-livepatch-6_4_0-150600_23_65-default-debuginfo-1-150600.13.3.4 * kernel-livepatch-6_4_0-150600_23_65-default-1-150600.13.3.4 * kernel-default-livepatch-6.4.0-150600.23.65.1 * kernel-default-debuginfo-6.4.0-150600.23.65.1 * kernel-livepatch-SLE15-SP6_Update_14-debugsource-1-150600.13.3.4 * kernel-default-livepatch-devel-6.4.0-150600.23.65.1 * SUSE Linux Enterprise Live Patching 15-SP6 (nosrc) * kernel-default-6.4.0-150600.23.65.1 ## References: * https://www.suse.com/security/cve/CVE-2019-11135.html * https://www.suse.com/security/cve/CVE-2024-36028.html * https://www.suse.com/security/cve/CVE-2024-36348.html * https://www.suse.com/security/cve/CVE-2024-36349.html * https://www.suse.com/security/cve/CVE-2024-36350.html * https://www.suse.com/security/cve/CVE-2024-36357.html * https://www.suse.com/security/cve/CVE-2024-44963.html * https://www.suse.com/security/cve/CVE-2024-49861.html * https://www.suse.com/security/cve/CVE-2024-56742.html * https://www.suse.com/security/cve/CVE-2024-57947.html * https://www.suse.com/security/cve/CVE-2025-21839.html * https://www.suse.com/security/cve/CVE-2025-21854.html * https://www.suse.com/security/cve/CVE-2025-21872.html * https://www.suse.com/security/cve/CVE-2025-22090.html * https://www.suse.com/security/cve/CVE-2025-23163.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-37856.html * https://www.suse.com/security/cve/CVE-2025-37864.html * https://www.suse.com/security/cve/CVE-2025-37885.html * https://www.suse.com/security/cve/CVE-2025-37920.html * https://www.suse.com/security/cve/CVE-2025-37984.html * https://www.suse.com/security/cve/CVE-2025-38034.html * https://www.suse.com/security/cve/CVE-2025-38035.html * https://www.suse.com/security/cve/CVE-2025-38051.html * https://www.suse.com/security/cve/CVE-2025-38052.html * https://www.suse.com/security/cve/CVE-2025-38058.html * https://www.suse.com/security/cve/CVE-2025-38061.html * https://www.suse.com/security/cve/CVE-2025-38062.html * https://www.suse.com/security/cve/CVE-2025-38063.html * https://www.suse.com/security/cve/CVE-2025-38064.html * https://www.suse.com/security/cve/CVE-2025-38074.html * https://www.suse.com/security/cve/CVE-2025-38084.html * https://www.suse.com/security/cve/CVE-2025-38085.html * https://www.suse.com/security/cve/CVE-2025-38087.html * https://www.suse.com/security/cve/CVE-2025-38088.html * https://www.suse.com/security/cve/CVE-2025-38089.html * https://www.suse.com/security/cve/CVE-2025-38090.html * https://www.suse.com/security/cve/CVE-2025-38094.html * https://www.suse.com/security/cve/CVE-2025-38095.html * https://www.suse.com/security/cve/CVE-2025-38097.html * https://www.suse.com/security/cve/CVE-2025-38098.html * https://www.suse.com/security/cve/CVE-2025-38099.html * https://www.suse.com/security/cve/CVE-2025-38100.html * https://www.suse.com/security/cve/CVE-2025-38102.html * https://www.suse.com/security/cve/CVE-2025-38105.html * https://www.suse.com/security/cve/CVE-2025-38107.html * https://www.suse.com/security/cve/CVE-2025-38108.html * https://www.suse.com/security/cve/CVE-2025-38109.html * https://www.suse.com/security/cve/CVE-2025-38110.html * https://www.suse.com/security/cve/CVE-2025-38111.html * https://www.suse.com/security/cve/CVE-2025-38112.html * https://www.suse.com/security/cve/CVE-2025-38113.html * https://www.suse.com/security/cve/CVE-2025-38115.html * https://www.suse.com/security/cve/CVE-2025-38117.html * https://www.suse.com/security/cve/CVE-2025-38118.html * https://www.suse.com/security/cve/CVE-2025-38120.html * https://www.suse.com/security/cve/CVE-2025-38122.html * https://www.suse.com/security/cve/CVE-2025-38123.html * https://www.suse.com/security/cve/CVE-2025-38124.html * https://www.suse.com/security/cve/CVE-2025-38126.html * https://www.suse.com/security/cve/CVE-2025-38127.html * https://www.suse.com/security/cve/CVE-2025-38129.html * https://www.suse.com/security/cve/CVE-2025-38131.html * https://www.suse.com/security/cve/CVE-2025-38132.html * https://www.suse.com/security/cve/CVE-2025-38135.html * https://www.suse.com/security/cve/CVE-2025-38136.html * https://www.suse.com/security/cve/CVE-2025-38138.html * https://www.suse.com/security/cve/CVE-2025-38142.html * https://www.suse.com/security/cve/CVE-2025-38143.html * https://www.suse.com/security/cve/CVE-2025-38145.html * https://www.suse.com/security/cve/CVE-2025-38147.html * https://www.suse.com/security/cve/CVE-2025-38148.html * https://www.suse.com/security/cve/CVE-2025-38149.html * https://www.suse.com/security/cve/CVE-2025-38151.html * https://www.suse.com/security/cve/CVE-2025-38153.html * https://www.suse.com/security/cve/CVE-2025-38154.html * https://www.suse.com/security/cve/CVE-2025-38155.html * https://www.suse.com/security/cve/CVE-2025-38157.html * https://www.suse.com/security/cve/CVE-2025-38158.html * https://www.suse.com/security/cve/CVE-2025-38159.html * https://www.suse.com/security/cve/CVE-2025-38161.html * https://www.suse.com/security/cve/CVE-2025-38162.html * https://www.suse.com/security/cve/CVE-2025-38165.html * https://www.suse.com/security/cve/CVE-2025-38166.html * https://www.suse.com/security/cve/CVE-2025-38173.html * https://www.suse.com/security/cve/CVE-2025-38174.html * https://www.suse.com/security/cve/CVE-2025-38177.html * https://www.suse.com/security/cve/CVE-2025-38180.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38182.html * https://www.suse.com/security/cve/CVE-2025-38183.html * https://www.suse.com/security/cve/CVE-2025-38187.html * https://www.suse.com/security/cve/CVE-2025-38188.html * https://www.suse.com/security/cve/CVE-2025-38192.html * https://www.suse.com/security/cve/CVE-2025-38193.html * https://www.suse.com/security/cve/CVE-2025-38194.html * https://www.suse.com/security/cve/CVE-2025-38197.html * https://www.suse.com/security/cve/CVE-2025-38198.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38202.html * https://www.suse.com/security/cve/CVE-2025-38203.html * https://www.suse.com/security/cve/CVE-2025-38204.html * https://www.suse.com/security/cve/CVE-2025-38206.html * https://www.suse.com/security/cve/CVE-2025-38210.html * https://www.suse.com/security/cve/CVE-2025-38211.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38214.html * https://www.suse.com/security/cve/CVE-2025-38215.html * https://www.suse.com/security/cve/CVE-2025-38217.html * https://www.suse.com/security/cve/CVE-2025-38220.html * https://www.suse.com/security/cve/CVE-2025-38222.html * https://www.suse.com/security/cve/CVE-2025-38225.html * https://www.suse.com/security/cve/CVE-2025-38226.html * https://www.suse.com/security/cve/CVE-2025-38227.html * https://www.suse.com/security/cve/CVE-2025-38229.html * https://www.suse.com/security/cve/CVE-2025-38231.html * https://www.suse.com/security/cve/CVE-2025-38236.html * https://www.suse.com/security/cve/CVE-2025-38239.html * https://www.suse.com/security/cve/CVE-2025-38244.html * https://www.suse.com/security/cve/CVE-2025-38246.html * https://www.suse.com/security/cve/CVE-2025-38248.html * https://www.suse.com/security/cve/CVE-2025-38249.html * https://www.suse.com/security/cve/CVE-2025-38250.html * https://www.suse.com/security/cve/CVE-2025-38257.html * https://www.suse.com/security/cve/CVE-2025-38259.html * https://www.suse.com/security/cve/CVE-2025-38264.html * https://www.suse.com/security/cve/CVE-2025-38272.html * https://www.suse.com/security/cve/CVE-2025-38273.html * https://www.suse.com/security/cve/CVE-2025-38275.html * https://www.suse.com/security/cve/CVE-2025-38277.html * https://www.suse.com/security/cve/CVE-2025-38279.html * https://www.suse.com/security/cve/CVE-2025-38283.html * https://www.suse.com/security/cve/CVE-2025-38286.html * https://www.suse.com/security/cve/CVE-2025-38289.html * https://www.suse.com/security/cve/CVE-2025-38290.html * https://www.suse.com/security/cve/CVE-2025-38292.html * https://www.suse.com/security/cve/CVE-2025-38293.html * https://www.suse.com/security/cve/CVE-2025-38300.html * https://www.suse.com/security/cve/CVE-2025-38303.html * https://www.suse.com/security/cve/CVE-2025-38304.html * https://www.suse.com/security/cve/CVE-2025-38305.html * https://www.suse.com/security/cve/CVE-2025-38307.html * https://www.suse.com/security/cve/CVE-2025-38310.html * https://www.suse.com/security/cve/CVE-2025-38312.html * https://www.suse.com/security/cve/CVE-2025-38313.html * https://www.suse.com/security/cve/CVE-2025-38319.html * https://www.suse.com/security/cve/CVE-2025-38323.html * https://www.suse.com/security/cve/CVE-2025-38326.html * https://www.suse.com/security/cve/CVE-2025-38328.html * https://www.suse.com/security/cve/CVE-2025-38332.html * https://www.suse.com/security/cve/CVE-2025-38334.html * https://www.suse.com/security/cve/CVE-2025-38335.html * https://www.suse.com/security/cve/CVE-2025-38336.html * https://www.suse.com/security/cve/CVE-2025-38337.html * https://www.suse.com/security/cve/CVE-2025-38338.html * https://www.suse.com/security/cve/CVE-2025-38342.html * https://www.suse.com/security/cve/CVE-2025-38343.html * https://www.suse.com/security/cve/CVE-2025-38344.html * https://www.suse.com/security/cve/CVE-2025-38345.html * https://www.suse.com/security/cve/CVE-2025-38348.html * https://www.suse.com/security/cve/CVE-2025-38349.html * https://www.suse.com/security/cve/CVE-2025-38350.html * https://www.suse.com/security/cve/CVE-2025-38352.html * https://www.suse.com/security/cve/CVE-2025-38354.html * https://www.suse.com/security/cve/CVE-2025-38362.html * https://www.suse.com/security/cve/CVE-2025-38363.html * https://www.suse.com/security/cve/CVE-2025-38364.html * https://www.suse.com/security/cve/CVE-2025-38365.html * https://www.suse.com/security/cve/CVE-2025-38369.html * https://www.suse.com/security/cve/CVE-2025-38371.html * https://www.suse.com/security/cve/CVE-2025-38373.html * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-38376.html * https://www.suse.com/security/cve/CVE-2025-38377.html * https://www.suse.com/security/cve/CVE-2025-38380.html * https://www.suse.com/security/cve/CVE-2025-38382.html * https://www.suse.com/security/cve/CVE-2025-38384.html * https://www.suse.com/security/cve/CVE-2025-38385.html * https://www.suse.com/security/cve/CVE-2025-38386.html * https://www.suse.com/security/cve/CVE-2025-38387.html * https://www.suse.com/security/cve/CVE-2025-38389.html * https://www.suse.com/security/cve/CVE-2025-38391.html * https://www.suse.com/security/cve/CVE-2025-38392.html * https://www.suse.com/security/cve/CVE-2025-38393.html * https://www.suse.com/security/cve/CVE-2025-38395.html * https://www.suse.com/security/cve/CVE-2025-38396.html * https://www.suse.com/security/cve/CVE-2025-38399.html * https://www.suse.com/security/cve/CVE-2025-38400.html * https://www.suse.com/security/cve/CVE-2025-38401.html * https://www.suse.com/security/cve/CVE-2025-38403.html * https://www.suse.com/security/cve/CVE-2025-38404.html * https://www.suse.com/security/cve/CVE-2025-38406.html * https://www.suse.com/security/cve/CVE-2025-38409.html * https://www.suse.com/security/cve/CVE-2025-38410.html * https://www.suse.com/security/cve/CVE-2025-38412.html * https://www.suse.com/security/cve/CVE-2025-38414.html * https://www.suse.com/security/cve/CVE-2025-38415.html * https://www.suse.com/security/cve/CVE-2025-38416.html * https://www.suse.com/security/cve/CVE-2025-38420.html * https://www.suse.com/security/cve/CVE-2025-38424.html * https://www.suse.com/security/cve/CVE-2025-38425.html * https://www.suse.com/security/cve/CVE-2025-38426.html * https://www.suse.com/security/cve/CVE-2025-38428.html * https://www.suse.com/security/cve/CVE-2025-38429.html * https://www.suse.com/security/cve/CVE-2025-38430.html * https://www.suse.com/security/cve/CVE-2025-38436.html * https://www.suse.com/security/cve/CVE-2025-38443.html * https://www.suse.com/security/cve/CVE-2025-38448.html * https://www.suse.com/security/cve/CVE-2025-38449.html * https://www.suse.com/security/cve/CVE-2025-38455.html * https://www.suse.com/security/cve/CVE-2025-38457.html * https://www.suse.com/security/cve/CVE-2025-38460.html * https://www.suse.com/security/cve/CVE-2025-38461.html * https://www.suse.com/security/cve/CVE-2025-38462.html * https://www.suse.com/security/cve/CVE-2025-38463.html * https://www.suse.com/security/cve/CVE-2025-38465.html * https://www.suse.com/security/cve/CVE-2025-38467.html * https://www.suse.com/security/cve/CVE-2025-38468.html * https://www.suse.com/security/cve/CVE-2025-38470.html * https://www.suse.com/security/cve/CVE-2025-38471.html * https://www.suse.com/security/cve/CVE-2025-38473.html * https://www.suse.com/security/cve/CVE-2025-38474.html * https://www.suse.com/security/cve/CVE-2025-38476.html * https://www.suse.com/security/cve/CVE-2025-38477.html * https://www.suse.com/security/cve/CVE-2025-38478.html * https://www.suse.com/security/cve/CVE-2025-38480.html * https://www.suse.com/security/cve/CVE-2025-38481.html * https://www.suse.com/security/cve/CVE-2025-38482.html * https://www.suse.com/security/cve/CVE-2025-38483.html * https://www.suse.com/security/cve/CVE-2025-38485.html * https://www.suse.com/security/cve/CVE-2025-38487.html * https://www.suse.com/security/cve/CVE-2025-38489.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://www.suse.com/security/cve/CVE-2025-38496.html * https://www.suse.com/security/cve/CVE-2025-38497.html * https://www.suse.com/security/cve/CVE-2025-38498.html * https://bugzilla.suse.com/show_bug.cgi?id=1204142 * https://bugzilla.suse.com/show_bug.cgi?id=1219338 * https://bugzilla.suse.com/show_bug.cgi?id=1225707 * https://bugzilla.suse.com/show_bug.cgi?id=1230216 * https://bugzilla.suse.com/show_bug.cgi?id=1233300 * https://bugzilla.suse.com/show_bug.cgi?id=1235613 * https://bugzilla.suse.com/show_bug.cgi?id=1235837 * https://bugzilla.suse.com/show_bug.cgi?id=1236333 * https://bugzilla.suse.com/show_bug.cgi?id=1236897 * https://bugzilla.suse.com/show_bug.cgi?id=1238896 * https://bugzilla.suse.com/show_bug.cgi?id=1239061 * https://bugzilla.suse.com/show_bug.cgi?id=1239470 * https://bugzilla.suse.com/show_bug.cgi?id=1240323 * https://bugzilla.suse.com/show_bug.cgi?id=1240885 * https://bugzilla.suse.com/show_bug.cgi?id=1240966 * https://bugzilla.suse.com/show_bug.cgi?id=1241166 * https://bugzilla.suse.com/show_bug.cgi?id=1241345 * https://bugzilla.suse.com/show_bug.cgi?id=1241537 * https://bugzilla.suse.com/show_bug.cgi?id=1242086 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242837 * https://bugzilla.suse.com/show_bug.cgi?id=1242960 * https://bugzilla.suse.com/show_bug.cgi?id=1242965 * https://bugzilla.suse.com/show_bug.cgi?id=1242993 * https://bugzilla.suse.com/show_bug.cgi?id=1243068 * https://bugzilla.suse.com/show_bug.cgi?id=1243100 * https://bugzilla.suse.com/show_bug.cgi?id=1243479 * https://bugzilla.suse.com/show_bug.cgi?id=1243669 * https://bugzilla.suse.com/show_bug.cgi?id=1243806 * https://bugzilla.suse.com/show_bug.cgi?id=1244309 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1244457 * https://bugzilla.suse.com/show_bug.cgi?id=1244735 * https://bugzilla.suse.com/show_bug.cgi?id=1244749 * https://bugzilla.suse.com/show_bug.cgi?id=1244750 * https://bugzilla.suse.com/show_bug.cgi?id=1244792 * https://bugzilla.suse.com/show_bug.cgi?id=1244801 * https://bugzilla.suse.com/show_bug.cgi?id=1245151 * https://bugzilla.suse.com/show_bug.cgi?id=1245201 * https://bugzilla.suse.com/show_bug.cgi?id=1245202 * https://bugzilla.suse.com/show_bug.cgi?id=1245216 * https://bugzilla.suse.com/show_bug.cgi?id=1245260 * https://bugzilla.suse.com/show_bug.cgi?id=1245431 * https://bugzilla.suse.com/show_bug.cgi?id=1245440 * https://bugzilla.suse.com/show_bug.cgi?id=1245457 * https://bugzilla.suse.com/show_bug.cgi?id=1245498 * https://bugzilla.suse.com/show_bug.cgi?id=1245499 * https://bugzilla.suse.com/show_bug.cgi?id=1245504 * https://bugzilla.suse.com/show_bug.cgi?id=1245506 * https://bugzilla.suse.com/show_bug.cgi?id=1245508 * https://bugzilla.suse.com/show_bug.cgi?id=1245510 * https://bugzilla.suse.com/show_bug.cgi?id=1245540 * https://bugzilla.suse.com/show_bug.cgi?id=1245598 * https://bugzilla.suse.com/show_bug.cgi?id=1245599 * https://bugzilla.suse.com/show_bug.cgi?id=1245646 * https://bugzilla.suse.com/show_bug.cgi?id=1245647 * https://bugzilla.suse.com/show_bug.cgi?id=1245649 * https://bugzilla.suse.com/show_bug.cgi?id=1245650 * https://bugzilla.suse.com/show_bug.cgi?id=1245654 * https://bugzilla.suse.com/show_bug.cgi?id=1245658 * https://bugzilla.suse.com/show_bug.cgi?id=1245660 * https://bugzilla.suse.com/show_bug.cgi?id=1245665 * https://bugzilla.suse.com/show_bug.cgi?id=1245666 * https://bugzilla.suse.com/show_bug.cgi?id=1245668 * https://bugzilla.suse.com/show_bug.cgi?id=1245669 * https://bugzilla.suse.com/show_bug.cgi?id=1245670 * https://bugzilla.suse.com/show_bug.cgi?id=1245671 * https://bugzilla.suse.com/show_bug.cgi?id=1245675 * https://bugzilla.suse.com/show_bug.cgi?id=1245676 * https://bugzilla.suse.com/show_bug.cgi?id=1245677 * https://bugzilla.suse.com/show_bug.cgi?id=1245679 * https://bugzilla.suse.com/show_bug.cgi?id=1245682 * https://bugzilla.suse.com/show_bug.cgi?id=1245683 * https://bugzilla.suse.com/show_bug.cgi?id=1245684 * https://bugzilla.suse.com/show_bug.cgi?id=1245688 * https://bugzilla.suse.com/show_bug.cgi?id=1245689 * https://bugzilla.suse.com/show_bug.cgi?id=1245690 * https://bugzilla.suse.com/show_bug.cgi?id=1245691 * https://bugzilla.suse.com/show_bug.cgi?id=1245695 * https://bugzilla.suse.com/show_bug.cgi?id=1245705 * https://bugzilla.suse.com/show_bug.cgi?id=1245708 * https://bugzilla.suse.com/show_bug.cgi?id=1245711 * https://bugzilla.suse.com/show_bug.cgi?id=1245713 * https://bugzilla.suse.com/show_bug.cgi?id=1245714 * https://bugzilla.suse.com/show_bug.cgi?id=1245719 * https://bugzilla.suse.com/show_bug.cgi?id=1245723 * https://bugzilla.suse.com/show_bug.cgi?id=1245729 * https://bugzilla.suse.com/show_bug.cgi?id=1245730 * https://bugzilla.suse.com/show_bug.cgi?id=1245731 * https://bugzilla.suse.com/show_bug.cgi?id=1245735 * https://bugzilla.suse.com/show_bug.cgi?id=1245737 * https://bugzilla.suse.com/show_bug.cgi?id=1245744 * https://bugzilla.suse.com/show_bug.cgi?id=1245745 * https://bugzilla.suse.com/show_bug.cgi?id=1245746 * https://bugzilla.suse.com/show_bug.cgi?id=1245747 * https://bugzilla.suse.com/show_bug.cgi?id=1245748 * https://bugzilla.suse.com/show_bug.cgi?id=1245749 * https://bugzilla.suse.com/show_bug.cgi?id=1245750 * https://bugzilla.suse.com/show_bug.cgi?id=1245751 * https://bugzilla.suse.com/show_bug.cgi?id=1245752 * https://bugzilla.suse.com/show_bug.cgi?id=1245757 * https://bugzilla.suse.com/show_bug.cgi?id=1245758 * https://bugzilla.suse.com/show_bug.cgi?id=1245765 * https://bugzilla.suse.com/show_bug.cgi?id=1245768 * https://bugzilla.suse.com/show_bug.cgi?id=1245769 * https://bugzilla.suse.com/show_bug.cgi?id=1245777 * https://bugzilla.suse.com/show_bug.cgi?id=1245781 * https://bugzilla.suse.com/show_bug.cgi?id=1245789 * https://bugzilla.suse.com/show_bug.cgi?id=1245937 * https://bugzilla.suse.com/show_bug.cgi?id=1245945 * https://bugzilla.suse.com/show_bug.cgi?id=1245951 * https://bugzilla.suse.com/show_bug.cgi?id=1245952 * https://bugzilla.suse.com/show_bug.cgi?id=1245954 * https://bugzilla.suse.com/show_bug.cgi?id=1245957 * https://bugzilla.suse.com/show_bug.cgi?id=1245966 * https://bugzilla.suse.com/show_bug.cgi?id=1245970 * https://bugzilla.suse.com/show_bug.cgi?id=1245976 * https://bugzilla.suse.com/show_bug.cgi?id=1245980 * https://bugzilla.suse.com/show_bug.cgi?id=1245983 * https://bugzilla.suse.com/show_bug.cgi?id=1245986 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246002 * https://bugzilla.suse.com/show_bug.cgi?id=1246006 * https://bugzilla.suse.com/show_bug.cgi?id=1246008 * https://bugzilla.suse.com/show_bug.cgi?id=1246020 * https://bugzilla.suse.com/show_bug.cgi?id=1246023 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246031 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246041 * https://bugzilla.suse.com/show_bug.cgi?id=1246042 * https://bugzilla.suse.com/show_bug.cgi?id=1246044 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246047 * https://bugzilla.suse.com/show_bug.cgi?id=1246049 * https://bugzilla.suse.com/show_bug.cgi?id=1246050 * https://bugzilla.suse.com/show_bug.cgi?id=1246055 * https://bugzilla.suse.com/show_bug.cgi?id=1246073 * https://bugzilla.suse.com/show_bug.cgi?id=1246093 * https://bugzilla.suse.com/show_bug.cgi?id=1246098 * https://bugzilla.suse.com/show_bug.cgi?id=1246109 * https://bugzilla.suse.com/show_bug.cgi?id=1246122 * https://bugzilla.suse.com/show_bug.cgi?id=1246125 * https://bugzilla.suse.com/show_bug.cgi?id=1246171 * https://bugzilla.suse.com/show_bug.cgi?id=1246173 * https://bugzilla.suse.com/show_bug.cgi?id=1246178 * https://bugzilla.suse.com/show_bug.cgi?id=1246182 * https://bugzilla.suse.com/show_bug.cgi?id=1246183 * https://bugzilla.suse.com/show_bug.cgi?id=1246186 * https://bugzilla.suse.com/show_bug.cgi?id=1246195 * https://bugzilla.suse.com/show_bug.cgi?id=1246203 * https://bugzilla.suse.com/show_bug.cgi?id=1246212 * https://bugzilla.suse.com/show_bug.cgi?id=1246220 * https://bugzilla.suse.com/show_bug.cgi?id=1246236 * https://bugzilla.suse.com/show_bug.cgi?id=1246240 * https://bugzilla.suse.com/show_bug.cgi?id=1246243 * https://bugzilla.suse.com/show_bug.cgi?id=1246246 * https://bugzilla.suse.com/show_bug.cgi?id=1246249 * https://bugzilla.suse.com/show_bug.cgi?id=1246250 * https://bugzilla.suse.com/show_bug.cgi?id=1246253 * https://bugzilla.suse.com/show_bug.cgi?id=1246258 * https://bugzilla.suse.com/show_bug.cgi?id=1246262 * https://bugzilla.suse.com/show_bug.cgi?id=1246264 * https://bugzilla.suse.com/show_bug.cgi?id=1246266 * https://bugzilla.suse.com/show_bug.cgi?id=1246268 * https://bugzilla.suse.com/show_bug.cgi?id=1246273 * https://bugzilla.suse.com/show_bug.cgi?id=1246283 * https://bugzilla.suse.com/show_bug.cgi?id=1246287 * https://bugzilla.suse.com/show_bug.cgi?id=1246292 * https://bugzilla.suse.com/show_bug.cgi?id=1246293 * https://bugzilla.suse.com/show_bug.cgi?id=1246295 * https://bugzilla.suse.com/show_bug.cgi?id=1246334 * https://bugzilla.suse.com/show_bug.cgi?id=1246337 * https://bugzilla.suse.com/show_bug.cgi?id=1246342 * https://bugzilla.suse.com/show_bug.cgi?id=1246349 * https://bugzilla.suse.com/show_bug.cgi?id=1246354 * https://bugzilla.suse.com/show_bug.cgi?id=1246358 * https://bugzilla.suse.com/show_bug.cgi?id=1246361 * https://bugzilla.suse.com/show_bug.cgi?id=1246364 * https://bugzilla.suse.com/show_bug.cgi?id=1246370 * https://bugzilla.suse.com/show_bug.cgi?id=1246375 * https://bugzilla.suse.com/show_bug.cgi?id=1246384 * https://bugzilla.suse.com/show_bug.cgi?id=1246386 * https://bugzilla.suse.com/show_bug.cgi?id=1246387 * https://bugzilla.suse.com/show_bug.cgi?id=1246438 * https://bugzilla.suse.com/show_bug.cgi?id=1246453 * https://bugzilla.suse.com/show_bug.cgi?id=1246473 * https://bugzilla.suse.com/show_bug.cgi?id=1246490 * https://bugzilla.suse.com/show_bug.cgi?id=1246506 * https://bugzilla.suse.com/show_bug.cgi?id=1246547 * https://bugzilla.suse.com/show_bug.cgi?id=1246777 * https://bugzilla.suse.com/show_bug.cgi?id=1246781 * https://bugzilla.suse.com/show_bug.cgi?id=1246870 * https://bugzilla.suse.com/show_bug.cgi?id=1246879 * https://bugzilla.suse.com/show_bug.cgi?id=1246911 * https://bugzilla.suse.com/show_bug.cgi?id=1247018 * https://bugzilla.suse.com/show_bug.cgi?id=1247023 * https://bugzilla.suse.com/show_bug.cgi?id=1247028 * https://bugzilla.suse.com/show_bug.cgi?id=1247031 * https://bugzilla.suse.com/show_bug.cgi?id=1247033 * https://bugzilla.suse.com/show_bug.cgi?id=1247035 * https://bugzilla.suse.com/show_bug.cgi?id=1247061 * https://bugzilla.suse.com/show_bug.cgi?id=1247089 * https://bugzilla.suse.com/show_bug.cgi?id=1247091 * https://bugzilla.suse.com/show_bug.cgi?id=1247097 * https://bugzilla.suse.com/show_bug.cgi?id=1247098 * https://bugzilla.suse.com/show_bug.cgi?id=1247101 * https://bugzilla.suse.com/show_bug.cgi?id=1247103 * https://bugzilla.suse.com/show_bug.cgi?id=1247104 * https://bugzilla.suse.com/show_bug.cgi?id=1247113 * https://bugzilla.suse.com/show_bug.cgi?id=1247118 * https://bugzilla.suse.com/show_bug.cgi?id=1247123 * https://bugzilla.suse.com/show_bug.cgi?id=1247125 * https://bugzilla.suse.com/show_bug.cgi?id=1247128 * https://bugzilla.suse.com/show_bug.cgi?id=1247132 * https://bugzilla.suse.com/show_bug.cgi?id=1247138 * https://bugzilla.suse.com/show_bug.cgi?id=1247141 * https://bugzilla.suse.com/show_bug.cgi?id=1247143 * https://bugzilla.suse.com/show_bug.cgi?id=1247145 * https://bugzilla.suse.com/show_bug.cgi?id=1247146 * https://bugzilla.suse.com/show_bug.cgi?id=1247147 * https://bugzilla.suse.com/show_bug.cgi?id=1247149 * https://bugzilla.suse.com/show_bug.cgi?id=1247150 * https://bugzilla.suse.com/show_bug.cgi?id=1247151 * https://bugzilla.suse.com/show_bug.cgi?id=1247153 * https://bugzilla.suse.com/show_bug.cgi?id=1247154 * https://bugzilla.suse.com/show_bug.cgi?id=1247156 * https://bugzilla.suse.com/show_bug.cgi?id=1247160 * https://bugzilla.suse.com/show_bug.cgi?id=1247164 * https://bugzilla.suse.com/show_bug.cgi?id=1247169 * https://bugzilla.suse.com/show_bug.cgi?id=1247170 * https://bugzilla.suse.com/show_bug.cgi?id=1247171 * https://bugzilla.suse.com/show_bug.cgi?id=1247172 * https://bugzilla.suse.com/show_bug.cgi?id=1247174 * https://bugzilla.suse.com/show_bug.cgi?id=1247176 * https://bugzilla.suse.com/show_bug.cgi?id=1247177 * https://bugzilla.suse.com/show_bug.cgi?id=1247178 * https://bugzilla.suse.com/show_bug.cgi?id=1247181 * https://bugzilla.suse.com/show_bug.cgi?id=1247209 * https://bugzilla.suse.com/show_bug.cgi?id=1247210 * https://bugzilla.suse.com/show_bug.cgi?id=1247227 * https://bugzilla.suse.com/show_bug.cgi?id=1247233 * https://bugzilla.suse.com/show_bug.cgi?id=1247236 * https://bugzilla.suse.com/show_bug.cgi?id=1247238 * https://bugzilla.suse.com/show_bug.cgi?id=1247241 * https://bugzilla.suse.com/show_bug.cgi?id=1247251 * https://bugzilla.suse.com/show_bug.cgi?id=1247252 * https://bugzilla.suse.com/show_bug.cgi?id=1247253 * https://bugzilla.suse.com/show_bug.cgi?id=1247255 * https://bugzilla.suse.com/show_bug.cgi?id=1247271 * https://bugzilla.suse.com/show_bug.cgi?id=1247273 * https://bugzilla.suse.com/show_bug.cgi?id=1247274 * https://bugzilla.suse.com/show_bug.cgi?id=1247276 * https://bugzilla.suse.com/show_bug.cgi?id=1247277 * https://bugzilla.suse.com/show_bug.cgi?id=1247278 * https://bugzilla.suse.com/show_bug.cgi?id=1247279 * https://bugzilla.suse.com/show_bug.cgi?id=1247284 * https://bugzilla.suse.com/show_bug.cgi?id=1247285 * https://bugzilla.suse.com/show_bug.cgi?id=1247288 * https://bugzilla.suse.com/show_bug.cgi?id=1247289 * https://bugzilla.suse.com/show_bug.cgi?id=1247293 * https://bugzilla.suse.com/show_bug.cgi?id=1247311 * https://bugzilla.suse.com/show_bug.cgi?id=1247314 * https://bugzilla.suse.com/show_bug.cgi?id=1247317 * https://bugzilla.suse.com/show_bug.cgi?id=1247347 * https://bugzilla.suse.com/show_bug.cgi?id=1247348 * https://bugzilla.suse.com/show_bug.cgi?id=1247349 * https://bugzilla.suse.com/show_bug.cgi?id=1247374 * https://bugzilla.suse.com/show_bug.cgi?id=1247437 * https://bugzilla.suse.com/show_bug.cgi?id=1247450 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 27 16:38:51 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Aug 2025 16:38:51 -0000 Subject: SUSE-SU-2025:02995-1: important: Security update for postgresql17 Message-ID: <175631273166.11230.1108198658396051863@smelt2.prg2.suse.org> # Security update for postgresql17 Announcement ID: SUSE-SU-2025:02995-1 Release Date: 2025-08-27T12:01:47Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS * SUSE Package Hub 15 15-SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql17 fixes the following issues: Updated to 17.6: * CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table (bsc#1248120) * CVE-2025-8714: Fixed untrusted data inclusion in pg_dump allows superuser of origin server to execute arbitrary code in psql client (bsc#1248122) * CVE-2025-8715: Fixed improper neutralization of newlines in pg_dump leading to arbitrary code execution in the psql client and in the restore target server (bsc#1248119) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2025-2995=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2995=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2995=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2995=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2995=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2995=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2995=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2995=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2995=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2995=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2995=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2995=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-2995=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-2995=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-2995=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2995=1 ## Package List: * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql17-llvmjit-debuginfo-17.6-150200.5.16.1 * postgresql17-llvmjit-devel-17.6-150200.5.16.1 * postgresql17-test-17.6-150200.5.16.1 * postgresql17-llvmjit-17.6-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libpq5-17.6-150200.5.16.1 * postgresql17-debugsource-17.6-150200.5.16.1 * libecpg6-debuginfo-17.6-150200.5.16.1 * postgresql17-debuginfo-17.6-150200.5.16.1 * libpq5-debuginfo-17.6-150200.5.16.1 * libecpg6-17.6-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libpq5-17.6-150200.5.16.1 * postgresql17-debugsource-17.6-150200.5.16.1 * libecpg6-debuginfo-17.6-150200.5.16.1 * postgresql17-debuginfo-17.6-150200.5.16.1 * libpq5-debuginfo-17.6-150200.5.16.1 * libecpg6-17.6-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libpq5-32bit-17.6-150200.5.16.1 * libpq5-32bit-debuginfo-17.6-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libpq5-17.6-150200.5.16.1 * postgresql17-debugsource-17.6-150200.5.16.1 * libecpg6-debuginfo-17.6-150200.5.16.1 * postgresql17-debuginfo-17.6-150200.5.16.1 * libpq5-debuginfo-17.6-150200.5.16.1 * libecpg6-17.6-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libpq5-32bit-17.6-150200.5.16.1 * libpq5-32bit-debuginfo-17.6-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * postgresql17-server-17.6-150200.5.16.1 * postgresql17-plpython-debuginfo-17.6-150200.5.16.1 * libpq5-17.6-150200.5.16.1 * postgresql17-plperl-debuginfo-17.6-150200.5.16.1 * postgresql17-17.6-150200.5.16.1 * libpq5-debuginfo-17.6-150200.5.16.1 * postgresql17-devel-debuginfo-17.6-150200.5.16.1 * postgresql17-debugsource-17.6-150200.5.16.1 * postgresql17-devel-17.6-150200.5.16.1 * postgresql17-plpython-17.6-150200.5.16.1 * postgresql17-contrib-17.6-150200.5.16.1 * postgresql17-server-devel-17.6-150200.5.16.1 * libecpg6-debuginfo-17.6-150200.5.16.1 * postgresql17-contrib-debuginfo-17.6-150200.5.16.1 * postgresql17-server-debuginfo-17.6-150200.5.16.1 * postgresql17-server-devel-debuginfo-17.6-150200.5.16.1 * postgresql17-pltcl-debuginfo-17.6-150200.5.16.1 * postgresql17-debuginfo-17.6-150200.5.16.1 * postgresql17-plperl-17.6-150200.5.16.1 * postgresql17-pltcl-17.6-150200.5.16.1 * libecpg6-17.6-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * postgresql17-docs-17.6-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libpq5-32bit-17.6-150200.5.16.1 * libpq5-32bit-debuginfo-17.6-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * postgresql17-server-17.6-150200.5.16.1 * postgresql17-plpython-debuginfo-17.6-150200.5.16.1 * libpq5-17.6-150200.5.16.1 * postgresql17-plperl-debuginfo-17.6-150200.5.16.1 * postgresql17-17.6-150200.5.16.1 * libpq5-debuginfo-17.6-150200.5.16.1 * postgresql17-devel-debuginfo-17.6-150200.5.16.1 * postgresql17-debugsource-17.6-150200.5.16.1 * postgresql17-devel-17.6-150200.5.16.1 * postgresql17-plpython-17.6-150200.5.16.1 * postgresql17-contrib-17.6-150200.5.16.1 * postgresql17-server-devel-17.6-150200.5.16.1 * libecpg6-debuginfo-17.6-150200.5.16.1 * postgresql17-contrib-debuginfo-17.6-150200.5.16.1 * postgresql17-server-debuginfo-17.6-150200.5.16.1 * postgresql17-server-devel-debuginfo-17.6-150200.5.16.1 * postgresql17-pltcl-debuginfo-17.6-150200.5.16.1 * postgresql17-debuginfo-17.6-150200.5.16.1 * postgresql17-plperl-17.6-150200.5.16.1 * postgresql17-pltcl-17.6-150200.5.16.1 * libecpg6-17.6-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * postgresql17-docs-17.6-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libpq5-32bit-17.6-150200.5.16.1 * libpq5-32bit-debuginfo-17.6-150200.5.16.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * libpq5-17.6-150200.5.16.1 * postgresql17-debugsource-17.6-150200.5.16.1 * libecpg6-debuginfo-17.6-150200.5.16.1 * postgresql17-debuginfo-17.6-150200.5.16.1 * libpq5-debuginfo-17.6-150200.5.16.1 * libecpg6-17.6-150200.5.16.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libpq5-17.6-150200.5.16.1 * postgresql17-debugsource-17.6-150200.5.16.1 * libecpg6-debuginfo-17.6-150200.5.16.1 * postgresql17-debuginfo-17.6-150200.5.16.1 * libpq5-debuginfo-17.6-150200.5.16.1 * libecpg6-17.6-150200.5.16.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libpq5-32bit-17.6-150200.5.16.1 * libpq5-32bit-debuginfo-17.6-150200.5.16.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql17-server-17.6-150200.5.16.1 * postgresql17-llvmjit-17.6-150200.5.16.1 * postgresql17-plpython-debuginfo-17.6-150200.5.16.1 * libpq5-17.6-150200.5.16.1 * postgresql17-plperl-debuginfo-17.6-150200.5.16.1 * postgresql17-17.6-150200.5.16.1 * libpq5-debuginfo-17.6-150200.5.16.1 * postgresql17-devel-debuginfo-17.6-150200.5.16.1 * postgresql17-debugsource-17.6-150200.5.16.1 * postgresql17-devel-17.6-150200.5.16.1 * postgresql17-plpython-17.6-150200.5.16.1 * postgresql17-contrib-17.6-150200.5.16.1 * postgresql17-server-devel-17.6-150200.5.16.1 * postgresql17-llvmjit-devel-17.6-150200.5.16.1 * libecpg6-debuginfo-17.6-150200.5.16.1 * postgresql17-contrib-debuginfo-17.6-150200.5.16.1 * postgresql17-server-debuginfo-17.6-150200.5.16.1 * postgresql17-server-devel-debuginfo-17.6-150200.5.16.1 * postgresql17-pltcl-debuginfo-17.6-150200.5.16.1 * postgresql17-debuginfo-17.6-150200.5.16.1 * postgresql17-plperl-17.6-150200.5.16.1 * postgresql17-pltcl-17.6-150200.5.16.1 * libecpg6-17.6-150200.5.16.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * postgresql17-docs-17.6-150200.5.16.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libpq5-32bit-17.6-150200.5.16.1 * libpq5-32bit-debuginfo-17.6-150200.5.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libpq5-17.6-150200.5.16.1 * postgresql17-debugsource-17.6-150200.5.16.1 * libecpg6-debuginfo-17.6-150200.5.16.1 * postgresql17-debuginfo-17.6-150200.5.16.1 * libpq5-debuginfo-17.6-150200.5.16.1 * libecpg6-17.6-150200.5.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libpq5-17.6-150200.5.16.1 * postgresql17-debugsource-17.6-150200.5.16.1 * libecpg6-debuginfo-17.6-150200.5.16.1 * postgresql17-debuginfo-17.6-150200.5.16.1 * libpq5-debuginfo-17.6-150200.5.16.1 * libecpg6-17.6-150200.5.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libpq5-32bit-17.6-150200.5.16.1 * libpq5-32bit-debuginfo-17.6-150200.5.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * postgresql17-server-17.6-150200.5.16.1 * postgresql17-llvmjit-17.6-150200.5.16.1 * postgresql17-plpython-debuginfo-17.6-150200.5.16.1 * libpq5-17.6-150200.5.16.1 * postgresql17-plperl-debuginfo-17.6-150200.5.16.1 * postgresql17-17.6-150200.5.16.1 * libpq5-debuginfo-17.6-150200.5.16.1 * postgresql17-devel-debuginfo-17.6-150200.5.16.1 * postgresql17-debugsource-17.6-150200.5.16.1 * postgresql17-devel-17.6-150200.5.16.1 * postgresql17-plpython-17.6-150200.5.16.1 * postgresql17-contrib-17.6-150200.5.16.1 * postgresql17-server-devel-17.6-150200.5.16.1 * postgresql17-llvmjit-devel-17.6-150200.5.16.1 * libecpg6-debuginfo-17.6-150200.5.16.1 * postgresql17-contrib-debuginfo-17.6-150200.5.16.1 * postgresql17-server-debuginfo-17.6-150200.5.16.1 * postgresql17-server-devel-debuginfo-17.6-150200.5.16.1 * postgresql17-pltcl-debuginfo-17.6-150200.5.16.1 * postgresql17-debuginfo-17.6-150200.5.16.1 * postgresql17-plperl-17.6-150200.5.16.1 * postgresql17-pltcl-17.6-150200.5.16.1 * libecpg6-17.6-150200.5.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * postgresql17-docs-17.6-150200.5.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libpq5-32bit-17.6-150200.5.16.1 * libpq5-32bit-debuginfo-17.6-150200.5.16.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * libpq5-32bit-17.6-150200.5.16.1 * libpq5-17.6-150200.5.16.1 * libecpg6-debuginfo-17.6-150200.5.16.1 * libpq5-32bit-debuginfo-17.6-150200.5.16.1 * libpq5-debuginfo-17.6-150200.5.16.1 * libecpg6-17.6-150200.5.16.1 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * libpq5-32bit-17.6-150200.5.16.1 * libpq5-17.6-150200.5.16.1 * libecpg6-debuginfo-17.6-150200.5.16.1 * libpq5-32bit-debuginfo-17.6-150200.5.16.1 * libpq5-debuginfo-17.6-150200.5.16.1 * libecpg6-17.6-150200.5.16.1 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * libpq5-17.6-150200.5.16.1 * libecpg6-debuginfo-17.6-150200.5.16.1 * libpq5-debuginfo-17.6-150200.5.16.1 * libecpg6-17.6-150200.5.16.1 * SUSE Manager Server 4.3 LTS (s390x) * postgresql17-devel-debuginfo-17.6-150200.5.16.1 * postgresql17-debugsource-17.6-150200.5.16.1 * postgresql17-devel-17.6-150200.5.16.1 * postgresql17-plpython-17.6-150200.5.16.1 * postgresql17-server-17.6-150200.5.16.1 * postgresql17-contrib-17.6-150200.5.16.1 * postgresql17-contrib-debuginfo-17.6-150200.5.16.1 * postgresql17-plperl-debuginfo-17.6-150200.5.16.1 * postgresql17-17.6-150200.5.16.1 * postgresql17-server-debuginfo-17.6-150200.5.16.1 * postgresql17-plpython-debuginfo-17.6-150200.5.16.1 * postgresql17-server-devel-17.6-150200.5.16.1 * postgresql17-server-devel-debuginfo-17.6-150200.5.16.1 * postgresql17-pltcl-debuginfo-17.6-150200.5.16.1 * postgresql17-debuginfo-17.6-150200.5.16.1 * postgresql17-plperl-17.6-150200.5.16.1 * postgresql17-pltcl-17.6-150200.5.16.1 * SUSE Manager Server 4.3 LTS (noarch) * postgresql17-docs-17.6-150200.5.16.1 * SUSE Manager Server 4.3 LTS (x86_64) * libpq5-32bit-17.6-150200.5.16.1 * libpq5-32bit-debuginfo-17.6-150200.5.16.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libpq5-17.6-150200.5.16.1 * postgresql17-debugsource-17.6-150200.5.16.1 * libecpg6-debuginfo-17.6-150200.5.16.1 * postgresql17-debuginfo-17.6-150200.5.16.1 * libpq5-debuginfo-17.6-150200.5.16.1 * libecpg6-17.6-150200.5.16.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 27 16:38:56 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Aug 2025 16:38:56 -0000 Subject: SUSE-SU-2025:02994-1: important: Security update for postgresql13 Message-ID: <175631273656.11230.14998099074299378806@smelt2.prg2.suse.org> # Security update for postgresql13 Announcement ID: SUSE-SU-2025:02994-1 Release Date: 2025-08-27T12:00:22Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Galera for Ericsson 15 SP5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql13 fixes the following issues: Upgrade to 13.22: * CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table (bsc#1248120). * CVE-2025-8714: untrusted data inclusion in `pg_dump` lets superuser of origin server execute arbitrary code in psql client (bsc#1248122). * CVE-2025-8715: improper neutralization of newlines in `pg_dump` allows execution of arbitrary code in psql client and in restore target server (bsc#1248119). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2994=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2994=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2994=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2994=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2994=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2994=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2994=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2994=1 * Galera for Ericsson 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-ERICSSON-2025-2994=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql13-contrib-debuginfo-13.22-150200.5.75.2 * postgresql13-plperl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-debuginfo-13.22-150200.5.75.2 * postgresql13-server-debuginfo-13.22-150200.5.75.2 * postgresql13-13.22-150200.5.75.2 * postgresql13-pltcl-13.22-150200.5.75.2 * postgresql13-contrib-13.22-150200.5.75.2 * postgresql13-debugsource-13.22-150200.5.75.2 * postgresql13-server-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-13.22-150200.5.75.2 * postgresql13-server-devel-13.22-150200.5.75.2 * postgresql13-server-13.22-150200.5.75.2 * postgresql13-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-pltcl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-13.22-150200.5.75.2 * postgresql13-plperl-13.22-150200.5.75.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * postgresql13-docs-13.22-150200.5.75.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql13-contrib-debuginfo-13.22-150200.5.75.2 * postgresql13-plperl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-debuginfo-13.22-150200.5.75.2 * postgresql13-server-debuginfo-13.22-150200.5.75.2 * postgresql13-13.22-150200.5.75.2 * postgresql13-llvmjit-devel-13.22-150200.5.75.2 * postgresql13-pltcl-13.22-150200.5.75.2 * postgresql13-contrib-13.22-150200.5.75.2 * postgresql13-debugsource-13.22-150200.5.75.2 * postgresql13-llvmjit-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-13.22-150200.5.75.2 * postgresql13-server-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-server-devel-13.22-150200.5.75.2 * postgresql13-server-13.22-150200.5.75.2 * postgresql13-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-pltcl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-13.22-150200.5.75.2 * postgresql13-llvmjit-13.22-150200.5.75.2 * postgresql13-plperl-13.22-150200.5.75.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql13-docs-13.22-150200.5.75.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql13-contrib-debuginfo-13.22-150200.5.75.2 * postgresql13-plperl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-debuginfo-13.22-150200.5.75.2 * postgresql13-server-debuginfo-13.22-150200.5.75.2 * postgresql13-13.22-150200.5.75.2 * postgresql13-pltcl-13.22-150200.5.75.2 * postgresql13-contrib-13.22-150200.5.75.2 * postgresql13-debugsource-13.22-150200.5.75.2 * postgresql13-server-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-13.22-150200.5.75.2 * postgresql13-server-devel-13.22-150200.5.75.2 * postgresql13-server-13.22-150200.5.75.2 * postgresql13-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-pltcl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-13.22-150200.5.75.2 * postgresql13-plperl-13.22-150200.5.75.2 * SUSE Enterprise Storage 7.1 (noarch) * postgresql13-docs-13.22-150200.5.75.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql13-contrib-debuginfo-13.22-150200.5.75.2 * postgresql13-plperl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-debuginfo-13.22-150200.5.75.2 * postgresql13-server-debuginfo-13.22-150200.5.75.2 * postgresql13-13.22-150200.5.75.2 * postgresql13-pltcl-13.22-150200.5.75.2 * postgresql13-contrib-13.22-150200.5.75.2 * postgresql13-debugsource-13.22-150200.5.75.2 * postgresql13-server-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-13.22-150200.5.75.2 * postgresql13-server-devel-13.22-150200.5.75.2 * postgresql13-server-13.22-150200.5.75.2 * postgresql13-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-pltcl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-13.22-150200.5.75.2 * postgresql13-plperl-13.22-150200.5.75.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * postgresql13-docs-13.22-150200.5.75.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql13-contrib-debuginfo-13.22-150200.5.75.2 * postgresql13-plperl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-debuginfo-13.22-150200.5.75.2 * postgresql13-server-debuginfo-13.22-150200.5.75.2 * postgresql13-13.22-150200.5.75.2 * postgresql13-llvmjit-devel-13.22-150200.5.75.2 * postgresql13-pltcl-13.22-150200.5.75.2 * postgresql13-contrib-13.22-150200.5.75.2 * postgresql13-debugsource-13.22-150200.5.75.2 * postgresql13-llvmjit-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-13.22-150200.5.75.2 * postgresql13-server-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-server-devel-13.22-150200.5.75.2 * postgresql13-server-13.22-150200.5.75.2 * postgresql13-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-pltcl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-13.22-150200.5.75.2 * postgresql13-llvmjit-13.22-150200.5.75.2 * postgresql13-plperl-13.22-150200.5.75.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * postgresql13-docs-13.22-150200.5.75.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql13-contrib-debuginfo-13.22-150200.5.75.2 * postgresql13-plperl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-debuginfo-13.22-150200.5.75.2 * postgresql13-server-debuginfo-13.22-150200.5.75.2 * postgresql13-13.22-150200.5.75.2 * postgresql13-llvmjit-devel-13.22-150200.5.75.2 * postgresql13-pltcl-13.22-150200.5.75.2 * postgresql13-contrib-13.22-150200.5.75.2 * postgresql13-debugsource-13.22-150200.5.75.2 * postgresql13-llvmjit-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-13.22-150200.5.75.2 * postgresql13-server-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-server-devel-13.22-150200.5.75.2 * postgresql13-server-13.22-150200.5.75.2 * postgresql13-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-pltcl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-13.22-150200.5.75.2 * postgresql13-llvmjit-13.22-150200.5.75.2 * postgresql13-plperl-13.22-150200.5.75.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * postgresql13-docs-13.22-150200.5.75.2 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * postgresql13-contrib-debuginfo-13.22-150200.5.75.2 * postgresql13-plperl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-debuginfo-13.22-150200.5.75.2 * postgresql13-server-debuginfo-13.22-150200.5.75.2 * postgresql13-13.22-150200.5.75.2 * postgresql13-pltcl-13.22-150200.5.75.2 * postgresql13-contrib-13.22-150200.5.75.2 * postgresql13-debugsource-13.22-150200.5.75.2 * postgresql13-server-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-13.22-150200.5.75.2 * postgresql13-server-devel-13.22-150200.5.75.2 * postgresql13-server-13.22-150200.5.75.2 * postgresql13-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-pltcl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-13.22-150200.5.75.2 * postgresql13-plperl-13.22-150200.5.75.2 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * postgresql13-docs-13.22-150200.5.75.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * postgresql13-contrib-debuginfo-13.22-150200.5.75.2 * postgresql13-plperl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-debuginfo-13.22-150200.5.75.2 * postgresql13-server-debuginfo-13.22-150200.5.75.2 * postgresql13-13.22-150200.5.75.2 * postgresql13-llvmjit-devel-13.22-150200.5.75.2 * postgresql13-pltcl-13.22-150200.5.75.2 * postgresql13-contrib-13.22-150200.5.75.2 * postgresql13-debugsource-13.22-150200.5.75.2 * postgresql13-llvmjit-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-13.22-150200.5.75.2 * postgresql13-server-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-server-devel-13.22-150200.5.75.2 * postgresql13-server-13.22-150200.5.75.2 * postgresql13-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-pltcl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-13.22-150200.5.75.2 * postgresql13-llvmjit-13.22-150200.5.75.2 * postgresql13-plperl-13.22-150200.5.75.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * postgresql13-docs-13.22-150200.5.75.2 * Galera for Ericsson 15 SP5 (x86_64) * postgresql13-contrib-debuginfo-13.22-150200.5.75.2 * postgresql13-plperl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-debuginfo-13.22-150200.5.75.2 * postgresql13-server-debuginfo-13.22-150200.5.75.2 * postgresql13-13.22-150200.5.75.2 * postgresql13-pltcl-13.22-150200.5.75.2 * postgresql13-contrib-13.22-150200.5.75.2 * postgresql13-debugsource-13.22-150200.5.75.2 * postgresql13-server-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-13.22-150200.5.75.2 * postgresql13-server-devel-13.22-150200.5.75.2 * postgresql13-server-13.22-150200.5.75.2 * postgresql13-debuginfo-13.22-150200.5.75.2 * postgresql13-devel-debuginfo-13.22-150200.5.75.2 * postgresql13-pltcl-debuginfo-13.22-150200.5.75.2 * postgresql13-plpython-13.22-150200.5.75.2 * postgresql13-plperl-13.22-150200.5.75.2 * Galera for Ericsson 15 SP5 (noarch) * postgresql13-docs-13.22-150200.5.75.2 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Aug 27 16:39:00 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Aug 2025 16:39:00 -0000 Subject: SUSE-SU-2025:02993-1: important: Security update for jetty-minimal Message-ID: <175631274043.11230.10105540291198157470@smelt2.prg2.suse.org> # Security update for jetty-minimal Announcement ID: SUSE-SU-2025:02993-1 Release Date: 2025-08-27T11:59:30Z Rating: important References: * bsc#1244252 Cross-References: * CVE-2025-5115 CVSS scores: * CVE-2025-5115 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-5115 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-5115 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-5115 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for jetty-minimal fixes the following issues: Upgraded to version 9.4.58.v20250814: \- CVE-2025-5115: Fixed MadeYouReset DoS attack via HTTP/2 protocol (including DNS over HTTPS) (bsc#1244252) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-2993=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-2993=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-2993=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-2993=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-2993=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2993=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2993=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2993=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2993=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2993=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2993=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2993=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2993=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2993=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2993=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2993=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2993=1 ## Package List: * openSUSE Leap 15.6 (noarch) * jetty-io-9.4.58-150200.3.34.1 * jetty-webapp-9.4.58-150200.3.34.1 * jetty-xml-9.4.58-150200.3.34.1 * jetty-proxy-9.4.58-150200.3.34.1 * jetty-client-9.4.58-150200.3.34.1 * jetty-cdi-9.4.58-150200.3.34.1 * jetty-rewrite-9.4.58-150200.3.34.1 * jetty-security-9.4.58-150200.3.34.1 * jetty-http-spi-9.4.58-150200.3.34.1 * jetty-server-9.4.58-150200.3.34.1 * jetty-jaas-9.4.58-150200.3.34.1 * jetty-plus-9.4.58-150200.3.34.1 * jetty-quickstart-9.4.58-150200.3.34.1 * jetty-annotations-9.4.58-150200.3.34.1 * jetty-servlet-9.4.58-150200.3.34.1 * jetty-openid-9.4.58-150200.3.34.1 * jetty-continuation-9.4.58-150200.3.34.1 * jetty-util-9.4.58-150200.3.34.1 * jetty-http-9.4.58-150200.3.34.1 * jetty-jndi-9.4.58-150200.3.34.1 * jetty-deploy-9.4.58-150200.3.34.1 * jetty-util-ajax-9.4.58-150200.3.34.1 * jetty-ant-9.4.58-150200.3.34.1 * jetty-jsp-9.4.58-150200.3.34.1 * jetty-jmx-9.4.58-150200.3.34.1 * jetty-servlets-9.4.58-150200.3.34.1 * jetty-minimal-javadoc-9.4.58-150200.3.34.1 * jetty-start-9.4.58-150200.3.34.1 * jetty-fcgi-9.4.58-150200.3.34.1 * Development Tools Module 15-SP6 (noarch) * jetty-servlet-9.4.58-150200.3.34.1 * jetty-util-9.4.58-150200.3.34.1 * jetty-security-9.4.58-150200.3.34.1 * jetty-io-9.4.58-150200.3.34.1 * jetty-http-9.4.58-150200.3.34.1 * jetty-server-9.4.58-150200.3.34.1 * jetty-util-ajax-9.4.58-150200.3.34.1 * Development Tools Module 15-SP7 (noarch) * jetty-servlet-9.4.58-150200.3.34.1 * jetty-util-9.4.58-150200.3.34.1 * jetty-security-9.4.58-150200.3.34.1 * jetty-io-9.4.58-150200.3.34.1 * jetty-http-9.4.58-150200.3.34.1 * jetty-server-9.4.58-150200.3.34.1 * jetty-util-ajax-9.4.58-150200.3.34.1 * SUSE Package Hub 15 15-SP6 (noarch) * jetty-continuation-9.4.58-150200.3.34.1 * SUSE Package Hub 15 15-SP7 (noarch) * jetty-continuation-9.4.58-150200.3.34.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * jetty-servlet-9.4.58-150200.3.34.1 * jetty-util-9.4.58-150200.3.34.1 * jetty-security-9.4.58-150200.3.34.1 * jetty-io-9.4.58-150200.3.34.1 * jetty-http-9.4.58-150200.3.34.1 * jetty-server-9.4.58-150200.3.34.1 * jetty-util-ajax-9.4.58-150200.3.34.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * jetty-servlet-9.4.58-150200.3.34.1 * jetty-util-9.4.58-150200.3.34.1 * jetty-security-9.4.58-150200.3.34.1 * jetty-io-9.4.58-150200.3.34.1 * jetty-http-9.4.58-150200.3.34.1 * jetty-server-9.4.58-150200.3.34.1 * jetty-util-ajax-9.4.58-150200.3.34.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * jetty-servlet-9.4.58-150200.3.34.1 * jetty-util-9.4.58-150200.3.34.1 * jetty-security-9.4.58-150200.3.34.1 * jetty-io-9.4.58-150200.3.34.1 * jetty-http-9.4.58-150200.3.34.1 * jetty-server-9.4.58-150200.3.34.1 * jetty-util-ajax-9.4.58-150200.3.34.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * jetty-servlet-9.4.58-150200.3.34.1 * jetty-util-9.4.58-150200.3.34.1 * jetty-security-9.4.58-150200.3.34.1 * jetty-io-9.4.58-150200.3.34.1 * jetty-http-9.4.58-150200.3.34.1 * jetty-server-9.4.58-150200.3.34.1 * jetty-util-ajax-9.4.58-150200.3.34.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * jetty-servlet-9.4.58-150200.3.34.1 * jetty-util-9.4.58-150200.3.34.1 * jetty-security-9.4.58-150200.3.34.1 * jetty-io-9.4.58-150200.3.34.1 * jetty-http-9.4.58-150200.3.34.1 * jetty-server-9.4.58-150200.3.34.1 * jetty-util-ajax-9.4.58-150200.3.34.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * jetty-servlet-9.4.58-150200.3.34.1 * jetty-util-9.4.58-150200.3.34.1 * jetty-security-9.4.58-150200.3.34.1 * jetty-io-9.4.58-150200.3.34.1 * jetty-http-9.4.58-150200.3.34.1 * jetty-server-9.4.58-150200.3.34.1 * jetty-util-ajax-9.4.58-150200.3.34.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * jetty-servlet-9.4.58-150200.3.34.1 * jetty-util-9.4.58-150200.3.34.1 * jetty-security-9.4.58-150200.3.34.1 * jetty-io-9.4.58-150200.3.34.1 * jetty-http-9.4.58-150200.3.34.1 * jetty-server-9.4.58-150200.3.34.1 * jetty-util-ajax-9.4.58-150200.3.34.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * jetty-servlet-9.4.58-150200.3.34.1 * jetty-util-9.4.58-150200.3.34.1 * jetty-security-9.4.58-150200.3.34.1 * jetty-io-9.4.58-150200.3.34.1 * jetty-http-9.4.58-150200.3.34.1 * jetty-server-9.4.58-150200.3.34.1 * jetty-util-ajax-9.4.58-150200.3.34.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * jetty-servlet-9.4.58-150200.3.34.1 * jetty-util-9.4.58-150200.3.34.1 * jetty-security-9.4.58-150200.3.34.1 * jetty-io-9.4.58-150200.3.34.1 * jetty-http-9.4.58-150200.3.34.1 * jetty-server-9.4.58-150200.3.34.1 * jetty-util-ajax-9.4.58-150200.3.34.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * jetty-servlet-9.4.58-150200.3.34.1 * jetty-util-9.4.58-150200.3.34.1 * jetty-security-9.4.58-150200.3.34.1 * jetty-io-9.4.58-150200.3.34.1 * jetty-http-9.4.58-150200.3.34.1 * jetty-server-9.4.58-150200.3.34.1 * jetty-util-ajax-9.4.58-150200.3.34.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * jetty-servlet-9.4.58-150200.3.34.1 * jetty-util-9.4.58-150200.3.34.1 * jetty-security-9.4.58-150200.3.34.1 * jetty-io-9.4.58-150200.3.34.1 * jetty-http-9.4.58-150200.3.34.1 * jetty-server-9.4.58-150200.3.34.1 * jetty-util-ajax-9.4.58-150200.3.34.1 * SUSE Enterprise Storage 7.1 (noarch) * jetty-servlet-9.4.58-150200.3.34.1 * jetty-util-9.4.58-150200.3.34.1 * jetty-security-9.4.58-150200.3.34.1 * jetty-io-9.4.58-150200.3.34.1 * jetty-http-9.4.58-150200.3.34.1 * jetty-server-9.4.58-150200.3.34.1 * jetty-util-ajax-9.4.58-150200.3.34.1 ## References: * https://www.suse.com/security/cve/CVE-2025-5115.html * https://bugzilla.suse.com/show_bug.cgi?id=1244252 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:33:38 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:33:38 -0000 Subject: SUSE-SU-2025:20586-1: important: Security update for the Linux Kernel Message-ID: <175637001870.10939.11800162408415068193@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:20586-1 Release Date: 2025-08-25T12:51:43Z Rating: important References: * bsc#1204142 * bsc#1219338 * bsc#1225707 * bsc#1230216 * bsc#1233300 * bsc#1235613 * bsc#1235837 * bsc#1236333 * bsc#1236897 * bsc#1238896 * bsc#1239061 * bsc#1240323 * bsc#1240885 * bsc#1240966 * bsc#1241166 * bsc#1241345 * bsc#1242086 * bsc#1242414 * bsc#1242837 * bsc#1242960 * bsc#1242965 * bsc#1242993 * bsc#1243068 * bsc#1243100 * bsc#1243479 * bsc#1243669 * bsc#1243806 * bsc#1244309 * bsc#1244337 * bsc#1244457 * bsc#1244735 * bsc#1244749 * bsc#1244750 * bsc#1244792 * bsc#1244801 * bsc#1245151 * bsc#1245201 * bsc#1245202 * bsc#1245216 * bsc#1245260 * bsc#1245431 * bsc#1245440 * bsc#1245457 * bsc#1245498 * bsc#1245499 * bsc#1245504 * bsc#1245506 * bsc#1245508 * bsc#1245510 * bsc#1245540 * bsc#1245598 * bsc#1245599 * bsc#1245646 * bsc#1245647 * bsc#1245649 * bsc#1245650 * bsc#1245654 * bsc#1245658 * bsc#1245660 * bsc#1245665 * bsc#1245666 * bsc#1245668 * bsc#1245669 * bsc#1245670 * bsc#1245671 * bsc#1245675 * bsc#1245676 * bsc#1245677 * bsc#1245679 * bsc#1245682 * bsc#1245683 * bsc#1245684 * bsc#1245688 * bsc#1245689 * bsc#1245690 * bsc#1245691 * bsc#1245695 * bsc#1245705 * bsc#1245708 * bsc#1245711 * bsc#1245713 * bsc#1245714 * bsc#1245719 * bsc#1245723 * bsc#1245729 * bsc#1245730 * bsc#1245731 * bsc#1245735 * bsc#1245737 * bsc#1245744 * bsc#1245745 * bsc#1245746 * bsc#1245747 * bsc#1245748 * bsc#1245749 * bsc#1245750 * bsc#1245751 * bsc#1245752 * bsc#1245757 * bsc#1245758 * bsc#1245765 * bsc#1245768 * bsc#1245769 * bsc#1245777 * bsc#1245781 * bsc#1245789 * bsc#1245937 * bsc#1245945 * bsc#1245951 * bsc#1245952 * bsc#1245954 * bsc#1245957 * bsc#1245966 * bsc#1245970 * bsc#1245976 * bsc#1245980 * bsc#1245983 * bsc#1245986 * bsc#1246000 * bsc#1246002 * bsc#1246006 * bsc#1246008 * bsc#1246020 * bsc#1246023 * bsc#1246029 * bsc#1246031 * bsc#1246037 * bsc#1246041 * bsc#1246042 * bsc#1246044 * bsc#1246045 * bsc#1246047 * bsc#1246049 * bsc#1246050 * bsc#1246055 * bsc#1246073 * bsc#1246093 * bsc#1246098 * bsc#1246109 * bsc#1246122 * bsc#1246125 * bsc#1246171 * bsc#1246173 * bsc#1246178 * bsc#1246182 * bsc#1246183 * bsc#1246186 * bsc#1246195 * bsc#1246203 * bsc#1246212 * bsc#1246220 * bsc#1246236 * bsc#1246240 * bsc#1246243 * bsc#1246246 * bsc#1246249 * bsc#1246250 * bsc#1246253 * bsc#1246258 * bsc#1246262 * bsc#1246264 * bsc#1246266 * bsc#1246268 * bsc#1246273 * bsc#1246283 * bsc#1246287 * bsc#1246292 * bsc#1246293 * bsc#1246295 * bsc#1246334 * bsc#1246337 * bsc#1246342 * bsc#1246349 * bsc#1246354 * bsc#1246358 * bsc#1246361 * bsc#1246364 * bsc#1246370 * bsc#1246375 * bsc#1246384 * bsc#1246386 * bsc#1246387 * bsc#1246438 * bsc#1246453 * bsc#1246473 * bsc#1246490 * bsc#1246506 * bsc#1246547 * bsc#1246777 * bsc#1246781 * bsc#1246870 * bsc#1246879 * bsc#1246911 * bsc#1247018 * bsc#1247023 * bsc#1247028 * bsc#1247031 * bsc#1247033 * bsc#1247035 * bsc#1247061 * bsc#1247089 * bsc#1247091 * bsc#1247097 * bsc#1247098 * bsc#1247101 * bsc#1247103 * bsc#1247104 * bsc#1247113 * bsc#1247118 * bsc#1247123 * bsc#1247125 * bsc#1247128 * bsc#1247132 * bsc#1247138 * bsc#1247141 * bsc#1247143 * bsc#1247145 * bsc#1247146 * bsc#1247147 * bsc#1247149 * bsc#1247150 * bsc#1247151 * bsc#1247153 * bsc#1247154 * bsc#1247156 * bsc#1247160 * bsc#1247164 * bsc#1247169 * bsc#1247170 * bsc#1247171 * bsc#1247172 * bsc#1247174 * bsc#1247176 * bsc#1247177 * bsc#1247178 * bsc#1247181 * bsc#1247209 * bsc#1247210 * bsc#1247227 * bsc#1247233 * bsc#1247236 * bsc#1247238 * bsc#1247241 * bsc#1247251 * bsc#1247252 * bsc#1247253 * bsc#1247255 * bsc#1247271 * bsc#1247273 * bsc#1247274 * bsc#1247276 * bsc#1247277 * bsc#1247278 * bsc#1247279 * bsc#1247284 * bsc#1247285 * bsc#1247288 * bsc#1247289 * bsc#1247293 * bsc#1247311 * bsc#1247314 * bsc#1247317 * bsc#1247347 * bsc#1247348 * bsc#1247349 * bsc#1247374 * bsc#1247437 * bsc#1247450 * jsc#PED-13238 Cross-References: * CVE-2019-11135 * CVE-2024-36028 * CVE-2024-36348 * CVE-2024-36349 * CVE-2024-36350 * CVE-2024-36357 * CVE-2024-44963 * CVE-2024-56742 * CVE-2024-57947 * CVE-2025-21839 * CVE-2025-21872 * CVE-2025-23163 * CVE-2025-37798 * CVE-2025-37856 * CVE-2025-37864 * CVE-2025-37885 * CVE-2025-37920 * CVE-2025-37984 * CVE-2025-38034 * CVE-2025-38035 * CVE-2025-38051 * CVE-2025-38052 * CVE-2025-38058 * CVE-2025-38061 * CVE-2025-38062 * CVE-2025-38063 * CVE-2025-38064 * CVE-2025-38074 * CVE-2025-38084 * CVE-2025-38085 * CVE-2025-38087 * CVE-2025-38088 * CVE-2025-38089 * CVE-2025-38090 * CVE-2025-38094 * CVE-2025-38095 * CVE-2025-38097 * CVE-2025-38098 * CVE-2025-38099 * CVE-2025-38100 * CVE-2025-38102 * CVE-2025-38105 * CVE-2025-38107 * CVE-2025-38108 * CVE-2025-38109 * CVE-2025-38110 * CVE-2025-38111 * CVE-2025-38112 * CVE-2025-38113 * CVE-2025-38115 * CVE-2025-38117 * CVE-2025-38118 * CVE-2025-38120 * CVE-2025-38122 * CVE-2025-38123 * CVE-2025-38124 * CVE-2025-38126 * CVE-2025-38127 * CVE-2025-38129 * CVE-2025-38131 * CVE-2025-38132 * CVE-2025-38135 * CVE-2025-38136 * CVE-2025-38138 * CVE-2025-38142 * CVE-2025-38143 * CVE-2025-38145 * CVE-2025-38147 * CVE-2025-38148 * CVE-2025-38149 * CVE-2025-38151 * CVE-2025-38153 * CVE-2025-38154 * CVE-2025-38155 * CVE-2025-38157 * CVE-2025-38158 * CVE-2025-38159 * CVE-2025-38161 * CVE-2025-38162 * CVE-2025-38165 * CVE-2025-38166 * CVE-2025-38173 * CVE-2025-38174 * CVE-2025-38177 * CVE-2025-38180 * CVE-2025-38181 * CVE-2025-38182 * CVE-2025-38183 * CVE-2025-38187 * CVE-2025-38188 * CVE-2025-38192 * CVE-2025-38193 * CVE-2025-38194 * CVE-2025-38197 * CVE-2025-38198 * CVE-2025-38200 * CVE-2025-38202 * CVE-2025-38203 * CVE-2025-38204 * CVE-2025-38206 * CVE-2025-38210 * CVE-2025-38211 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38214 * CVE-2025-38215 * CVE-2025-38217 * CVE-2025-38220 * CVE-2025-38222 * CVE-2025-38225 * CVE-2025-38226 * CVE-2025-38227 * CVE-2025-38229 * CVE-2025-38231 * CVE-2025-38236 * CVE-2025-38239 * CVE-2025-38244 * CVE-2025-38246 * CVE-2025-38248 * CVE-2025-38249 * CVE-2025-38250 * CVE-2025-38257 * CVE-2025-38259 * CVE-2025-38264 * CVE-2025-38272 * CVE-2025-38273 * CVE-2025-38275 * CVE-2025-38277 * CVE-2025-38279 * CVE-2025-38283 * CVE-2025-38286 * CVE-2025-38289 * CVE-2025-38290 * CVE-2025-38292 * CVE-2025-38293 * CVE-2025-38300 * CVE-2025-38303 * CVE-2025-38304 * CVE-2025-38305 * CVE-2025-38307 * CVE-2025-38310 * CVE-2025-38312 * CVE-2025-38313 * CVE-2025-38319 * CVE-2025-38323 * CVE-2025-38326 * CVE-2025-38328 * CVE-2025-38332 * CVE-2025-38334 * CVE-2025-38335 * CVE-2025-38336 * CVE-2025-38337 * CVE-2025-38338 * CVE-2025-38342 * CVE-2025-38343 * CVE-2025-38344 * CVE-2025-38345 * CVE-2025-38348 * CVE-2025-38349 * CVE-2025-38350 * CVE-2025-38352 * CVE-2025-38354 * CVE-2025-38362 * CVE-2025-38363 * CVE-2025-38364 * CVE-2025-38365 * CVE-2025-38369 * CVE-2025-38371 * CVE-2025-38373 * CVE-2025-38375 * CVE-2025-38376 * CVE-2025-38377 * CVE-2025-38380 * CVE-2025-38382 * CVE-2025-38384 * CVE-2025-38385 * CVE-2025-38386 * CVE-2025-38387 * CVE-2025-38389 * CVE-2025-38391 * CVE-2025-38392 * CVE-2025-38393 * CVE-2025-38395 * CVE-2025-38396 * CVE-2025-38399 * CVE-2025-38400 * CVE-2025-38401 * CVE-2025-38403 * CVE-2025-38404 * CVE-2025-38406 * CVE-2025-38409 * CVE-2025-38410 * CVE-2025-38412 * CVE-2025-38414 * CVE-2025-38415 * CVE-2025-38416 * CVE-2025-38420 * CVE-2025-38424 * CVE-2025-38425 * CVE-2025-38426 * CVE-2025-38428 * CVE-2025-38429 * CVE-2025-38430 * CVE-2025-38436 * CVE-2025-38443 * CVE-2025-38448 * CVE-2025-38449 * CVE-2025-38455 * CVE-2025-38457 * CVE-2025-38460 * CVE-2025-38461 * CVE-2025-38462 * CVE-2025-38463 * CVE-2025-38465 * CVE-2025-38467 * CVE-2025-38468 * CVE-2025-38470 * CVE-2025-38471 * CVE-2025-38473 * CVE-2025-38474 * CVE-2025-38476 * CVE-2025-38477 * CVE-2025-38478 * CVE-2025-38480 * CVE-2025-38481 * CVE-2025-38482 * CVE-2025-38483 * CVE-2025-38485 * CVE-2025-38487 * CVE-2025-38489 * CVE-2025-38494 * CVE-2025-38495 * CVE-2025-38496 * CVE-2025-38497 * CVE-2025-38498 CVSS scores: * CVE-2019-11135 ( SUSE ): 6.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2019-11135 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36348 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36349 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36350 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36357 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-44963 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-44963 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56742 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-57947 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57947 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21872 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23163 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23163 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37856 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37856 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37864 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37920 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37920 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-37984 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-37984 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38034 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38034 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38035 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38035 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38051 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38052 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38058 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38058 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38061 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38062 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38062 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38063 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38063 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38064 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38064 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38074 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38084 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38084 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38085 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38085 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38087 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38088 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38088 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38089 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38089 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38090 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38090 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38095 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38097 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38097 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38098 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38098 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38099 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38099 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38100 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38102 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38102 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38105 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38105 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38107 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38107 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38108 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38108 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38109 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38109 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38110 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38110 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38111 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38111 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38112 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38112 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38113 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38115 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38115 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38117 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38117 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38118 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38120 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-38120 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-38122 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38123 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38124 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38126 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38126 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38127 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38127 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38129 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38129 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38131 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38131 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38132 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38132 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38135 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38136 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38138 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38142 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38142 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38143 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38143 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38145 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38145 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38147 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38148 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38149 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38149 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38151 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38151 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38153 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38153 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38154 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38154 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38155 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38155 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38157 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38157 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38158 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38158 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38159 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38159 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38161 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38162 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38165 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38166 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38166 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38173 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38173 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38174 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38174 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38180 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38180 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38182 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38183 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38183 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38187 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38187 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38188 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38192 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38192 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38193 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38193 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38194 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38197 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38197 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38198 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38203 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38203 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38204 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38204 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38206 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38206 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38211 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38211 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38214 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38214 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38215 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38217 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38217 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38220 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38220 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38222 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-38222 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2025-38225 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38226 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38226 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38227 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38227 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38229 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38229 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-38231 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38231 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38239 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38239 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38244 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38244 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38246 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38248 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38248 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38249 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38249 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38250 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38250 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38257 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38259 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38259 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38264 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38272 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38273 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38273 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38275 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38277 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38277 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38279 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38279 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38283 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38283 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38286 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38286 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38289 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38289 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38290 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38290 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38292 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38292 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38293 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38293 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38300 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38300 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38303 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38303 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38304 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38305 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38307 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38310 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38310 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38312 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38313 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38319 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38323 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38323 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38326 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38326 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38328 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38332 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38334 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38334 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38335 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38335 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38336 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38337 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38338 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38338 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38342 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-38344 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38344 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38345 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38345 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38348 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38349 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38349 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38350 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38350 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38352 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38352 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38354 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38354 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38362 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38363 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38364 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38364 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38365 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38365 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38369 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38369 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38371 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38371 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38373 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38373 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38375 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38376 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38376 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38377 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38377 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38380 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38380 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38382 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38382 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38384 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38384 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38385 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38385 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38386 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38386 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38387 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38387 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38389 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38389 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38391 ( SUSE ): 5.2 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38391 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38392 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38392 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38393 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38393 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38395 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38395 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38396 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38396 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38399 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38399 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38400 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38400 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38401 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38401 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38403 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38406 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38406 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38409 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38409 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38410 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38410 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38412 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38412 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38414 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38414 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38415 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38415 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38416 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38416 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38425 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38425 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38426 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38426 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38428 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38428 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38429 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38429 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38430 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38430 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38436 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38436 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38448 ( SUSE ): 4.1 CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38448 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38455 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38455 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38457 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38457 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38460 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38460 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38461 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38461 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38462 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38462 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38463 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38463 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38465 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38465 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38467 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38467 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38470 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38471 ( SUSE ): 8.4 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38471 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2025-38473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38474 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38474 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38476 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38476 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38477 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38477 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38478 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38478 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38480 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38480 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38481 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38481 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38482 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38482 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38483 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38483 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38485 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38485 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38487 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38487 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38489 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38489 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38496 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38496 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38497 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38497 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38498 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38498 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 * SUSE Linux Micro Extras 6.0 An update that solves 235 vulnerabilities, contains one feature and has 33 fixes can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may * CVE-2024-36028: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() (bsc#1225707). * CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357: x86/process: Move the buffer clearing before MONITOR (bsc#1238896). * CVE-2024-44963: btrfs: do not BUG_ON() when freeing tree block after error (bsc#1230216). * CVE-2024-56742: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() (bsc#1235613). * CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061). * CVE-2025-21872: efi/mokvar-table: Avoid repeated map/unmap of the same page (bsc#1240323). * CVE-2025-23163: net: vlan: do not propagate flags on open (bsc#1242837). * CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068). * CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965). * CVE-2025-37885: KVM: x86: Reset IRTE to host control if _new_ route isn't postable (bsc#1242960). * CVE-2025-37920: kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (bsc#1243479). * CVE-2025-37984: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (bsc#1243669). * CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792). * CVE-2025-38035: nvmet-tcp: do not restore null sk_state_change (bsc#1244801). * CVE-2025-38051: smb: client: Fix use-after-free in cifs_fill_dirent (bsc#1244750). * CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151). * CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() (bsc#1245440). * CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216). * CVE-2025-38063: dm: fix unconditional IO throttle caused by REQ_PREFLUSH (bsc#1245202). * CVE-2025-38064: virtio: break and reset virtio devices on device_shutdown() (bsc#1245201). * CVE-2025-38074: vhost-scsi: protect vq->log_used with vq->mutex (bsc#1244735). * CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macb_halt_tx (bsc#1245649). * CVE-2025-38097: kabi: restore encap_sk in struct xfrm_state (bsc#1245660). * CVE-2025-38098: drm/amd/display: Do not treat wb connector as physical in (bsc#1245654). * CVE-2025-38099: Bluetooth: btusb: Fix regression in the initialization of fake Bluetooth controllers (bsc#1245671). * CVE-2025-38100: x86/iopl: Cure TIF_IO_BITMAP inconsistencies (bsc#1245650). * CVE-2025-38105: ALSA: usb-audio: Kill timer properly at removal (bsc#1245682). * CVE-2025-38115: net_sched: sch_sfq: fix a potential crash on gso_skb handling (bsc#1245689). * CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695). * CVE-2025-38126: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (bsc#1245708). * CVE-2025-38131: coresight: prevent deactivate active config while enabling the config (bsc#1245677). * CVE-2025-38132: coresight: holding cscfg_csdev_lock while removing cscfg from csdev (bsc#1245679). * CVE-2025-38147: calipso: unlock rcu before returning -EAFNOSUPPORT (bsc#1245768). * CVE-2025-38158: hisi_acc_vfio_pci: fix XQE dma address error (bsc#1245750). * CVE-2025-38162: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (bsc#1245752). * CVE-2025-38166: bpf: fix ktls panic with sockmap (bsc#1245758). * CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970). * CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937). * CVE-2025-38183: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (bsc#1246006). * CVE-2025-38187: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951). * CVE-2025-38188: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (bsc#1246098). * CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045). * CVE-2025-38202: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980). * CVE-2025-38203: jfs: Fix null-ptr-deref in jfs_ioc_trim (bsc#1246044). * CVE-2025-38204: jfs: fix array-index-out-of-bounds read in add_missing_indices (bsc#1245983). * CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073). * CVE-2025-38210: configfs-tsm-report: Fix NULL dereference of tsm_ops (bsc#1246020). * CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029). * CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966). * CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976). * CVE-2025-38236: af_unix: Disable MSG_OOB for unprivileged users (bsc#1246093). * CVE-2025-38239: scsi: megaraid_sas: Fix invalid node index (bsc#1246178). * CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183). * CVE-2025-38248: bridge: mcast: Fix use-after-free during router port configuration (bsc#1246173). * CVE-2025-38250: kABI workaround for bluetooth hci_dev changes (bsc#1246182). * CVE-2025-38264: llist: add interface to check if a node is on a list (bsc#1246387). * CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268). * CVE-2025-38279: selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264). * CVE-2025-38283: hisi_acc_vfio_pci: bugfix live migration function without VF device driver (bsc#1246273). * CVE-2025-38303: Bluetooth: eir: Fix possible crashes on eir_create_adv_data (bsc#1246354). * CVE-2025-38310: seg6: Fix validation of nexthop addresses (bsc#1246361). * CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473). * CVE-2025-38334: x86/sgx: Prevent attempts to reclaim poisoned pages (bsc#1246384). * CVE-2025-38335: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (bsc#1246250). * CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253). * CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777). * CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781). * CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911). * CVE-2025-38364: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (bsc#1247091). * CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023). * CVE-2025-38371: drm/v3d: Disable interrupts before resetting the GPU (bsc#1247178). * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177). * CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031). * CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169). * CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156). * CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (bsc#1247097). * CVE-2025-38403: vsock/vmci: Clear the vmci transport packet properly when initializing it (bsc#1247141). * CVE-2025-38414: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (bsc#1247145). * CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252). * CVE-2025-38429: bus: mhi: ep: Update read pointer only after buffer is written (bsc#1247253). * CVE-2025-38455: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (bsc#1247101). * CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098). * CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143). * CVE-2025-38461: vsock: Fix transport_* TOCTOU (bsc#1247103). * CVE-2025-38462: vsock: Fix transport_{g2h,h2g} TOCTOU (bsc#1247104). * CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113). * CVE-2025-38465: netlink: make sure we allow at least one dump skb (bsc#1247118). * CVE-2025-38470: kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (bsc#1247288). * CVE-2025-38471: tls: always refresh the queue when reading sock (bsc#1247450). * CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). * CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374). The following non-security bugs were fixed: * ACPI: LPSS: Remove AudioDSP related ID (git-fixes). * ACPI: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122). * ACPI: processor: perflib: Fix initial _PPC limit application (git-fixes). * ACPICA: Refuse to evaluate a method if arguments are missing (stable-fixes). * ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes). * ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable- fixes). * ALSA: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable- fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes). * ALSA: hda/tegra: Add Tegra264 support (stable-fixes). * ALSA: hda: Add missing NVIDIA HDA codec IDs (stable-fixes). * ALSA: hda: Add new pci id for AMD GPU display HD audio controller (stable- fixes). * ALSA: hda: Ignore unsol events for cards being shut down (stable-fixes). * ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git- fixes). * ALSA: sb: Do not allow changing the DMA mode during operations (stable- fixes). * ALSA: sb: Force to disable DMAs once when DMA mode is changed (stable- fixes). * ASoC: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes). * ASoC: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes). * ASoC: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable- fixes). * ASoC: amd: yc: update quirk data for HP Victus (stable-fixes). * ASoC: codec: wcd9335: Convert to GPIO descriptors (stable-fixes). * ASoC: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes). * ASoC: codecs: wcd9335: Handle nicer probe deferral and simplify with dev_err_probe() (stable-fixes). * ASoC: cs35l56: probe() should fail if the device ID is not recognized (git- fixes). * ASoC: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git- fixes). * ASoC: fsl_xcvr: get channel status data when PHY is not exists (git-fixes). * ASoC: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes). * ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git- fixes). * Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes). * Bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes). * Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes). * Bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT (git-fixes). * Bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes). * Bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes). * Bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes). * Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes). * Bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes). * Bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes). * Bluetooth: hci_conn: Fix sending BT_HCI_CMD_LE_CREATE_CONN_CANCEL (git- fixes). * Bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git- fixes). * Bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes). * Bluetooth: hci_sync: Attempt to dequeue connection attempt (git-fixes). * Bluetooth: hci_sync: Fix UAF on create_le_conn_complete (git-fixes). * Bluetooth: hci_sync: Fix handling of HCI_OP_CREATE_CONN_CANCEL (git-fixes). * Bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes). * Bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes). * Bluetooth: hci_sync: revert some mesh modifications (git-fixes). * Docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes). * Documentation: ACPI: Fix parent device references (git-fixes). * Documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes). * Fix dma_unmap_sg() nents value (git-fixes) * HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes). * HID: core: do not bypass hid_hw_raw_request (stable-fixes). * HID: core: ensure __hid_request reserves the report ID as the first byte (git-fixes). * HID: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes). * HID: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable- fixes). * HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable- fixes). * IB/mlx5: Fix potential deadlock in MR deregistration (git-fixes) * Input: iqs7222 - explicitly define number of external channels (git-fixes). * Input: xpad - adjust error handling for disconnect (git-fixes). * Input: xpad - set correct controller type for Acer NGR200 (git-fixes). * Input: xpad - support Acer NGR 200 Controller (stable-fixes). * Logitech C-270 even more broken (stable-fixes). * Move upstreamed SCSI and ACPI patches into sorted section * NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes). * NFS: Fix the setting of capabilities when automounting a new filesystem (git-fixes). * NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git- fixes). * NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes). * NFSD: detect mismatch of file handle and delegation stateid in OPEN op (git- fixes). * NFSv4.2: another fix for listxattr (git-fixes). * NFSv4.2: fix listxattr to return selinux security label (git-fixes). * NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes). * NFSv4: Always set NLINK even if the server does not support it (git-fixes). * NFSv4: xattr handlers should check for absent nfs filehandles (git-fixes). * PCI/MSI: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457). * PCI: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes). * PCI: endpoint: Fix configfs group list head handling (git-fixes). * PCI: endpoint: Fix configfs group removal on driver teardown (git-fixes). * PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes). * PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes). * PCI: hv: Allow dynamic MSI-X vector allocation (bsc#1245457). * PCI: rockchip-host: Fix "Unexpected Completion" log message (git-fixes). * PM / devfreq: Check governor before using governor->name (git-fixes). * RDMA/core: Rate limit GID cache warning messages (git-fixes) * RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes) * RDMA/hns: Drop GFP_NOWARN (git-fixes) * RDMA/hns: Fix -Wframe-larger-than issue (git-fixes) * RDMA/hns: Fix HW configurations not cleared in error flow (git-fixes) * RDMA/hns: Fix accessing uninitialized resources (git-fixes) * RDMA/hns: Fix double destruction of rsv_qp (git-fixes) * RDMA/hns: Get message length of ack_req from FW (git-fixes) * RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes) * RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes) * RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes) * RDMA/mlx5: Fix CC counters query for MPV (git-fixes) * RDMA/mlx5: Fix HW counters query for non-representor devices (git-fixes) * RDMA/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes) * RDMA/mlx5: Fix vport loopback for MPV device (git-fixes) * RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert (git-fixes) * RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes) * RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes) * RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes) * RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes) * RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git- fixes) * RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes) * Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes). * Revert "ACPI: battery: negate current when discharging" (stable-fixes). * Revert "cgroup_freezer: cgroup_freezing: Check if not frozen" (bsc#1219338). * Revert "drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1" (stable-fixes). * Revert "mmc: sdhci: Disable SD card clock before changing parameters" (git- fixes). * Revert "usb: xhci: Implement xhci_handshake_check_state() helper" (git- fixes). * Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" (stable-fixes). * SMB3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion (git-fixes). * USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes). * USB: serial: option: add Foxconn T99W640 (stable-fixes). * USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable- fixes). * [SMB3] send channel sequence number in SMB3 requests after reconnects (git- fixes). * af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes). * af_unix: Add a prompt to CONFIG_AF_UNIX_OOB (bsc#1246093). * amd/amdkfd: fix a kfd_process ref leak (stable-fixes). * aoe: clean device rq_list in aoedev_downdev() (git-fixes). * apple-mfi-fastcharge: protect first device name (git-fixes). * ata: pata_cs5536: fix build on 32-bit UML (stable-fixes). * audit,module: restore audit logging in load failure case (git-fixes). * bpf, sockmap: Fix sk_msg_reset_curr (git-fixes). * bpf/lpm_trie: Inline longest_prefix_match for fastpath (git-fixes). * bpf/selftests: Check errno when percpu map value size exceeds (git-fixes). * bpf: Add a possibly-zero-sized read test (git-fixes). * bpf: Avoid **hidden** attribute in static object (git-fixes). * bpf: Check percpu map value size first (git-fixes). * bpf: Disable some `attribute ignored' warnings in GCC (git-fixes). * bpf: Fix memory leak in bpf_core_apply (git-fixes). * bpf: Fix potential integer overflow in resolve_btfids (git-fixes). * bpf: Harden __bpf_kfunc tag against linker kfunc removal (git-fixes). * bpf: Make the pointer returned by iter next method valid (git-fixes). * bpf: Simplify checking size of helper accesses (git-fixes). * bpf: fix order of args in call to bpf_map_kvcalloc (git-fixes). * bpf: sockmap, updating the sg structure should also update curr (git-fixes). * bpftool: Fix missing pids during link show (git-fixes). * bpftool: Fix undefined behavior caused by shifting into the sign bit (git- fixes). * bpftool: Mount bpffs on provided dir instead of parent dir (git-fixes). * bpftool: Remove unnecessary source files from bootstrap version (git-fixes). * bpftool: Un-const bpf_func_info to fix it for llvm 17 and newer (git-fixes). * btrfs: do not ignore inode missing when replaying log tree (git-fixes). * btrfs: do not silently ignore unexpected extent type when replaying log (git-fixes). * btrfs: do not skip remaining extrefs if dir not found during log replay (git-fixes). * btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068) * btrfs: fix assertion when building free space tree (git-fixes). * btrfs: fix inode lookup error handling during log replay (git-fixes). * btrfs: fix invalid inode pointer dereferences during log replay (git-fixes). * btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes). * btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes). * btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes). * btrfs: fix ssd_spread overallocation (git-fixes). * btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068) * btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes). * btrfs: rename err to ret in btrfs_rmdir() (git-fixes). * btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes). * btrfs: return a btrfs_inode from read_one_inode() (git-fixes). * btrfs: tests: fix chunk map leak after failure to add it to the tree (git- fixes). * btrfs: update superblock's device bytes_used when dropping chunk (git- fixes). * btrfs: use NOFS context when getting inodes during logging and log replay (git-fixes). * btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes). * bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes). * bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes). * can: dev: can_restart(): move debug message and stats after successful restart (stable-fixes). * can: dev: can_restart(): reverse logic to remove need for goto (stable- fixes). * can: kvaser_pciefd: Store device channel index (git-fixes). * can: kvaser_usb: Assign netdev.dev_port based on device channel index (git- fixes). * can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes). * can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes). * can: peak_usb: fix USB FD devices potential malfunction (git-fixes). * cdc-acm: fix race between initial clearing halt and open (git-fixes). * cgroup,freezer: fix incomplete freezing when attaching tasks (bsc#1245789). * cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166). * cifs: reconnect helper should set reconnect for the right channel (git- fixes). * clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes). * clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes). * clk: sunxi-ng: v3s: Fix de clock definition (git-fixes). * clk: xilinx: vcu: unregister pll_post only if registered correctly (git- fixes). * clocksource: Scale the watchdog read retries automatically (bsc#1241345 bsc#1244457). * clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin (bsc#1241345 bsc#1244457). * comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes). * comedi: Fix initialization of data for instructions that write to subdevice (git-fixes). * comedi: Fix some signed shift left operations (git-fixes). * comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes). * comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes). * comedi: das16m1: Fix bit shift out of bounds (git-fixes). * comedi: das6402: Fix bit shift out of bounds (git-fixes). * comedi: pcl812: Fix bit shift out of bounds (git-fixes). * compiler_types.h: Define **retain for __attribute** (( **retain** )) (git- fixes). * config: enable RBD (jsc#PED-13238) * crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes). * crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes). * crypto: ccp - Fix locking on alloc failure handling (git-fixes). * crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes). * crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes). * crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes). * crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes). * crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes). * crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes). * crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes). * crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes). * crypto: qat - fix state restore for banks with exceptions (git-fixes). * crypto: qat - flush misc workqueue during device shutdown (git-fixes). * crypto: qat - use unmanaged allocation for dc_data (git-fixes). * crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes). * dm-bufio: fix sched in atomic context (git-fixes). * dm-flakey: error all IOs when num_features is absent (git-fixes). * dm-flakey: make corrupting read bios work (git-fixes). * dm-mirror: fix a tiny race condition (git-fixes). * dm-raid: fix variable in journal device check (git-fixes). * dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes). * dm: do not change md if dm_table_set_restrictions() fails (git-fixes). * dm: free table mempools if not used in __bind (git-fixes). * dm: restrict dm device size to 2^63-512 bytes (git-fixes). * dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes). * dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes). * dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes). * dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git- fixes). * dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes). * dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes). * dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes). * dmaengine: xilinx_dma: Set dma_device directions (stable-fixes). * drm/amd/display: Do not overwrite dce60_clk_mgr (git-fixes). * drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git- fixes). * drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes). * drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes). * drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes). * drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes). * drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git- fixes). * drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes). * drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes). * drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes). * drm/exynos: fimd: Guard display clock control with runtime PM calls (git- fixes). * drm/framebuffer: Acquire internal references on GEM handles (git-fixes). * drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes). * drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes). * drm/i915/gsc: mei interrupt top half should be in irq disabled context (git- fixes). * drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes). * drm/i915/selftests: Change mock_request() to return error pointers (git- fixes). * drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes). * drm/msm: Fix a fence leak in submit error path (stable-fixes). * drm/msm: Fix another leak in the submit error path (stable-fixes). * drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes). * drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes). * drm/sched: Increment job count before swapping tail spsc queue (git-fixes). * drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes). * drm/scheduler: signal scheduled fence when kill job (stable-fixes). * drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes). * drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes). * drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes). * exfat: fdatasync flag should be same like generic_write_sync() (git-fixes). * fbcon: Fix outdated registered_fb reference in comment (git-fixes). * fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes). * firewire: ohci: correct code comments about bus_reset tasklet (git-fixes). * fs/jfs: consolidate sanity checking in dbMount (git-fixes). * fs/orangefs: Allow 2 more characters in do_c_string() (git-fixes). * gpio: mlxbf2: use platform_get_irq_optional() (git-fixes). * gpio: pca953x: log an error when failing to get the reset GPIO (git-fixes). * gpio: sim: include a missing header (git-fixes). * gpio: vf610: add locking to gpio direction functions (git-fixes). * gpio: virtio: Fix config space reading (git-fixes). * gpiolib: Fix debug messaging in gpiod_find_and_request() (git-fixes). * gpiolib: Handle no pin_ranges in gpiochip_generic_config() (git-fixes). * gpiolib: acpi: Do not use GPIO chip fwnode in acpi_gpiochip_find() (bsc#1233300). * gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match (bsc#1233300). * gpiolib: cdev: Ignore reconfiguration without direction (git-fixes). * gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes). * hfs: make splice write available again (git-fixes). * hfsplus: make splice write available again (git-fixes). * hfsplus: remove mutex_lock check in hfsplus_free_extents (git-fixes). * hv_netvsc: Use VF's tso_max_size value when data path is VF (bsc#1246203). * hwmon: (corsair-cpro) Validate the size of the received input buffer (git- fixes). * hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes). * hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes). * hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes). * i2c/designware: Fix an initialization issue (git-fixes). * i2c: qup: jump out of the loop in case of timeout (git-fixes). * i2c: stm32: fix the device used for the DMA map (git-fixes). * i2c: tegra: Fix reset error handling with ACPI (git-fixes). * i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes). * i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes). * iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git- fixes). * iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes). * iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable- fixes). * iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes). * iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes). * iio: adc: max1363: Reorder mode_list[] entries (stable-fixes). * iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes). * iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes). * iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes). * iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes). * iommu/amd: Set the pgsize_bitmap correctly (git-fixes). * iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes). * iommu/vt-d: Fix possible circular locking dependency (git-fixes). * iommu/vt-d: Fix system hang on reboot -f (git-fixes). * ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes). * ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (git-fixes). * ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes). * ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes). * iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes). * jfs: fix metapage reference count leak in dbAllocCtl (git-fixes). * kABI workaround for struct drm_framebuffer changes (git-fixes). * kABI: Fix the module::name type in audit_context (git-fixes). * kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes). * kernel-syms.spec: Drop old rpm release number hack (bsc#1247172). * leds: multicolor: Fix intensity setting while SW blinking (stable-fixes). * lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1236897). * lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897). * maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes). * md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes). * media: gspca: Add bounds checking to firmware parser (git-fixes). * media: hi556: correct the test pattern configuration (git-fixes). * media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes). * media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes). * media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git- fixes). * media: usbtv: Lock resolution while streaming (git-fixes). * media: uvcvideo: Do not mark valid metadata as invalid (git-fixes). * media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git- fixes). * media: v4l2-ctrls: Do not reset handler's error in v4l2_ctrl_handler_free() (git-fixes). * media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes). * media: venus: Add a check for packet size after reading from shared memory (git-fixes). * media: venus: hfi: explicitly release IRQ during teardown (git-fixes). * media: venus: protect against spurious interrupts during probe (git-fixes). * media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git- fixes). * media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git- fixes). * media: vivid: fix wrong pixel_array control size (git-fixes). * memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git- fixes). * mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes). * misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes). * mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes). * mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes). * mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes). * mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes). * mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes). * module: Fix memory deallocation on error path in move_module() (git-fixes). * module: Remove unnecessary +1 from last_unloaded_module::name size (git- fixes). * module: Restore the moduleparam prefix length check (git-fixes). * mtd: fix possible integer overflow in erase_xfer() (git-fixes). * mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes). * mtd: rawnand: atmel: set pmecc data setup time (git-fixes). * mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes). * mtd: rawnand: renesas: Add missing check after DMA map (git-fixes). * mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes). * mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes). * mtd: spinand: fix memory leak of ECC engine conf (stable-fixes). * mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes). * mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes). * mtk-sd: Prevent memory corruption from DMA map failure (git-fixes). * mtk-sd: reset host->mrq on prepare_data() error (git-fixes). * mwl8k: Add missing check after DMA map (git-fixes). * nbd: fix uaf in nbd_genl_connect() error path (git-fixes). * net/packet: fix a race in packet_set_ring() and packet_notifier() (git- fixes). * net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes). * net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git- fixes). * net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git- fixes). * net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes). * net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes). * net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes). * net: mana: Add debug logs in MANA network driver (bsc#1246212). * net: mana: Add handler for hardware servicing events (bsc#1245730). * net: mana: Allocate MSI-X vectors dynamically (bsc#1245457). * net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457). * net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (bsc#1246203). * net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729). * net: mana: Set tx_packets to post gso processing packet count (bsc#1245731). * net: mana: explain irq_setup() algorithm (bsc#1245457). * net: phy: Do not register LEDs for genphy (git-fixes). * net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes). * net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes). * net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git- fixes). * net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes). * net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git- fixes). * net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes). * net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes). * net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes). * netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes). * nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git- fixes). * nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes). * nilfs2: reject invalid file types when reading inodes (git-fixes). * nvme-pci: refresh visible attrs after being checked (git-fixes). * nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes). * nvme: fix endianness of command word prints in nvme_log_err_passthru() (git- fixes). * nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes). * nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes). * nvmet-tcp: fix callback lock for TLS handshake (git-fixes). * objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes). * objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks (git-fixes). * objtool: Fix _THIS_IP_ detection for cold functions (git-fixes). * objtool: Fix error handling inconsistencies in check() (git-fixes). * objtool: Ignore dangling jump table entries (git-fixes). * objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes). * objtool: Properly disable uaccess validation (git-fixes). * objtool: Silence more KCOV warnings (git-fixes). * objtool: Silence more KCOV warnings, part 2 (git-fixes). * objtool: Stop UNRET validation on UD2 (git-fixes). * pNFS/flexfiles: do not attempt pnfs on fatal DS errors (git-fixes). * pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes). * perf: Fix sample vs do_exit() (bsc#1246547). * phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git- fixes). * pinctrl: amd: Clear GPIO debounce for suspend (git-fixes). * pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes). * pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes). * pinmux: fix race causing mux_owner NULL with active mux_usecount (git- fixes). * platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git- fixes). * platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git- fixes). * platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes). * platform/mellanox: mlxreg-lc: Fix logic error in power state check (git- fixes). * platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes). * platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes). * platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes). * platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes). * platform/x86: think-lmi: Create ksets consecutively (stable-fixes). * platform/x86: think-lmi: Fix kobject cleanup (git-fixes). * platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes). * power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes). * power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git- fixes). * powercap: call put_device() on an error path in powercap_register_control_type() (stable-fixes). * powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git- fixes). * powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes). * powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH (git-fixes). * ptp: fix breakage after ptp_vclock_in_use() rework (bsc#1246506). * pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes). * pwm: mediatek: Ensure to disable clocks in error path (git-fixes). * regmap: fix potential memory leak of regmap_bus (git-fixes). * regulator: fan53555: add enable_time support and soft-start times (stable- fixes). * regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git- fixes). * regulator: pwm-regulator: Calculate the output voltage for disabled PWMs (stable-fixes). * resource: fix false warning in __request_region() (git-fixes). * restore UCSI_CONNECTOR_RESET_HARD definition (git-fixes). * ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes). * rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes). * rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes). * rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337) * rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes). * rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes). * rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes). * rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes). * rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes). * rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes). * s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246870). * s390/entry: Fix last breaking event handling in case of stack corruption (git-fixes bsc#1243806). * s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245646). * s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245647). * s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245598). * s390: Add z17 elf platform (LTC#214086 bsc#1245540). * samples: mei: Fix building on musl libc (git-fixes). * sched,freezer: Remove unnecessary warning in __thaw_task (bsc#1219338). * sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up() (git- fixes). * scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes). * scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Copyright updates for 14.4.0.10 patches (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Modify end-of-life adapters' model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142). * scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: megaraid_sas: Fix invalid node index (git-fixes). * scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git- fixes). * scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git- fixes). * scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245599). * selftests/bpf: Add CFLAGS per source file and runner (git-fixes). * selftests/bpf: Add tests for iter next method returning valid pointer (git- fixes). * selftests/bpf: Change functions definitions to support GCC (git-fixes). * selftests/bpf: Fix a few tests for GCC related warnings (git-fixes). * selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect (git-fixes). * selftests/bpf: Fix prog numbers in test_sockmap (git-fixes). * smb3: move server check earlier when setting channel sequence number (git- fixes). * soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes). * soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes). * soc: aspeed: lpc-snoop: Do not disable channels that are not enabled (git- fixes). * soc: qcom: QMI encoding/decoding for big endian (git-fixes). * soc: qcom: fix endianness for QMI header (git-fixes). * soc: qcom: pmic_glink: fix OF node leak (git-fixes). * soundwire: amd: fix for clearing command status register (git-fixes). * soundwire: stream: restore params when prepare ports fail (git-fixes). * spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git- fixes). * staging: axis-fifo: remove sysfs interface (git-fixes). * staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git- fixes). * staging: nvec: Fix incorrect null termination of battery manufacturer (git- fixes). * struct cdns: move new member to the end (git-fixes). * struct ucsi_operations: use padding for new operation (git-fixes). * sunrpc: do not immediately retransmit on seqno miss (git-fixes). * sunrpc: fix client side handling of tls alerts (git-fixes). * tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes). * thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes). * thunderbolt: Fix copy+paste error in match_service_id() (git-fixes). * thunderbolt: Fix wake on connect at runtime (git-fixes). * tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes). * tracing/kprobes: Fix to free objects when failed to copy a symbol (git- fixes). * types: Complement the aligned types with signed 64-bit one (stable-fixes). * ucount: fix atomic_long_inc_below() argument type (git-fixes). * ucsi-glink: adapt to kABI consistency (git-fixes). * ucsi_ccg: Refine the UCSI Interrupt handling (git-fixes). * ucsi_operations: add stubs for all operations (git-fixes). * ucsi_ops: adapt update_connector to kABI consistency (git-fixes). * usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes). * usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes). * usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes). * usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes). * usb: cdnsp: Fix issue with resuming from L1 (git-fixes). * usb: cdnsp: Replace snprintf() with the safer scnprintf() variant (stable- fixes). * usb: cdnsp: do not disable slot for disabled slot (git-fixes). * usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes). * usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes). * usb: dwc2: also exit clock_gating when stopping udc while suspended (stable- fixes). * usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes). * usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes). * usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes). * usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes). * usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes). * usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes). * usb: hub: Do not try to recover devices lost during warm reset (git-fixes). * usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes). * usb: musb: fix gadget state on disconnect (git-fixes). * usb: musb: omap2430: fix device leak at unbind (git-fixes). * usb: net: sierra: check for no status endpoint (git-fixes). * usb: potential integer overflow in usbg_make_tpg() (stable-fixes). * usb: typec: Update sysfs when setting ops (git-fixes). * usb: typec: altmodes/displayport: do not index invalid pin_assignments (git- fixes). * usb: typec: displayport: Fix potential deadlock (git-fixes). * usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes). * usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable- fixes). * usb: typec: tcpm: allow switching to mode accessory to mux properly (stable- fixes). * usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes). * usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git- fixes). * usb: typec: ucsi: Add DATA_RESET option of Connector Reset command (git- fixes). * usb: typec: ucsi: Add qcm6490-pmic-glink as needing PDOS quirk (git-fixes). * usb: typec: ucsi: Delay alternate mode discovery (git-fixes). * usb: typec: ucsi: Fix busy loop on ASUS VivoBooks (git-fixes). * usb: typec: ucsi: Fix the partner PD revision (git-fixes). * usb: typec: ucsi: Get PD revision for partner (git-fixes). * usb: typec: ucsi: Set orientation as none when connector is unplugged (git- fixes). * usb: typec: ucsi: Update power_supply on power role change (git-fixes). * usb: typec: ucsi: add callback for connector status updates (git-fixes). * usb: typec: ucsi: add update_connector callback (git-fixes). * usb: typec: ucsi: do not retrieve PDOs if not supported (git-fixes). * usb: typec: ucsi: extract code to read PD caps (git-fixes). * usb: typec: ucsi: fix UCSI on SM8550 & SM8650 Qualcomm devices (git-fixes). * usb: typec: ucsi: glink: fix off-by-one in connector_status (git-fixes). * usb: typec: ucsi: glink: increase max ports for x1e80100 (git-fixes). * usb: typec: ucsi: glink: move GPIO reading into connector_status callback (git-fixes). * usb: typec: ucsi: glink: use typec_set_orientation (git-fixes). * usb: typec: ucsi: move ucsi_acknowledge() from ucsi_read_error() (git- fixes). * usb: typec: ucsi: properly register partner's PD device (git-fixes). * usb: typec: ucsi: support delaying GET_PDOS for device (git-fixes). * usb: typec: ucsi_acpi: Add LG Gram quirk (git-fixes). * usb: typec: ucsi_glink: drop NO_PARTNER_PDOS quirk for sm8550 / sm8650 (git- fixes). * usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk (git-fixes). * usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk on qcm6490 (git-fixes). * usb: typec: ucsi_glink: rework quirks implementation (git-fixes). * usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git- fixes). * usb: xhci: quirk for data loss in ISOC transfers (stable-fixes). * usb:cdnsp: remove TRB_FLUSH_ENDPOINT command (stable-fixes). * virtgpu: do not reset on shutdown (git-fixes). * vmci: Prevent the dispatching of uninitialized payloads (git-fixes). * vt: add missing notification when switching back to text mode (stable- fixes). * vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes). * vt: keyboard: Do not process Unicode characters in K_OFF mode (git-fixes). * watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git- fixes). * wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes). * wifi: ath11k: fix dest ring-buffer corruption (git-fixes). * wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes). * wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes). * wifi: ath11k: fix source ring-buffer corruption (git-fixes). * wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes). * wifi: ath12k: fix dest ring-buffer corruption (git-fixes). * wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes). * wifi: ath12k: fix endianness handling while accessing wmi service bit (git- fixes). * wifi: ath12k: fix source ring-buffer corruption (git-fixes). * wifi: ath6kl: remove WARN on bad firmware input (stable-fixes). * wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes). * wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes). * wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes). * wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes). * wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes). * wifi: mac80211: Add link iteration macro for link data (stable-fixes). * wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes). * wifi: mac80211: Do not call fq_flow_idx() for management frames (git-fixes). * wifi: mac80211: Do not schedule stopped TXQs (git-fixes). * wifi: mac80211: chan: chandef is non-NULL for reserved (stable-fixes). * wifi: mac80211: drop invalid source address OCB frames (stable-fixes). * wifi: mac80211: reject TDLS operations when station is not associated (git- fixes). * wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes). * wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes). * wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes). * wifi: plfxlc: Fix error handling in usb driver probe (git-fixes). * wifi: prevent A-MSDU attacks in mesh networks (stable-fixes). * wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes). * wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes). * wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes). * x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes). * x86/mce/amd: Add default names for MCA banks and blocks (git-fixes). * x86/mce/amd: Fix threshold limit reset (git-fixes). * x86/mce: Do not remove sysfs if thresholding sysfs init fails (git-fixes). * x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git- fixes). * x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git- fixes). * x86/traps: Initialize DR6 by writing its architectural reset value (git- fixes). * x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes). * x86: UV RTC: Add parameter to disable RTC clocksource (bsc#1241345). * xfs: fix off-by-one error in fsmap's end_daddr usage (bsc#1235837). * xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes). * xfs: remove unused event xfs_alloc_near_error (git-fixes). * xfs: remove unused event xfs_alloc_near_nominleft (git-fixes). * xfs: remove unused event xfs_attr_node_removename (git-fixes). * xfs: remove unused event xfs_ioctl_clone (git-fixes). * xfs: remove unused event xfs_pagecache_inval (git-fixes). * xfs: remove unused event xlog_iclog_want_sync (git-fixes). * xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes). * xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes). * xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes). * xfs: remove unused xfs_attr events (git-fixes). * xfs: remove unused xfs_reflink_compare_extents events (git-fixes). * xfs: remove usused xfs_end_io_direct events (git-fixes). * xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git- fixes). * xhci: dbc: Flush queued requests before stopping dbc (git-fixes). * xhci: dbctty: disable ECHO flag by default (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-82=1 * SUSE Linux Micro Extras 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-82=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * kernel-source-6.4.0-32.1 * kernel-devel-6.4.0-32.1 * kernel-macros-6.4.0-32.1 * SUSE Linux Micro 6.0 (aarch64 nosrc s390x x86_64) * kernel-default-6.4.0-32.1 * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * kernel-default-debuginfo-6.4.0-32.1 * kernel-default-debugsource-6.4.0-32.1 * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-default-livepatch-6.4.0-32.1 * SUSE Linux Micro 6.0 (nosrc x86_64) * kernel-kvmsmall-6.4.0-32.1 * SUSE Linux Micro 6.0 (x86_64) * kernel-kvmsmall-debuginfo-6.4.0-32.1 * kernel-kvmsmall-debugsource-6.4.0-32.1 * SUSE Linux Micro 6.0 (aarch64 x86_64) * kernel-default-base-6.4.0-32.1.21.10 * SUSE Linux Micro Extras 6.0 (nosrc) * kernel-64kb-6.4.0-32.1 * kernel-default-6.4.0-32.1 * SUSE Linux Micro Extras 6.0 (aarch64) * kernel-64kb-debugsource-6.4.0-32.1 * kernel-64kb-devel-6.4.0-32.1 * SUSE Linux Micro Extras 6.0 (aarch64 s390x x86_64) * kernel-syms-6.4.0-32.1 * kernel-obs-build-debugsource-6.4.0-32.1 * kernel-default-devel-6.4.0-32.1 * kernel-default-debugsource-6.4.0-32.1 * kernel-obs-build-6.4.0-32.1 * SUSE Linux Micro Extras 6.0 (x86_64) * kernel-default-devel-debuginfo-6.4.0-32.1 ## References: * https://www.suse.com/security/cve/CVE-2019-11135.html * https://www.suse.com/security/cve/CVE-2024-36028.html * https://www.suse.com/security/cve/CVE-2024-36348.html * https://www.suse.com/security/cve/CVE-2024-36349.html * https://www.suse.com/security/cve/CVE-2024-36350.html * https://www.suse.com/security/cve/CVE-2024-36357.html * https://www.suse.com/security/cve/CVE-2024-44963.html * https://www.suse.com/security/cve/CVE-2024-56742.html * https://www.suse.com/security/cve/CVE-2024-57947.html * https://www.suse.com/security/cve/CVE-2025-21839.html * https://www.suse.com/security/cve/CVE-2025-21872.html * https://www.suse.com/security/cve/CVE-2025-23163.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-37856.html * https://www.suse.com/security/cve/CVE-2025-37864.html * https://www.suse.com/security/cve/CVE-2025-37885.html * https://www.suse.com/security/cve/CVE-2025-37920.html * https://www.suse.com/security/cve/CVE-2025-37984.html * https://www.suse.com/security/cve/CVE-2025-38034.html * https://www.suse.com/security/cve/CVE-2025-38035.html * https://www.suse.com/security/cve/CVE-2025-38051.html * https://www.suse.com/security/cve/CVE-2025-38052.html * https://www.suse.com/security/cve/CVE-2025-38058.html * https://www.suse.com/security/cve/CVE-2025-38061.html * https://www.suse.com/security/cve/CVE-2025-38062.html * https://www.suse.com/security/cve/CVE-2025-38063.html * https://www.suse.com/security/cve/CVE-2025-38064.html * https://www.suse.com/security/cve/CVE-2025-38074.html * https://www.suse.com/security/cve/CVE-2025-38084.html * https://www.suse.com/security/cve/CVE-2025-38085.html * https://www.suse.com/security/cve/CVE-2025-38087.html * https://www.suse.com/security/cve/CVE-2025-38088.html * https://www.suse.com/security/cve/CVE-2025-38089.html * https://www.suse.com/security/cve/CVE-2025-38090.html * https://www.suse.com/security/cve/CVE-2025-38094.html * https://www.suse.com/security/cve/CVE-2025-38095.html * https://www.suse.com/security/cve/CVE-2025-38097.html * https://www.suse.com/security/cve/CVE-2025-38098.html * https://www.suse.com/security/cve/CVE-2025-38099.html * https://www.suse.com/security/cve/CVE-2025-38100.html * https://www.suse.com/security/cve/CVE-2025-38102.html * https://www.suse.com/security/cve/CVE-2025-38105.html * https://www.suse.com/security/cve/CVE-2025-38107.html * https://www.suse.com/security/cve/CVE-2025-38108.html * https://www.suse.com/security/cve/CVE-2025-38109.html * https://www.suse.com/security/cve/CVE-2025-38110.html * https://www.suse.com/security/cve/CVE-2025-38111.html * https://www.suse.com/security/cve/CVE-2025-38112.html * https://www.suse.com/security/cve/CVE-2025-38113.html * https://www.suse.com/security/cve/CVE-2025-38115.html * https://www.suse.com/security/cve/CVE-2025-38117.html * https://www.suse.com/security/cve/CVE-2025-38118.html * https://www.suse.com/security/cve/CVE-2025-38120.html * https://www.suse.com/security/cve/CVE-2025-38122.html * https://www.suse.com/security/cve/CVE-2025-38123.html * https://www.suse.com/security/cve/CVE-2025-38124.html * https://www.suse.com/security/cve/CVE-2025-38126.html * https://www.suse.com/security/cve/CVE-2025-38127.html * https://www.suse.com/security/cve/CVE-2025-38129.html * https://www.suse.com/security/cve/CVE-2025-38131.html * https://www.suse.com/security/cve/CVE-2025-38132.html * https://www.suse.com/security/cve/CVE-2025-38135.html * https://www.suse.com/security/cve/CVE-2025-38136.html * https://www.suse.com/security/cve/CVE-2025-38138.html * https://www.suse.com/security/cve/CVE-2025-38142.html * https://www.suse.com/security/cve/CVE-2025-38143.html * https://www.suse.com/security/cve/CVE-2025-38145.html * https://www.suse.com/security/cve/CVE-2025-38147.html * https://www.suse.com/security/cve/CVE-2025-38148.html * https://www.suse.com/security/cve/CVE-2025-38149.html * https://www.suse.com/security/cve/CVE-2025-38151.html * https://www.suse.com/security/cve/CVE-2025-38153.html * https://www.suse.com/security/cve/CVE-2025-38154.html * https://www.suse.com/security/cve/CVE-2025-38155.html * https://www.suse.com/security/cve/CVE-2025-38157.html * https://www.suse.com/security/cve/CVE-2025-38158.html * https://www.suse.com/security/cve/CVE-2025-38159.html * https://www.suse.com/security/cve/CVE-2025-38161.html * https://www.suse.com/security/cve/CVE-2025-38162.html * https://www.suse.com/security/cve/CVE-2025-38165.html * https://www.suse.com/security/cve/CVE-2025-38166.html * https://www.suse.com/security/cve/CVE-2025-38173.html * https://www.suse.com/security/cve/CVE-2025-38174.html * https://www.suse.com/security/cve/CVE-2025-38177.html * https://www.suse.com/security/cve/CVE-2025-38180.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38182.html * https://www.suse.com/security/cve/CVE-2025-38183.html * https://www.suse.com/security/cve/CVE-2025-38187.html * https://www.suse.com/security/cve/CVE-2025-38188.html * https://www.suse.com/security/cve/CVE-2025-38192.html * https://www.suse.com/security/cve/CVE-2025-38193.html * https://www.suse.com/security/cve/CVE-2025-38194.html * https://www.suse.com/security/cve/CVE-2025-38197.html * https://www.suse.com/security/cve/CVE-2025-38198.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38202.html * https://www.suse.com/security/cve/CVE-2025-38203.html * https://www.suse.com/security/cve/CVE-2025-38204.html * https://www.suse.com/security/cve/CVE-2025-38206.html * https://www.suse.com/security/cve/CVE-2025-38210.html * https://www.suse.com/security/cve/CVE-2025-38211.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38214.html * https://www.suse.com/security/cve/CVE-2025-38215.html * https://www.suse.com/security/cve/CVE-2025-38217.html * https://www.suse.com/security/cve/CVE-2025-38220.html * https://www.suse.com/security/cve/CVE-2025-38222.html * https://www.suse.com/security/cve/CVE-2025-38225.html * https://www.suse.com/security/cve/CVE-2025-38226.html * https://www.suse.com/security/cve/CVE-2025-38227.html * https://www.suse.com/security/cve/CVE-2025-38229.html * https://www.suse.com/security/cve/CVE-2025-38231.html * https://www.suse.com/security/cve/CVE-2025-38236.html * https://www.suse.com/security/cve/CVE-2025-38239.html * https://www.suse.com/security/cve/CVE-2025-38244.html * https://www.suse.com/security/cve/CVE-2025-38246.html * https://www.suse.com/security/cve/CVE-2025-38248.html * https://www.suse.com/security/cve/CVE-2025-38249.html * https://www.suse.com/security/cve/CVE-2025-38250.html * https://www.suse.com/security/cve/CVE-2025-38257.html * https://www.suse.com/security/cve/CVE-2025-38259.html * https://www.suse.com/security/cve/CVE-2025-38264.html * https://www.suse.com/security/cve/CVE-2025-38272.html * https://www.suse.com/security/cve/CVE-2025-38273.html * https://www.suse.com/security/cve/CVE-2025-38275.html * https://www.suse.com/security/cve/CVE-2025-38277.html * https://www.suse.com/security/cve/CVE-2025-38279.html * https://www.suse.com/security/cve/CVE-2025-38283.html * https://www.suse.com/security/cve/CVE-2025-38286.html * https://www.suse.com/security/cve/CVE-2025-38289.html * https://www.suse.com/security/cve/CVE-2025-38290.html * https://www.suse.com/security/cve/CVE-2025-38292.html * https://www.suse.com/security/cve/CVE-2025-38293.html * https://www.suse.com/security/cve/CVE-2025-38300.html * https://www.suse.com/security/cve/CVE-2025-38303.html * https://www.suse.com/security/cve/CVE-2025-38304.html * https://www.suse.com/security/cve/CVE-2025-38305.html * https://www.suse.com/security/cve/CVE-2025-38307.html * https://www.suse.com/security/cve/CVE-2025-38310.html * https://www.suse.com/security/cve/CVE-2025-38312.html * https://www.suse.com/security/cve/CVE-2025-38313.html * https://www.suse.com/security/cve/CVE-2025-38319.html * https://www.suse.com/security/cve/CVE-2025-38323.html * https://www.suse.com/security/cve/CVE-2025-38326.html * https://www.suse.com/security/cve/CVE-2025-38328.html * https://www.suse.com/security/cve/CVE-2025-38332.html * https://www.suse.com/security/cve/CVE-2025-38334.html * https://www.suse.com/security/cve/CVE-2025-38335.html * https://www.suse.com/security/cve/CVE-2025-38336.html * https://www.suse.com/security/cve/CVE-2025-38337.html * https://www.suse.com/security/cve/CVE-2025-38338.html * https://www.suse.com/security/cve/CVE-2025-38342.html * https://www.suse.com/security/cve/CVE-2025-38343.html * https://www.suse.com/security/cve/CVE-2025-38344.html * https://www.suse.com/security/cve/CVE-2025-38345.html * https://www.suse.com/security/cve/CVE-2025-38348.html * https://www.suse.com/security/cve/CVE-2025-38349.html * https://www.suse.com/security/cve/CVE-2025-38350.html * https://www.suse.com/security/cve/CVE-2025-38352.html * https://www.suse.com/security/cve/CVE-2025-38354.html * https://www.suse.com/security/cve/CVE-2025-38362.html * https://www.suse.com/security/cve/CVE-2025-38363.html * https://www.suse.com/security/cve/CVE-2025-38364.html * https://www.suse.com/security/cve/CVE-2025-38365.html * https://www.suse.com/security/cve/CVE-2025-38369.html * https://www.suse.com/security/cve/CVE-2025-38371.html * https://www.suse.com/security/cve/CVE-2025-38373.html * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-38376.html * https://www.suse.com/security/cve/CVE-2025-38377.html * https://www.suse.com/security/cve/CVE-2025-38380.html * https://www.suse.com/security/cve/CVE-2025-38382.html * https://www.suse.com/security/cve/CVE-2025-38384.html * https://www.suse.com/security/cve/CVE-2025-38385.html * https://www.suse.com/security/cve/CVE-2025-38386.html * https://www.suse.com/security/cve/CVE-2025-38387.html * https://www.suse.com/security/cve/CVE-2025-38389.html * https://www.suse.com/security/cve/CVE-2025-38391.html * https://www.suse.com/security/cve/CVE-2025-38392.html * https://www.suse.com/security/cve/CVE-2025-38393.html * https://www.suse.com/security/cve/CVE-2025-38395.html * https://www.suse.com/security/cve/CVE-2025-38396.html * https://www.suse.com/security/cve/CVE-2025-38399.html * https://www.suse.com/security/cve/CVE-2025-38400.html * https://www.suse.com/security/cve/CVE-2025-38401.html * https://www.suse.com/security/cve/CVE-2025-38403.html * https://www.suse.com/security/cve/CVE-2025-38404.html * https://www.suse.com/security/cve/CVE-2025-38406.html * https://www.suse.com/security/cve/CVE-2025-38409.html * https://www.suse.com/security/cve/CVE-2025-38410.html * https://www.suse.com/security/cve/CVE-2025-38412.html * https://www.suse.com/security/cve/CVE-2025-38414.html * https://www.suse.com/security/cve/CVE-2025-38415.html * https://www.suse.com/security/cve/CVE-2025-38416.html * https://www.suse.com/security/cve/CVE-2025-38420.html * https://www.suse.com/security/cve/CVE-2025-38424.html * https://www.suse.com/security/cve/CVE-2025-38425.html * https://www.suse.com/security/cve/CVE-2025-38426.html * https://www.suse.com/security/cve/CVE-2025-38428.html * https://www.suse.com/security/cve/CVE-2025-38429.html * https://www.suse.com/security/cve/CVE-2025-38430.html * https://www.suse.com/security/cve/CVE-2025-38436.html * https://www.suse.com/security/cve/CVE-2025-38443.html * https://www.suse.com/security/cve/CVE-2025-38448.html * https://www.suse.com/security/cve/CVE-2025-38449.html * https://www.suse.com/security/cve/CVE-2025-38455.html * https://www.suse.com/security/cve/CVE-2025-38457.html * https://www.suse.com/security/cve/CVE-2025-38460.html * https://www.suse.com/security/cve/CVE-2025-38461.html * https://www.suse.com/security/cve/CVE-2025-38462.html * https://www.suse.com/security/cve/CVE-2025-38463.html * https://www.suse.com/security/cve/CVE-2025-38465.html * https://www.suse.com/security/cve/CVE-2025-38467.html * https://www.suse.com/security/cve/CVE-2025-38468.html * https://www.suse.com/security/cve/CVE-2025-38470.html * https://www.suse.com/security/cve/CVE-2025-38471.html * https://www.suse.com/security/cve/CVE-2025-38473.html * https://www.suse.com/security/cve/CVE-2025-38474.html * https://www.suse.com/security/cve/CVE-2025-38476.html * https://www.suse.com/security/cve/CVE-2025-38477.html * https://www.suse.com/security/cve/CVE-2025-38478.html * https://www.suse.com/security/cve/CVE-2025-38480.html * https://www.suse.com/security/cve/CVE-2025-38481.html * https://www.suse.com/security/cve/CVE-2025-38482.html * https://www.suse.com/security/cve/CVE-2025-38483.html * https://www.suse.com/security/cve/CVE-2025-38485.html * https://www.suse.com/security/cve/CVE-2025-38487.html * https://www.suse.com/security/cve/CVE-2025-38489.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://www.suse.com/security/cve/CVE-2025-38496.html * https://www.suse.com/security/cve/CVE-2025-38497.html * https://www.suse.com/security/cve/CVE-2025-38498.html * https://bugzilla.suse.com/show_bug.cgi?id=1204142 * https://bugzilla.suse.com/show_bug.cgi?id=1219338 * https://bugzilla.suse.com/show_bug.cgi?id=1225707 * https://bugzilla.suse.com/show_bug.cgi?id=1230216 * https://bugzilla.suse.com/show_bug.cgi?id=1233300 * https://bugzilla.suse.com/show_bug.cgi?id=1235613 * https://bugzilla.suse.com/show_bug.cgi?id=1235837 * https://bugzilla.suse.com/show_bug.cgi?id=1236333 * https://bugzilla.suse.com/show_bug.cgi?id=1236897 * https://bugzilla.suse.com/show_bug.cgi?id=1238896 * https://bugzilla.suse.com/show_bug.cgi?id=1239061 * https://bugzilla.suse.com/show_bug.cgi?id=1240323 * https://bugzilla.suse.com/show_bug.cgi?id=1240885 * https://bugzilla.suse.com/show_bug.cgi?id=1240966 * https://bugzilla.suse.com/show_bug.cgi?id=1241166 * https://bugzilla.suse.com/show_bug.cgi?id=1241345 * https://bugzilla.suse.com/show_bug.cgi?id=1242086 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242837 * https://bugzilla.suse.com/show_bug.cgi?id=1242960 * https://bugzilla.suse.com/show_bug.cgi?id=1242965 * https://bugzilla.suse.com/show_bug.cgi?id=1242993 * https://bugzilla.suse.com/show_bug.cgi?id=1243068 * https://bugzilla.suse.com/show_bug.cgi?id=1243100 * https://bugzilla.suse.com/show_bug.cgi?id=1243479 * https://bugzilla.suse.com/show_bug.cgi?id=1243669 * https://bugzilla.suse.com/show_bug.cgi?id=1243806 * https://bugzilla.suse.com/show_bug.cgi?id=1244309 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1244457 * https://bugzilla.suse.com/show_bug.cgi?id=1244735 * https://bugzilla.suse.com/show_bug.cgi?id=1244749 * https://bugzilla.suse.com/show_bug.cgi?id=1244750 * https://bugzilla.suse.com/show_bug.cgi?id=1244792 * https://bugzilla.suse.com/show_bug.cgi?id=1244801 * https://bugzilla.suse.com/show_bug.cgi?id=1245151 * https://bugzilla.suse.com/show_bug.cgi?id=1245201 * https://bugzilla.suse.com/show_bug.cgi?id=1245202 * https://bugzilla.suse.com/show_bug.cgi?id=1245216 * https://bugzilla.suse.com/show_bug.cgi?id=1245260 * https://bugzilla.suse.com/show_bug.cgi?id=1245431 * https://bugzilla.suse.com/show_bug.cgi?id=1245440 * https://bugzilla.suse.com/show_bug.cgi?id=1245457 * https://bugzilla.suse.com/show_bug.cgi?id=1245498 * https://bugzilla.suse.com/show_bug.cgi?id=1245499 * https://bugzilla.suse.com/show_bug.cgi?id=1245504 * https://bugzilla.suse.com/show_bug.cgi?id=1245506 * https://bugzilla.suse.com/show_bug.cgi?id=1245508 * https://bugzilla.suse.com/show_bug.cgi?id=1245510 * https://bugzilla.suse.com/show_bug.cgi?id=1245540 * https://bugzilla.suse.com/show_bug.cgi?id=1245598 * https://bugzilla.suse.com/show_bug.cgi?id=1245599 * https://bugzilla.suse.com/show_bug.cgi?id=1245646 * https://bugzilla.suse.com/show_bug.cgi?id=1245647 * https://bugzilla.suse.com/show_bug.cgi?id=1245649 * https://bugzilla.suse.com/show_bug.cgi?id=1245650 * https://bugzilla.suse.com/show_bug.cgi?id=1245654 * https://bugzilla.suse.com/show_bug.cgi?id=1245658 * https://bugzilla.suse.com/show_bug.cgi?id=1245660 * https://bugzilla.suse.com/show_bug.cgi?id=1245665 * https://bugzilla.suse.com/show_bug.cgi?id=1245666 * https://bugzilla.suse.com/show_bug.cgi?id=1245668 * https://bugzilla.suse.com/show_bug.cgi?id=1245669 * https://bugzilla.suse.com/show_bug.cgi?id=1245670 * https://bugzilla.suse.com/show_bug.cgi?id=1245671 * https://bugzilla.suse.com/show_bug.cgi?id=1245675 * https://bugzilla.suse.com/show_bug.cgi?id=1245676 * https://bugzilla.suse.com/show_bug.cgi?id=1245677 * https://bugzilla.suse.com/show_bug.cgi?id=1245679 * https://bugzilla.suse.com/show_bug.cgi?id=1245682 * https://bugzilla.suse.com/show_bug.cgi?id=1245683 * https://bugzilla.suse.com/show_bug.cgi?id=1245684 * https://bugzilla.suse.com/show_bug.cgi?id=1245688 * https://bugzilla.suse.com/show_bug.cgi?id=1245689 * https://bugzilla.suse.com/show_bug.cgi?id=1245690 * https://bugzilla.suse.com/show_bug.cgi?id=1245691 * https://bugzilla.suse.com/show_bug.cgi?id=1245695 * https://bugzilla.suse.com/show_bug.cgi?id=1245705 * https://bugzilla.suse.com/show_bug.cgi?id=1245708 * https://bugzilla.suse.com/show_bug.cgi?id=1245711 * https://bugzilla.suse.com/show_bug.cgi?id=1245713 * https://bugzilla.suse.com/show_bug.cgi?id=1245714 * https://bugzilla.suse.com/show_bug.cgi?id=1245719 * https://bugzilla.suse.com/show_bug.cgi?id=1245723 * https://bugzilla.suse.com/show_bug.cgi?id=1245729 * https://bugzilla.suse.com/show_bug.cgi?id=1245730 * https://bugzilla.suse.com/show_bug.cgi?id=1245731 * https://bugzilla.suse.com/show_bug.cgi?id=1245735 * https://bugzilla.suse.com/show_bug.cgi?id=1245737 * https://bugzilla.suse.com/show_bug.cgi?id=1245744 * https://bugzilla.suse.com/show_bug.cgi?id=1245745 * https://bugzilla.suse.com/show_bug.cgi?id=1245746 * https://bugzilla.suse.com/show_bug.cgi?id=1245747 * https://bugzilla.suse.com/show_bug.cgi?id=1245748 * https://bugzilla.suse.com/show_bug.cgi?id=1245749 * https://bugzilla.suse.com/show_bug.cgi?id=1245750 * https://bugzilla.suse.com/show_bug.cgi?id=1245751 * https://bugzilla.suse.com/show_bug.cgi?id=1245752 * https://bugzilla.suse.com/show_bug.cgi?id=1245757 * https://bugzilla.suse.com/show_bug.cgi?id=1245758 * https://bugzilla.suse.com/show_bug.cgi?id=1245765 * https://bugzilla.suse.com/show_bug.cgi?id=1245768 * https://bugzilla.suse.com/show_bug.cgi?id=1245769 * https://bugzilla.suse.com/show_bug.cgi?id=1245777 * https://bugzilla.suse.com/show_bug.cgi?id=1245781 * https://bugzilla.suse.com/show_bug.cgi?id=1245789 * https://bugzilla.suse.com/show_bug.cgi?id=1245937 * https://bugzilla.suse.com/show_bug.cgi?id=1245945 * https://bugzilla.suse.com/show_bug.cgi?id=1245951 * https://bugzilla.suse.com/show_bug.cgi?id=1245952 * https://bugzilla.suse.com/show_bug.cgi?id=1245954 * https://bugzilla.suse.com/show_bug.cgi?id=1245957 * https://bugzilla.suse.com/show_bug.cgi?id=1245966 * https://bugzilla.suse.com/show_bug.cgi?id=1245970 * https://bugzilla.suse.com/show_bug.cgi?id=1245976 * https://bugzilla.suse.com/show_bug.cgi?id=1245980 * https://bugzilla.suse.com/show_bug.cgi?id=1245983 * https://bugzilla.suse.com/show_bug.cgi?id=1245986 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246002 * https://bugzilla.suse.com/show_bug.cgi?id=1246006 * https://bugzilla.suse.com/show_bug.cgi?id=1246008 * https://bugzilla.suse.com/show_bug.cgi?id=1246020 * https://bugzilla.suse.com/show_bug.cgi?id=1246023 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246031 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246041 * https://bugzilla.suse.com/show_bug.cgi?id=1246042 * https://bugzilla.suse.com/show_bug.cgi?id=1246044 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246047 * https://bugzilla.suse.com/show_bug.cgi?id=1246049 * https://bugzilla.suse.com/show_bug.cgi?id=1246050 * https://bugzilla.suse.com/show_bug.cgi?id=1246055 * https://bugzilla.suse.com/show_bug.cgi?id=1246073 * https://bugzilla.suse.com/show_bug.cgi?id=1246093 * https://bugzilla.suse.com/show_bug.cgi?id=1246098 * https://bugzilla.suse.com/show_bug.cgi?id=1246109 * https://bugzilla.suse.com/show_bug.cgi?id=1246122 * https://bugzilla.suse.com/show_bug.cgi?id=1246125 * https://bugzilla.suse.com/show_bug.cgi?id=1246171 * https://bugzilla.suse.com/show_bug.cgi?id=1246173 * https://bugzilla.suse.com/show_bug.cgi?id=1246178 * https://bugzilla.suse.com/show_bug.cgi?id=1246182 * https://bugzilla.suse.com/show_bug.cgi?id=1246183 * https://bugzilla.suse.com/show_bug.cgi?id=1246186 * https://bugzilla.suse.com/show_bug.cgi?id=1246195 * https://bugzilla.suse.com/show_bug.cgi?id=1246203 * https://bugzilla.suse.com/show_bug.cgi?id=1246212 * https://bugzilla.suse.com/show_bug.cgi?id=1246220 * https://bugzilla.suse.com/show_bug.cgi?id=1246236 * https://bugzilla.suse.com/show_bug.cgi?id=1246240 * https://bugzilla.suse.com/show_bug.cgi?id=1246243 * https://bugzilla.suse.com/show_bug.cgi?id=1246246 * https://bugzilla.suse.com/show_bug.cgi?id=1246249 * https://bugzilla.suse.com/show_bug.cgi?id=1246250 * https://bugzilla.suse.com/show_bug.cgi?id=1246253 * https://bugzilla.suse.com/show_bug.cgi?id=1246258 * https://bugzilla.suse.com/show_bug.cgi?id=1246262 * https://bugzilla.suse.com/show_bug.cgi?id=1246264 * https://bugzilla.suse.com/show_bug.cgi?id=1246266 * https://bugzilla.suse.com/show_bug.cgi?id=1246268 * https://bugzilla.suse.com/show_bug.cgi?id=1246273 * https://bugzilla.suse.com/show_bug.cgi?id=1246283 * https://bugzilla.suse.com/show_bug.cgi?id=1246287 * https://bugzilla.suse.com/show_bug.cgi?id=1246292 * https://bugzilla.suse.com/show_bug.cgi?id=1246293 * https://bugzilla.suse.com/show_bug.cgi?id=1246295 * https://bugzilla.suse.com/show_bug.cgi?id=1246334 * https://bugzilla.suse.com/show_bug.cgi?id=1246337 * https://bugzilla.suse.com/show_bug.cgi?id=1246342 * https://bugzilla.suse.com/show_bug.cgi?id=1246349 * https://bugzilla.suse.com/show_bug.cgi?id=1246354 * https://bugzilla.suse.com/show_bug.cgi?id=1246358 * https://bugzilla.suse.com/show_bug.cgi?id=1246361 * https://bugzilla.suse.com/show_bug.cgi?id=1246364 * https://bugzilla.suse.com/show_bug.cgi?id=1246370 * https://bugzilla.suse.com/show_bug.cgi?id=1246375 * https://bugzilla.suse.com/show_bug.cgi?id=1246384 * https://bugzilla.suse.com/show_bug.cgi?id=1246386 * https://bugzilla.suse.com/show_bug.cgi?id=1246387 * https://bugzilla.suse.com/show_bug.cgi?id=1246438 * https://bugzilla.suse.com/show_bug.cgi?id=1246453 * https://bugzilla.suse.com/show_bug.cgi?id=1246473 * https://bugzilla.suse.com/show_bug.cgi?id=1246490 * https://bugzilla.suse.com/show_bug.cgi?id=1246506 * https://bugzilla.suse.com/show_bug.cgi?id=1246547 * https://bugzilla.suse.com/show_bug.cgi?id=1246777 * https://bugzilla.suse.com/show_bug.cgi?id=1246781 * https://bugzilla.suse.com/show_bug.cgi?id=1246870 * https://bugzilla.suse.com/show_bug.cgi?id=1246879 * https://bugzilla.suse.com/show_bug.cgi?id=1246911 * https://bugzilla.suse.com/show_bug.cgi?id=1247018 * https://bugzilla.suse.com/show_bug.cgi?id=1247023 * https://bugzilla.suse.com/show_bug.cgi?id=1247028 * https://bugzilla.suse.com/show_bug.cgi?id=1247031 * https://bugzilla.suse.com/show_bug.cgi?id=1247033 * https://bugzilla.suse.com/show_bug.cgi?id=1247035 * https://bugzilla.suse.com/show_bug.cgi?id=1247061 * https://bugzilla.suse.com/show_bug.cgi?id=1247089 * https://bugzilla.suse.com/show_bug.cgi?id=1247091 * https://bugzilla.suse.com/show_bug.cgi?id=1247097 * https://bugzilla.suse.com/show_bug.cgi?id=1247098 * https://bugzilla.suse.com/show_bug.cgi?id=1247101 * https://bugzilla.suse.com/show_bug.cgi?id=1247103 * https://bugzilla.suse.com/show_bug.cgi?id=1247104 * https://bugzilla.suse.com/show_bug.cgi?id=1247113 * https://bugzilla.suse.com/show_bug.cgi?id=1247118 * https://bugzilla.suse.com/show_bug.cgi?id=1247123 * https://bugzilla.suse.com/show_bug.cgi?id=1247125 * https://bugzilla.suse.com/show_bug.cgi?id=1247128 * https://bugzilla.suse.com/show_bug.cgi?id=1247132 * https://bugzilla.suse.com/show_bug.cgi?id=1247138 * https://bugzilla.suse.com/show_bug.cgi?id=1247141 * https://bugzilla.suse.com/show_bug.cgi?id=1247143 * https://bugzilla.suse.com/show_bug.cgi?id=1247145 * https://bugzilla.suse.com/show_bug.cgi?id=1247146 * https://bugzilla.suse.com/show_bug.cgi?id=1247147 * https://bugzilla.suse.com/show_bug.cgi?id=1247149 * https://bugzilla.suse.com/show_bug.cgi?id=1247150 * https://bugzilla.suse.com/show_bug.cgi?id=1247151 * https://bugzilla.suse.com/show_bug.cgi?id=1247153 * https://bugzilla.suse.com/show_bug.cgi?id=1247154 * https://bugzilla.suse.com/show_bug.cgi?id=1247156 * https://bugzilla.suse.com/show_bug.cgi?id=1247160 * https://bugzilla.suse.com/show_bug.cgi?id=1247164 * https://bugzilla.suse.com/show_bug.cgi?id=1247169 * https://bugzilla.suse.com/show_bug.cgi?id=1247170 * https://bugzilla.suse.com/show_bug.cgi?id=1247171 * https://bugzilla.suse.com/show_bug.cgi?id=1247172 * https://bugzilla.suse.com/show_bug.cgi?id=1247174 * https://bugzilla.suse.com/show_bug.cgi?id=1247176 * https://bugzilla.suse.com/show_bug.cgi?id=1247177 * https://bugzilla.suse.com/show_bug.cgi?id=1247178 * https://bugzilla.suse.com/show_bug.cgi?id=1247181 * https://bugzilla.suse.com/show_bug.cgi?id=1247209 * https://bugzilla.suse.com/show_bug.cgi?id=1247210 * https://bugzilla.suse.com/show_bug.cgi?id=1247227 * https://bugzilla.suse.com/show_bug.cgi?id=1247233 * https://bugzilla.suse.com/show_bug.cgi?id=1247236 * https://bugzilla.suse.com/show_bug.cgi?id=1247238 * https://bugzilla.suse.com/show_bug.cgi?id=1247241 * https://bugzilla.suse.com/show_bug.cgi?id=1247251 * https://bugzilla.suse.com/show_bug.cgi?id=1247252 * https://bugzilla.suse.com/show_bug.cgi?id=1247253 * https://bugzilla.suse.com/show_bug.cgi?id=1247255 * https://bugzilla.suse.com/show_bug.cgi?id=1247271 * https://bugzilla.suse.com/show_bug.cgi?id=1247273 * https://bugzilla.suse.com/show_bug.cgi?id=1247274 * https://bugzilla.suse.com/show_bug.cgi?id=1247276 * https://bugzilla.suse.com/show_bug.cgi?id=1247277 * https://bugzilla.suse.com/show_bug.cgi?id=1247278 * https://bugzilla.suse.com/show_bug.cgi?id=1247279 * https://bugzilla.suse.com/show_bug.cgi?id=1247284 * https://bugzilla.suse.com/show_bug.cgi?id=1247285 * https://bugzilla.suse.com/show_bug.cgi?id=1247288 * https://bugzilla.suse.com/show_bug.cgi?id=1247289 * https://bugzilla.suse.com/show_bug.cgi?id=1247293 * https://bugzilla.suse.com/show_bug.cgi?id=1247311 * https://bugzilla.suse.com/show_bug.cgi?id=1247314 * https://bugzilla.suse.com/show_bug.cgi?id=1247317 * https://bugzilla.suse.com/show_bug.cgi?id=1247347 * https://bugzilla.suse.com/show_bug.cgi?id=1247348 * https://bugzilla.suse.com/show_bug.cgi?id=1247349 * https://bugzilla.suse.com/show_bug.cgi?id=1247374 * https://bugzilla.suse.com/show_bug.cgi?id=1247437 * https://bugzilla.suse.com/show_bug.cgi?id=1247450 * https://jira.suse.com/browse/PED-13238 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:33:40 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:33:40 -0000 Subject: SUSE-SU-2025:20585-1: moderate: Security update for kernel-livepatch-MICRO-6-0-RT_Update_11 Message-ID: <175637002045.10939.13548647611564451335@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_11 Announcement ID: SUSE-SU-2025:20585-1 Release Date: 2025-08-25T12:45:12Z Rating: moderate References: Affected Products: * SUSE Linux Micro 6.0 An update that can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_11 fixes the following issues: This is the initial livepatch for the Update 11 of the RT Kernel for SL Micro 6.0 and 6.1. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-84=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-35-rt-1-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_11-debugsource-1-1.1 * kernel-livepatch-6_4_0-35-rt-debuginfo-1-1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:33:47 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:33:47 -0000 Subject: SUSE-SU-2025:20584-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 Message-ID: <175637002701.10939.11497684242563675301@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 Announcement ID: SUSE-SU-2025:20584-1 Release Date: 2025-08-25T12:45:12Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues: * CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250) * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-81=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_2-debugsource-9-1.1 * kernel-livepatch-6_4_0-10-rt-debuginfo-9-1.1 * kernel-livepatch-6_4_0-10-rt-9-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:33:52 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:33:52 -0000 Subject: SUSE-SU-2025:20583-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 Message-ID: <175637003288.10939.4561761282088595655@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 Announcement ID: SUSE-SU-2025:20583-1 Release Date: 2025-08-25T12:45:12Z Rating: important References: * bsc#1244337 * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-72=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_8-debugsource-2-1.2 * kernel-livepatch-6_4_0-31-rt-2-1.2 * kernel-livepatch-6_4_0-31-rt-debuginfo-2-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:33:57 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:33:57 -0000 Subject: SUSE-SU-2025:20582-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 Message-ID: <175637003744.10939.7248435363493930264@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 Announcement ID: SUSE-SU-2025:20582-1 Release Date: 2025-08-25T12:45:12Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-71=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-30-rt-debuginfo-3-1.3 * kernel-livepatch-MICRO-6-0-RT_Update_7-debugsource-3-1.3 * kernel-livepatch-6_4_0-30-rt-3-1.3 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:34:01 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:34:01 -0000 Subject: SUSE-SU-2025:20581-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 Message-ID: <175637004144.10939.4910203815631545179@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 Announcement ID: SUSE-SU-2025:20581-1 Release Date: 2025-08-25T12:45:12Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-70=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-28-rt-3-3.1 * kernel-livepatch-MICRO-6-0-RT_Update_6-debugsource-3-3.1 * kernel-livepatch-6_4_0-28-rt-debuginfo-3-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:34:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:34:05 -0000 Subject: SUSE-SU-2025:20580-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 Message-ID: <175637004534.10939.8167188010956011995@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 Announcement ID: SUSE-SU-2025:20580-1 Release Date: 2025-08-25T12:45:12Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-69=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-25-rt-5-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_5-debugsource-5-1.1 * kernel-livepatch-6_4_0-25-rt-debuginfo-5-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:34:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:34:11 -0000 Subject: SUSE-SU-2025:20579-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 Message-ID: <175637005106.10939.8108576479815935769@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 Announcement ID: SUSE-SU-2025:20579-1 Release Date: 2025-08-25T12:45:12Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues: * CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250) * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-68=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-22-rt-6-1.1 * kernel-livepatch-6_4_0-22-rt-debuginfo-6-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_4-debugsource-6-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:34:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:34:16 -0000 Subject: SUSE-SU-2025:20578-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 Message-ID: <175637005638.10939.11235292191388957024@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 Announcement ID: SUSE-SU-2025:20578-1 Release Date: 2025-08-25T12:45:12Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_3 fixes the following issues: * CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250) * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-67=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_3-debugsource-9-1.2 * kernel-livepatch-6_4_0-11-rt-debuginfo-9-1.2 * kernel-livepatch-6_4_0-11-rt-9-1.2 ## References: * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:37:55 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:37:55 -0000 Subject: SUSE-SU-2025:20577-1: important: Security update for the Linux Kernel Message-ID: <175637027528.10939.11574403067744885658@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:20577-1 Release Date: 2025-08-25T12:34:20Z Rating: important References: * bsc#1204142 * bsc#1219338 * bsc#1225707 * bsc#1230216 * bsc#1233300 * bsc#1235613 * bsc#1235837 * bsc#1236333 * bsc#1236897 * bsc#1238896 * bsc#1239061 * bsc#1240323 * bsc#1240885 * bsc#1240966 * bsc#1241166 * bsc#1241345 * bsc#1242086 * bsc#1242414 * bsc#1242837 * bsc#1242960 * bsc#1242965 * bsc#1242993 * bsc#1243068 * bsc#1243100 * bsc#1243479 * bsc#1243669 * bsc#1243806 * bsc#1244309 * bsc#1244457 * bsc#1244735 * bsc#1244749 * bsc#1244750 * bsc#1244792 * bsc#1244801 * bsc#1245151 * bsc#1245201 * bsc#1245202 * bsc#1245216 * bsc#1245260 * bsc#1245431 * bsc#1245440 * bsc#1245457 * bsc#1245498 * bsc#1245499 * bsc#1245504 * bsc#1245506 * bsc#1245508 * bsc#1245510 * bsc#1245540 * bsc#1245598 * bsc#1245599 * bsc#1245646 * bsc#1245647 * bsc#1245649 * bsc#1245650 * bsc#1245654 * bsc#1245658 * bsc#1245660 * bsc#1245665 * bsc#1245666 * bsc#1245668 * bsc#1245669 * bsc#1245670 * bsc#1245671 * bsc#1245675 * bsc#1245676 * bsc#1245677 * bsc#1245679 * bsc#1245682 * bsc#1245683 * bsc#1245684 * bsc#1245688 * bsc#1245689 * bsc#1245690 * bsc#1245691 * bsc#1245695 * bsc#1245705 * bsc#1245708 * bsc#1245711 * bsc#1245713 * bsc#1245714 * bsc#1245719 * bsc#1245723 * bsc#1245729 * bsc#1245730 * bsc#1245731 * bsc#1245735 * bsc#1245737 * bsc#1245744 * bsc#1245745 * bsc#1245746 * bsc#1245747 * bsc#1245748 * bsc#1245749 * bsc#1245750 * bsc#1245751 * bsc#1245752 * bsc#1245757 * bsc#1245758 * bsc#1245765 * bsc#1245768 * bsc#1245769 * bsc#1245777 * bsc#1245781 * bsc#1245789 * bsc#1245937 * bsc#1245945 * bsc#1245951 * bsc#1245952 * bsc#1245954 * bsc#1245957 * bsc#1245966 * bsc#1245970 * bsc#1245976 * bsc#1245980 * bsc#1245983 * bsc#1245986 * bsc#1246000 * bsc#1246002 * bsc#1246006 * bsc#1246008 * bsc#1246020 * bsc#1246023 * bsc#1246029 * bsc#1246031 * bsc#1246037 * bsc#1246041 * bsc#1246042 * bsc#1246044 * bsc#1246045 * bsc#1246047 * bsc#1246049 * bsc#1246050 * bsc#1246055 * bsc#1246073 * bsc#1246093 * bsc#1246098 * bsc#1246109 * bsc#1246122 * bsc#1246125 * bsc#1246171 * bsc#1246173 * bsc#1246178 * bsc#1246182 * bsc#1246183 * bsc#1246186 * bsc#1246195 * bsc#1246203 * bsc#1246212 * bsc#1246220 * bsc#1246236 * bsc#1246240 * bsc#1246243 * bsc#1246246 * bsc#1246249 * bsc#1246250 * bsc#1246253 * bsc#1246258 * bsc#1246262 * bsc#1246264 * bsc#1246266 * bsc#1246268 * bsc#1246273 * bsc#1246283 * bsc#1246287 * bsc#1246292 * bsc#1246293 * bsc#1246295 * bsc#1246334 * bsc#1246337 * bsc#1246342 * bsc#1246349 * bsc#1246354 * bsc#1246358 * bsc#1246361 * bsc#1246364 * bsc#1246370 * bsc#1246375 * bsc#1246384 * bsc#1246386 * bsc#1246387 * bsc#1246438 * bsc#1246453 * bsc#1246473 * bsc#1246490 * bsc#1246506 * bsc#1246547 * bsc#1246777 * bsc#1246781 * bsc#1246870 * bsc#1246879 * bsc#1246911 * bsc#1247018 * bsc#1247023 * bsc#1247028 * bsc#1247031 * bsc#1247033 * bsc#1247035 * bsc#1247061 * bsc#1247089 * bsc#1247091 * bsc#1247097 * bsc#1247098 * bsc#1247101 * bsc#1247103 * bsc#1247104 * bsc#1247113 * bsc#1247118 * bsc#1247123 * bsc#1247125 * bsc#1247128 * bsc#1247132 * bsc#1247138 * bsc#1247141 * bsc#1247143 * bsc#1247145 * bsc#1247146 * bsc#1247147 * bsc#1247149 * bsc#1247150 * bsc#1247151 * bsc#1247153 * bsc#1247154 * bsc#1247156 * bsc#1247160 * bsc#1247164 * bsc#1247169 * bsc#1247170 * bsc#1247171 * bsc#1247172 * bsc#1247174 * bsc#1247176 * bsc#1247177 * bsc#1247178 * bsc#1247181 * bsc#1247209 * bsc#1247210 * bsc#1247227 * bsc#1247233 * bsc#1247236 * bsc#1247238 * bsc#1247241 * bsc#1247251 * bsc#1247252 * bsc#1247253 * bsc#1247255 * bsc#1247271 * bsc#1247273 * bsc#1247274 * bsc#1247276 * bsc#1247277 * bsc#1247278 * bsc#1247279 * bsc#1247284 * bsc#1247285 * bsc#1247288 * bsc#1247289 * bsc#1247293 * bsc#1247311 * bsc#1247314 * bsc#1247317 * bsc#1247347 * bsc#1247348 * bsc#1247349 * bsc#1247374 * bsc#1247437 * bsc#1247450 * jsc#PED-13238 Cross-References: * CVE-2019-11135 * CVE-2024-36028 * CVE-2024-36348 * CVE-2024-36349 * CVE-2024-36350 * CVE-2024-36357 * CVE-2024-44963 * CVE-2024-56742 * CVE-2024-57947 * CVE-2025-21839 * CVE-2025-21872 * CVE-2025-23163 * CVE-2025-37798 * CVE-2025-37856 * CVE-2025-37864 * CVE-2025-37885 * CVE-2025-37920 * CVE-2025-37984 * CVE-2025-38034 * CVE-2025-38035 * CVE-2025-38051 * CVE-2025-38052 * CVE-2025-38058 * CVE-2025-38061 * CVE-2025-38062 * CVE-2025-38063 * CVE-2025-38064 * CVE-2025-38074 * CVE-2025-38084 * CVE-2025-38085 * CVE-2025-38087 * CVE-2025-38088 * CVE-2025-38089 * CVE-2025-38090 * CVE-2025-38094 * CVE-2025-38095 * CVE-2025-38097 * CVE-2025-38098 * CVE-2025-38099 * CVE-2025-38100 * CVE-2025-38102 * CVE-2025-38105 * CVE-2025-38107 * CVE-2025-38108 * CVE-2025-38109 * CVE-2025-38110 * CVE-2025-38111 * CVE-2025-38112 * CVE-2025-38113 * CVE-2025-38115 * CVE-2025-38117 * CVE-2025-38118 * CVE-2025-38120 * CVE-2025-38122 * CVE-2025-38123 * CVE-2025-38124 * CVE-2025-38126 * CVE-2025-38127 * CVE-2025-38129 * CVE-2025-38131 * CVE-2025-38132 * CVE-2025-38135 * CVE-2025-38136 * CVE-2025-38138 * CVE-2025-38142 * CVE-2025-38143 * CVE-2025-38145 * CVE-2025-38147 * CVE-2025-38148 * CVE-2025-38149 * CVE-2025-38151 * CVE-2025-38153 * CVE-2025-38154 * CVE-2025-38155 * CVE-2025-38157 * CVE-2025-38158 * CVE-2025-38159 * CVE-2025-38161 * CVE-2025-38162 * CVE-2025-38165 * CVE-2025-38166 * CVE-2025-38173 * CVE-2025-38174 * CVE-2025-38177 * CVE-2025-38180 * CVE-2025-38181 * CVE-2025-38182 * CVE-2025-38183 * CVE-2025-38187 * CVE-2025-38188 * CVE-2025-38192 * CVE-2025-38193 * CVE-2025-38194 * CVE-2025-38197 * CVE-2025-38198 * CVE-2025-38200 * CVE-2025-38202 * CVE-2025-38203 * CVE-2025-38204 * CVE-2025-38206 * CVE-2025-38210 * CVE-2025-38211 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38214 * CVE-2025-38215 * CVE-2025-38217 * CVE-2025-38220 * CVE-2025-38222 * CVE-2025-38225 * CVE-2025-38226 * CVE-2025-38227 * CVE-2025-38229 * CVE-2025-38231 * CVE-2025-38236 * CVE-2025-38239 * CVE-2025-38244 * CVE-2025-38246 * CVE-2025-38248 * CVE-2025-38249 * CVE-2025-38250 * CVE-2025-38257 * CVE-2025-38259 * CVE-2025-38264 * CVE-2025-38272 * CVE-2025-38273 * CVE-2025-38275 * CVE-2025-38277 * CVE-2025-38279 * CVE-2025-38283 * CVE-2025-38286 * CVE-2025-38289 * CVE-2025-38290 * CVE-2025-38292 * CVE-2025-38293 * CVE-2025-38300 * CVE-2025-38303 * CVE-2025-38304 * CVE-2025-38305 * CVE-2025-38307 * CVE-2025-38310 * CVE-2025-38312 * CVE-2025-38313 * CVE-2025-38319 * CVE-2025-38323 * CVE-2025-38326 * CVE-2025-38328 * CVE-2025-38332 * CVE-2025-38334 * CVE-2025-38335 * CVE-2025-38336 * CVE-2025-38337 * CVE-2025-38338 * CVE-2025-38342 * CVE-2025-38343 * CVE-2025-38344 * CVE-2025-38345 * CVE-2025-38348 * CVE-2025-38349 * CVE-2025-38350 * CVE-2025-38352 * CVE-2025-38354 * CVE-2025-38362 * CVE-2025-38363 * CVE-2025-38364 * CVE-2025-38365 * CVE-2025-38369 * CVE-2025-38371 * CVE-2025-38373 * CVE-2025-38375 * CVE-2025-38376 * CVE-2025-38377 * CVE-2025-38380 * CVE-2025-38382 * CVE-2025-38384 * CVE-2025-38385 * CVE-2025-38386 * CVE-2025-38387 * CVE-2025-38389 * CVE-2025-38391 * CVE-2025-38392 * CVE-2025-38393 * CVE-2025-38395 * CVE-2025-38396 * CVE-2025-38399 * CVE-2025-38400 * CVE-2025-38401 * CVE-2025-38403 * CVE-2025-38404 * CVE-2025-38406 * CVE-2025-38409 * CVE-2025-38410 * CVE-2025-38412 * CVE-2025-38414 * CVE-2025-38415 * CVE-2025-38416 * CVE-2025-38420 * CVE-2025-38424 * CVE-2025-38425 * CVE-2025-38426 * CVE-2025-38428 * CVE-2025-38429 * CVE-2025-38430 * CVE-2025-38436 * CVE-2025-38443 * CVE-2025-38448 * CVE-2025-38449 * CVE-2025-38455 * CVE-2025-38457 * CVE-2025-38460 * CVE-2025-38461 * CVE-2025-38462 * CVE-2025-38463 * CVE-2025-38465 * CVE-2025-38467 * CVE-2025-38468 * CVE-2025-38470 * CVE-2025-38471 * CVE-2025-38473 * CVE-2025-38474 * CVE-2025-38476 * CVE-2025-38477 * CVE-2025-38478 * CVE-2025-38480 * CVE-2025-38481 * CVE-2025-38482 * CVE-2025-38483 * CVE-2025-38485 * CVE-2025-38487 * CVE-2025-38489 * CVE-2025-38494 * CVE-2025-38495 * CVE-2025-38496 * CVE-2025-38497 * CVE-2025-38498 CVSS scores: * CVE-2019-11135 ( SUSE ): 6.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2019-11135 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36348 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36349 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36350 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36357 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-44963 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-44963 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56742 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-57947 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57947 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21872 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23163 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23163 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37856 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37856 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37864 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37920 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37920 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-37984 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-37984 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38034 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38034 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38035 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38035 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38051 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38052 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38058 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38058 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38061 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38062 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38062 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38063 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38063 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38064 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38064 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38074 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38084 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38084 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38085 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38085 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38087 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38088 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38088 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38089 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38089 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38090 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38090 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38095 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38097 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38097 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38098 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38098 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38099 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38099 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38100 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38102 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38102 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38105 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38105 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38107 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38107 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38108 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38108 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38109 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38109 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38110 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38110 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38111 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38111 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38112 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38112 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38113 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38115 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38115 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38117 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38117 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38118 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38120 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-38120 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-38122 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38123 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38124 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38126 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38126 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38127 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38127 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38129 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38129 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38131 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38131 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38132 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38132 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38135 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38136 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38138 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38142 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38142 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38143 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38143 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38145 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38145 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38147 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38148 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38149 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38149 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38151 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38151 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38153 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38153 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38154 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38154 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38155 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38155 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38157 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38157 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38158 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38158 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38159 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38159 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38161 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38162 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38165 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38166 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38166 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38173 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38173 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38174 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38174 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38180 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38180 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38182 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38183 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38183 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38187 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38187 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38188 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38192 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38192 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38193 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38193 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38194 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38197 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38197 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38198 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38203 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38203 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38204 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38204 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38206 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38206 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38211 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38211 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38214 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38214 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38215 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38217 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38217 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38220 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38220 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38222 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-38222 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2025-38225 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38226 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38226 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38227 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38227 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38229 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38229 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-38231 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38231 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38239 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38239 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38244 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38244 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38246 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38248 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38248 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38249 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38249 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38250 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38250 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38257 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38259 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38259 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38264 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38272 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38273 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38273 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38275 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38277 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38277 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38279 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38279 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38283 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38283 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38286 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38286 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38289 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38289 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38290 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38290 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38292 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38292 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38293 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38293 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38300 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38300 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38303 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38303 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38304 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38305 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38307 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38310 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38310 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38312 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38313 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38319 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38323 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38323 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38326 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38326 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38328 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38332 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38334 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38334 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38335 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38335 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38336 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38337 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38338 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38338 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38342 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-38344 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38344 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38345 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38345 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38348 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38349 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38349 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38350 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38350 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38352 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38352 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38354 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38354 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38362 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38363 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38364 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38364 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38365 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38365 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38369 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38369 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38371 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38371 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38373 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38373 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38375 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38376 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38376 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38377 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38377 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38380 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38380 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38382 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38382 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38384 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38384 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38385 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38385 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38386 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38386 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38387 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38387 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38389 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38389 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38391 ( SUSE ): 5.2 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38391 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38392 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38392 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38393 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38393 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38395 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38395 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38396 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38396 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38399 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38399 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38400 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38400 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38401 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38401 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38403 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38406 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38406 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38409 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38409 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38410 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38410 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38412 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38412 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38414 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38414 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38415 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38415 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38416 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38416 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38425 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38425 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38426 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38426 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38428 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38428 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38429 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38429 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38430 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38430 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38436 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38436 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38448 ( SUSE ): 4.1 CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38448 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38455 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38455 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38457 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38457 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38460 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38460 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38461 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38461 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38462 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38462 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38463 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38463 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38465 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38465 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38467 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38467 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38470 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38471 ( SUSE ): 8.4 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38471 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2025-38473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38474 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38474 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38476 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38476 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38477 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38477 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38478 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38478 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38480 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38480 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38481 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38481 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38482 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38482 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38483 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38483 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38485 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38485 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38487 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38487 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38489 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38489 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38496 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38496 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38497 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38497 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38498 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38498 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 * SUSE Linux Micro Extras 6.0 An update that solves 235 vulnerabilities, contains one feature and has 32 fixes can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may * CVE-2024-36028: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() (bsc#1225707). * CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357: x86/process: Move the buffer clearing before MONITOR (bsc#1238896). * CVE-2024-44963: btrfs: do not BUG_ON() when freeing tree block after error (bsc#1230216). * CVE-2024-56742: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() (bsc#1235613). * CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061). * CVE-2025-21872: efi/mokvar-table: Avoid repeated map/unmap of the same page (bsc#1240323). * CVE-2025-23163: net: vlan: do not propagate flags on open (bsc#1242837). * CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068). * CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965). * CVE-2025-37885: KVM: x86: Reset IRTE to host control if _new_ route isn't postable (bsc#1242960). * CVE-2025-37920: kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (bsc#1243479). * CVE-2025-37984: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (bsc#1243669). * CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792). * CVE-2025-38035: nvmet-tcp: do not restore null sk_state_change (bsc#1244801). * CVE-2025-38051: smb: client: Fix use-after-free in cifs_fill_dirent (bsc#1244750). * CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151). * CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() (bsc#1245440). * CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216). * CVE-2025-38063: dm: fix unconditional IO throttle caused by REQ_PREFLUSH (bsc#1245202). * CVE-2025-38064: virtio: break and reset virtio devices on device_shutdown() (bsc#1245201). * CVE-2025-38074: vhost-scsi: protect vq->log_used with vq->mutex (bsc#1244735). * CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macb_halt_tx (bsc#1245649). * CVE-2025-38097: kabi: restore encap_sk in struct xfrm_state (bsc#1245660). * CVE-2025-38098: drm/amd/display: Do not treat wb connector as physical in (bsc#1245654). * CVE-2025-38099: Bluetooth: btusb: Fix regression in the initialization of fake Bluetooth controllers (bsc#1245671). * CVE-2025-38100: x86/iopl: Cure TIF_IO_BITMAP inconsistencies (bsc#1245650). * CVE-2025-38105: ALSA: usb-audio: Kill timer properly at removal (bsc#1245682). * CVE-2025-38115: net_sched: sch_sfq: fix a potential crash on gso_skb handling (bsc#1245689). * CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695). * CVE-2025-38126: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (bsc#1245708). * CVE-2025-38131: coresight: prevent deactivate active config while enabling the config (bsc#1245677). * CVE-2025-38132: coresight: holding cscfg_csdev_lock while removing cscfg from csdev (bsc#1245679). * CVE-2025-38147: calipso: unlock rcu before returning -EAFNOSUPPORT (bsc#1245768). * CVE-2025-38158: hisi_acc_vfio_pci: fix XQE dma address error (bsc#1245750). * CVE-2025-38162: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (bsc#1245752). * CVE-2025-38166: bpf: fix ktls panic with sockmap (bsc#1245758). * CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970). * CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937). * CVE-2025-38183: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (bsc#1246006). * CVE-2025-38187: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951). * CVE-2025-38188: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (bsc#1246098). * CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045). * CVE-2025-38202: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980). * CVE-2025-38203: jfs: Fix null-ptr-deref in jfs_ioc_trim (bsc#1246044). * CVE-2025-38204: jfs: fix array-index-out-of-bounds read in add_missing_indices (bsc#1245983). * CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073). * CVE-2025-38210: configfs-tsm-report: Fix NULL dereference of tsm_ops (bsc#1246020). * CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029). * CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966). * CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976). * CVE-2025-38236: af_unix: Disable MSG_OOB for unprivileged users (bsc#1246093). * CVE-2025-38239: scsi: megaraid_sas: Fix invalid node index (bsc#1246178). * CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183). * CVE-2025-38248: bridge: mcast: Fix use-after-free during router port configuration (bsc#1246173). * CVE-2025-38250: kABI workaround for bluetooth hci_dev changes (bsc#1246182). * CVE-2025-38264: llist: add interface to check if a node is on a list (bsc#1246387). * CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268). * CVE-2025-38279: selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264). * CVE-2025-38283: hisi_acc_vfio_pci: bugfix live migration function without VF device driver (bsc#1246273). * CVE-2025-38303: Bluetooth: eir: Fix possible crashes on eir_create_adv_data (bsc#1246354). * CVE-2025-38310: seg6: Fix validation of nexthop addresses (bsc#1246361). * CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473). * CVE-2025-38334: x86/sgx: Prevent attempts to reclaim poisoned pages (bsc#1246384). * CVE-2025-38335: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (bsc#1246250). * CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253). * CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777). * CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781). * CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911). * CVE-2025-38364: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (bsc#1247091). * CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023). * CVE-2025-38371: drm/v3d: Disable interrupts before resetting the GPU (bsc#1247178). * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177). * CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031). * CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169). * CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156). * CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (bsc#1247097). * CVE-2025-38403: vsock/vmci: Clear the vmci transport packet properly when initializing it (bsc#1247141). * CVE-2025-38414: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (bsc#1247145). * CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252). * CVE-2025-38429: bus: mhi: ep: Update read pointer only after buffer is written (bsc#1247253). * CVE-2025-38455: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (bsc#1247101). * CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098). * CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143). * CVE-2025-38461: vsock: Fix transport_* TOCTOU (bsc#1247103). * CVE-2025-38462: vsock: Fix transport_{g2h,h2g} TOCTOU (bsc#1247104). * CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113). * CVE-2025-38465: netlink: make sure we allow at least one dump skb (bsc#1247118). * CVE-2025-38470: kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (bsc#1247288). * CVE-2025-38471: tls: always refresh the queue when reading sock (bsc#1247450). * CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). * CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374). The following non-security bugs were fixed: * ACPI: LPSS: Remove AudioDSP related ID (git-fixes). * ACPI: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122). * ACPI: processor: perflib: Fix initial _PPC limit application (git-fixes). * ACPICA: Refuse to evaluate a method if arguments are missing (stable-fixes). * ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes). * ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable- fixes). * ALSA: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable- fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes). * ALSA: hda/tegra: Add Tegra264 support (stable-fixes). * ALSA: hda: Add missing NVIDIA HDA codec IDs (stable-fixes). * ALSA: hda: Add new pci id for AMD GPU display HD audio controller (stable- fixes). * ALSA: hda: Ignore unsol events for cards being shut down (stable-fixes). * ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git- fixes). * ALSA: sb: Do not allow changing the DMA mode during operations (stable- fixes). * ALSA: sb: Force to disable DMAs once when DMA mode is changed (stable- fixes). * ASoC: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes). * ASoC: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes). * ASoC: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable- fixes). * ASoC: amd: yc: update quirk data for HP Victus (stable-fixes). * ASoC: codec: wcd9335: Convert to GPIO descriptors (stable-fixes). * ASoC: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes). * ASoC: codecs: wcd9335: Handle nicer probe deferral and simplify with dev_err_probe() (stable-fixes). * ASoC: cs35l56: probe() should fail if the device ID is not recognized (git- fixes). * ASoC: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git- fixes). * ASoC: fsl_xcvr: get channel status data when PHY is not exists (git-fixes). * ASoC: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes). * ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git- fixes). * Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes). * Bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes). * Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes). * Bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT (git-fixes). * Bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes). * Bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes). * Bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes). * Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes). * Bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes). * Bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes). * Bluetooth: hci_conn: Fix sending BT_HCI_CMD_LE_CREATE_CONN_CANCEL (git- fixes). * Bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git- fixes). * Bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes). * Bluetooth: hci_sync: Attempt to dequeue connection attempt (git-fixes). * Bluetooth: hci_sync: Fix UAF on create_le_conn_complete (git-fixes). * Bluetooth: hci_sync: Fix handling of HCI_OP_CREATE_CONN_CANCEL (git-fixes). * Bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes). * Bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes). * Bluetooth: hci_sync: revert some mesh modifications (git-fixes). * Correctly put RDMA kabi patch into patches.kabi instead of patches.suse * Docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes). * Documentation: ACPI: Fix parent device references (git-fixes). * Documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes). * Fix dma_unmap_sg() nents value (git-fixes) * HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes). * HID: core: do not bypass hid_hw_raw_request (stable-fixes). * HID: core: ensure __hid_request reserves the report ID as the first byte (git-fixes). * HID: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes). * HID: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable- fixes). * HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable- fixes). * IB/mlx5: Fix potential deadlock in MR deregistration (git-fixes) * Input: iqs7222 - explicitly define number of external channels (git-fixes). * Input: xpad - adjust error handling for disconnect (git-fixes). * Input: xpad - set correct controller type for Acer NGR200 (git-fixes). * Input: xpad - support Acer NGR 200 Controller (stable-fixes). * Logitech C-270 even more broken (stable-fixes). * Move upstreamed SCSI and ACPI patches into sorted section * NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes). * NFS: Fix the setting of capabilities when automounting a new filesystem (git-fixes). * NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git- fixes). * NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes). * NFSD: detect mismatch of file handle and delegation stateid in OPEN op (git- fixes). * NFSv4.2: another fix for listxattr (git-fixes). * NFSv4.2: fix listxattr to return selinux security label (git-fixes). * NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes). * NFSv4: Always set NLINK even if the server does not support it (git-fixes). * NFSv4: xattr handlers should check for absent nfs filehandles (git-fixes). * PCI/MSI: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457). * PCI: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes). * PCI: endpoint: Fix configfs group list head handling (git-fixes). * PCI: endpoint: Fix configfs group removal on driver teardown (git-fixes). * PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes). * PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes). * PCI: hv: Allow dynamic MSI-X vector allocation (bsc#1245457). * PCI: rockchip-host: Fix "Unexpected Completion" log message (git-fixes). * PM / devfreq: Check governor before using governor->name (git-fixes). * RDMA/core: Rate limit GID cache warning messages (git-fixes) * RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes) * RDMA/hns: Drop GFP_NOWARN (git-fixes) * RDMA/hns: Fix -Wframe-larger-than issue (git-fixes) * RDMA/hns: Fix HW configurations not cleared in error flow (git-fixes) * RDMA/hns: Fix accessing uninitialized resources (git-fixes) * RDMA/hns: Fix double destruction of rsv_qp (git-fixes) * RDMA/hns: Get message length of ack_req from FW (git-fixes) * RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes) * RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes) * RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes) * RDMA/mlx5: Fix CC counters query for MPV (git-fixes) * RDMA/mlx5: Fix HW counters query for non-representor devices (git-fixes) * RDMA/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes) * RDMA/mlx5: Fix vport loopback for MPV device (git-fixes) * RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert (git-fixes) * RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes) * RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes) * RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes) * RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes) * RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git- fixes) * RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes) * Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes). * Revert "ACPI: battery: negate current when discharging" (stable-fixes). * Revert "cgroup_freezer: cgroup_freezing: Check if not frozen" (bsc#1219338). * Revert "drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1" (stable-fixes). * Revert "mmc: sdhci: Disable SD card clock before changing parameters" (git- fixes). * Revert "usb: xhci: Implement xhci_handshake_check_state() helper" (git- fixes). * Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" (stable-fixes). * SMB3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion (git-fixes). * USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes). * USB: serial: option: add Foxconn T99W640 (stable-fixes). * USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable- fixes). * [SMB3] send channel sequence number in SMB3 requests after reconnects (git- fixes). * af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes). * af_unix: Add a prompt to CONFIG_AF_UNIX_OOB (bsc#1246093). * amd/amdkfd: fix a kfd_process ref leak (stable-fixes). * aoe: clean device rq_list in aoedev_downdev() (git-fixes). * apple-mfi-fastcharge: protect first device name (git-fixes). * ata: pata_cs5536: fix build on 32-bit UML (stable-fixes). * audit,module: restore audit logging in load failure case (git-fixes). * bpf, sockmap: Fix sk_msg_reset_curr (git-fixes). * bpf/lpm_trie: Inline longest_prefix_match for fastpath (git-fixes). * bpf/selftests: Check errno when percpu map value size exceeds (git-fixes). * bpf: Add a possibly-zero-sized read test (git-fixes). * bpf: Avoid **hidden** attribute in static object (git-fixes). * bpf: Check percpu map value size first (git-fixes). * bpf: Disable some `attribute ignored' warnings in GCC (git-fixes). * bpf: Fix memory leak in bpf_core_apply (git-fixes). * bpf: Fix potential integer overflow in resolve_btfids (git-fixes). * bpf: Harden __bpf_kfunc tag against linker kfunc removal (git-fixes). * bpf: Make the pointer returned by iter next method valid (git-fixes). * bpf: Simplify checking size of helper accesses (git-fixes). * bpf: fix order of args in call to bpf_map_kvcalloc (git-fixes). * bpf: sockmap, updating the sg structure should also update curr (git-fixes). * bpftool: Fix missing pids during link show (git-fixes). * bpftool: Fix undefined behavior caused by shifting into the sign bit (git- fixes). * bpftool: Mount bpffs on provided dir instead of parent dir (git-fixes). * bpftool: Remove unnecessary source files from bootstrap version (git-fixes). * bpftool: Un-const bpf_func_info to fix it for llvm 17 and newer (git-fixes). * btrfs: do not ignore inode missing when replaying log tree (git-fixes). * btrfs: do not silently ignore unexpected extent type when replaying log (git-fixes). * btrfs: do not skip remaining extrefs if dir not found during log replay (git-fixes). * btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068) * btrfs: fix assertion when building free space tree (git-fixes). * btrfs: fix inode lookup error handling during log replay (git-fixes). * btrfs: fix invalid inode pointer dereferences during log replay (git-fixes). * btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes). * btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes). * btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes). * btrfs: fix ssd_spread overallocation (git-fixes). * btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068) * btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes). * btrfs: rename err to ret in btrfs_rmdir() (git-fixes). * btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes). * btrfs: return a btrfs_inode from read_one_inode() (git-fixes). * btrfs: tests: fix chunk map leak after failure to add it to the tree (git- fixes). * btrfs: update superblock's device bytes_used when dropping chunk (git- fixes). * btrfs: use NOFS context when getting inodes during logging and log replay (git-fixes). * btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes). * bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes). * bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes). * can: dev: can_restart(): move debug message and stats after successful restart (stable-fixes). * can: dev: can_restart(): reverse logic to remove need for goto (stable- fixes). * can: kvaser_pciefd: Store device channel index (git-fixes). * can: kvaser_usb: Assign netdev.dev_port based on device channel index (git- fixes). * can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes). * can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes). * can: peak_usb: fix USB FD devices potential malfunction (git-fixes). * cdc-acm: fix race between initial clearing halt and open (git-fixes). * cgroup,freezer: fix incomplete freezing when attaching tasks (bsc#1245789). * cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166). * cifs: reconnect helper should set reconnect for the right channel (git- fixes). * clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes). * clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes). * clk: sunxi-ng: v3s: Fix de clock definition (git-fixes). * clk: xilinx: vcu: unregister pll_post only if registered correctly (git- fixes). * clocksource: Scale the watchdog read retries automatically (bsc#1241345 bsc#1244457). * clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin (bsc#1241345 bsc#1244457). * comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes). * comedi: Fix initialization of data for instructions that write to subdevice (git-fixes). * comedi: Fix some signed shift left operations (git-fixes). * comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes). * comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes). * comedi: das16m1: Fix bit shift out of bounds (git-fixes). * comedi: das6402: Fix bit shift out of bounds (git-fixes). * comedi: pcl812: Fix bit shift out of bounds (git-fixes). * compiler_types.h: Define **retain for __attribute** (( **retain** )) (git- fixes). * config: enable RBD (jsc#PED-13238) * crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes). * crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes). * crypto: ccp - Fix locking on alloc failure handling (git-fixes). * crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes). * crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes). * crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes). * crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes). * crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes). * crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes). * crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes). * crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes). * crypto: qat - fix state restore for banks with exceptions (git-fixes). * crypto: qat - flush misc workqueue during device shutdown (git-fixes). * crypto: qat - use unmanaged allocation for dc_data (git-fixes). * crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes). * dm-bufio: fix sched in atomic context (git-fixes). * dm-flakey: error all IOs when num_features is absent (git-fixes). * dm-flakey: make corrupting read bios work (git-fixes). * dm-mirror: fix a tiny race condition (git-fixes). * dm-raid: fix variable in journal device check (git-fixes). * dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes). * dm: do not change md if dm_table_set_restrictions() fails (git-fixes). * dm: free table mempools if not used in __bind (git-fixes). * dm: restrict dm device size to 2^63-512 bytes (git-fixes). * dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes). * dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes). * dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes). * dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git- fixes). * dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes). * dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes). * dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes). * dmaengine: xilinx_dma: Set dma_device directions (stable-fixes). * drm/amd/display: Do not overwrite dce60_clk_mgr (git-fixes). * drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git- fixes). * drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes). * drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes). * drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes). * drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes). * drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git- fixes). * drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes). * drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes). * drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes). * drm/exynos: fimd: Guard display clock control with runtime PM calls (git- fixes). * drm/framebuffer: Acquire internal references on GEM handles (git-fixes). * drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes). * drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes). * drm/i915/gsc: mei interrupt top half should be in irq disabled context (git- fixes). * drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes). * drm/i915/selftests: Change mock_request() to return error pointers (git- fixes). * drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes). * drm/msm: Fix a fence leak in submit error path (stable-fixes). * drm/msm: Fix another leak in the submit error path (stable-fixes). * drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes). * drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes). * drm/sched: Increment job count before swapping tail spsc queue (git-fixes). * drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes). * drm/scheduler: signal scheduled fence when kill job (stable-fixes). * drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes). * drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes). * drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes). * exfat: fdatasync flag should be same like generic_write_sync() (git-fixes). * fbcon: Fix outdated registered_fb reference in comment (git-fixes). * fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes). * firewire: ohci: correct code comments about bus_reset tasklet (git-fixes). * fs/jfs: consolidate sanity checking in dbMount (git-fixes). * fs/orangefs: Allow 2 more characters in do_c_string() (git-fixes). * gpio: mlxbf2: use platform_get_irq_optional() (git-fixes). * gpio: pca953x: log an error when failing to get the reset GPIO (git-fixes). * gpio: sim: include a missing header (git-fixes). * gpio: vf610: add locking to gpio direction functions (git-fixes). * gpio: virtio: Fix config space reading (git-fixes). * gpiolib: Fix debug messaging in gpiod_find_and_request() (git-fixes). * gpiolib: Handle no pin_ranges in gpiochip_generic_config() (git-fixes). * gpiolib: acpi: Do not use GPIO chip fwnode in acpi_gpiochip_find() (bsc#1233300). * gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match (bsc#1233300). * gpiolib: cdev: Ignore reconfiguration without direction (git-fixes). * gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes). * hfs: make splice write available again (git-fixes). * hfsplus: make splice write available again (git-fixes). * hfsplus: remove mutex_lock check in hfsplus_free_extents (git-fixes). * hv_netvsc: Use VF's tso_max_size value when data path is VF (bsc#1246203). * hwmon: (corsair-cpro) Validate the size of the received input buffer (git- fixes). * hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes). * hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes). * hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes). * i2c/designware: Fix an initialization issue (git-fixes). * i2c: qup: jump out of the loop in case of timeout (git-fixes). * i2c: stm32: fix the device used for the DMA map (git-fixes). * i2c: tegra: Fix reset error handling with ACPI (git-fixes). * i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes). * i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes). * iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git- fixes). * iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes). * iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable- fixes). * iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes). * iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes). * iio: adc: max1363: Reorder mode_list[] entries (stable-fixes). * iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes). * iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes). * iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes). * iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes). * iommu/amd: Set the pgsize_bitmap correctly (git-fixes). * iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes). * iommu/vt-d: Fix possible circular locking dependency (git-fixes). * iommu/vt-d: Fix system hang on reboot -f (git-fixes). * ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes). * ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (git-fixes). * ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes). * ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes). * iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes). * jfs: fix metapage reference count leak in dbAllocCtl (git-fixes). * kABI workaround for struct drm_framebuffer changes (git-fixes). * kABI: Fix the module::name type in audit_context (git-fixes). * kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes). * kernel-syms.spec: Drop old rpm release number hack (bsc#1247172). * leds: multicolor: Fix intensity setting while SW blinking (stable-fixes). * lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1236897). * lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897). * maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes). * md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes). * media: gspca: Add bounds checking to firmware parser (git-fixes). * media: hi556: correct the test pattern configuration (git-fixes). * media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes). * media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes). * media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git- fixes). * media: usbtv: Lock resolution while streaming (git-fixes). * media: uvcvideo: Do not mark valid metadata as invalid (git-fixes). * media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git- fixes). * media: v4l2-ctrls: Do not reset handler's error in v4l2_ctrl_handler_free() (git-fixes). * media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes). * media: venus: Add a check for packet size after reading from shared memory (git-fixes). * media: venus: hfi: explicitly release IRQ during teardown (git-fixes). * media: venus: protect against spurious interrupts during probe (git-fixes). * media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git- fixes). * media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git- fixes). * media: vivid: fix wrong pixel_array control size (git-fixes). * memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git- fixes). * mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes). * misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes). * mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes). * mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes). * mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes). * mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes). * mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes). * module: Fix memory deallocation on error path in move_module() (git-fixes). * module: Remove unnecessary +1 from last_unloaded_module::name size (git- fixes). * module: Restore the moduleparam prefix length check (git-fixes). * mtd: fix possible integer overflow in erase_xfer() (git-fixes). * mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes). * mtd: rawnand: atmel: set pmecc data setup time (git-fixes). * mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes). * mtd: rawnand: renesas: Add missing check after DMA map (git-fixes). * mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes). * mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes). * mtd: spinand: fix memory leak of ECC engine conf (stable-fixes). * mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes). * mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes). * mtk-sd: Prevent memory corruption from DMA map failure (git-fixes). * mtk-sd: reset host->mrq on prepare_data() error (git-fixes). * mwl8k: Add missing check after DMA map (git-fixes). * nbd: fix uaf in nbd_genl_connect() error path (git-fixes). * net/packet: fix a race in packet_set_ring() and packet_notifier() (git- fixes). * net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes). * net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git- fixes). * net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git- fixes). * net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes). * net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes). * net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes). * net: mana: Add debug logs in MANA network driver (bsc#1246212). * net: mana: Add handler for hardware servicing events (bsc#1245730). * net: mana: Allocate MSI-X vectors dynamically (bsc#1245457). * net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457). * net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (bsc#1246203). * net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729). * net: mana: Set tx_packets to post gso processing packet count (bsc#1245731). * net: mana: explain irq_setup() algorithm (bsc#1245457). * net: phy: Do not register LEDs for genphy (git-fixes). * net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes). * net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes). * net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git- fixes). * net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes). * net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git- fixes). * net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes). * net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes). * net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes). * netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes). * nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git- fixes). * nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes). * nilfs2: reject invalid file types when reading inodes (git-fixes). * nvme-pci: refresh visible attrs after being checked (git-fixes). * nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes). * nvme: fix endianness of command word prints in nvme_log_err_passthru() (git- fixes). * nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes). * nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes). * nvmet-tcp: fix callback lock for TLS handshake (git-fixes). * objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes). * objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks (git-fixes). * objtool: Fix _THIS_IP_ detection for cold functions (git-fixes). * objtool: Fix error handling inconsistencies in check() (git-fixes). * objtool: Ignore dangling jump table entries (git-fixes). * objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes). * objtool: Properly disable uaccess validation (git-fixes). * objtool: Silence more KCOV warnings (git-fixes). * objtool: Silence more KCOV warnings, part 2 (git-fixes). * objtool: Stop UNRET validation on UD2 (git-fixes). * pNFS/flexfiles: do not attempt pnfs on fatal DS errors (git-fixes). * pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes). * perf: Fix sample vs do_exit() (bsc#1246547). * phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git- fixes). * pinctrl: amd: Clear GPIO debounce for suspend (git-fixes). * pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes). * pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes). * pinmux: fix race causing mux_owner NULL with active mux_usecount (git- fixes). * platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git- fixes). * platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git- fixes). * platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes). * platform/mellanox: mlxreg-lc: Fix logic error in power state check (git- fixes). * platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes). * platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes). * platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes). * platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes). * platform/x86: think-lmi: Create ksets consecutively (stable-fixes). * platform/x86: think-lmi: Fix kobject cleanup (git-fixes). * platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes). * power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes). * power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git- fixes). * powercap: call put_device() on an error path in powercap_register_control_type() (stable-fixes). * powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git- fixes). * powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes). * powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH (git-fixes). * ptp: fix breakage after ptp_vclock_in_use() rework (bsc#1246506). * pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes). * pwm: mediatek: Ensure to disable clocks in error path (git-fixes). * regmap: fix potential memory leak of regmap_bus (git-fixes). * regulator: fan53555: add enable_time support and soft-start times (stable- fixes). * regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git- fixes). * regulator: pwm-regulator: Calculate the output voltage for disabled PWMs (stable-fixes). * resource: fix false warning in __request_region() (git-fixes). * restore UCSI_CONNECTOR_RESET_HARD definition (git-fixes). * ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes). * rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes). * rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes). * rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes). * rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes). * rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes). * rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes). * rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes). * rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes). * s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246870). * s390/entry: Fix last breaking event handling in case of stack corruption (git-fixes bsc#1243806). * s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245646). * s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245647). * s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245598). * s390: Add z17 elf platform (LTC#214086 bsc#1245540). * samples: mei: Fix building on musl libc (git-fixes). * sched,freezer: Remove unnecessary warning in __thaw_task (bsc#1219338). * sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up() (git- fixes). * scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes). * scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Copyright updates for 14.4.0.10 patches (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Modify end-of-life adapters' model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142). * scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: megaraid_sas: Fix invalid node index (git-fixes). * scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git- fixes). * scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git- fixes). * scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245599). * selftests/bpf: Add CFLAGS per source file and runner (git-fixes). * selftests/bpf: Add tests for iter next method returning valid pointer (git- fixes). * selftests/bpf: Change functions definitions to support GCC (git-fixes). * selftests/bpf: Fix a few tests for GCC related warnings (git-fixes). * selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect (git-fixes). * selftests/bpf: Fix prog numbers in test_sockmap (git-fixes). * smb3: move server check earlier when setting channel sequence number (git- fixes). * soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes). * soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes). * soc: aspeed: lpc-snoop: Do not disable channels that are not enabled (git- fixes). * soc: qcom: QMI encoding/decoding for big endian (git-fixes). * soc: qcom: fix endianness for QMI header (git-fixes). * soc: qcom: pmic_glink: fix OF node leak (git-fixes). * soundwire: amd: fix for clearing command status register (git-fixes). * soundwire: stream: restore params when prepare ports fail (git-fixes). * spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git- fixes). * staging: axis-fifo: remove sysfs interface (git-fixes). * staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git- fixes). * staging: nvec: Fix incorrect null termination of battery manufacturer (git- fixes). * struct cdns: move new member to the end (git-fixes). * struct ucsi_operations: use padding for new operation (git-fixes). * sunrpc: do not immediately retransmit on seqno miss (git-fixes). * sunrpc: fix client side handling of tls alerts (git-fixes). * tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes). * thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes). * thunderbolt: Fix copy+paste error in match_service_id() (git-fixes). * thunderbolt: Fix wake on connect at runtime (git-fixes). * tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes). * tracing/kprobes: Fix to free objects when failed to copy a symbol (git- fixes). * types: Complement the aligned types with signed 64-bit one (stable-fixes). * ucount: fix atomic_long_inc_below() argument type (git-fixes). * ucsi-glink: adapt to kABI consistency (git-fixes). * ucsi_ccg: Refine the UCSI Interrupt handling (git-fixes). * ucsi_operations: add stubs for all operations (git-fixes). * ucsi_ops: adapt update_connector to kABI consistency (git-fixes). * usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes). * usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes). * usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes). * usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes). * usb: cdnsp: Fix issue with resuming from L1 (git-fixes). * usb: cdnsp: Replace snprintf() with the safer scnprintf() variant (stable- fixes). * usb: cdnsp: do not disable slot for disabled slot (git-fixes). * usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes). * usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes). * usb: dwc2: also exit clock_gating when stopping udc while suspended (stable- fixes). * usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes). * usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes). * usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes). * usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes). * usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes). * usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes). * usb: hub: Do not try to recover devices lost during warm reset (git-fixes). * usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes). * usb: musb: fix gadget state on disconnect (git-fixes). * usb: musb: omap2430: fix device leak at unbind (git-fixes). * usb: net: sierra: check for no status endpoint (git-fixes). * usb: potential integer overflow in usbg_make_tpg() (stable-fixes). * usb: typec: Update sysfs when setting ops (git-fixes). * usb: typec: altmodes/displayport: do not index invalid pin_assignments (git- fixes). * usb: typec: displayport: Fix potential deadlock (git-fixes). * usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes). * usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable- fixes). * usb: typec: tcpm: allow switching to mode accessory to mux properly (stable- fixes). * usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes). * usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git- fixes). * usb: typec: ucsi: Add DATA_RESET option of Connector Reset command (git- fixes). * usb: typec: ucsi: Add qcm6490-pmic-glink as needing PDOS quirk (git-fixes). * usb: typec: ucsi: Delay alternate mode discovery (git-fixes). * usb: typec: ucsi: Fix busy loop on ASUS VivoBooks (git-fixes). * usb: typec: ucsi: Fix the partner PD revision (git-fixes). * usb: typec: ucsi: Get PD revision for partner (git-fixes). * usb: typec: ucsi: Set orientation as none when connector is unplugged (git- fixes). * usb: typec: ucsi: Update power_supply on power role change (git-fixes). * usb: typec: ucsi: add callback for connector status updates (git-fixes). * usb: typec: ucsi: add update_connector callback (git-fixes). * usb: typec: ucsi: do not retrieve PDOs if not supported (git-fixes). * usb: typec: ucsi: extract code to read PD caps (git-fixes). * usb: typec: ucsi: fix UCSI on SM8550 & SM8650 Qualcomm devices (git-fixes). * usb: typec: ucsi: glink: fix off-by-one in connector_status (git-fixes). * usb: typec: ucsi: glink: increase max ports for x1e80100 (git-fixes). * usb: typec: ucsi: glink: move GPIO reading into connector_status callback (git-fixes). * usb: typec: ucsi: glink: use typec_set_orientation (git-fixes). * usb: typec: ucsi: move ucsi_acknowledge() from ucsi_read_error() (git- fixes). * usb: typec: ucsi: properly register partner's PD device (git-fixes). * usb: typec: ucsi: support delaying GET_PDOS for device (git-fixes). * usb: typec: ucsi_acpi: Add LG Gram quirk (git-fixes). * usb: typec: ucsi_glink: drop NO_PARTNER_PDOS quirk for sm8550 / sm8650 (git- fixes). * usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk (git-fixes). * usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk on qcm6490 (git-fixes). * usb: typec: ucsi_glink: rework quirks implementation (git-fixes). * usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git- fixes). * usb: xhci: quirk for data loss in ISOC transfers (stable-fixes). * usb:cdnsp: remove TRB_FLUSH_ENDPOINT command (stable-fixes). * virtgpu: do not reset on shutdown (git-fixes). * vmci: Prevent the dispatching of uninitialized payloads (git-fixes). * vt: add missing notification when switching back to text mode (stable- fixes). * vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes). * vt: keyboard: Do not process Unicode characters in K_OFF mode (git-fixes). * watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git- fixes). * wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes). * wifi: ath11k: fix dest ring-buffer corruption (git-fixes). * wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes). * wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes). * wifi: ath11k: fix source ring-buffer corruption (git-fixes). * wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes). * wifi: ath12k: fix dest ring-buffer corruption (git-fixes). * wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes). * wifi: ath12k: fix endianness handling while accessing wmi service bit (git- fixes). * wifi: ath12k: fix source ring-buffer corruption (git-fixes). * wifi: ath6kl: remove WARN on bad firmware input (stable-fixes). * wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes). * wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes). * wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes). * wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes). * wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes). * wifi: mac80211: Add link iteration macro for link data (stable-fixes). * wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes). * wifi: mac80211: Do not call fq_flow_idx() for management frames (git-fixes). * wifi: mac80211: Do not schedule stopped TXQs (git-fixes). * wifi: mac80211: chan: chandef is non-NULL for reserved (stable-fixes). * wifi: mac80211: drop invalid source address OCB frames (stable-fixes). * wifi: mac80211: reject TDLS operations when station is not associated (git- fixes). * wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes). * wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes). * wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes). * wifi: plfxlc: Fix error handling in usb driver probe (git-fixes). * wifi: prevent A-MSDU attacks in mesh networks (stable-fixes). * wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes). * wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes). * wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes). * x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes). * x86/mce/amd: Add default names for MCA banks and blocks (git-fixes). * x86/mce/amd: Fix threshold limit reset (git-fixes). * x86/mce: Do not remove sysfs if thresholding sysfs init fails (git-fixes). * x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git- fixes). * x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git- fixes). * x86/traps: Initialize DR6 by writing its architectural reset value (git- fixes). * x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes). * x86: UV RTC: Add parameter to disable RTC clocksource (bsc#1241345). * xfs: fix off-by-one error in fsmap's end_daddr usage (bsc#1235837). * xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes). * xfs: remove unused event xfs_alloc_near_error (git-fixes). * xfs: remove unused event xfs_alloc_near_nominleft (git-fixes). * xfs: remove unused event xfs_attr_node_removename (git-fixes). * xfs: remove unused event xfs_ioctl_clone (git-fixes). * xfs: remove unused event xfs_pagecache_inval (git-fixes). * xfs: remove unused event xlog_iclog_want_sync (git-fixes). * xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes). * xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes). * xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes). * xfs: remove unused xfs_attr events (git-fixes). * xfs: remove unused xfs_reflink_compare_extents events (git-fixes). * xfs: remove usused xfs_end_io_direct events (git-fixes). * xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git- fixes). * xhci: dbc: Flush queued requests before stopping dbc (git-fixes). * xhci: dbctty: disable ECHO flag by default (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-83=1 * SUSE Linux Micro Extras 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-83=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * kernel-devel-rt-6.4.0-35.1 * kernel-source-rt-6.4.0-35.1 * SUSE Linux Micro 6.0 (nosrc x86_64) * kernel-rt-6.4.0-35.1 * SUSE Linux Micro 6.0 (x86_64) * kernel-rt-livepatch-6.4.0-35.1 * kernel-rt-debugsource-6.4.0-35.1 * kernel-rt-debuginfo-6.4.0-35.1 * SUSE Linux Micro Extras 6.0 (nosrc) * kernel-rt-6.4.0-35.1 * SUSE Linux Micro Extras 6.0 (x86_64) * kernel-rt-devel-6.4.0-35.1 * kernel-rt-debugsource-6.4.0-35.1 * kernel-rt-devel-debuginfo-6.4.0-35.1 ## References: * https://www.suse.com/security/cve/CVE-2019-11135.html * https://www.suse.com/security/cve/CVE-2024-36028.html * https://www.suse.com/security/cve/CVE-2024-36348.html * https://www.suse.com/security/cve/CVE-2024-36349.html * https://www.suse.com/security/cve/CVE-2024-36350.html * https://www.suse.com/security/cve/CVE-2024-36357.html * https://www.suse.com/security/cve/CVE-2024-44963.html * https://www.suse.com/security/cve/CVE-2024-56742.html * https://www.suse.com/security/cve/CVE-2024-57947.html * https://www.suse.com/security/cve/CVE-2025-21839.html * https://www.suse.com/security/cve/CVE-2025-21872.html * https://www.suse.com/security/cve/CVE-2025-23163.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-37856.html * https://www.suse.com/security/cve/CVE-2025-37864.html * https://www.suse.com/security/cve/CVE-2025-37885.html * https://www.suse.com/security/cve/CVE-2025-37920.html * https://www.suse.com/security/cve/CVE-2025-37984.html * https://www.suse.com/security/cve/CVE-2025-38034.html * https://www.suse.com/security/cve/CVE-2025-38035.html * https://www.suse.com/security/cve/CVE-2025-38051.html * https://www.suse.com/security/cve/CVE-2025-38052.html * https://www.suse.com/security/cve/CVE-2025-38058.html * https://www.suse.com/security/cve/CVE-2025-38061.html * https://www.suse.com/security/cve/CVE-2025-38062.html * https://www.suse.com/security/cve/CVE-2025-38063.html * https://www.suse.com/security/cve/CVE-2025-38064.html * https://www.suse.com/security/cve/CVE-2025-38074.html * https://www.suse.com/security/cve/CVE-2025-38084.html * https://www.suse.com/security/cve/CVE-2025-38085.html * https://www.suse.com/security/cve/CVE-2025-38087.html * https://www.suse.com/security/cve/CVE-2025-38088.html * https://www.suse.com/security/cve/CVE-2025-38089.html * https://www.suse.com/security/cve/CVE-2025-38090.html * https://www.suse.com/security/cve/CVE-2025-38094.html * https://www.suse.com/security/cve/CVE-2025-38095.html * https://www.suse.com/security/cve/CVE-2025-38097.html * https://www.suse.com/security/cve/CVE-2025-38098.html * https://www.suse.com/security/cve/CVE-2025-38099.html * https://www.suse.com/security/cve/CVE-2025-38100.html * https://www.suse.com/security/cve/CVE-2025-38102.html * https://www.suse.com/security/cve/CVE-2025-38105.html * https://www.suse.com/security/cve/CVE-2025-38107.html * https://www.suse.com/security/cve/CVE-2025-38108.html * https://www.suse.com/security/cve/CVE-2025-38109.html * https://www.suse.com/security/cve/CVE-2025-38110.html * https://www.suse.com/security/cve/CVE-2025-38111.html * https://www.suse.com/security/cve/CVE-2025-38112.html * https://www.suse.com/security/cve/CVE-2025-38113.html * https://www.suse.com/security/cve/CVE-2025-38115.html * https://www.suse.com/security/cve/CVE-2025-38117.html * https://www.suse.com/security/cve/CVE-2025-38118.html * https://www.suse.com/security/cve/CVE-2025-38120.html * https://www.suse.com/security/cve/CVE-2025-38122.html * https://www.suse.com/security/cve/CVE-2025-38123.html * https://www.suse.com/security/cve/CVE-2025-38124.html * https://www.suse.com/security/cve/CVE-2025-38126.html * https://www.suse.com/security/cve/CVE-2025-38127.html * https://www.suse.com/security/cve/CVE-2025-38129.html * https://www.suse.com/security/cve/CVE-2025-38131.html * https://www.suse.com/security/cve/CVE-2025-38132.html * https://www.suse.com/security/cve/CVE-2025-38135.html * https://www.suse.com/security/cve/CVE-2025-38136.html * https://www.suse.com/security/cve/CVE-2025-38138.html * https://www.suse.com/security/cve/CVE-2025-38142.html * https://www.suse.com/security/cve/CVE-2025-38143.html * https://www.suse.com/security/cve/CVE-2025-38145.html * https://www.suse.com/security/cve/CVE-2025-38147.html * https://www.suse.com/security/cve/CVE-2025-38148.html * https://www.suse.com/security/cve/CVE-2025-38149.html * https://www.suse.com/security/cve/CVE-2025-38151.html * https://www.suse.com/security/cve/CVE-2025-38153.html * https://www.suse.com/security/cve/CVE-2025-38154.html * https://www.suse.com/security/cve/CVE-2025-38155.html * https://www.suse.com/security/cve/CVE-2025-38157.html * https://www.suse.com/security/cve/CVE-2025-38158.html * https://www.suse.com/security/cve/CVE-2025-38159.html * https://www.suse.com/security/cve/CVE-2025-38161.html * https://www.suse.com/security/cve/CVE-2025-38162.html * https://www.suse.com/security/cve/CVE-2025-38165.html * https://www.suse.com/security/cve/CVE-2025-38166.html * https://www.suse.com/security/cve/CVE-2025-38173.html * https://www.suse.com/security/cve/CVE-2025-38174.html * https://www.suse.com/security/cve/CVE-2025-38177.html * https://www.suse.com/security/cve/CVE-2025-38180.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38182.html * https://www.suse.com/security/cve/CVE-2025-38183.html * https://www.suse.com/security/cve/CVE-2025-38187.html * https://www.suse.com/security/cve/CVE-2025-38188.html * https://www.suse.com/security/cve/CVE-2025-38192.html * https://www.suse.com/security/cve/CVE-2025-38193.html * https://www.suse.com/security/cve/CVE-2025-38194.html * https://www.suse.com/security/cve/CVE-2025-38197.html * https://www.suse.com/security/cve/CVE-2025-38198.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38202.html * https://www.suse.com/security/cve/CVE-2025-38203.html * https://www.suse.com/security/cve/CVE-2025-38204.html * https://www.suse.com/security/cve/CVE-2025-38206.html * https://www.suse.com/security/cve/CVE-2025-38210.html * https://www.suse.com/security/cve/CVE-2025-38211.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38214.html * https://www.suse.com/security/cve/CVE-2025-38215.html * https://www.suse.com/security/cve/CVE-2025-38217.html * https://www.suse.com/security/cve/CVE-2025-38220.html * https://www.suse.com/security/cve/CVE-2025-38222.html * https://www.suse.com/security/cve/CVE-2025-38225.html * https://www.suse.com/security/cve/CVE-2025-38226.html * https://www.suse.com/security/cve/CVE-2025-38227.html * https://www.suse.com/security/cve/CVE-2025-38229.html * https://www.suse.com/security/cve/CVE-2025-38231.html * https://www.suse.com/security/cve/CVE-2025-38236.html * https://www.suse.com/security/cve/CVE-2025-38239.html * https://www.suse.com/security/cve/CVE-2025-38244.html * https://www.suse.com/security/cve/CVE-2025-38246.html * https://www.suse.com/security/cve/CVE-2025-38248.html * https://www.suse.com/security/cve/CVE-2025-38249.html * https://www.suse.com/security/cve/CVE-2025-38250.html * https://www.suse.com/security/cve/CVE-2025-38257.html * https://www.suse.com/security/cve/CVE-2025-38259.html * https://www.suse.com/security/cve/CVE-2025-38264.html * https://www.suse.com/security/cve/CVE-2025-38272.html * https://www.suse.com/security/cve/CVE-2025-38273.html * https://www.suse.com/security/cve/CVE-2025-38275.html * https://www.suse.com/security/cve/CVE-2025-38277.html * https://www.suse.com/security/cve/CVE-2025-38279.html * https://www.suse.com/security/cve/CVE-2025-38283.html * https://www.suse.com/security/cve/CVE-2025-38286.html * https://www.suse.com/security/cve/CVE-2025-38289.html * https://www.suse.com/security/cve/CVE-2025-38290.html * https://www.suse.com/security/cve/CVE-2025-38292.html * https://www.suse.com/security/cve/CVE-2025-38293.html * https://www.suse.com/security/cve/CVE-2025-38300.html * https://www.suse.com/security/cve/CVE-2025-38303.html * https://www.suse.com/security/cve/CVE-2025-38304.html * https://www.suse.com/security/cve/CVE-2025-38305.html * https://www.suse.com/security/cve/CVE-2025-38307.html * https://www.suse.com/security/cve/CVE-2025-38310.html * https://www.suse.com/security/cve/CVE-2025-38312.html * https://www.suse.com/security/cve/CVE-2025-38313.html * https://www.suse.com/security/cve/CVE-2025-38319.html * https://www.suse.com/security/cve/CVE-2025-38323.html * https://www.suse.com/security/cve/CVE-2025-38326.html * https://www.suse.com/security/cve/CVE-2025-38328.html * https://www.suse.com/security/cve/CVE-2025-38332.html * https://www.suse.com/security/cve/CVE-2025-38334.html * https://www.suse.com/security/cve/CVE-2025-38335.html * https://www.suse.com/security/cve/CVE-2025-38336.html * https://www.suse.com/security/cve/CVE-2025-38337.html * https://www.suse.com/security/cve/CVE-2025-38338.html * https://www.suse.com/security/cve/CVE-2025-38342.html * https://www.suse.com/security/cve/CVE-2025-38343.html * https://www.suse.com/security/cve/CVE-2025-38344.html * https://www.suse.com/security/cve/CVE-2025-38345.html * https://www.suse.com/security/cve/CVE-2025-38348.html * https://www.suse.com/security/cve/CVE-2025-38349.html * https://www.suse.com/security/cve/CVE-2025-38350.html * https://www.suse.com/security/cve/CVE-2025-38352.html * https://www.suse.com/security/cve/CVE-2025-38354.html * https://www.suse.com/security/cve/CVE-2025-38362.html * https://www.suse.com/security/cve/CVE-2025-38363.html * https://www.suse.com/security/cve/CVE-2025-38364.html * https://www.suse.com/security/cve/CVE-2025-38365.html * https://www.suse.com/security/cve/CVE-2025-38369.html * https://www.suse.com/security/cve/CVE-2025-38371.html * https://www.suse.com/security/cve/CVE-2025-38373.html * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-38376.html * https://www.suse.com/security/cve/CVE-2025-38377.html * https://www.suse.com/security/cve/CVE-2025-38380.html * https://www.suse.com/security/cve/CVE-2025-38382.html * https://www.suse.com/security/cve/CVE-2025-38384.html * https://www.suse.com/security/cve/CVE-2025-38385.html * https://www.suse.com/security/cve/CVE-2025-38386.html * https://www.suse.com/security/cve/CVE-2025-38387.html * https://www.suse.com/security/cve/CVE-2025-38389.html * https://www.suse.com/security/cve/CVE-2025-38391.html * https://www.suse.com/security/cve/CVE-2025-38392.html * https://www.suse.com/security/cve/CVE-2025-38393.html * https://www.suse.com/security/cve/CVE-2025-38395.html * https://www.suse.com/security/cve/CVE-2025-38396.html * https://www.suse.com/security/cve/CVE-2025-38399.html * https://www.suse.com/security/cve/CVE-2025-38400.html * https://www.suse.com/security/cve/CVE-2025-38401.html * https://www.suse.com/security/cve/CVE-2025-38403.html * https://www.suse.com/security/cve/CVE-2025-38404.html * https://www.suse.com/security/cve/CVE-2025-38406.html * https://www.suse.com/security/cve/CVE-2025-38409.html * https://www.suse.com/security/cve/CVE-2025-38410.html * https://www.suse.com/security/cve/CVE-2025-38412.html * https://www.suse.com/security/cve/CVE-2025-38414.html * https://www.suse.com/security/cve/CVE-2025-38415.html * https://www.suse.com/security/cve/CVE-2025-38416.html * https://www.suse.com/security/cve/CVE-2025-38420.html * https://www.suse.com/security/cve/CVE-2025-38424.html * https://www.suse.com/security/cve/CVE-2025-38425.html * https://www.suse.com/security/cve/CVE-2025-38426.html * https://www.suse.com/security/cve/CVE-2025-38428.html * https://www.suse.com/security/cve/CVE-2025-38429.html * https://www.suse.com/security/cve/CVE-2025-38430.html * https://www.suse.com/security/cve/CVE-2025-38436.html * https://www.suse.com/security/cve/CVE-2025-38443.html * https://www.suse.com/security/cve/CVE-2025-38448.html * https://www.suse.com/security/cve/CVE-2025-38449.html * https://www.suse.com/security/cve/CVE-2025-38455.html * https://www.suse.com/security/cve/CVE-2025-38457.html * https://www.suse.com/security/cve/CVE-2025-38460.html * https://www.suse.com/security/cve/CVE-2025-38461.html * https://www.suse.com/security/cve/CVE-2025-38462.html * https://www.suse.com/security/cve/CVE-2025-38463.html * https://www.suse.com/security/cve/CVE-2025-38465.html * https://www.suse.com/security/cve/CVE-2025-38467.html * https://www.suse.com/security/cve/CVE-2025-38468.html * https://www.suse.com/security/cve/CVE-2025-38470.html * https://www.suse.com/security/cve/CVE-2025-38471.html * https://www.suse.com/security/cve/CVE-2025-38473.html * https://www.suse.com/security/cve/CVE-2025-38474.html * https://www.suse.com/security/cve/CVE-2025-38476.html * https://www.suse.com/security/cve/CVE-2025-38477.html * https://www.suse.com/security/cve/CVE-2025-38478.html * https://www.suse.com/security/cve/CVE-2025-38480.html * https://www.suse.com/security/cve/CVE-2025-38481.html * https://www.suse.com/security/cve/CVE-2025-38482.html * https://www.suse.com/security/cve/CVE-2025-38483.html * https://www.suse.com/security/cve/CVE-2025-38485.html * https://www.suse.com/security/cve/CVE-2025-38487.html * https://www.suse.com/security/cve/CVE-2025-38489.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://www.suse.com/security/cve/CVE-2025-38496.html * https://www.suse.com/security/cve/CVE-2025-38497.html * https://www.suse.com/security/cve/CVE-2025-38498.html * https://bugzilla.suse.com/show_bug.cgi?id=1204142 * https://bugzilla.suse.com/show_bug.cgi?id=1219338 * https://bugzilla.suse.com/show_bug.cgi?id=1225707 * https://bugzilla.suse.com/show_bug.cgi?id=1230216 * https://bugzilla.suse.com/show_bug.cgi?id=1233300 * https://bugzilla.suse.com/show_bug.cgi?id=1235613 * https://bugzilla.suse.com/show_bug.cgi?id=1235837 * https://bugzilla.suse.com/show_bug.cgi?id=1236333 * https://bugzilla.suse.com/show_bug.cgi?id=1236897 * https://bugzilla.suse.com/show_bug.cgi?id=1238896 * https://bugzilla.suse.com/show_bug.cgi?id=1239061 * https://bugzilla.suse.com/show_bug.cgi?id=1240323 * https://bugzilla.suse.com/show_bug.cgi?id=1240885 * https://bugzilla.suse.com/show_bug.cgi?id=1240966 * https://bugzilla.suse.com/show_bug.cgi?id=1241166 * https://bugzilla.suse.com/show_bug.cgi?id=1241345 * https://bugzilla.suse.com/show_bug.cgi?id=1242086 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242837 * https://bugzilla.suse.com/show_bug.cgi?id=1242960 * https://bugzilla.suse.com/show_bug.cgi?id=1242965 * https://bugzilla.suse.com/show_bug.cgi?id=1242993 * https://bugzilla.suse.com/show_bug.cgi?id=1243068 * https://bugzilla.suse.com/show_bug.cgi?id=1243100 * https://bugzilla.suse.com/show_bug.cgi?id=1243479 * https://bugzilla.suse.com/show_bug.cgi?id=1243669 * https://bugzilla.suse.com/show_bug.cgi?id=1243806 * https://bugzilla.suse.com/show_bug.cgi?id=1244309 * https://bugzilla.suse.com/show_bug.cgi?id=1244457 * https://bugzilla.suse.com/show_bug.cgi?id=1244735 * https://bugzilla.suse.com/show_bug.cgi?id=1244749 * https://bugzilla.suse.com/show_bug.cgi?id=1244750 * https://bugzilla.suse.com/show_bug.cgi?id=1244792 * https://bugzilla.suse.com/show_bug.cgi?id=1244801 * https://bugzilla.suse.com/show_bug.cgi?id=1245151 * https://bugzilla.suse.com/show_bug.cgi?id=1245201 * https://bugzilla.suse.com/show_bug.cgi?id=1245202 * https://bugzilla.suse.com/show_bug.cgi?id=1245216 * https://bugzilla.suse.com/show_bug.cgi?id=1245260 * https://bugzilla.suse.com/show_bug.cgi?id=1245431 * https://bugzilla.suse.com/show_bug.cgi?id=1245440 * https://bugzilla.suse.com/show_bug.cgi?id=1245457 * https://bugzilla.suse.com/show_bug.cgi?id=1245498 * https://bugzilla.suse.com/show_bug.cgi?id=1245499 * https://bugzilla.suse.com/show_bug.cgi?id=1245504 * https://bugzilla.suse.com/show_bug.cgi?id=1245506 * https://bugzilla.suse.com/show_bug.cgi?id=1245508 * https://bugzilla.suse.com/show_bug.cgi?id=1245510 * https://bugzilla.suse.com/show_bug.cgi?id=1245540 * https://bugzilla.suse.com/show_bug.cgi?id=1245598 * https://bugzilla.suse.com/show_bug.cgi?id=1245599 * https://bugzilla.suse.com/show_bug.cgi?id=1245646 * https://bugzilla.suse.com/show_bug.cgi?id=1245647 * https://bugzilla.suse.com/show_bug.cgi?id=1245649 * https://bugzilla.suse.com/show_bug.cgi?id=1245650 * https://bugzilla.suse.com/show_bug.cgi?id=1245654 * https://bugzilla.suse.com/show_bug.cgi?id=1245658 * https://bugzilla.suse.com/show_bug.cgi?id=1245660 * https://bugzilla.suse.com/show_bug.cgi?id=1245665 * https://bugzilla.suse.com/show_bug.cgi?id=1245666 * https://bugzilla.suse.com/show_bug.cgi?id=1245668 * https://bugzilla.suse.com/show_bug.cgi?id=1245669 * https://bugzilla.suse.com/show_bug.cgi?id=1245670 * https://bugzilla.suse.com/show_bug.cgi?id=1245671 * https://bugzilla.suse.com/show_bug.cgi?id=1245675 * https://bugzilla.suse.com/show_bug.cgi?id=1245676 * https://bugzilla.suse.com/show_bug.cgi?id=1245677 * https://bugzilla.suse.com/show_bug.cgi?id=1245679 * https://bugzilla.suse.com/show_bug.cgi?id=1245682 * https://bugzilla.suse.com/show_bug.cgi?id=1245683 * https://bugzilla.suse.com/show_bug.cgi?id=1245684 * https://bugzilla.suse.com/show_bug.cgi?id=1245688 * https://bugzilla.suse.com/show_bug.cgi?id=1245689 * https://bugzilla.suse.com/show_bug.cgi?id=1245690 * https://bugzilla.suse.com/show_bug.cgi?id=1245691 * https://bugzilla.suse.com/show_bug.cgi?id=1245695 * https://bugzilla.suse.com/show_bug.cgi?id=1245705 * https://bugzilla.suse.com/show_bug.cgi?id=1245708 * https://bugzilla.suse.com/show_bug.cgi?id=1245711 * https://bugzilla.suse.com/show_bug.cgi?id=1245713 * https://bugzilla.suse.com/show_bug.cgi?id=1245714 * https://bugzilla.suse.com/show_bug.cgi?id=1245719 * https://bugzilla.suse.com/show_bug.cgi?id=1245723 * https://bugzilla.suse.com/show_bug.cgi?id=1245729 * https://bugzilla.suse.com/show_bug.cgi?id=1245730 * https://bugzilla.suse.com/show_bug.cgi?id=1245731 * https://bugzilla.suse.com/show_bug.cgi?id=1245735 * https://bugzilla.suse.com/show_bug.cgi?id=1245737 * https://bugzilla.suse.com/show_bug.cgi?id=1245744 * https://bugzilla.suse.com/show_bug.cgi?id=1245745 * https://bugzilla.suse.com/show_bug.cgi?id=1245746 * https://bugzilla.suse.com/show_bug.cgi?id=1245747 * https://bugzilla.suse.com/show_bug.cgi?id=1245748 * https://bugzilla.suse.com/show_bug.cgi?id=1245749 * https://bugzilla.suse.com/show_bug.cgi?id=1245750 * https://bugzilla.suse.com/show_bug.cgi?id=1245751 * https://bugzilla.suse.com/show_bug.cgi?id=1245752 * https://bugzilla.suse.com/show_bug.cgi?id=1245757 * https://bugzilla.suse.com/show_bug.cgi?id=1245758 * https://bugzilla.suse.com/show_bug.cgi?id=1245765 * https://bugzilla.suse.com/show_bug.cgi?id=1245768 * https://bugzilla.suse.com/show_bug.cgi?id=1245769 * https://bugzilla.suse.com/show_bug.cgi?id=1245777 * https://bugzilla.suse.com/show_bug.cgi?id=1245781 * https://bugzilla.suse.com/show_bug.cgi?id=1245789 * https://bugzilla.suse.com/show_bug.cgi?id=1245937 * https://bugzilla.suse.com/show_bug.cgi?id=1245945 * https://bugzilla.suse.com/show_bug.cgi?id=1245951 * https://bugzilla.suse.com/show_bug.cgi?id=1245952 * https://bugzilla.suse.com/show_bug.cgi?id=1245954 * https://bugzilla.suse.com/show_bug.cgi?id=1245957 * https://bugzilla.suse.com/show_bug.cgi?id=1245966 * https://bugzilla.suse.com/show_bug.cgi?id=1245970 * https://bugzilla.suse.com/show_bug.cgi?id=1245976 * https://bugzilla.suse.com/show_bug.cgi?id=1245980 * https://bugzilla.suse.com/show_bug.cgi?id=1245983 * https://bugzilla.suse.com/show_bug.cgi?id=1245986 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246002 * https://bugzilla.suse.com/show_bug.cgi?id=1246006 * https://bugzilla.suse.com/show_bug.cgi?id=1246008 * https://bugzilla.suse.com/show_bug.cgi?id=1246020 * https://bugzilla.suse.com/show_bug.cgi?id=1246023 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246031 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246041 * https://bugzilla.suse.com/show_bug.cgi?id=1246042 * https://bugzilla.suse.com/show_bug.cgi?id=1246044 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246047 * https://bugzilla.suse.com/show_bug.cgi?id=1246049 * https://bugzilla.suse.com/show_bug.cgi?id=1246050 * https://bugzilla.suse.com/show_bug.cgi?id=1246055 * https://bugzilla.suse.com/show_bug.cgi?id=1246073 * https://bugzilla.suse.com/show_bug.cgi?id=1246093 * https://bugzilla.suse.com/show_bug.cgi?id=1246098 * https://bugzilla.suse.com/show_bug.cgi?id=1246109 * https://bugzilla.suse.com/show_bug.cgi?id=1246122 * https://bugzilla.suse.com/show_bug.cgi?id=1246125 * https://bugzilla.suse.com/show_bug.cgi?id=1246171 * https://bugzilla.suse.com/show_bug.cgi?id=1246173 * https://bugzilla.suse.com/show_bug.cgi?id=1246178 * https://bugzilla.suse.com/show_bug.cgi?id=1246182 * https://bugzilla.suse.com/show_bug.cgi?id=1246183 * https://bugzilla.suse.com/show_bug.cgi?id=1246186 * https://bugzilla.suse.com/show_bug.cgi?id=1246195 * https://bugzilla.suse.com/show_bug.cgi?id=1246203 * https://bugzilla.suse.com/show_bug.cgi?id=1246212 * https://bugzilla.suse.com/show_bug.cgi?id=1246220 * https://bugzilla.suse.com/show_bug.cgi?id=1246236 * https://bugzilla.suse.com/show_bug.cgi?id=1246240 * https://bugzilla.suse.com/show_bug.cgi?id=1246243 * https://bugzilla.suse.com/show_bug.cgi?id=1246246 * https://bugzilla.suse.com/show_bug.cgi?id=1246249 * https://bugzilla.suse.com/show_bug.cgi?id=1246250 * https://bugzilla.suse.com/show_bug.cgi?id=1246253 * https://bugzilla.suse.com/show_bug.cgi?id=1246258 * https://bugzilla.suse.com/show_bug.cgi?id=1246262 * https://bugzilla.suse.com/show_bug.cgi?id=1246264 * https://bugzilla.suse.com/show_bug.cgi?id=1246266 * https://bugzilla.suse.com/show_bug.cgi?id=1246268 * https://bugzilla.suse.com/show_bug.cgi?id=1246273 * https://bugzilla.suse.com/show_bug.cgi?id=1246283 * https://bugzilla.suse.com/show_bug.cgi?id=1246287 * https://bugzilla.suse.com/show_bug.cgi?id=1246292 * https://bugzilla.suse.com/show_bug.cgi?id=1246293 * https://bugzilla.suse.com/show_bug.cgi?id=1246295 * https://bugzilla.suse.com/show_bug.cgi?id=1246334 * https://bugzilla.suse.com/show_bug.cgi?id=1246337 * https://bugzilla.suse.com/show_bug.cgi?id=1246342 * https://bugzilla.suse.com/show_bug.cgi?id=1246349 * https://bugzilla.suse.com/show_bug.cgi?id=1246354 * https://bugzilla.suse.com/show_bug.cgi?id=1246358 * https://bugzilla.suse.com/show_bug.cgi?id=1246361 * https://bugzilla.suse.com/show_bug.cgi?id=1246364 * https://bugzilla.suse.com/show_bug.cgi?id=1246370 * https://bugzilla.suse.com/show_bug.cgi?id=1246375 * https://bugzilla.suse.com/show_bug.cgi?id=1246384 * https://bugzilla.suse.com/show_bug.cgi?id=1246386 * https://bugzilla.suse.com/show_bug.cgi?id=1246387 * https://bugzilla.suse.com/show_bug.cgi?id=1246438 * https://bugzilla.suse.com/show_bug.cgi?id=1246453 * https://bugzilla.suse.com/show_bug.cgi?id=1246473 * https://bugzilla.suse.com/show_bug.cgi?id=1246490 * https://bugzilla.suse.com/show_bug.cgi?id=1246506 * https://bugzilla.suse.com/show_bug.cgi?id=1246547 * https://bugzilla.suse.com/show_bug.cgi?id=1246777 * https://bugzilla.suse.com/show_bug.cgi?id=1246781 * https://bugzilla.suse.com/show_bug.cgi?id=1246870 * https://bugzilla.suse.com/show_bug.cgi?id=1246879 * https://bugzilla.suse.com/show_bug.cgi?id=1246911 * https://bugzilla.suse.com/show_bug.cgi?id=1247018 * https://bugzilla.suse.com/show_bug.cgi?id=1247023 * https://bugzilla.suse.com/show_bug.cgi?id=1247028 * https://bugzilla.suse.com/show_bug.cgi?id=1247031 * https://bugzilla.suse.com/show_bug.cgi?id=1247033 * https://bugzilla.suse.com/show_bug.cgi?id=1247035 * https://bugzilla.suse.com/show_bug.cgi?id=1247061 * https://bugzilla.suse.com/show_bug.cgi?id=1247089 * https://bugzilla.suse.com/show_bug.cgi?id=1247091 * https://bugzilla.suse.com/show_bug.cgi?id=1247097 * https://bugzilla.suse.com/show_bug.cgi?id=1247098 * https://bugzilla.suse.com/show_bug.cgi?id=1247101 * https://bugzilla.suse.com/show_bug.cgi?id=1247103 * https://bugzilla.suse.com/show_bug.cgi?id=1247104 * https://bugzilla.suse.com/show_bug.cgi?id=1247113 * https://bugzilla.suse.com/show_bug.cgi?id=1247118 * https://bugzilla.suse.com/show_bug.cgi?id=1247123 * https://bugzilla.suse.com/show_bug.cgi?id=1247125 * https://bugzilla.suse.com/show_bug.cgi?id=1247128 * https://bugzilla.suse.com/show_bug.cgi?id=1247132 * https://bugzilla.suse.com/show_bug.cgi?id=1247138 * https://bugzilla.suse.com/show_bug.cgi?id=1247141 * https://bugzilla.suse.com/show_bug.cgi?id=1247143 * https://bugzilla.suse.com/show_bug.cgi?id=1247145 * https://bugzilla.suse.com/show_bug.cgi?id=1247146 * https://bugzilla.suse.com/show_bug.cgi?id=1247147 * https://bugzilla.suse.com/show_bug.cgi?id=1247149 * https://bugzilla.suse.com/show_bug.cgi?id=1247150 * https://bugzilla.suse.com/show_bug.cgi?id=1247151 * https://bugzilla.suse.com/show_bug.cgi?id=1247153 * https://bugzilla.suse.com/show_bug.cgi?id=1247154 * https://bugzilla.suse.com/show_bug.cgi?id=1247156 * https://bugzilla.suse.com/show_bug.cgi?id=1247160 * https://bugzilla.suse.com/show_bug.cgi?id=1247164 * https://bugzilla.suse.com/show_bug.cgi?id=1247169 * https://bugzilla.suse.com/show_bug.cgi?id=1247170 * https://bugzilla.suse.com/show_bug.cgi?id=1247171 * https://bugzilla.suse.com/show_bug.cgi?id=1247172 * https://bugzilla.suse.com/show_bug.cgi?id=1247174 * https://bugzilla.suse.com/show_bug.cgi?id=1247176 * https://bugzilla.suse.com/show_bug.cgi?id=1247177 * https://bugzilla.suse.com/show_bug.cgi?id=1247178 * https://bugzilla.suse.com/show_bug.cgi?id=1247181 * https://bugzilla.suse.com/show_bug.cgi?id=1247209 * https://bugzilla.suse.com/show_bug.cgi?id=1247210 * https://bugzilla.suse.com/show_bug.cgi?id=1247227 * https://bugzilla.suse.com/show_bug.cgi?id=1247233 * https://bugzilla.suse.com/show_bug.cgi?id=1247236 * https://bugzilla.suse.com/show_bug.cgi?id=1247238 * https://bugzilla.suse.com/show_bug.cgi?id=1247241 * https://bugzilla.suse.com/show_bug.cgi?id=1247251 * https://bugzilla.suse.com/show_bug.cgi?id=1247252 * https://bugzilla.suse.com/show_bug.cgi?id=1247253 * https://bugzilla.suse.com/show_bug.cgi?id=1247255 * https://bugzilla.suse.com/show_bug.cgi?id=1247271 * https://bugzilla.suse.com/show_bug.cgi?id=1247273 * https://bugzilla.suse.com/show_bug.cgi?id=1247274 * https://bugzilla.suse.com/show_bug.cgi?id=1247276 * https://bugzilla.suse.com/show_bug.cgi?id=1247277 * https://bugzilla.suse.com/show_bug.cgi?id=1247278 * https://bugzilla.suse.com/show_bug.cgi?id=1247279 * https://bugzilla.suse.com/show_bug.cgi?id=1247284 * https://bugzilla.suse.com/show_bug.cgi?id=1247285 * https://bugzilla.suse.com/show_bug.cgi?id=1247288 * https://bugzilla.suse.com/show_bug.cgi?id=1247289 * https://bugzilla.suse.com/show_bug.cgi?id=1247293 * https://bugzilla.suse.com/show_bug.cgi?id=1247311 * https://bugzilla.suse.com/show_bug.cgi?id=1247314 * https://bugzilla.suse.com/show_bug.cgi?id=1247317 * https://bugzilla.suse.com/show_bug.cgi?id=1247347 * https://bugzilla.suse.com/show_bug.cgi?id=1247348 * https://bugzilla.suse.com/show_bug.cgi?id=1247349 * https://bugzilla.suse.com/show_bug.cgi?id=1247374 * https://bugzilla.suse.com/show_bug.cgi?id=1247437 * https://bugzilla.suse.com/show_bug.cgi?id=1247450 * https://jira.suse.com/browse/PED-13238 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:38:01 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:38:01 -0000 Subject: SUSE-SU-2025:20576-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_3 Message-ID: <175637028104.10939.19641441677420117@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_3 Announcement ID: SUSE-SU-2025:20576-1 Release Date: 2025-08-25T12:04:19Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues: * CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250) * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-74=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_3-debugsource-9-1.2 * kernel-livepatch-6_4_0-20-default-debuginfo-9-1.2 * kernel-livepatch-6_4_0-20-default-9-1.2 ## References: * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:38:06 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:38:06 -0000 Subject: SUSE-SU-2025:20575-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_2 Message-ID: <175637028619.10939.5879926553101520175@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_2 Announcement ID: SUSE-SU-2025:20575-1 Release Date: 2025-08-25T12:04:19Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues: * CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250) * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-73=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-19-default-9-1.1 * kernel-livepatch-6_4_0-19-default-debuginfo-9-1.1 * kernel-livepatch-MICRO-6-0_Update_2-debugsource-9-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:38:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:38:11 -0000 Subject: SUSE-SU-2025:20574-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_9 Message-ID: <175637029136.10939.1772212983492389627@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_9 Announcement ID: SUSE-SU-2025:20574-1 Release Date: 2025-08-25T12:00:55Z Rating: important References: * bsc#1244337 * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_9 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-80=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-31-default-2-1.2 * kernel-livepatch-6_4_0-31-default-debuginfo-2-1.2 * kernel-livepatch-MICRO-6-0_Update_9-debugsource-2-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:38:17 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:38:17 -0000 Subject: SUSE-SU-2025:20573-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_7 Message-ID: <175637029748.10939.14096773989281981662@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_7 Announcement ID: SUSE-SU-2025:20573-1 Release Date: 2025-08-25T12:00:55Z Rating: important References: * bsc#1244337 * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_7 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-78=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-29-default-debuginfo-2-1.2 * kernel-livepatch-6_4_0-29-default-2-1.2 * kernel-livepatch-MICRO-6-0_Update_7-debugsource-2-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:38:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:38:21 -0000 Subject: SUSE-SU-2025:20572-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_5 Message-ID: <175637030176.10939.4925480021516185415@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_5 Announcement ID: SUSE-SU-2025:20572-1 Release Date: 2025-08-25T12:00:55Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-76=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-25-default-5-1.2 * kernel-livepatch-MICRO-6-0_Update_5-debugsource-5-1.2 * kernel-livepatch-6_4_0-25-default-debuginfo-5-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:38:23 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:38:23 -0000 Subject: SUSE-SU-2025:20571-1: moderate: Security update for kernel-livepatch-MICRO-6-0_Update_10 Message-ID: <175637030321.10939.17984009592405289495@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_10 Announcement ID: SUSE-SU-2025:20571-1 Release Date: 2025-08-25T12:00:43Z Rating: moderate References: Affected Products: * SUSE Linux Micro 6.0 An update that can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_10 fixes the following issues: This is the initial livepatch for SL Micro 6.0 and 6.1 kernel update 10. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-66=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-32-default-debuginfo-1-1.1 * kernel-livepatch-MICRO-6-0_Update_10-debugsource-1-1.1 * kernel-livepatch-6_4_0-32-default-1-1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:38:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:38:28 -0000 Subject: SUSE-SU-2025:20570-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_8 Message-ID: <175637030829.10939.8143599657686541422@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_8 Announcement ID: SUSE-SU-2025:20570-1 Release Date: 2025-08-25T12:00:43Z Rating: important References: * bsc#1244337 * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-79=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-30-default-2-1.2 * kernel-livepatch-MICRO-6-0_Update_8-debugsource-2-1.2 * kernel-livepatch-6_4_0-30-default-debuginfo-2-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:38:38 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:38:38 -0000 Subject: SUSE-SU-2025:20569-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_6 Message-ID: <175637031817.10939.16653821997221799043@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_6 Announcement ID: SUSE-SU-2025:20569-1 Release Date: 2025-08-25T12:00:43Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-77=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-28-default-3-3.1 * kernel-livepatch-6_4_0-28-default-debuginfo-3-3.1 * kernel-livepatch-MICRO-6-0_Update_6-debugsource-3-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:38:43 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:38:43 -0000 Subject: SUSE-SU-2025:20568-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_4 Message-ID: <175637032364.10939.17730500208670649053@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_4 Announcement ID: SUSE-SU-2025:20568-1 Release Date: 2025-08-25T12:00:42Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues: * CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250) * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-75=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-24-default-debuginfo-7-1.2 * kernel-livepatch-MICRO-6-0_Update_4-debugsource-7-1.2 * kernel-livepatch-6_4_0-24-default-7-1.2 ## References: * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:38:56 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:38:56 -0000 Subject: SUSE-SU-2025:20565-1: moderate: Security update for docker Message-ID: <175637033625.10939.10287730188929376874@smelt2.prg2.suse.org> # Security update for docker Announcement ID: SUSE-SU-2025:20565-1 Release Date: 2025-08-21T08:20:56Z Rating: moderate References: * bsc#1247367 Cross-References: * CVE-2025-54388 CVSS scores: * CVE-2025-54388 ( SUSE ): 5.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2025-54388 ( SUSE ): 5.2 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2025-54388 ( NVD ): 5.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for docker fixes the following issues: * Update to Docker 28.3.3-ce: * CVE-2025-54388: firewalld reload can make published container ports accessible from remote hosts (bsc#1247367) * Update to docker-buildx v0.26.1. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-430=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * docker-buildx-0.26.1-6.1 * docker-28.3.3_ce-6.1 * docker-buildx-debuginfo-0.26.1-6.1 * docker-debuginfo-28.3.3_ce-6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54388.html * https://bugzilla.suse.com/show_bug.cgi?id=1247367 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:38:52 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:38:52 -0000 Subject: SUSE-SU-2025:20566-1: moderate: Security update for net-tools Message-ID: <175637033239.10939.11335097220080908302@smelt2.prg2.suse.org> # Security update for net-tools Announcement ID: SUSE-SU-2025:20566-1 Release Date: 2025-08-21T08:20:56Z Rating: moderate References: * bsc#1243581 * bsc#1246608 Cross-References: * CVE-2025-46836 CVSS scores: * CVE-2025-46836 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-46836 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-46836 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability and has one fix can now be installed. ## Description: This update for net-tools fixes the following issues: * Provide more readable error for interface name size checking (bsc#1243581) * Perform bound checks when parsing interface labels in /proc/net/dev (bsc#1243581, bsc#1246608. CVE-2025-46836) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-431=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * net-tools-debugsource-2.10-3.1 * net-tools-debuginfo-2.10-3.1 * net-tools-2.10-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-46836.html * https://bugzilla.suse.com/show_bug.cgi?id=1243581 * https://bugzilla.suse.com/show_bug.cgi?id=1246608 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:39:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:39:08 -0000 Subject: SUSE-SU-2025:20564-1: important: Security update for libxml2 Message-ID: <175637034812.10939.2770525619597291343@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2025:20564-1 Release Date: 2025-08-21T08:20:56Z Rating: important References: * bsc#1244554 * bsc#1244555 * bsc#1244557 * bsc#1244580 * bsc#1244700 * bsc#1246296 Cross-References: * CVE-2025-49794 * CVE-2025-49795 * CVE-2025-49796 * CVE-2025-6021 * CVE-2025-6170 * CVE-2025-7425 CVSS scores: * CVE-2025-49794 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-49794 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-49794 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2025-49795 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-49795 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-49795 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-49796 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-49796 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2025-6021 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-6021 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-6021 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-6170 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-6170 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-6170 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-6170 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-7425 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-7425 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2025-7425 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2025-6021: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 [bsc#1244580] * CVE-2025-6170: stack buffer overflow may lead to a crash [bsc#1244700] * CVE-2025-7425: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr [bsc#1246296] * CVE-2025-49794: heap use after free (UAF) can lead to Denial of service (DoS) [bsc#1244554] * CVE-2025-49795: null pointer dereference may lead to Denial of service (DoS) [bsc#1244555] * CVE-2025-49796: type confusion may lead to Denial of service (DoS) [bsc#1244557] ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-429=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libxml2-tools-2.11.6-10.1 * libxml2-2-debuginfo-2.11.6-10.1 * libxml2-2-2.11.6-10.1 * libxml2-debugsource-2.11.6-10.1 * libxml2-tools-debuginfo-2.11.6-10.1 ## References: * https://www.suse.com/security/cve/CVE-2025-49794.html * https://www.suse.com/security/cve/CVE-2025-49795.html * https://www.suse.com/security/cve/CVE-2025-49796.html * https://www.suse.com/security/cve/CVE-2025-6021.html * https://www.suse.com/security/cve/CVE-2025-6170.html * https://www.suse.com/security/cve/CVE-2025-7425.html * https://bugzilla.suse.com/show_bug.cgi?id=1244554 * https://bugzilla.suse.com/show_bug.cgi?id=1244555 * https://bugzilla.suse.com/show_bug.cgi?id=1244557 * https://bugzilla.suse.com/show_bug.cgi?id=1244580 * https://bugzilla.suse.com/show_bug.cgi?id=1244700 * https://bugzilla.suse.com/show_bug.cgi?id=1246296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:39:17 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:39:17 -0000 Subject: SUSE-SU-2025:20562-1: moderate: Security update for dpkg Message-ID: <175637035763.10939.1972227731272450293@smelt2.prg2.suse.org> # Security update for dpkg Announcement ID: SUSE-SU-2025:20562-1 Release Date: 2025-08-20T11:43:20Z Rating: moderate References: * bsc#1245573 Cross-References: * CVE-2025-6297 CVSS scores: * CVE-2025-6297 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-6297 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-6297 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for dpkg fixes the following issues: * CVE-2025-6297: Fixed improper sanitization of directory permissions leading to DoS via disk quota exhaustion due to files left behind on cleanup (bsc#1245573) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-424=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * update-alternatives-1.22.0-2.1 * update-alternatives-debuginfo-1.22.0-2.1 * update-alternatives-debugsource-1.22.0-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6297.html * https://bugzilla.suse.com/show_bug.cgi?id=1245573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:39:22 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:39:22 -0000 Subject: SUSE-SU-2025:20561-1: important: Security update for sqlite3 Message-ID: <175637036215.10939.8728930026015489048@smelt2.prg2.suse.org> # Security update for sqlite3 Announcement ID: SUSE-SU-2025:20561-1 Release Date: 2025-08-20T11:41:17Z Rating: important References: * bsc#1246597 Cross-References: * CVE-2025-6965 CVSS scores: * CVE-2025-6965 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L * CVE-2025-6965 ( NVD ): 7.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green * CVE-2025-6965 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for sqlite3 fixes the following issues: * Update to 3.50.2: * Fix the concat_ws() SQL function so that it includes empty strings in the concatenation. * Avoid writing frames with no checksums into the wal file if a savepoint is rolled back after dirty pages have already been spilled into the wal file. * Fix the Bitvec object to avoid stack overflow when the database is within 60 pages of its maximum size. * Fix a problem with UPDATEs on fts5 tables that contain BLOB values. * Fix an issue with transitive IS constraints on a RIGHT JOIN. * CVE-2025-6965: Fixed Integer Truncation in SQLite (bsc#1246597) * Ensure that sqlite3_setlk_timeout() holds the database mutex. * Update to 3.50 (3.50.1): * Improved handling and robust output of control characters * sqlite3_rsync no longer requires WAL mode and needs less bandwidth * Bug fixes and optimized JSON handling * Performance optimizations and developer visible fixes * Update to release 3.49.2: * Fix a bug in the NOT NULL optimization of version 3.40.0 that can lead to a memory error if abused. * Fix the count-of-view optimization so that it does not give an incorrect answer for a DISTINCT query. * Fix a possible incorrect answer that can result if a UNIQUE constraint of a table contains the PRIMARY KEY column and that UNIQUE constraint is used by an IN operator. * Fix obscure problems with the generate_series() extension function. * Incremental improvements to the configure/make. * Add subpackage for the lemon parser generator. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-428=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libsqlite3-0-debuginfo-3.50.2-1.1 * sqlite3-debugsource-3.50.2-1.1 * libsqlite3-0-3.50.2-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6965.html * https://bugzilla.suse.com/show_bug.cgi?id=1246597 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:39:15 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:39:15 -0000 Subject: SUSE-SU-2025:20563-1: important: Security update for gnutls Message-ID: <175637035525.10939.3576349309380523657@smelt2.prg2.suse.org> # Security update for gnutls Announcement ID: SUSE-SU-2025:20563-1 Release Date: 2025-08-20T11:49:18Z Rating: important References: * bsc#1246232 * bsc#1246233 * bsc#1246267 * bsc#1246299 Cross-References: * CVE-2025-32988 * CVE-2025-32989 * CVE-2025-32990 * CVE-2025-6395 CVSS scores: * CVE-2025-32988 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-32988 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-32988 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-32988 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-32989 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-32989 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2025-32989 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-32990 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-32990 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2025-32990 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-32990 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-6395 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-6395 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-6395 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves four vulnerabilities can now be installed. ## Description: This update for gnutls fixes the following issues: * CVE-2025-32988: Fixed double-free due to incorrect ownership handling (bsc#1246232) * CVE-2025-32989: Fixed heap buffer overread during X.509 certificate parsing (bsc#1246233) * CVE-2025-32990: Fixed 1-byte heap buffer overflow when parsing templates with certtool (bsc#1246267) * CVE-2025-6395: Fixed NULL pointer dereference when 2nd Client Hello omits PSK (bsc#1246299) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-426=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libgnutls30-3.8.3-4.1 * gnutls-debuginfo-3.8.3-4.1 * gnutls-debugsource-3.8.3-4.1 * gnutls-3.8.3-4.1 * libgnutls30-debuginfo-3.8.3-4.1 ## References: * https://www.suse.com/security/cve/CVE-2025-32988.html * https://www.suse.com/security/cve/CVE-2025-32989.html * https://www.suse.com/security/cve/CVE-2025-32990.html * https://www.suse.com/security/cve/CVE-2025-6395.html * https://bugzilla.suse.com/show_bug.cgi?id=1246232 * https://bugzilla.suse.com/show_bug.cgi?id=1246233 * https://bugzilla.suse.com/show_bug.cgi?id=1246267 * https://bugzilla.suse.com/show_bug.cgi?id=1246299 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:39:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:39:28 -0000 Subject: SUSE-SU-2025:20560-1: moderate: Security update for libarchive Message-ID: <175637036812.10939.10859741101226307017@smelt2.prg2.suse.org> # Security update for libarchive Announcement ID: SUSE-SU-2025:20560-1 Release Date: 2025-08-20T11:36:31Z Rating: moderate References: * bsc#1244270 * bsc#1244272 * bsc#1244273 * bsc#1244279 * bsc#1244336 Cross-References: * CVE-2025-5914 * CVE-2025-5915 * CVE-2025-5916 * CVE-2025-5917 * CVE-2025-5918 CVSS scores: * CVE-2025-5914 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-5914 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-5914 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-5914 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-5915 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-5915 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5915 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5915 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H * CVE-2025-5916 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-5916 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5916 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5916 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H * CVE-2025-5917 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-5917 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2025-5917 ( NVD ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2025-5917 ( NVD ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2025-5918 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-5918 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5918 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5918 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for libarchive fixes the following issues: * CVE-2025-5914: Fixed double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272) * CVE-2025-5915: Fixed heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c (bsc#1244273) * CVE-2025-5916: Fixed integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270) * CVE-2025-5917: Fixed off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c (bsc#1244336) * CVE-2025-5918: Fixed past EOF read triggered for piped file streams (bsc#1244279) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-427=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libarchive-debugsource-3.6.2-5.1 * libarchive13-debuginfo-3.6.2-5.1 * libarchive13-3.6.2-5.1 ## References: * https://www.suse.com/security/cve/CVE-2025-5914.html * https://www.suse.com/security/cve/CVE-2025-5915.html * https://www.suse.com/security/cve/CVE-2025-5916.html * https://www.suse.com/security/cve/CVE-2025-5917.html * https://www.suse.com/security/cve/CVE-2025-5918.html * https://bugzilla.suse.com/show_bug.cgi?id=1244270 * https://bugzilla.suse.com/show_bug.cgi?id=1244272 * https://bugzilla.suse.com/show_bug.cgi?id=1244273 * https://bugzilla.suse.com/show_bug.cgi?id=1244279 * https://bugzilla.suse.com/show_bug.cgi?id=1244336 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 08:39:30 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 08:39:30 -0000 Subject: SUSE-SU-2025:20559-1: important: Security update for polkit Message-ID: <175637037099.10939.16514814301636020281@smelt2.prg2.suse.org> # Security update for polkit Announcement ID: SUSE-SU-2025:20559-1 Release Date: 2025-08-20T11:34:30Z Rating: important References: * bsc#1246472 Cross-References: * CVE-2025-7519 CVSS scores: * CVE-2025-7519 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-7519 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-7519 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for polkit fixes the following issues: * CVE-2025-7519: Fixed that a XML policy file with a large number of nested elements may lead to out-of-bounds write (bsc#1246472) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-425=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * polkit-debugsource-121-3.1 * libpolkit-agent-1-0-121-3.1 * libpolkit-gobject-1-0-debuginfo-121-3.1 * polkit-121-3.1 * polkit-debuginfo-121-3.1 * libpolkit-gobject-1-0-121-3.1 * libpolkit-agent-1-0-debuginfo-121-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-7519.html * https://bugzilla.suse.com/show_bug.cgi?id=1246472 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 12:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 12:30:09 -0000 Subject: SUSE-SU-2025:03010-1: important: Security update for gdk-pixbuf Message-ID: <175638420928.11230.6978379192533777859@smelt2.prg2.suse.org> # Security update for gdk-pixbuf Announcement ID: SUSE-SU-2025:03010-1 Release Date: 2025-08-28T10:46:36Z Rating: important References: * bsc#1246114 Cross-References: * CVE-2025-7345 CVSS scores: * CVE-2025-7345 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-7345 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-7345 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for gdk-pixbuf fixes the following issues: * CVE-2025-7345: Fixed heap buffer overflow in gdk_pixbuf__jpeg_image_load_increment function (bsc#1246114) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-3010=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3010=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * gdk-pixbuf-query-loaders-debuginfo-2.34.0-19.23.1 * gdk-pixbuf-devel-2.34.0-19.23.1 * libgdk_pixbuf-2_0-0-2.34.0-19.23.1 * gdk-pixbuf-devel-debuginfo-2.34.0-19.23.1 * typelib-1_0-GdkPixbuf-2_0-2.34.0-19.23.1 * libgdk_pixbuf-2_0-0-debuginfo-2.34.0-19.23.1 * gdk-pixbuf-query-loaders-2.34.0-19.23.1 * gdk-pixbuf-debugsource-2.34.0-19.23.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * gdk-pixbuf-lang-2.34.0-19.23.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libgdk_pixbuf-2_0-0-32bit-2.34.0-19.23.1 * gdk-pixbuf-query-loaders-32bit-2.34.0-19.23.1 * libgdk_pixbuf-2_0-0-debuginfo-32bit-2.34.0-19.23.1 * gdk-pixbuf-query-loaders-debuginfo-32bit-2.34.0-19.23.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * gdk-pixbuf-query-loaders-32bit-2.34.0-19.23.1 * gdk-pixbuf-query-loaders-debuginfo-2.34.0-19.23.1 * gdk-pixbuf-devel-2.34.0-19.23.1 * libgdk_pixbuf-2_0-0-2.34.0-19.23.1 * gdk-pixbuf-query-loaders-debuginfo-32bit-2.34.0-19.23.1 * gdk-pixbuf-devel-debuginfo-2.34.0-19.23.1 * typelib-1_0-GdkPixbuf-2_0-2.34.0-19.23.1 * libgdk_pixbuf-2_0-0-debuginfo-32bit-2.34.0-19.23.1 * libgdk_pixbuf-2_0-0-debuginfo-2.34.0-19.23.1 * gdk-pixbuf-query-loaders-2.34.0-19.23.1 * libgdk_pixbuf-2_0-0-32bit-2.34.0-19.23.1 * gdk-pixbuf-debugsource-2.34.0-19.23.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * gdk-pixbuf-lang-2.34.0-19.23.1 ## References: * https://www.suse.com/security/cve/CVE-2025-7345.html * https://bugzilla.suse.com/show_bug.cgi?id=1246114 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 12:30:18 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 12:30:18 -0000 Subject: SUSE-SU-2025:03009-1: important: Security update for MozillaFirefox Message-ID: <175638421815.11230.14678982159968691475@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2025:03009-1 Release Date: 2025-08-28T09:19:06Z Rating: important References: * bsc#1226112 * bsc#1247774 * bsc#1248162 Cross-References: * CVE-2025-9179 * CVE-2025-9180 * CVE-2025-9181 * CVE-2025-9182 * CVE-2025-9183 * CVE-2025-9184 * CVE-2025-9185 * CVE-2025-9187 CVSS scores: * CVE-2025-9179 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-9179 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-9180 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-9180 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-9181 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2025-9181 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-9182 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-9182 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-9183 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-9183 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2025-9184 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-9184 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-9184 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-9185 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-9185 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-9185 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-9187 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-9187 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-9187 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves eight vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 140.2.0 ESR MFSA 2025-67 (bsc#1248162) * CVE-2025-9179 (bmo#1979527): Sandbox escape due to invalid pointer in the Audio/Video: GMP component * CVE-2025-9180 (bmo#1979782): Same-origin policy bypass in the Graphics: Canvas2D component * CVE-2025-9181 (bmo#1977130): Uninitialized memory in the JavaScript Engine component * CVE-2025-9182 (bmo#1975837): Denial-of-service due to out-of-memory in the Graphics: WebRender component * CVE-2025-9183 (bmo#1976102): Spoofing issue in the Address Bar component * CVE-2025-9184 (bmo#1929482, bmo#1976376, bmo#1979163, bmo#1979955): Memory safety bugs fixed in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142 * CVE-2025-9185 (bmo#1970154, bmo#1976782, bmo#1977166): Memory safety bugs fixed in Firefox ESR 115.27, Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142 * CVE-2025-9187 (bmo#1825621, bmo#1970079, bmo#1976736, bmo#1979072): Memory safety bugs fixed in Firefox 142 and Thunderbird 142 * Other fixes: * Ensure the use of the correct file-picker on KDE (bsc#1226112) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-3009=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3009=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-140.2.0-112.276.1 * MozillaFirefox-140.2.0-112.276.1 * MozillaFirefox-debuginfo-140.2.0-112.276.1 * MozillaFirefox-translations-common-140.2.0-112.276.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * MozillaFirefox-devel-140.2.0-112.276.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * MozillaFirefox-debugsource-140.2.0-112.276.1 * MozillaFirefox-140.2.0-112.276.1 * MozillaFirefox-debuginfo-140.2.0-112.276.1 * MozillaFirefox-translations-common-140.2.0-112.276.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * MozillaFirefox-devel-140.2.0-112.276.1 ## References: * https://www.suse.com/security/cve/CVE-2025-9179.html * https://www.suse.com/security/cve/CVE-2025-9180.html * https://www.suse.com/security/cve/CVE-2025-9181.html * https://www.suse.com/security/cve/CVE-2025-9182.html * https://www.suse.com/security/cve/CVE-2025-9183.html * https://www.suse.com/security/cve/CVE-2025-9184.html * https://www.suse.com/security/cve/CVE-2025-9185.html * https://www.suse.com/security/cve/CVE-2025-9187.html * https://bugzilla.suse.com/show_bug.cgi?id=1226112 * https://bugzilla.suse.com/show_bug.cgi?id=1247774 * https://bugzilla.suse.com/show_bug.cgi?id=1248162 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 12:30:23 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 12:30:23 -0000 Subject: SUSE-SU-2025:03008-1: important: Security update for MozillaFirefox Message-ID: <175638422315.11230.7205712663067314367@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2025:03008-1 Release Date: 2025-08-28T09:18:52Z Rating: important References: * bsc#1226112 * bsc#1247774 * bsc#1248162 Cross-References: * CVE-2025-9179 * CVE-2025-9180 * CVE-2025-9181 * CVE-2025-9182 * CVE-2025-9183 * CVE-2025-9184 * CVE-2025-9185 * CVE-2025-9187 CVSS scores: * CVE-2025-9179 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-9179 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-9180 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-9180 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-9181 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2025-9181 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-9182 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-9182 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-9183 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-9183 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2025-9184 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-9184 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-9184 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-9185 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-9185 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-9185 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-9187 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-9187 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-9187 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP6 * Desktop Applications Module 15-SP7 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves eight vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 140.2.0 ESR MFSA 2025-67 (bsc#1248162) * CVE-2025-9179 (bmo#1979527): Sandbox escape due to invalid pointer in the Audio/Video: GMP component * CVE-2025-9180 (bmo#1979782): Same-origin policy bypass in the Graphics: Canvas2D component * CVE-2025-9181 (bmo#1977130): Uninitialized memory in the JavaScript Engine component * CVE-2025-9182 (bmo#1975837): Denial-of-service due to out-of-memory in the Graphics: WebRender component * CVE-2025-9183 (bmo#1976102): Spoofing issue in the Address Bar component * CVE-2025-9184 (bmo#1929482, bmo#1976376, bmo#1979163, bmo#1979955): Memory safety bugs fixed in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142 * CVE-2025-9185 (bmo#1970154, bmo#1976782, bmo#1977166): Memory safety bugs fixed in Firefox ESR 115.27, Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142 * CVE-2025-9187 (bmo#1825621, bmo#1970079, bmo#1976736, bmo#1979072): Memory safety bugs fixed in Firefox 142 and Thunderbird 142 * Other fixes: * Ensure the use of the correct file-picker on KDE (bsc#1226112) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3008=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3008=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3008=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3008=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3008=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3008=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3008=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3008=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3008=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3008=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-3008=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-3008=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-3008=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-3008=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3008=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debugsource-140.2.0-150200.152.198.1 * MozillaFirefox-translations-common-140.2.0-150200.152.198.1 * MozillaFirefox-140.2.0-150200.152.198.1 * MozillaFirefox-translations-other-140.2.0-150200.152.198.1 * MozillaFirefox-debuginfo-140.2.0-150200.152.198.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * MozillaFirefox-devel-140.2.0-150200.152.198.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debugsource-140.2.0-150200.152.198.1 * MozillaFirefox-translations-common-140.2.0-150200.152.198.1 * MozillaFirefox-140.2.0-150200.152.198.1 * MozillaFirefox-translations-other-140.2.0-150200.152.198.1 * MozillaFirefox-debuginfo-140.2.0-150200.152.198.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * MozillaFirefox-devel-140.2.0-150200.152.198.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * MozillaFirefox-debugsource-140.2.0-150200.152.198.1 * MozillaFirefox-translations-common-140.2.0-150200.152.198.1 * MozillaFirefox-140.2.0-150200.152.198.1 * MozillaFirefox-translations-other-140.2.0-150200.152.198.1 * MozillaFirefox-debuginfo-140.2.0-150200.152.198.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * MozillaFirefox-devel-140.2.0-150200.152.198.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * MozillaFirefox-debugsource-140.2.0-150200.152.198.1 * MozillaFirefox-translations-common-140.2.0-150200.152.198.1 * MozillaFirefox-140.2.0-150200.152.198.1 * MozillaFirefox-translations-other-140.2.0-150200.152.198.1 * MozillaFirefox-debuginfo-140.2.0-150200.152.198.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * MozillaFirefox-devel-140.2.0-150200.152.198.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-140.2.0-150200.152.198.1 * MozillaFirefox-translations-common-140.2.0-150200.152.198.1 * MozillaFirefox-140.2.0-150200.152.198.1 * MozillaFirefox-translations-other-140.2.0-150200.152.198.1 * MozillaFirefox-debuginfo-140.2.0-150200.152.198.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * MozillaFirefox-devel-140.2.0-150200.152.198.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-140.2.0-150200.152.198.1 * MozillaFirefox-translations-common-140.2.0-150200.152.198.1 * MozillaFirefox-140.2.0-150200.152.198.1 * MozillaFirefox-translations-other-140.2.0-150200.152.198.1 * MozillaFirefox-debuginfo-140.2.0-150200.152.198.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * MozillaFirefox-devel-140.2.0-150200.152.198.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-140.2.0-150200.152.198.1 * MozillaFirefox-translations-common-140.2.0-150200.152.198.1 * MozillaFirefox-140.2.0-150200.152.198.1 * MozillaFirefox-translations-other-140.2.0-150200.152.198.1 * MozillaFirefox-debuginfo-140.2.0-150200.152.198.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * MozillaFirefox-devel-140.2.0-150200.152.198.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * MozillaFirefox-debugsource-140.2.0-150200.152.198.1 * MozillaFirefox-translations-common-140.2.0-150200.152.198.1 * MozillaFirefox-140.2.0-150200.152.198.1 * MozillaFirefox-translations-other-140.2.0-150200.152.198.1 * MozillaFirefox-debuginfo-140.2.0-150200.152.198.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * MozillaFirefox-devel-140.2.0-150200.152.198.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * MozillaFirefox-debugsource-140.2.0-150200.152.198.1 * MozillaFirefox-translations-common-140.2.0-150200.152.198.1 * MozillaFirefox-140.2.0-150200.152.198.1 * MozillaFirefox-translations-other-140.2.0-150200.152.198.1 * MozillaFirefox-debuginfo-140.2.0-150200.152.198.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * MozillaFirefox-devel-140.2.0-150200.152.198.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * MozillaFirefox-debugsource-140.2.0-150200.152.198.1 * MozillaFirefox-translations-common-140.2.0-150200.152.198.1 * MozillaFirefox-140.2.0-150200.152.198.1 * MozillaFirefox-translations-other-140.2.0-150200.152.198.1 * MozillaFirefox-debuginfo-140.2.0-150200.152.198.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * MozillaFirefox-devel-140.2.0-150200.152.198.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * MozillaFirefox-debugsource-140.2.0-150200.152.198.1 * MozillaFirefox-translations-common-140.2.0-150200.152.198.1 * MozillaFirefox-140.2.0-150200.152.198.1 * MozillaFirefox-translations-other-140.2.0-150200.152.198.1 * MozillaFirefox-debuginfo-140.2.0-150200.152.198.1 * SUSE Enterprise Storage 7.1 (noarch) * MozillaFirefox-devel-140.2.0-150200.152.198.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-branding-upstream-140.2.0-150200.152.198.1 * MozillaFirefox-debugsource-140.2.0-150200.152.198.1 * MozillaFirefox-translations-common-140.2.0-150200.152.198.1 * MozillaFirefox-140.2.0-150200.152.198.1 * MozillaFirefox-translations-other-140.2.0-150200.152.198.1 * MozillaFirefox-debuginfo-140.2.0-150200.152.198.1 * openSUSE Leap 15.6 (noarch) * MozillaFirefox-devel-140.2.0-150200.152.198.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-140.2.0-150200.152.198.1 * MozillaFirefox-translations-common-140.2.0-150200.152.198.1 * MozillaFirefox-140.2.0-150200.152.198.1 * MozillaFirefox-translations-other-140.2.0-150200.152.198.1 * MozillaFirefox-debuginfo-140.2.0-150200.152.198.1 * Desktop Applications Module 15-SP6 (noarch) * MozillaFirefox-devel-140.2.0-150200.152.198.1 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-140.2.0-150200.152.198.1 * MozillaFirefox-translations-common-140.2.0-150200.152.198.1 * MozillaFirefox-140.2.0-150200.152.198.1 * MozillaFirefox-translations-other-140.2.0-150200.152.198.1 * MozillaFirefox-debuginfo-140.2.0-150200.152.198.1 * Desktop Applications Module 15-SP7 (noarch) * MozillaFirefox-devel-140.2.0-150200.152.198.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * MozillaFirefox-debugsource-140.2.0-150200.152.198.1 * MozillaFirefox-translations-common-140.2.0-150200.152.198.1 * MozillaFirefox-140.2.0-150200.152.198.1 * MozillaFirefox-translations-other-140.2.0-150200.152.198.1 * MozillaFirefox-debuginfo-140.2.0-150200.152.198.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * MozillaFirefox-devel-140.2.0-150200.152.198.1 ## References: * https://www.suse.com/security/cve/CVE-2025-9179.html * https://www.suse.com/security/cve/CVE-2025-9180.html * https://www.suse.com/security/cve/CVE-2025-9181.html * https://www.suse.com/security/cve/CVE-2025-9182.html * https://www.suse.com/security/cve/CVE-2025-9183.html * https://www.suse.com/security/cve/CVE-2025-9184.html * https://www.suse.com/security/cve/CVE-2025-9185.html * https://www.suse.com/security/cve/CVE-2025-9187.html * https://bugzilla.suse.com/show_bug.cgi?id=1226112 * https://bugzilla.suse.com/show_bug.cgi?id=1247774 * https://bugzilla.suse.com/show_bug.cgi?id=1248162 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 12:30:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 12:30:25 -0000 Subject: SUSE-SU-2025:03007-1: important: Security update for MozillaThunderbird Message-ID: <175638422594.11230.18272808809133384947@smelt2.prg2.suse.org> # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2025:03007-1 Release Date: 2025-08-28T08:03:48Z Rating: important References: * bsc#1248162 Cross-References: * CVE-2025-9179 * CVE-2025-9180 * CVE-2025-9181 * CVE-2025-9182 * CVE-2025-9184 * CVE-2025-9185 CVSS scores: * CVE-2025-9179 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-9179 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-9180 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-9180 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-9181 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2025-9181 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-9182 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-9182 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-9184 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-9184 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-9184 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-9185 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-9185 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-9185 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves six vulnerabilities can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues: Updated to Mozilla Thunderbird 140.2 MFSA 2025-72 (bsc#1248162): * CVE-2025-9179: Sandbox escape due to invalid pointer in the Audio/Video: GMP component * CVE-2025-9180: Same-origin policy bypass in the Graphics: Canvas2D component * CVE-2025-9181: Uninitialized memory in the JavaScript Engine component * CVE-2025-9182: Denial-of-service due to out-of-memory in the Graphics: WebRender component * CVE-2025-9184: Memory safety bugs fixed in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142 * CVE-2025-9185: Memory safety bugs fixed in Firefox ESR 115.27, Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142 Other fixes: * Users were unable to use Fastmail calendars due to missing OAuth settings * Account setup error handling was broken for Account hub * Menu bar was hidden after updating from 128esr to 140esr ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-3007=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-3007=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-3007=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-3007=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2025-3007=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaThunderbird-translations-other-140.2.0-150200.8.236.1 * MozillaThunderbird-debuginfo-140.2.0-150200.8.236.1 * MozillaThunderbird-translations-common-140.2.0-150200.8.236.1 * MozillaThunderbird-140.2.0-150200.8.236.1 * MozillaThunderbird-debugsource-140.2.0-150200.8.236.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x) * MozillaThunderbird-translations-other-140.2.0-150200.8.236.1 * MozillaThunderbird-debuginfo-140.2.0-150200.8.236.1 * MozillaThunderbird-translations-common-140.2.0-150200.8.236.1 * MozillaThunderbird-140.2.0-150200.8.236.1 * MozillaThunderbird-debugsource-140.2.0-150200.8.236.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x) * MozillaThunderbird-translations-other-140.2.0-150200.8.236.1 * MozillaThunderbird-debuginfo-140.2.0-150200.8.236.1 * MozillaThunderbird-translations-common-140.2.0-150200.8.236.1 * MozillaThunderbird-140.2.0-150200.8.236.1 * MozillaThunderbird-debugsource-140.2.0-150200.8.236.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * MozillaThunderbird-translations-other-140.2.0-150200.8.236.1 * MozillaThunderbird-debuginfo-140.2.0-150200.8.236.1 * MozillaThunderbird-translations-common-140.2.0-150200.8.236.1 * MozillaThunderbird-140.2.0-150200.8.236.1 * MozillaThunderbird-debugsource-140.2.0-150200.8.236.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * MozillaThunderbird-translations-other-140.2.0-150200.8.236.1 * MozillaThunderbird-debuginfo-140.2.0-150200.8.236.1 * MozillaThunderbird-translations-common-140.2.0-150200.8.236.1 * MozillaThunderbird-140.2.0-150200.8.236.1 * MozillaThunderbird-debugsource-140.2.0-150200.8.236.1 ## References: * https://www.suse.com/security/cve/CVE-2025-9179.html * https://www.suse.com/security/cve/CVE-2025-9180.html * https://www.suse.com/security/cve/CVE-2025-9181.html * https://www.suse.com/security/cve/CVE-2025-9182.html * https://www.suse.com/security/cve/CVE-2025-9184.html * https://www.suse.com/security/cve/CVE-2025-9185.html * https://bugzilla.suse.com/show_bug.cgi?id=1248162 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 12:30:29 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 12:30:29 -0000 Subject: SUSE-SU-2025:03006-1: important: Security update for tomcat10 Message-ID: <175638422965.11230.4829512177429660429@smelt2.prg2.suse.org> # Security update for tomcat10 Announcement ID: SUSE-SU-2025:03006-1 Release Date: 2025-08-28T08:03:22Z Rating: important References: * bsc#1243895 Cross-References: * CVE-2025-48989 CVSS scores: * CVE-2025-48989 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-48989 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-48989 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * Web and Scripting Module 15-SP6 * Web and Scripting Module 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for tomcat10 fixes the following issues: Updated to Tomcat 10.1.44: * CVE-2025-48989: Fixed "MadeYouReset" DoS in HTTP/2 due to client triggered stream reset (bsc#1243895) Other fixes: * Catalina * Fix: Fix bloom filter population for archive indexing when using a packed WAR containing one or more JAR files. (markt) * Coyote * Fix: 69748: Add missing call to set keep-alive timeout when using HTTP/1.1 following an async request, which was present for AJP. (remm/markt) * Fix: 69762: Fix possible overflow during HPACK decoding of integers. Note that the maximum permitted value of an HPACK decoded integer is Integer.MAX_VALUE. (markt) * Fix: Update the HTTP/2 overhead documentation - particularly the code comments - to reflect the deprecation of the PRIORITY frame and clarify that a stream reset always triggers an overhead increase. (markt) * Fix: 69762: Additional overflow fix for HPACK decoding of integers. Pull request #880 by Chenjp. (markt) * Cluster * Update: Add enableStatistics configuration attribute for the DeltaManager, defaulting to true. (remm) * WebSocket * Fix: Align the WebSocket extension handling for WebSocket client connections with WebSocket server connections. The WebSocket client now only includes an extension requested by an endpoint in the opening handshake if the WebSocket client supports that extension. (markt) * Web applications * Fix: Manager and Host Manager. Provide the Manager and Host Manager web applications with a dedicated favicon file rather than using the one from the ROOT web application which might not be present or may represent something entirely different. Pull requests #876 and #878 by Simon Arame. * Other * Update: Update Checkstyle to 10.26.1. (markt) * Add: Improvements to French translations. (remm) * Add: Improvements to Japanese translations by tak7iji. (markt) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-3006=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2025-3006=1 * Web and Scripting Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP7-2025-3006=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3006=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3006=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3006=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3006=1 ## Package List: * openSUSE Leap 15.6 (noarch) * tomcat10-lib-10.1.44-150200.5.51.1 * tomcat10-el-5_0-api-10.1.44-150200.5.51.1 * tomcat10-servlet-6_0-api-10.1.44-150200.5.51.1 * tomcat10-embed-10.1.44-150200.5.51.1 * tomcat10-10.1.44-150200.5.51.1 * tomcat10-jsp-3_1-api-10.1.44-150200.5.51.1 * tomcat10-webapps-10.1.44-150200.5.51.1 * tomcat10-admin-webapps-10.1.44-150200.5.51.1 * tomcat10-jsvc-10.1.44-150200.5.51.1 * tomcat10-doc-10.1.44-150200.5.51.1 * tomcat10-docs-webapp-10.1.44-150200.5.51.1 * Web and Scripting Module 15-SP6 (noarch) * tomcat10-lib-10.1.44-150200.5.51.1 * tomcat10-el-5_0-api-10.1.44-150200.5.51.1 * tomcat10-servlet-6_0-api-10.1.44-150200.5.51.1 * tomcat10-jsp-3_1-api-10.1.44-150200.5.51.1 * tomcat10-10.1.44-150200.5.51.1 * tomcat10-webapps-10.1.44-150200.5.51.1 * tomcat10-admin-webapps-10.1.44-150200.5.51.1 * Web and Scripting Module 15-SP7 (noarch) * tomcat10-lib-10.1.44-150200.5.51.1 * tomcat10-el-5_0-api-10.1.44-150200.5.51.1 * tomcat10-servlet-6_0-api-10.1.44-150200.5.51.1 * tomcat10-jsp-3_1-api-10.1.44-150200.5.51.1 * tomcat10-10.1.44-150200.5.51.1 * tomcat10-webapps-10.1.44-150200.5.51.1 * tomcat10-admin-webapps-10.1.44-150200.5.51.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * tomcat10-lib-10.1.44-150200.5.51.1 * tomcat10-el-5_0-api-10.1.44-150200.5.51.1 * tomcat10-servlet-6_0-api-10.1.44-150200.5.51.1 * tomcat10-jsp-3_1-api-10.1.44-150200.5.51.1 * tomcat10-10.1.44-150200.5.51.1 * tomcat10-webapps-10.1.44-150200.5.51.1 * tomcat10-admin-webapps-10.1.44-150200.5.51.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * tomcat10-lib-10.1.44-150200.5.51.1 * tomcat10-el-5_0-api-10.1.44-150200.5.51.1 * tomcat10-servlet-6_0-api-10.1.44-150200.5.51.1 * tomcat10-jsp-3_1-api-10.1.44-150200.5.51.1 * tomcat10-10.1.44-150200.5.51.1 * tomcat10-webapps-10.1.44-150200.5.51.1 * tomcat10-admin-webapps-10.1.44-150200.5.51.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * tomcat10-lib-10.1.44-150200.5.51.1 * tomcat10-el-5_0-api-10.1.44-150200.5.51.1 * tomcat10-servlet-6_0-api-10.1.44-150200.5.51.1 * tomcat10-jsp-3_1-api-10.1.44-150200.5.51.1 * tomcat10-10.1.44-150200.5.51.1 * tomcat10-webapps-10.1.44-150200.5.51.1 * tomcat10-admin-webapps-10.1.44-150200.5.51.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * tomcat10-lib-10.1.44-150200.5.51.1 * tomcat10-el-5_0-api-10.1.44-150200.5.51.1 * tomcat10-servlet-6_0-api-10.1.44-150200.5.51.1 * tomcat10-jsp-3_1-api-10.1.44-150200.5.51.1 * tomcat10-10.1.44-150200.5.51.1 * tomcat10-webapps-10.1.44-150200.5.51.1 * tomcat10-admin-webapps-10.1.44-150200.5.51.1 ## References: * https://www.suse.com/security/cve/CVE-2025-48989.html * https://bugzilla.suse.com/show_bug.cgi?id=1243895 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Aug 28 16:34:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Aug 2025 16:34:05 -0000 Subject: SUSE-SU-2025:03011-1: important: Security update for the Linux Kernel Message-ID: <175639884507.10939.1960579180683902038@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:03011-1 Release Date: 2025-08-28T12:06:16Z Rating: important References: * bsc#1139073 * bsc#1204142 * bsc#1219338 * bsc#1225707 * bsc#1227082 * bsc#1228664 * bsc#1230216 * bsc#1232089 * bsc#1233300 * bsc#1235515 * bsc#1235613 * bsc#1235837 * bsc#1236333 * bsc#1236897 * bsc#1238896 * bsc#1239061 * bsc#1239470 * bsc#1240323 * bsc#1240696 * bsc#1240885 * bsc#1240966 * bsc#1240998 * bsc#1241166 * bsc#1241200 * bsc#1241345 * bsc#1241537 * bsc#1242086 * bsc#1242414 * bsc#1242837 * bsc#1242960 * bsc#1242965 * bsc#1242993 * bsc#1243042 * bsc#1243068 * bsc#1243100 * bsc#1243479 * bsc#1243669 * bsc#1243678 * bsc#1243806 * bsc#1244309 * bsc#1244337 * bsc#1244457 * bsc#1244735 * bsc#1244749 * bsc#1244750 * bsc#1244792 * bsc#1244801 * bsc#1245084 * bsc#1245151 * bsc#1245201 * bsc#1245202 * bsc#1245216 * bsc#1245260 * bsc#1245431 * bsc#1245440 * bsc#1245457 * bsc#1245498 * bsc#1245499 * bsc#1245504 * bsc#1245506 * bsc#1245508 * bsc#1245510 * bsc#1245540 * bsc#1245598 * bsc#1245599 * bsc#1245621 * bsc#1245646 * bsc#1245647 * bsc#1245649 * bsc#1245650 * bsc#1245654 * bsc#1245658 * bsc#1245660 * bsc#1245664 * bsc#1245665 * bsc#1245666 * bsc#1245668 * bsc#1245669 * bsc#1245670 * bsc#1245671 * bsc#1245675 * bsc#1245676 * bsc#1245677 * bsc#1245679 * bsc#1245682 * bsc#1245683 * bsc#1245684 * bsc#1245686 * bsc#1245688 * bsc#1245689 * bsc#1245690 * bsc#1245691 * bsc#1245695 * bsc#1245705 * bsc#1245708 * bsc#1245711 * bsc#1245713 * bsc#1245714 * bsc#1245719 * bsc#1245723 * bsc#1245729 * bsc#1245730 * bsc#1245731 * bsc#1245735 * bsc#1245737 * bsc#1245744 * bsc#1245745 * bsc#1245746 * bsc#1245747 * bsc#1245748 * bsc#1245749 * bsc#1245750 * bsc#1245751 * bsc#1245752 * bsc#1245757 * bsc#1245758 * bsc#1245765 * bsc#1245768 * bsc#1245769 * bsc#1245777 * bsc#1245781 * bsc#1245789 * bsc#1245812 * bsc#1245937 * bsc#1245945 * bsc#1245951 * bsc#1245952 * bsc#1245954 * bsc#1245955 * bsc#1245957 * bsc#1245966 * bsc#1245970 * bsc#1245976 * bsc#1245980 * bsc#1245983 * bsc#1245986 * bsc#1246000 * bsc#1246002 * bsc#1246006 * bsc#1246008 * bsc#1246020 * bsc#1246023 * bsc#1246029 * bsc#1246031 * bsc#1246037 * bsc#1246041 * bsc#1246042 * bsc#1246044 * bsc#1246045 * bsc#1246047 * bsc#1246049 * bsc#1246050 * bsc#1246055 * bsc#1246073 * bsc#1246093 * bsc#1246098 * bsc#1246109 * bsc#1246113 * bsc#1246122 * bsc#1246125 * bsc#1246134 * bsc#1246171 * bsc#1246173 * bsc#1246178 * bsc#1246179 * bsc#1246182 * bsc#1246183 * bsc#1246186 * bsc#1246188 * bsc#1246203 * bsc#1246212 * bsc#1246217 * bsc#1246220 * bsc#1246236 * bsc#1246240 * bsc#1246243 * bsc#1246244 * bsc#1246246 * bsc#1246249 * bsc#1246250 * bsc#1246253 * bsc#1246258 * bsc#1246262 * bsc#1246264 * bsc#1246266 * bsc#1246268 * bsc#1246273 * bsc#1246283 * bsc#1246285 * bsc#1246286 * bsc#1246287 * bsc#1246290 * bsc#1246292 * bsc#1246293 * bsc#1246295 * bsc#1246297 * bsc#1246333 * bsc#1246334 * bsc#1246337 * bsc#1246342 * bsc#1246349 * bsc#1246354 * bsc#1246358 * bsc#1246361 * bsc#1246364 * bsc#1246370 * bsc#1246375 * bsc#1246384 * bsc#1246385 * bsc#1246386 * bsc#1246387 * bsc#1246438 * bsc#1246443 * bsc#1246449 * bsc#1246453 * bsc#1246473 * bsc#1246490 * bsc#1246506 * bsc#1246547 * bsc#1246644 * bsc#1246695 * bsc#1246777 * bsc#1246781 * bsc#1246870 * bsc#1246879 * bsc#1246911 * bsc#1247018 * bsc#1247021 * bsc#1247023 * bsc#1247028 * bsc#1247031 * bsc#1247033 * bsc#1247035 * bsc#1247061 * bsc#1247062 * bsc#1247064 * bsc#1247079 * bsc#1247089 * bsc#1247091 * bsc#1247097 * bsc#1247098 * bsc#1247101 * bsc#1247103 * bsc#1247104 * bsc#1247113 * bsc#1247118 * bsc#1247123 * bsc#1247125 * bsc#1247128 * bsc#1247132 * bsc#1247138 * bsc#1247141 * bsc#1247143 * bsc#1247145 * bsc#1247146 * bsc#1247147 * bsc#1247149 * bsc#1247150 * bsc#1247151 * bsc#1247152 * bsc#1247153 * bsc#1247154 * bsc#1247156 * bsc#1247160 * bsc#1247164 * bsc#1247169 * bsc#1247170 * bsc#1247171 * bsc#1247172 * bsc#1247174 * bsc#1247176 * bsc#1247177 * bsc#1247178 * bsc#1247181 * bsc#1247209 * bsc#1247210 * bsc#1247227 * bsc#1247233 * bsc#1247234 * bsc#1247236 * bsc#1247238 * bsc#1247241 * bsc#1247251 * bsc#1247252 * bsc#1247253 * bsc#1247255 * bsc#1247265 * bsc#1247271 * bsc#1247273 * bsc#1247274 * bsc#1247276 * bsc#1247277 * bsc#1247278 * bsc#1247279 * bsc#1247282 * bsc#1247284 * bsc#1247285 * bsc#1247288 * bsc#1247289 * bsc#1247293 * bsc#1247308 * bsc#1247311 * bsc#1247314 * bsc#1247317 * bsc#1247347 * bsc#1247348 * bsc#1247349 * bsc#1247374 * bsc#1247437 * bsc#1247450 * bsc#1247712 * bsc#1247831 * jsc#PED-12731 * jsc#PED-12745 * jsc#PED-13248 Cross-References: * CVE-2019-11135 * CVE-2024-36028 * CVE-2024-36348 * CVE-2024-36349 * CVE-2024-36350 * CVE-2024-36357 * CVE-2024-39298 * CVE-2024-42134 * CVE-2024-44963 * CVE-2024-49861 * CVE-2024-49996 * CVE-2024-56742 * CVE-2024-57947 * CVE-2025-21839 * CVE-2025-21854 * CVE-2025-21872 * CVE-2025-22090 * CVE-2025-23163 * CVE-2025-37798 * CVE-2025-37856 * CVE-2025-37864 * CVE-2025-37885 * CVE-2025-37920 * CVE-2025-37984 * CVE-2025-38034 * CVE-2025-38035 * CVE-2025-38047 * CVE-2025-38051 * CVE-2025-38052 * CVE-2025-38058 * CVE-2025-38061 * CVE-2025-38062 * CVE-2025-38063 * CVE-2025-38064 * CVE-2025-38074 * CVE-2025-38084 * CVE-2025-38085 * CVE-2025-38087 * CVE-2025-38088 * CVE-2025-38089 * CVE-2025-38090 * CVE-2025-38091 * CVE-2025-38094 * CVE-2025-38095 * CVE-2025-38097 * CVE-2025-38098 * CVE-2025-38099 * CVE-2025-38100 * CVE-2025-38102 * CVE-2025-38105 * CVE-2025-38106 * CVE-2025-38107 * CVE-2025-38108 * CVE-2025-38109 * CVE-2025-38110 * CVE-2025-38111 * CVE-2025-38112 * CVE-2025-38113 * CVE-2025-38114 * CVE-2025-38115 * CVE-2025-38117 * CVE-2025-38118 * CVE-2025-38120 * CVE-2025-38122 * CVE-2025-38123 * CVE-2025-38124 * CVE-2025-38126 * CVE-2025-38127 * CVE-2025-38129 * CVE-2025-38131 * CVE-2025-38132 * CVE-2025-38135 * CVE-2025-38136 * CVE-2025-38138 * CVE-2025-38142 * CVE-2025-38143 * CVE-2025-38145 * CVE-2025-38147 * CVE-2025-38148 * CVE-2025-38149 * CVE-2025-38151 * CVE-2025-38153 * CVE-2025-38154 * CVE-2025-38155 * CVE-2025-38157 * CVE-2025-38158 * CVE-2025-38159 * CVE-2025-38161 * CVE-2025-38162 * CVE-2025-38165 * CVE-2025-38166 * CVE-2025-38173 * CVE-2025-38174 * CVE-2025-38177 * CVE-2025-38180 * CVE-2025-38181 * CVE-2025-38182 * CVE-2025-38183 * CVE-2025-38186 * CVE-2025-38187 * CVE-2025-38188 * CVE-2025-38189 * CVE-2025-38192 * CVE-2025-38193 * CVE-2025-38194 * CVE-2025-38197 * CVE-2025-38198 * CVE-2025-38200 * CVE-2025-38202 * CVE-2025-38203 * CVE-2025-38204 * CVE-2025-38206 * CVE-2025-38210 * CVE-2025-38211 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38214 * CVE-2025-38215 * CVE-2025-38217 * CVE-2025-38220 * CVE-2025-38222 * CVE-2025-38225 * CVE-2025-38226 * CVE-2025-38227 * CVE-2025-38229 * CVE-2025-38231 * CVE-2025-38236 * CVE-2025-38238 * CVE-2025-38239 * CVE-2025-38244 * CVE-2025-38246 * CVE-2025-38248 * CVE-2025-38249 * CVE-2025-38250 * CVE-2025-38256 * CVE-2025-38257 * CVE-2025-38259 * CVE-2025-38264 * CVE-2025-38265 * CVE-2025-38268 * CVE-2025-38272 * CVE-2025-38273 * CVE-2025-38275 * CVE-2025-38277 * CVE-2025-38279 * CVE-2025-38283 * CVE-2025-38286 * CVE-2025-38287 * CVE-2025-38288 * CVE-2025-38289 * CVE-2025-38290 * CVE-2025-38291 * CVE-2025-38292 * CVE-2025-38293 * CVE-2025-38299 * CVE-2025-38300 * CVE-2025-38303 * CVE-2025-38304 * CVE-2025-38305 * CVE-2025-38307 * CVE-2025-38310 * CVE-2025-38312 * CVE-2025-38313 * CVE-2025-38315 * CVE-2025-38317 * CVE-2025-38319 * CVE-2025-38323 * CVE-2025-38326 * CVE-2025-38328 * CVE-2025-38332 * CVE-2025-38334 * CVE-2025-38335 * CVE-2025-38336 * CVE-2025-38337 * CVE-2025-38338 * CVE-2025-38342 * CVE-2025-38343 * CVE-2025-38344 * CVE-2025-38345 * CVE-2025-38348 * CVE-2025-38349 * CVE-2025-38350 * CVE-2025-38352 * CVE-2025-38353 * CVE-2025-38354 * CVE-2025-38355 * CVE-2025-38356 * CVE-2025-38361 * CVE-2025-38362 * CVE-2025-38363 * CVE-2025-38364 * CVE-2025-38365 * CVE-2025-38369 * CVE-2025-38371 * CVE-2025-38373 * CVE-2025-38375 * CVE-2025-38376 * CVE-2025-38377 * CVE-2025-38380 * CVE-2025-38382 * CVE-2025-38384 * CVE-2025-38385 * CVE-2025-38386 * CVE-2025-38387 * CVE-2025-38389 * CVE-2025-38391 * CVE-2025-38392 * CVE-2025-38393 * CVE-2025-38395 * CVE-2025-38396 * CVE-2025-38399 * CVE-2025-38400 * CVE-2025-38401 * CVE-2025-38403 * CVE-2025-38404 * CVE-2025-38406 * CVE-2025-38409 * CVE-2025-38410 * CVE-2025-38412 * CVE-2025-38414 * CVE-2025-38415 * CVE-2025-38416 * CVE-2025-38417 * CVE-2025-38420 * CVE-2025-38424 * CVE-2025-38425 * CVE-2025-38426 * CVE-2025-38427 * CVE-2025-38428 * CVE-2025-38429 * CVE-2025-38430 * CVE-2025-38436 * CVE-2025-38443 * CVE-2025-38448 * CVE-2025-38449 * CVE-2025-38453 * CVE-2025-38455 * CVE-2025-38457 * CVE-2025-38460 * CVE-2025-38461 * CVE-2025-38462 * CVE-2025-38463 * CVE-2025-38465 * CVE-2025-38467 * CVE-2025-38468 * CVE-2025-38470 * CVE-2025-38471 * CVE-2025-38473 * CVE-2025-38474 * CVE-2025-38475 * CVE-2025-38476 * CVE-2025-38477 * CVE-2025-38478 * CVE-2025-38480 * CVE-2025-38481 * CVE-2025-38482 * CVE-2025-38483 * CVE-2025-38485 * CVE-2025-38487 * CVE-2025-38489 * CVE-2025-38494 * CVE-2025-38495 * CVE-2025-38496 * CVE-2025-38497 * CVE-2025-38498 CVSS scores: * CVE-2019-11135 ( SUSE ): 6.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2019-11135 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36348 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36349 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36350 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36357 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-39298 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42134 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42134 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42134 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44963 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-44963 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49861 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49861 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49861 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-49996 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49996 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56742 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56742 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56742 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57947 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57947 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21872 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22090 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23163 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23163 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37856 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37856 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37864 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37920 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37920 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-37984 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-37984 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38034 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38034 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38035 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38035 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38047 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38047 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38051 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38052 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38058 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38058 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38061 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38062 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38062 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38063 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38063 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38064 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38064 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38074 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38084 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38084 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38085 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38085 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38087 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38088 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38088 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38089 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38089 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38090 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38090 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38091 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38091 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38095 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38097 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38097 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38098 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38098 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38099 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38099 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38100 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38102 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38102 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38105 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38105 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38106 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38106 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38107 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38107 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38108 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38108 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38109 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38109 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38110 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38110 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38111 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38111 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38112 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38112 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38113 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38114 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38114 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38115 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38115 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38117 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38117 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38118 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38120 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-38120 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-38122 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38123 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38124 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38126 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38126 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38127 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38127 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38129 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38129 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38131 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38131 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38132 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38132 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38135 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38136 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38138 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38142 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38142 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38143 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38143 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38145 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38145 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38147 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38148 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38149 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38149 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38151 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38151 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38153 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38153 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38154 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38154 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38155 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38155 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38157 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38157 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38158 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38158 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38159 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38159 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38161 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38162 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38165 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38166 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38166 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38173 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38173 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38174 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38174 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38180 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38180 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38182 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38183 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38183 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38186 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38186 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38187 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38187 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38188 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38189 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38189 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38192 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38192 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38193 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38193 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38194 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38197 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38197 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38198 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38203 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38203 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38204 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38204 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38206 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38206 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38211 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38211 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38214 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38214 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38215 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38217 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38217 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38220 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38220 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38222 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-38222 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2025-38225 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38226 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38226 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38227 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38227 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38229 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38229 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-38231 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38231 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38238 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38238 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38239 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38239 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38244 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38244 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38246 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38248 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38248 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38249 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38249 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38250 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38250 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38256 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38256 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38257 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38259 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38259 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38264 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38265 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38265 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38268 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38268 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38272 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38273 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38273 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38275 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38277 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38277 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38279 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38279 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38283 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38283 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38286 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38286 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38287 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38288 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38289 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38289 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38290 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38290 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38291 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38291 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38292 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38292 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38293 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38293 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38299 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38299 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38300 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38300 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38303 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38303 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38304 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38305 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38307 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38310 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38310 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38312 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38313 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38315 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38315 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38317 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-38317 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2025-38319 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38323 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38323 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38326 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38326 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38328 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38332 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38334 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38334 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38335 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38335 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38336 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38337 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38338 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38338 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38342 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-38344 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38344 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38345 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38345 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38348 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38349 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38349 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38350 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38350 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38352 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38352 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38353 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38353 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38354 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38354 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38355 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38355 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38356 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38356 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38361 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38361 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38362 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38363 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38364 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38364 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38365 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38365 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38369 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38369 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38371 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38371 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38373 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38373 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38375 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38376 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38376 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38377 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38377 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38380 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38380 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38382 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38382 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38384 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38384 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38385 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38385 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38386 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38386 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38387 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38387 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38389 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38389 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38391 ( SUSE ): 5.2 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38391 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38392 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38392 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38393 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38393 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38395 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38395 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38396 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38396 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38399 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38399 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38400 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38400 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38401 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38401 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38403 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38406 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38406 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38409 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38409 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38410 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38410 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38412 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38412 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38414 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38414 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38415 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38415 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38416 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38416 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38417 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38417 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38425 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38425 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38426 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38426 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38427 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38427 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38428 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38428 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38429 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38429 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38430 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38430 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38436 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38436 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38448 ( SUSE ): 4.1 CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38448 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38453 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38453 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38455 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38455 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38457 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38457 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38460 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38460 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38461 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38461 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38462 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38462 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38463 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38463 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38465 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38465 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38467 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38467 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38470 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38471 ( SUSE ): 8.4 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38471 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2025-38473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38474 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38474 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38475 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38475 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38476 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38476 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38477 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38477 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38478 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38478 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38480 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38480 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38481 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38481 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38482 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38482 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38483 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38483 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38485 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38485 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38487 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38487 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38489 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38489 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38496 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38496 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38497 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38497 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38498 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38498 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Public Cloud Module 15-SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves 265 vulnerabilities, contains three features and has 47 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2019-11135: enabled CONFIG_X86_INTEL_TSX_MODE_AUTO (bsc#1139073, bsc#1246695). * CVE-2024-36028: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() (bsc#1225707). * CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357: x86/process: Move the buffer clearing before MONITOR (bsc#1238896). * CVE-2024-39298:mm/memory-failure: fix handling of dissolved but not taken off from buddy pages (bsc#1227082). * CVE-2024-42134: virtio-pci: Check if is_avq is NULL (bsc#1228664 bsc#1247831). * CVE-2024-44963: btrfs: do not BUG_ON() when freeing tree block after error (bsc#1230216). * CVE-2024-49861: net: clear the dst when changing skb protocol (bsc#1245954). * CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089). * CVE-2024-56742: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() (bsc#1235613). * CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061). * CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470). * CVE-2025-21872: efi/mokvar-table: Avoid repeated map/unmap of the same page (bsc#1240323). * CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537). * CVE-2025-23163: net: vlan: do not propagate flags on open (bsc#1242837). * CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068). * CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965). * CVE-2025-37885: KVM: x86: Reset IRTE to host control if _new_ route isn't postable (bsc#1242960). * CVE-2025-37920: kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (bsc#1243479). * CVE-2025-37984: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (bsc#1243669). * CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792). * CVE-2025-38035: nvmet-tcp: do not restore null sk_state_change (bsc#1244801). * CVE-2025-38047: x86/fred: Fix system hang during S4 resume with FRED enabled (bsc#1245084). * CVE-2025-38051: smb: client: Fix use-after-free in cifs_fill_dirent (bsc#1244750). * CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151). * CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() (bsc#1245440). * CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216). * CVE-2025-38063: dm: fix unconditional IO throttle caused by REQ_PREFLUSH (bsc#1245202). * CVE-2025-38064: virtio: break and reset virtio devices on device_shutdown() (bsc#1245201). * CVE-2025-38074: vhost-scsi: protect vq->log_used with vq->mutex (bsc#1244735). * CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macb_halt_tx (bsc#1245649). * CVE-2025-38097: kabi: restore encap_sk in struct xfrm_state (bsc#1245660). * CVE-2025-38098: drm/amd/display: Do not treat wb connector as physical in (bsc#1245654). * CVE-2025-38099: Bluetooth: btusb: Fix regression in the initialization of fake Bluetooth controllers (bsc#1245671). * CVE-2025-38100: x86/iopl: Cure TIF_IO_BITMAP inconsistencies (bsc#1245650). * CVE-2025-38105: ALSA: usb-audio: Kill timer properly at removal (bsc#1245682). * CVE-2025-38106: io_uring/sqpoll: do not put task_struct on tctx setup failure (bsc#1245664). * CVE-2025-38115: net_sched: sch_sfq: fix a potential crash on gso_skb handling (bsc#1245689). * CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695). * CVE-2025-38126: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (bsc#1245708). * CVE-2025-38131: coresight: prevent deactivate active config while enabling the config (bsc#1245677). * CVE-2025-38132: coresight: holding cscfg_csdev_lock while removing cscfg from csdev (bsc#1245679). * CVE-2025-38147: calipso: unlock rcu before returning -EAFNOSUPPORT (bsc#1245768). * CVE-2025-38158: hisi_acc_vfio_pci: fix XQE dma address error (bsc#1245750). * CVE-2025-38162: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (bsc#1245752). * CVE-2025-38166: bpf: fix ktls panic with sockmap (bsc#1245758). * CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970). * CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937). * CVE-2025-38183: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (bsc#1246006). * CVE-2025-38187: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951). * CVE-2025-38188: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (bsc#1246098). * CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045). * CVE-2025-38202: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980). * CVE-2025-38203: jfs: Fix null-ptr-deref in jfs_ioc_trim (bsc#1246044). * CVE-2025-38204: jfs: fix array-index-out-of-bounds read in add_missing_indices (bsc#1245983). * CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073). * CVE-2025-38210: configfs-tsm-report: Fix NULL dereference of tsm_ops (bsc#1246020). * CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029). * CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966). * CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976). * CVE-2025-38236: af_unix: Disable MSG_OOB for unprivileged users (bsc#1246093). * CVE-2025-38239: scsi: megaraid_sas: Fix invalid node index (bsc#1246178). * CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183). * CVE-2025-38248: bridge: mcast: Fix use-after-free during router port configuration (bsc#1246173). * CVE-2025-38250: kABI workaround for bluetooth hci_dev changes (bsc#1246182). * CVE-2025-38256: io_uring/rsrc: fix folio unpinning (bsc#1246188). * CVE-2025-38264: llist: add interface to check if a node is on a list (bsc#1246387). * CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268). * CVE-2025-38279: selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264). * CVE-2025-38283: hisi_acc_vfio_pci: bugfix live migration function without VF device driver (bsc#1246273). * CVE-2025-38303: Bluetooth: eir: Fix possible crashes on eir_create_adv_data (bsc#1246354). * CVE-2025-38310: seg6: Fix validation of nexthop addresses (bsc#1246361). * CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473). * CVE-2025-38334: x86/sgx: Prevent attempts to reclaim poisoned pages (bsc#1246384). * CVE-2025-38335: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (bsc#1246250). * CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253). * CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777). * CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781). * CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911). * CVE-2025-38364: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (bsc#1247091). * CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023). * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177). * CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031). * CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169). * CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156). * CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (bsc#1247097). * CVE-2025-38403: vsock/vmci: Clear the vmci transport packet properly when initializing it (bsc#1247141). * CVE-2025-38414: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (bsc#1247145). * CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252). * CVE-2025-38429: bus: mhi: ep: Update read pointer only after buffer is written (bsc#1247253). * CVE-2025-38453: kABI: io_uring: msg_ring ensure io_kiocb freeing is deferred (bsc#1247234). * CVE-2025-38455: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (bsc#1247101). * CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098). * CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143). * CVE-2025-38461: vsock: Fix transport_* TOCTOU (bsc#1247103). * CVE-2025-38462: vsock: Fix transport_{g2h,h2g} TOCTOU (bsc#1247104). * CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113). * CVE-2025-38465: netlink: make sure we allow at least one dump skb (bsc#1247118). * CVE-2025-38470: kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (bsc#1247288). * CVE-2025-38471: tls: always refresh the queue when reading sock (bsc#1247450). * CVE-2025-38475: smc: Fix various oops due to inet_sock type confusion (bsc#1247308). * CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). * CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374). The following non-security bugs were fixed: * ACPI: LPSS: Remove AudioDSP related ID (git-fixes). * ACPI: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122). * ACPI: processor: perflib: Fix initial _PPC limit application (git-fixes). * ACPICA: Refuse to evaluate a method if arguments are missing (stable-fixes). * ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes). * ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable- fixes). * ALSA: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable- fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes). * ALSA: hda/realtek: Fix mute LED mask on HP OMEN 16 laptop (git-fixes). * ALSA: hda/tegra: Add Tegra264 support (stable-fixes). * ALSA: hda: Add missing NVIDIA HDA codec IDs (stable-fixes). * ALSA: hda: Add new pci id for AMD GPU display HD audio controller (stable- fixes). * ALSA: hda: Ignore unsol events for cards being shut down (stable-fixes). * ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git- fixes). * ALSA: sb: Do not allow changing the DMA mode during operations (stable- fixes). * ALSA: sb: Force to disable DMAs once when DMA mode is changed (stable- fixes). * ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes). * ASoC: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes). * ASoC: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes). * ASoC: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable- fixes). * ASoC: amd: yc: update quirk data for HP Victus (stable-fixes). * ASoC: codec: wcd9335: Convert to GPIO descriptors (stable-fixes). * ASoC: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes). * ASoC: codecs: wcd9335: Handle nicer probe deferral and simplify with dev_err_probe() (stable-fixes). * ASoC: cs35l56: probe() should fail if the device ID is not recognized (git- fixes). * ASoC: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git- fixes). * ASoC: fsl_sai: Force a software reset when starting in consumer mode (git- fixes). * ASoC: fsl_xcvr: get channel status data when PHY is not exists (git-fixes). * ASoC: mediatek: use reserved memory or enable buffer pre-allocation (git- fixes). * ASoC: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes). * ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git- fixes). * Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes). * Bluetooth: HCI: Set extended advertising data synchronously (git-fixes). * Bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes). * Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes). * Bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT (git-fixes). * Bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes). * Bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes). * Bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes). * Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes). * Bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes). * Bluetooth: btintel: Check if controller is ISO capable on btintel_classify_pkt_type (git-fixes). * Bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes). * Bluetooth: hci_conn: Fix sending BT_HCI_CMD_LE_CREATE_CONN_CANCEL (git- fixes). * Bluetooth: hci_core: add missing braces when using macro parameters (git- fixes). * Bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git- fixes). * Bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes). * Bluetooth: hci_sync: Attempt to dequeue connection attempt (git-fixes). * Bluetooth: hci_sync: Fix UAF on create_le_conn_complete (git-fixes). * Bluetooth: hci_sync: Fix handling of HCI_OP_CREATE_CONN_CANCEL (git-fixes). * Bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes). * Bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes). * Bluetooth: hci_sync: revert some mesh modifications (git-fixes). * Docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes). * Documentatiion/ABI: add ABI documentation for sys-bus-dax (bsc#1235515,jsc#PED-12731). * Documentation: ACPI: Fix parent device references (git-fixes). * Documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes). * Enable SMC_LO (a.k.a SMC-D) (jsc#PED-13248). * Fix dma_unmap_sg() nents value (git-fixes) * HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes). * HID: core: do not bypass hid_hw_raw_request (stable-fixes). * HID: core: ensure __hid_request reserves the report ID as the first byte (git-fixes). * HID: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes). * HID: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable- fixes). * HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable- fixes). * IB/mlx5: Fix potential deadlock in MR deregistration (git-fixes) * Input: iqs7222 - explicitly define number of external channels (git-fixes). * Input: xpad - adjust error handling for disconnect (git-fixes). * Input: xpad - set correct controller type for Acer NGR200 (git-fixes). * Input: xpad - support Acer NGR 200 Controller (stable-fixes). * KVM: SVM: Fix SNP AP destroy race with VMRUN (git-fixes). * Logitech C-270 even more broken (stable-fixes). * Move upstreamed SCSI and ACPI patches into sorted section * NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes). * NFS: Fix the setting of capabilities when automounting a new filesystem (git-fixes). * NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git- fixes). * NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes). * NFSD: detect mismatch of file handle and delegation stateid in OPEN op (git- fixes). * NFSv4.2: another fix for listxattr (git-fixes). * NFSv4.2: fix listxattr to return selinux security label (git-fixes). * NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes). * NFSv4: Always set NLINK even if the server does not support it (git-fixes). * NFSv4: xattr handlers should check for absent nfs filehandles (git-fixes). * PCI/MSI: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457). * PCI: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes). * PCI: endpoint: Fix configfs group list head handling (git-fixes). * PCI: endpoint: Fix configfs group removal on driver teardown (git-fixes). * PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes). * PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes). * PCI: hv: Allow dynamic MSI-X vector allocation (bsc#1245457). * PCI: rockchip-host: Fix "Unexpected Completion" log message (git-fixes). * PM / devfreq: Check governor before using governor->name (git-fixes). * RDMA/core: Rate limit GID cache warning messages (git-fixes) * RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes) * RDMA/hns: Drop GFP_NOWARN (git-fixes) * RDMA/hns: Fix -Wframe-larger-than issue (git-fixes) * RDMA/hns: Fix HW configurations not cleared in error flow (git-fixes) * RDMA/hns: Fix accessing uninitialized resources (git-fixes) * RDMA/hns: Fix double destruction of rsv_qp (git-fixes) * RDMA/hns: Get message length of ack_req from FW (git-fixes) * RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes) * RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes) * RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes) * RDMA/mlx5: Fix CC counters query for MPV (git-fixes) * RDMA/mlx5: Fix HW counters query for non-representor devices (git-fixes) * RDMA/mlx5: Fix UMR modifying of mkey page size (git-fixes) * RDMA/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes) * RDMA/mlx5: Fix vport loopback for MPV device (git-fixes) * RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert (git-fixes) * RDMA/mlx5: reduce stack usage in mlx5_ib_ufile_hw_cleanup (git-fixes) * RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes) * RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes) * RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes) * RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes) * RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git- fixes) * RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes) * Re-enable qmi_wwan for arm64 (bsc#1246113) * Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes). * Revert "ACPI: battery: negate current when discharging" (stable-fixes). * Revert "cgroup_freezer: cgroup_freezing: Check if not frozen" (bsc#1219338). * Revert "drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1" (stable-fixes). * Revert "drm/nouveau: check ioctl command codes better" (git-fixes). * Revert "drm/xe/xe2: Enable Indirect Ring State support for Xe2" (git-fixes). * Revert "mmc: sdhci: Disable SD card clock before changing parameters" (git- fixes). * Revert "usb: xhci: Implement xhci_handshake_check_state() helper" (git- fixes). * Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" (stable-fixes). * SMB3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion (git-fixes). * USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes). * USB: serial: option: add Foxconn T99W640 (stable-fixes). * USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable- fixes). * Update config files. config/x86_64/default config/arm64/default CONFIG_INTEGRITY_MACHINE_KEYRING=y +CONFIG_INTEGRITY_CA_MACHINE_KEYRING=y +CONFIG_INTEGRITY_CA_MACHINE_KEYRING_MAX=y +CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y (bsc#1243678) * [SMB3] send channel sequence number in SMB3 requests after reconnects (git- fixes). * accel/ivpu: Remove copy engine support (stable-fixes). * af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes). * af_unix: Add a prompt to CONFIG_AF_UNIX_OOB (bsc#1246093). * amd/amdkfd: fix a kfd_process ref leak (stable-fixes). * aoe: clean device rq_list in aoedev_downdev() (git-fixes). * apple-mfi-fastcharge: protect first device name (git-fixes). * ata: pata_cs5536: fix build on 32-bit UML (stable-fixes). * audit,module: restore audit logging in load failure case (git-fixes). * bnxt_en: Fix double invocation of bnxt_ulp_stop()/bnxt_ulp_start() (git- fixes). * bonding: Correctly support GSO ESP offload (git-fixes). * bpf, sockmap: Fix sk_msg_reset_curr (git-fixes). * bpf/lpm_trie: Inline longest_prefix_match for fastpath (git-fixes). * bpf/selftests: Check errno when percpu map value size exceeds (git-fixes). * bpf: Add a possibly-zero-sized read test (git-fixes). * bpf: Avoid **hidden** attribute in static object (git-fixes). * bpf: Check percpu map value size first (git-fixes). * bpf: Disable some `attribute ignored' warnings in GCC (git-fixes). * bpf: Fix memory leak in bpf_core_apply (git-fixes). * bpf: Fix potential integer overflow in resolve_btfids (git-fixes). * bpf: Harden __bpf_kfunc tag against linker kfunc removal (git-fixes). * bpf: Make the pointer returned by iter next method valid (git-fixes). * bpf: Simplify checking size of helper accesses (git-fixes). * bpf: fix order of args in call to bpf_map_kvcalloc (git-fixes). * bpf: sockmap, updating the sg structure should also update curr (git-fixes). * bpftool: Fix missing pids during link show (git-fixes). * bpftool: Fix undefined behavior caused by shifting into the sign bit (git- fixes). * bpftool: Mount bpffs on provided dir instead of parent dir (git-fixes). * bpftool: Remove unnecessary source files from bootstrap version (git-fixes). * bpftool: Un-const bpf_func_info to fix it for llvm 17 and newer (git-fixes). * btrfs: do not ignore inode missing when replaying log tree (git-fixes). * btrfs: do not silently ignore unexpected extent type when replaying log (git-fixes). * btrfs: do not skip remaining extrefs if dir not found during log replay (git-fixes). * btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068) * btrfs: fix assertion when building free space tree (git-fixes). * btrfs: fix inode lookup error handling during log replay (git-fixes). * btrfs: fix invalid inode pointer dereferences during log replay (git-fixes). * btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes). * btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes). * btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes). * btrfs: fix ssd_spread overallocation (git-fixes). * btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068) * btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes). * btrfs: rename err to ret in btrfs_rmdir() (git-fixes). * btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes). * btrfs: return a btrfs_inode from read_one_inode() (git-fixes). * btrfs: tests: fix chunk map leak after failure to add it to the tree (git- fixes). * btrfs: update superblock's device bytes_used when dropping chunk (git- fixes). * btrfs: use NOFS context when getting inodes during logging and log replay (git-fixes). * btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes). * bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes). * bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes). * can: dev: can_restart(): move debug message and stats after successful restart (stable-fixes). * can: dev: can_restart(): reverse logic to remove need for goto (stable- fixes). * can: kvaser_pciefd: Store device channel index (git-fixes). * can: kvaser_usb: Assign netdev.dev_port based on device channel index (git- fixes). * can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes). * can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes). * can: peak_usb: fix USB FD devices potential malfunction (git-fixes). * cdc-acm: fix race between initial clearing halt and open (git-fixes). * cgroup,freezer: fix incomplete freezing when attaching tasks (bsc#1245789). * cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166). * cifs: reconnect helper should set reconnect for the right channel (git- fixes). * clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes). * clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes). * clk: sunxi-ng: v3s: Fix de clock definition (git-fixes). * clk: xilinx: vcu: unregister pll_post only if registered correctly (git- fixes). * clocksource: Scale the watchdog read retries automatically (bsc#1241345 bsc#1244457). * clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin (bsc#1241345 bsc#1244457). * comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes). * comedi: Fix initialization of data for instructions that write to subdevice (git-fixes). * comedi: Fix some signed shift left operations (git-fixes). * comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes). * comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes). * comedi: das16m1: Fix bit shift out of bounds (git-fixes). * comedi: das6402: Fix bit shift out of bounds (git-fixes). * comedi: pcl812: Fix bit shift out of bounds (git-fixes). * compiler_types.h: Define **retain for __attribute** (( **retain** )) (git- fixes). * crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes). * crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes). * crypto: ccp - Fix locking on alloc failure handling (git-fixes). * crypto: hkdf - skip TVs with unapproved salt lengths in FIPS mode (bsc#1241200 bsc#1246134). * crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes). * crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes). * crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes). * crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes). * crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes). * crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes). * crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes). * crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes). * crypto: qat - fix state restore for banks with exceptions (git-fixes). * crypto: qat - flush misc workqueue during device shutdown (git-fixes). * crypto: qat - use unmanaged allocation for dc_data (git-fixes). * crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes). * dax: add a sysfs knob to control memmap_on_memory behavior (bsc#1235515,jsc#PED-12731). * devlink: Add support for u64 parameters (jsc#PED-12745). * devlink: avoid param type value translations (jsc#PED-12745). * devlink: define enum for attr types of dynamic attributes (jsc#PED-12745). * devlink: introduce devlink_nl_put_u64() (jsc#PED-12745). * disable ZL3073X * dm-bufio: fix sched in atomic context (git-fixes). * dm-flakey: error all IOs when num_features is absent (git-fixes). * dm-flakey: make corrupting read bios work (git-fixes). * dm-mirror: fix a tiny race condition (git-fixes). * dm-raid: fix variable in journal device check (git-fixes). * dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes). * dm: do not change md if dm_table_set_restrictions() fails (git-fixes). * dm: free table mempools if not used in __bind (git-fixes). * dm: restrict dm device size to 2^63-512 bytes (git-fixes). * dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes). * dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes). * dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes). * dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git- fixes). * dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes). * dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes). * dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes). * dmaengine: xilinx_dma: Set dma_device directions (stable-fixes). * dpll: Add basic Microchip ZL3073x support (jsc#PED-12745). * dpll: zl3073x: Add support to get/set frequency on pins (jsc#PED-12745). * dpll: zl3073x: Add support to get/set priority on input pins (jsc#PED-12745). * dpll: zl3073x: Fetch invariants during probe (jsc#PED-12745). * dpll: zl3073x: Implement input pin selection in manual mode (jsc#PED-12745). * dpll: zl3073x: Implement input pin state setting in automatic mode (jsc#PED-12745). * dpll: zl3073x: Read DPLL types and pin properties from system firmware (jsc#PED-12745). * dpll: zl3073x: Register DPLL devices and pins (jsc#PED-12745). * drm/amd/display: Check dce_hwseq before dereferencing it (stable-fixes). * drm/amd/display: Correct non-OLED pre_T11_delay (stable-fixes). * drm/amd/display: Disable CRTC degamma LUT for DCN401 (stable-fixes). * drm/amd/display: Do not overwrite dce60_clk_mgr (git-fixes). * drm/amd/display: Fix RMCM programming seq errors (stable-fixes). * drm/amd/display: Fix mpv playback corruption on weston (stable-fixes). * drm/amd/display: Free memory allocation (stable-fixes). * drm/amd/display: fix initial backlight brightness calculation (git-fixes). * drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git- fixes). * drm/amdgpu/discovery: use specific ip_discovery.bin for legacy asics (stable-fixes). * drm/amdgpu/gfx10: fix kiq locking in KCQ reset (git-fixes). * drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes). * drm/amdgpu/gfx9.4.3: fix kiq locking in KCQ reset (git-fixes). * drm/amdgpu/gfx9: fix kiq locking in KCQ reset (git-fixes). * drm/amdgpu/ip_discovery: add missing ip_discovery fw (stable-fixes). * drm/amdgpu: Add kicker device detection (stable-fixes). * drm/amdgpu: Fix SDMA UTC_L1 handling during start/stop sequences (stable- fixes). * drm/amdgpu: Increase reset counter only on success (stable-fixes). * drm/amdgpu: Initialize data to NULL in imu_v12_0_program_rlc_ram() (git- fixes). * drm/amdgpu: Remove nbiov7.9 replay count reporting (git-fixes). * drm/amdgpu: Reset the clear flag in buddy during resume (git-fixes). * drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes). * drm/amdgpu: seq64 memory unmap uses uninterruptible lock (stable-fixes). * drm/amdkfd: Do not call mmput from MMU notifier callback (git-fixes). * drm/amdkfd: Fix instruction hazard in gfx12 trap handler (stable-fixes). * drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes). * drm/amdkfd: remove gfx 12 trap handler page size cap (stable-fixes). * drm/bridge: aux-hpd-bridge: fix assignment of the of_node (git-fixes). * drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes). * drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git- fixes). * drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes). * drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes). * drm/connector: hdmi: Evaluate limited range after computing format (git- fixes). * drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes). * drm/exynos: fimd: Guard display clock control with runtime PM calls (git- fixes). * drm/framebuffer: Acquire internal references on GEM handles (git-fixes). * drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes). * drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes). * drm/i915/display: Fix dma_fence_wait_timeout() return value handling (git- fixes). * drm/i915/dsi: Fix off by one in BXT_MIPI_TRANS_VTOTAL (stable-fixes). * drm/i915/gsc: mei interrupt top half should be in irq disabled context (git- fixes). * drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes). * drm/i915/selftests: Change mock_request() to return error pointers (git- fixes). * drm/imagination: Fix kernel crash when hard resetting the GPU (git-fixes). * drm/mediatek: Add wait_event_timeout when disabling plane (git-fixes). * drm/mediatek: only announce AFBC if really supported (git-fixes). * drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes). * drm/msm: Fix a fence leak in submit error path (stable-fixes). * drm/msm: Fix another leak in the submit error path (stable-fixes). * drm/nouveau: check ioctl command codes better (git-fixes). * drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes). * drm/panthor: Add missing explicit padding in drm_panthor_gpu_info (git- fixes). * drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes). * drm/sched: Increment job count before swapping tail spsc queue (git-fixes). * drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes). * drm/scheduler: signal scheduled fence when kill job (stable-fixes). * drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes). * drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes). * drm/v3d: Disable interrupts before resetting the GPU (git-fixes). * drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes). * drm/xe/bmg: fix compressed VRAM handling (git-fixes). * drm/xe/guc: Dead CT helper (stable-fixes). * drm/xe/guc: Explicitly exit CT safe mode on unwind (git-fixes). * drm/xe/guc_submit: add back fix (git-fixes). * drm/xe/mocs: Initialize MOCS index early (stable-fixes). * drm/xe/pf: Clear all LMTT pages on alloc (git-fixes). * drm/xe/pf: Move VFs reprovisioning to worker (stable-fixes). * drm/xe/pf: Prepare to stop SR-IOV support prior GT reset (git-fixes). * drm/xe/pf: Sanitize VF scratch registers on FLR (stable-fixes). * drm/xe/pm: Correct comment of xe_pm_set_vram_threshold() (git-fixes). * drm/xe/uapi: Correct sync type definition in comments (git-fixes). * drm/xe/vf: Disable CSC support on VF (git-fixes). * drm/xe: Allocate PF queue size on pow2 boundary (git-fixes). * drm/xe: Allow bo mapping on multiple ggtts (stable-fixes). * drm/xe: Fix DSB buffer coherency (stable-fixes). * drm/xe: Fix build without debugfs (git-fixes). * drm/xe: Fix early wedge on GuC load failure (git-fixes). * drm/xe: Fix taking invalid lock on wedge (stable-fixes). * drm/xe: Move DSB l2 flush to a more sensible place (git-fixes). * drm/xe: Replace double space with single space after comma (stable-fixes). * drm/xe: add interface to request physical alignment for buffer objects (stable-fixes). * drm/xe: move DPT l2 flush to a more sensible place (git-fixes). * dt-bindings: dpll: Add DPLL device and pin (jsc#PED-12745). * dt-bindings: dpll: Add support for Microchip Azurite chip family (jsc#PED-12745). * e1000: Move cancel_work_sync to avoid deadlock (git-fixes). * exfat: fdatasync flag should be same like generic_write_sync() (git-fixes). * fbcon: Fix outdated registered_fb reference in comment (git-fixes). * fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes). * firewire: ohci: correct code comments about bus_reset tasklet (git-fixes). * fs/jfs: consolidate sanity checking in dbMount (git-fixes). * fs/orangefs: Allow 2 more characters in do_c_string() (git-fixes). * gpio: mlxbf2: use platform_get_irq_optional() (git-fixes). * gpio: pca953x: log an error when failing to get the reset GPIO (git-fixes). * gpio: sim: include a missing header (git-fixes). * gpio: vf610: add locking to gpio direction functions (git-fixes). * gpio: virtio: Fix config space reading (git-fixes). * gpiolib: Fix debug messaging in gpiod_find_and_request() (git-fixes). * gpiolib: Handle no pin_ranges in gpiochip_generic_config() (git-fixes). * gpiolib: acpi: Do not use GPIO chip fwnode in acpi_gpiochip_find() (bsc#1233300). * gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match (bsc#1233300). * gpiolib: cdev: Ignore reconfiguration without direction (git-fixes). * gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes). * hfs: make splice write available again (git-fixes). * hfsplus: make splice write available again (git-fixes). * hfsplus: remove mutex_lock check in hfsplus_free_extents (git-fixes). * hv_netvsc: Use VF's tso_max_size value when data path is VF (bsc#1246203). * hwmon: (corsair-cpro) Validate the size of the received input buffer (git- fixes). * hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes). * hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes). * hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes). * i2c/designware: Fix an initialization issue (git-fixes). * i2c: qup: jump out of the loop in case of timeout (git-fixes). * i2c: stm32: fix the device used for the DMA map (git-fixes). * i2c: tegra: Fix reset error handling with ACPI (git-fixes). * i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes). * i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes). * ice, irdma: fix an off by one in error handling code (bsc#1247712). * ice, irdma: move interrupts code to irdma (bsc#1247712). * ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712). * ice: count combined queues using Rx/Tx count (bsc#1247712). * ice: devlink PF MSI-X max and min parameter (bsc#1247712). * ice: enable_rdma devlink param (bsc#1247712). * ice: fix eswitch code memory leak in reset scenario (git-fixes). * ice: get rid of num_lan_msix field (bsc#1247712). * ice: init flow director before RDMA (bsc#1247712). * ice: remove splitting MSI-X between features (bsc#1247712). * ice: simplify VF MSI-X managing (bsc#1247712). * ice: treat dyn_allowed only as suggestion (bsc#1247712). * iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git- fixes). * iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes). * iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable- fixes). * iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes). * iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes). * iio: adc: max1363: Reorder mode_list[] entries (stable-fixes). * iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes). * iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes). * iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes). * io_uring/timeout: fix multishot updates (bsc#1247021). * io_uring: fix potential page leak in io_sqe_buffer_register() (git-fixes). * iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes). * iommu/amd: Set the pgsize_bitmap correctly (git-fixes). * iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes). * iommu/tegra241-cmdqv: Read SMMU IDR1.CMDQS instead of hardcoding (git- fixes). * iommu/vt-d: Fix possible circular locking dependency (git-fixes). * iommu/vt-d: Fix system hang on reboot -f (git-fixes). * ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes). * ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (git-fixes). * ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes). * ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes). * irdma: free iwdev->rf after removing MSI-X (bsc#1247712). * iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes). * jfs: fix metapage reference count leak in dbAllocCtl (git-fixes). * kABI fix after KVM: SVM: Fix SNP AP destroy race with VMRUN (git-fixes). * kABI fixes for struct memory_block changes (bsc#1235515,jsc#PED-12731). * kABI workaround for fw_attributes_class_get() (stable-fixes). * kABI workaround for struct drm_framebuffer changes (git-fixes). * kABI: Fix the module::name type in audit_context (git-fixes). * kabi/severities: ignore two unused/dropped symbols from MEI * kabi: Hide adding of u64 to devlink_param_type (jsc#PED-12745). * kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes). * kernel-obs-qa: Do not depend on srchash when qemu emulation is used In this case the dependency is never fulfilled * kernel-syms.spec: Drop old rpm release number hack (bsc#1247172). * leds: multicolor: Fix intensity setting while SW blinking (stable-fixes). * lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1236897). * lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897). * maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes). * md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes). * media: gspca: Add bounds checking to firmware parser (git-fixes). * media: hi556: correct the test pattern configuration (git-fixes). * media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes). * media: ipu6: isys: Use correct pads for xlate_streams() (git-fixes). * media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls (git-fixes). * media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes). * media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git- fixes). * media: usbtv: Lock resolution while streaming (git-fixes). * media: uvcvideo: Do not mark valid metadata as invalid (git-fixes). * media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git- fixes). * media: v4l2-ctrls: Do not reset handler's error in v4l2_ctrl_handler_free() (git-fixes). * media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes). * media: venus: Add a check for packet size after reading from shared memory (git-fixes). * media: venus: hfi: explicitly release IRQ during teardown (git-fixes). * media: venus: protect against spurious interrupts during probe (git-fixes). * media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git- fixes). * media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git- fixes). * media: verisilicon: Fix AV1 decoder clock frequency (git-fixes). * media: vivid: fix wrong pixel_array control size (git-fixes). * mei: vsc: Destroy mutex after freeing the IRQ (git-fixes). * mei: vsc: Do not re-init VSC from mei_vsc_hw_reset() on stop (git-fixes). * mei: vsc: Drop unused vsc_tp_request_irq() and vsc_tp_free_irq() (stable- fixes). * mei: vsc: Event notifier fixes (git-fixes). * mei: vsc: Fix "BUG: Invalid wait context" lockdep error (git-fixes). * mei: vsc: Run event callback from a workqueue (git-fixes). * mei: vsc: Unset the event callback on remove and probe errors (git-fixes). * memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git- fixes). * mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes). * misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes). * mm/memory_hotplug: allow architecture to override memmap on memory support check (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: allow memmap on memory hotplug request to fallback (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: embed vmem_altmap details in memory block (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: export mhp_supports_memmap_on_memory() (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: fix memmap_on_memory sysfs value retrieval (git-fixes). * mm/memory_hotplug: replace an open-coded kmemdup() in (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: simplify ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE kconfig (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: split memmap_on_memory requests across memblocks (bsc#1235515,jsc#PED-12731). * mm/memory_hotplug: support memmap_on_memory when memmap is not aligned to pageblocks (bsc#1235515,jsc#PED-12731). * mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes). * mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes). * mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes). * mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes). * mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes). * module: Fix memory deallocation on error path in move_module() (git-fixes). * module: Remove unnecessary +1 from last_unloaded_module::name size (git- fixes). * module: Restore the moduleparam prefix length check (git-fixes). * mtd: fix possible integer overflow in erase_xfer() (git-fixes). * mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes). * mtd: rawnand: atmel: set pmecc data setup time (git-fixes). * mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes). * mtd: rawnand: renesas: Add missing check after DMA map (git-fixes). * mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes). * mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes). * mtd: spinand: fix memory leak of ECC engine conf (stable-fixes). * mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes). * mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes). * mtk-sd: Prevent memory corruption from DMA map failure (git-fixes). * mtk-sd: reset host->mrq on prepare_data() error (git-fixes). * mwl8k: Add missing check after DMA map (git-fixes). * nbd: fix uaf in nbd_genl_connect() error path (git-fixes). * net/mlx5: HWS, fix missing ip_version handling in definer (git-fixes). * net/packet: fix a race in packet_set_ring() and packet_notifier() (git- fixes). * net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes). * net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git- fixes). * net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git- fixes). * net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes). * net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes). * net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes). * net/smc: Fix lookup of netdev by using ib_device_get_netdev() (git-fixes bsc#1246217). * net: mana: Add debug logs in MANA network driver (bsc#1246212). * net: mana: Add handler for hardware servicing events (bsc#1245730). * net: mana: Allocate MSI-X vectors dynamically (bsc#1245457). * net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457). * net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (bsc#1246203). * net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729). * net: mana: Set tx_packets to post gso processing packet count (bsc#1245731). * net: mana: explain irq_setup() algorithm (bsc#1245457). * net: phy: Do not register LEDs for genphy (git-fixes). * net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes). * net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes). * net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git- fixes). * net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes). * net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git- fixes). * net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes). * net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes). * net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes). * netlink: fix policy dump for int with validation callback (jsc#PED-12745). * netlink: specs: devlink: replace underscores with dashes in names (jsc#PED-12745). * netlink: specs: nfsd: replace underscores with dashes in names (git-fixes). * netlink: specs: tc: replace underscores with dashes in names (git-fixes). * netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes). * nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git- fixes). * nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes). * nilfs2: reject invalid file types when reading inodes (git-fixes). * nvme-pci: refresh visible attrs after being checked (git-fixes). * nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes). * nvme: fix endianness of command word prints in nvme_log_err_passthru() (git- fixes). * nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes). * nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes). * nvmet-tcp: fix callback lock for TLS handshake (git-fixes). * objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes). * objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks (git-fixes). * objtool: Fix _THIS_IP_ detection for cold functions (git-fixes). * objtool: Fix error handling inconsistencies in check() (git-fixes). * objtool: Ignore dangling jump table entries (git-fixes). * objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes). * objtool: Properly disable uaccess validation (git-fixes). * objtool: Silence more KCOV warnings (git-fixes). * objtool: Silence more KCOV warnings, part 2 (git-fixes). * objtool: Stop UNRET validation on UD2 (git-fixes). * pNFS/flexfiles: do not attempt pnfs on fatal DS errors (git-fixes). * pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes). * perf: Fix sample vs do_exit() (bsc#1246547). * phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git- fixes). * pinctrl: amd: Clear GPIO debounce for suspend (git-fixes). * pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes). * pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes). * pinmux: fix race causing mux_owner NULL with active mux_usecount (git- fixes). * platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git- fixes). * platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git- fixes). * platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes). * platform/mellanox: mlxreg-lc: Fix logic error in power state check (git- fixes). * platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes). * platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes). * platform/x86: Fix initialization order for firmware_attributes_class (git- fixes). * platform/x86: dell-sysman: Directly use firmware_attributes_class (stable- fixes). * platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes). * platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes). * platform/x86: firmware_attributes_class: Move include linux/device/class.h (stable-fixes). * platform/x86: firmware_attributes_class: Simplify API (stable-fixes). * platform/x86: hp-bioscfg: Directly use firmware_attributes_class (stable- fixes). * platform/x86: hp-bioscfg: Fix class device unregistration (git-fixes). * platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes). * platform/x86: make fw_attr_class constant (stable-fixes). * platform/x86: think-lmi: Create ksets consecutively (stable-fixes). * platform/x86: think-lmi: Directly use firmware_attributes_class (stable- fixes). * platform/x86: think-lmi: Fix class device unregistration (git-fixes). * platform/x86: think-lmi: Fix kobject cleanup (git-fixes). * platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes). * power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes). * power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git- fixes). * powercap: call put_device() on an error path in powercap_register_control_type() (stable-fixes). * powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git- fixes). * powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes). * powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH (git-fixes). * powerpc/pseries/dlpar: Search DRC index from ibm,drc-indexes for IO add (bsc#1243042 ltc#212167). * ptp: fix breakage after ptp_vclock_in_use() rework (bsc#1246506). * pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes). * pwm: mediatek: Ensure to disable clocks in error path (git-fixes). * pwm: rockchip: Round period/duty down on apply, up on get (git-fixes). * regmap: fix potential memory leak of regmap_bus (git-fixes). * regulator: core: fix NULL dereference on unbind due to stale coupling data (stable-fixes). * regulator: fan53555: add enable_time support and soft-start times (stable- fixes). * regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git- fixes). * regulator: pwm-regulator: Calculate the output voltage for disabled PWMs (stable-fixes). * resource: fix false warning in __request_region() (git-fixes). * restore UCSI_CONNECTOR_RESET_HARD definition (git-fixes). * ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes). * rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes). * rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes). * rpm/kernel-subpackage-spec: Skip brp-strip-debug to avoid file truncation (bsc#1246879) Put the same workaround to avoid file truncation of vmlinux and co in kernel-default-base package, too. * rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337) * rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes). * rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes). * rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes). * rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes). * rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes). * rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes). * s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246870). * s390/entry: Fix last breaking event handling in case of stack corruption (git-fixes bsc#1243806). * s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245646). * s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245647). * s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245598). * s390: Add z17 elf platform (LTC#214086 bsc#1245540). * samples: mei: Fix building on musl libc (git-fixes). * sched,freezer: Remove unnecessary warning in __thaw_task (bsc#1219338). * sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up() (git- fixes). * scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes). * scsi: fnic: Add and improve logs in FDMI and FDMI ABTS paths (bsc#1246644). * scsi: fnic: Fix crash in fnic_wq_cmpl_handler when FDMI times out (git- fixes). * scsi: fnic: Fix missing DMA mapping error in fnic_send_frame() (git-fixes). * scsi: fnic: Set appropriate logging level for log message (bsc#1246644). * scsi: fnic: Turn off FDMI ACTIVE flags on link down (git-fixes). * scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Copyright updates for 14.4.0.10 patches (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Modify end-of-life adapters' model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142). * scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: megaraid_sas: Fix invalid node index (git-fixes). * scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git- fixes). * scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git- fixes). * scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245599). * selftests/bpf: Add CFLAGS per source file and runner (git-fixes). * selftests/bpf: Add tests for iter next method returning valid pointer (git- fixes). * selftests/bpf: Change functions definitions to support GCC (git-fixes). * selftests/bpf: Fix a few tests for GCC related warnings (git-fixes). * selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect (git-fixes). * selftests/bpf: Fix prog numbers in test_sockmap (git-fixes). * smb3: move server check earlier when setting channel sequence number (git- fixes). * smb: client: fix parsing of device numbers (git-fixes). * soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes). * soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes). * soc: aspeed: lpc-snoop: Do not disable channels that are not enabled (git- fixes). * soc: qcom: QMI encoding/decoding for big endian (git-fixes). * soc: qcom: fix endianness for QMI header (git-fixes). * soc: qcom: pmic_glink: fix OF node leak (git-fixes). * soundwire: amd: fix for clearing command status register (git-fixes). * soundwire: stream: restore params when prepare ports fail (git-fixes). * spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git- fixes). * sprintf.h requires stdarg.h (git-fixes). * sprintf.h: mask additional include (git-fixes). * staging: axis-fifo: remove sysfs interface (git-fixes). * staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git- fixes). * staging: nvec: Fix incorrect null termination of battery manufacturer (git- fixes). * staging: vchiq_arm: Make vchiq_shutdown never fail (git-fixes). * struct cdns: move new member to the end (git-fixes). * struct ucsi_operations: use padding for new operation (git-fixes). * sunrpc: do not immediately retransmit on seqno miss (git-fixes). * sunrpc: fix client side handling of tls alerts (git-fixes). * sunrpc: fix handling of server side tls alerts (git-fixes). * supported.conf: Mark ZL3073X modules supported * supported.conf: add missing entries for armv7hl * supported.conf: move nvme-apple to optional again * supported.conf: sort entries again * tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes). * thermal: trip: Use READ_ONCE() for lockless access to trip properties (git- fixes). * thermal: trip: Use common set of trip type names (git-fixes). * thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes). * thunderbolt: Fix copy+paste error in match_service_id() (git-fixes). * thunderbolt: Fix wake on connect at runtime (git-fixes). * tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes). * tracing/kprobes: Fix to free objects when failed to copy a symbol (git- fixes). * types: Complement the aligned types with signed 64-bit one (stable-fixes). * ucount: fix atomic_long_inc_below() argument type (git-fixes). * ucsi-glink: adapt to kABI consistency (git-fixes). * ucsi_ccg: Refine the UCSI Interrupt handling (git-fixes). * ucsi_operations: add stubs for all operations (git-fixes). * ucsi_ops: adapt update_connector to kABI consistency (git-fixes). * usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes). * usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes). * usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes). * usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes). * usb: cdnsp: Fix issue with resuming from L1 (git-fixes). * usb: cdnsp: Replace snprintf() with the safer scnprintf() variant (stable- fixes). * usb: cdnsp: do not disable slot for disabled slot (git-fixes). * usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes). * usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes). * usb: dwc2: also exit clock_gating when stopping udc while suspended (stable- fixes). * usb: dwc3: Abort suspend on soft disconnect failure (git-fixes). * usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes). * usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes). * usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes). * usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes). * usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes). * usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes). * usb: hub: Do not try to recover devices lost during warm reset (git-fixes). * usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes). * usb: musb: fix gadget state on disconnect (git-fixes). * usb: musb: omap2430: fix device leak at unbind (git-fixes). * usb: net: sierra: check for no status endpoint (git-fixes). * usb: potential integer overflow in usbg_make_tpg() (stable-fixes). * usb: typec: Update sysfs when setting ops (git-fixes). * usb: typec: altmodes/displayport: do not index invalid pin_assignments (git- fixes). * usb: typec: displayport: Fix potential deadlock (git-fixes). * usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes). * usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable- fixes). * usb: typec: tcpm: allow switching to mode accessory to mux properly (stable- fixes). * usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes). * usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git- fixes). * usb: typec: ucsi: Add DATA_RESET option of Connector Reset command (git- fixes). * usb: typec: ucsi: Add qcm6490-pmic-glink as needing PDOS quirk (git-fixes). * usb: typec: ucsi: Delay alternate mode discovery (git-fixes). * usb: typec: ucsi: Fix busy loop on ASUS VivoBooks (git-fixes). * usb: typec: ucsi: Fix the partner PD revision (git-fixes). * usb: typec: ucsi: Get PD revision for partner (git-fixes). * usb: typec: ucsi: Set orientation as none when connector is unplugged (git- fixes). * usb: typec: ucsi: Update power_supply on power role change (git-fixes). * usb: typec: ucsi: add callback for connector status updates (git-fixes). * usb: typec: ucsi: add update_connector callback (git-fixes). * usb: typec: ucsi: do not retrieve PDOs if not supported (git-fixes). * usb: typec: ucsi: extract code to read PD caps (git-fixes). * usb: typec: ucsi: fix UCSI on SM8550 & SM8650 Qualcomm devices (git-fixes). * usb: typec: ucsi: glink: fix off-by-one in connector_status (git-fixes). * usb: typec: ucsi: glink: increase max ports for x1e80100 (git-fixes). * usb: typec: ucsi: glink: move GPIO reading into connector_status callback (git-fixes). * usb: typec: ucsi: glink: use typec_set_orientation (git-fixes). * usb: typec: ucsi: move ucsi_acknowledge() from ucsi_read_error() (git- fixes). * usb: typec: ucsi: properly register partner's PD device (git-fixes). * usb: typec: ucsi: support delaying GET_PDOS for device (git-fixes). * usb: typec: ucsi_acpi: Add LG Gram quirk (git-fixes). * usb: typec: ucsi_glink: drop NO_PARTNER_PDOS quirk for sm8550 / sm8650 (git- fixes). * usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk (git-fixes). * usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk on qcm6490 (git-fixes). * usb: typec: ucsi_glink: rework quirks implementation (git-fixes). * usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git- fixes). * usb: xhci: quirk for data loss in ISOC transfers (stable-fixes). * usb:cdnsp: remove TRB_FLUSH_ENDPOINT command (stable-fixes). * virtgpu: do not reset on shutdown (git-fixes). * vmci: Prevent the dispatching of uninitialized payloads (git-fixes). * vt: add missing notification when switching back to text mode (stable- fixes). * vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes). * vt: keyboard: Do not process Unicode characters in K_OFF mode (git-fixes). * watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git- fixes). * wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes). * wifi: ath11k: fix dest ring-buffer corruption (git-fixes). * wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes). * wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes). * wifi: ath11k: fix source ring-buffer corruption (git-fixes). * wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes). * wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (git-fixes). * wifi: ath12k: fix dest ring-buffer corruption (git-fixes). * wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes). * wifi: ath12k: fix endianness handling while accessing wmi service bit (git- fixes). * wifi: ath12k: fix source ring-buffer corruption (git-fixes). * wifi: ath6kl: remove WARN on bad firmware input (stable-fixes). * wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes). * wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes). * wifi: cfg80211/mac80211: correctly parse S1G beacon optional elements (git- fixes). * wifi: cfg80211: fix S1G beacon head validation in nl80211 (git-fixes). * wifi: cfg80211: remove scan request n_channels counted_by (git-fixes). * wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes). * wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes). * wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes). * wifi: mac80211: Add link iteration macro for link data (stable-fixes). * wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes). * wifi: mac80211: Create separate links for VLAN interfaces (stable-fixes). * wifi: mac80211: Do not call fq_flow_idx() for management frames (git-fixes). * wifi: mac80211: Do not schedule stopped TXQs (git-fixes). * wifi: mac80211: Write cnt before copying in ieee80211_copy_rnr_beacon() (git-fixes). * wifi: mac80211: chan: chandef is non-NULL for reserved (stable-fixes). * wifi: mac80211: drop invalid source address OCB frames (stable-fixes). * wifi: mac80211: finish link init before RCU publish (git-fixes). * wifi: mac80211: fix non-transmitted BSSID profile search (git-fixes). * wifi: mac80211: reject TDLS operations when station is not associated (git- fixes). * wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes). * wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes). * wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes). * wifi: nl80211: Set num_sub_specs before looping through sub_specs (git- fixes). * wifi: plfxlc: Fix error handling in usb driver probe (git-fixes). * wifi: prevent A-MSDU attacks in mesh networks (stable-fixes). * wifi: rt2x00: fix remove callback type mismatch (git-fixes). * wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes). * wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes). * wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes). * x86/CPU/AMD: Add more models to X86_FEATURE_ZEN5 (bsc#1246449). * x86/CPU/AMD: Improve the erratum 1386 workaround (git-fixes). * x86/CPU/AMD: Terminate the erratum_1386_microcode array (git-fixes). * x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes). * x86/cpu: Avoid running off the end of an AMD erratum table (git-fixes). * x86/cpu: Expose only stepping min/max interface (git-fixes). * x86/cpu: Introduce new microcode matching helper (git-fixes). * x86/cpu: Move AMD erratum 1386 table over to 'x86_cpu_id' (git-fixes). * x86/cpu: Replace PEBS use of 'x86_cpu_desc' use with 'x86_cpu_id' (git- fixes). * x86/mce/amd: Add default names for MCA banks and blocks (git-fixes). * x86/mce/amd: Fix threshold limit reset (git-fixes). * x86/mce: Do not remove sysfs if thresholding sysfs init fails (git-fixes). * x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git- fixes). * x86/mtrr: Rename mtrr_overwrite_state() to guest_force_mtrr_state() (git- fixes). * x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git- fixes). * x86/traps: Initialize DR6 by writing its architectural reset value (git- fixes). * x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes). * x86: UV RTC: Add parameter to disable RTC clocksource (bsc#1241345). * xfs: fix off-by-one error in fsmap's end_daddr usage (bsc#1235837). * xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes). * xfs: remove unused event xfs_alloc_near_error (git-fixes). * xfs: remove unused event xfs_alloc_near_nominleft (git-fixes). * xfs: remove unused event xfs_attr_node_removename (git-fixes). * xfs: remove unused event xfs_ioctl_clone (git-fixes). * xfs: remove unused event xfs_pagecache_inval (git-fixes). * xfs: remove unused event xlog_iclog_want_sync (git-fixes). * xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes). * xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes). * xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes). * xfs: remove unused xfs_attr events (git-fixes). * xfs: remove unused xfs_reflink_compare_extents events (git-fixes). * xfs: remove usused xfs_end_io_direct events (git-fixes). * xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git- fixes). * xhci: dbc: Flush queued requests before stopping dbc (git-fixes). * xhci: dbctty: disable ECHO flag by default (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP7-2025-3011=1 ## Package List: * Public Cloud Module 15-SP7 (aarch64 nosrc x86_64) * kernel-azure-6.4.0-150700.20.11.1 * Public Cloud Module 15-SP7 (aarch64 x86_64) * kernel-azure-devel-6.4.0-150700.20.11.1 * kernel-azure-devel-debuginfo-6.4.0-150700.20.11.1 * kernel-azure-debugsource-6.4.0-150700.20.11.1 * kernel-syms-azure-6.4.0-150700.20.11.1 * kernel-azure-debuginfo-6.4.0-150700.20.11.1 * Public Cloud Module 15-SP7 (noarch) * kernel-devel-azure-6.4.0-150700.20.11.1 * kernel-source-azure-6.4.0-150700.20.11.1 ## References: * https://www.suse.com/security/cve/CVE-2019-11135.html * https://www.suse.com/security/cve/CVE-2024-36028.html * https://www.suse.com/security/cve/CVE-2024-36348.html * https://www.suse.com/security/cve/CVE-2024-36349.html * https://www.suse.com/security/cve/CVE-2024-36350.html * https://www.suse.com/security/cve/CVE-2024-36357.html * https://www.suse.com/security/cve/CVE-2024-39298.html * https://www.suse.com/security/cve/CVE-2024-42134.html * https://www.suse.com/security/cve/CVE-2024-44963.html * https://www.suse.com/security/cve/CVE-2024-49861.html * https://www.suse.com/security/cve/CVE-2024-49996.html * https://www.suse.com/security/cve/CVE-2024-56742.html * https://www.suse.com/security/cve/CVE-2024-57947.html * https://www.suse.com/security/cve/CVE-2025-21839.html * https://www.suse.com/security/cve/CVE-2025-21854.html * https://www.suse.com/security/cve/CVE-2025-21872.html * https://www.suse.com/security/cve/CVE-2025-22090.html * https://www.suse.com/security/cve/CVE-2025-23163.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-37856.html * https://www.suse.com/security/cve/CVE-2025-37864.html * https://www.suse.com/security/cve/CVE-2025-37885.html * https://www.suse.com/security/cve/CVE-2025-37920.html * https://www.suse.com/security/cve/CVE-2025-37984.html * https://www.suse.com/security/cve/CVE-2025-38034.html * https://www.suse.com/security/cve/CVE-2025-38035.html * https://www.suse.com/security/cve/CVE-2025-38047.html * https://www.suse.com/security/cve/CVE-2025-38051.html * https://www.suse.com/security/cve/CVE-2025-38052.html * https://www.suse.com/security/cve/CVE-2025-38058.html * https://www.suse.com/security/cve/CVE-2025-38061.html * https://www.suse.com/security/cve/CVE-2025-38062.html * https://www.suse.com/security/cve/CVE-2025-38063.html * https://www.suse.com/security/cve/CVE-2025-38064.html * https://www.suse.com/security/cve/CVE-2025-38074.html * https://www.suse.com/security/cve/CVE-2025-38084.html * https://www.suse.com/security/cve/CVE-2025-38085.html * https://www.suse.com/security/cve/CVE-2025-38087.html * https://www.suse.com/security/cve/CVE-2025-38088.html * https://www.suse.com/security/cve/CVE-2025-38089.html * https://www.suse.com/security/cve/CVE-2025-38090.html * https://www.suse.com/security/cve/CVE-2025-38091.html * https://www.suse.com/security/cve/CVE-2025-38094.html * https://www.suse.com/security/cve/CVE-2025-38095.html * https://www.suse.com/security/cve/CVE-2025-38097.html * https://www.suse.com/security/cve/CVE-2025-38098.html * https://www.suse.com/security/cve/CVE-2025-38099.html * https://www.suse.com/security/cve/CVE-2025-38100.html * https://www.suse.com/security/cve/CVE-2025-38102.html * https://www.suse.com/security/cve/CVE-2025-38105.html * https://www.suse.com/security/cve/CVE-2025-38106.html * https://www.suse.com/security/cve/CVE-2025-38107.html * https://www.suse.com/security/cve/CVE-2025-38108.html * https://www.suse.com/security/cve/CVE-2025-38109.html * https://www.suse.com/security/cve/CVE-2025-38110.html * https://www.suse.com/security/cve/CVE-2025-38111.html * https://www.suse.com/security/cve/CVE-2025-38112.html * https://www.suse.com/security/cve/CVE-2025-38113.html * https://www.suse.com/security/cve/CVE-2025-38114.html * https://www.suse.com/security/cve/CVE-2025-38115.html * https://www.suse.com/security/cve/CVE-2025-38117.html * https://www.suse.com/security/cve/CVE-2025-38118.html * https://www.suse.com/security/cve/CVE-2025-38120.html * https://www.suse.com/security/cve/CVE-2025-38122.html * https://www.suse.com/security/cve/CVE-2025-38123.html * https://www.suse.com/security/cve/CVE-2025-38124.html * https://www.suse.com/security/cve/CVE-2025-38126.html * https://www.suse.com/security/cve/CVE-2025-38127.html * https://www.suse.com/security/cve/CVE-2025-38129.html * https://www.suse.com/security/cve/CVE-2025-38131.html * https://www.suse.com/security/cve/CVE-2025-38132.html * https://www.suse.com/security/cve/CVE-2025-38135.html * https://www.suse.com/security/cve/CVE-2025-38136.html * https://www.suse.com/security/cve/CVE-2025-38138.html * https://www.suse.com/security/cve/CVE-2025-38142.html * https://www.suse.com/security/cve/CVE-2025-38143.html * https://www.suse.com/security/cve/CVE-2025-38145.html * https://www.suse.com/security/cve/CVE-2025-38147.html * https://www.suse.com/security/cve/CVE-2025-38148.html * https://www.suse.com/security/cve/CVE-2025-38149.html * https://www.suse.com/security/cve/CVE-2025-38151.html * https://www.suse.com/security/cve/CVE-2025-38153.html * https://www.suse.com/security/cve/CVE-2025-38154.html * https://www.suse.com/security/cve/CVE-2025-38155.html * https://www.suse.com/security/cve/CVE-2025-38157.html * https://www.suse.com/security/cve/CVE-2025-38158.html * https://www.suse.com/security/cve/CVE-2025-38159.html * https://www.suse.com/security/cve/CVE-2025-38161.html * https://www.suse.com/security/cve/CVE-2025-38162.html * https://www.suse.com/security/cve/CVE-2025-38165.html * https://www.suse.com/security/cve/CVE-2025-38166.html * https://www.suse.com/security/cve/CVE-2025-38173.html * https://www.suse.com/security/cve/CVE-2025-38174.html * https://www.suse.com/security/cve/CVE-2025-38177.html * https://www.suse.com/security/cve/CVE-2025-38180.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38182.html * https://www.suse.com/security/cve/CVE-2025-38183.html * https://www.suse.com/security/cve/CVE-2025-38186.html * https://www.suse.com/security/cve/CVE-2025-38187.html * https://www.suse.com/security/cve/CVE-2025-38188.html * https://www.suse.com/security/cve/CVE-2025-38189.html * https://www.suse.com/security/cve/CVE-2025-38192.html * https://www.suse.com/security/cve/CVE-2025-38193.html * https://www.suse.com/security/cve/CVE-2025-38194.html * https://www.suse.com/security/cve/CVE-2025-38197.html * https://www.suse.com/security/cve/CVE-2025-38198.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38202.html * https://www.suse.com/security/cve/CVE-2025-38203.html * https://www.suse.com/security/cve/CVE-2025-38204.html * https://www.suse.com/security/cve/CVE-2025-38206.html * https://www.suse.com/security/cve/CVE-2025-38210.html * https://www.suse.com/security/cve/CVE-2025-38211.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38214.html * https://www.suse.com/security/cve/CVE-2025-38215.html * https://www.suse.com/security/cve/CVE-2025-38217.html * https://www.suse.com/security/cve/CVE-2025-38220.html * https://www.suse.com/security/cve/CVE-2025-38222.html * https://www.suse.com/security/cve/CVE-2025-38225.html * https://www.suse.com/security/cve/CVE-2025-38226.html * https://www.suse.com/security/cve/CVE-2025-38227.html * https://www.suse.com/security/cve/CVE-2025-38229.html * https://www.suse.com/security/cve/CVE-2025-38231.html * https://www.suse.com/security/cve/CVE-2025-38236.html * https://www.suse.com/security/cve/CVE-2025-38238.html * https://www.suse.com/security/cve/CVE-2025-38239.html * https://www.suse.com/security/cve/CVE-2025-38244.html * https://www.suse.com/security/cve/CVE-2025-38246.html * https://www.suse.com/security/cve/CVE-2025-38248.html * https://www.suse.com/security/cve/CVE-2025-38249.html * https://www.suse.com/security/cve/CVE-2025-38250.html * https://www.suse.com/security/cve/CVE-2025-38256.html * https://www.suse.com/security/cve/CVE-2025-38257.html * https://www.suse.com/security/cve/CVE-2025-38259.html * https://www.suse.com/security/cve/CVE-2025-38264.html * https://www.suse.com/security/cve/CVE-2025-38265.html * https://www.suse.com/security/cve/CVE-2025-38268.html * https://www.suse.com/security/cve/CVE-2025-38272.html * https://www.suse.com/security/cve/CVE-2025-38273.html * https://www.suse.com/security/cve/CVE-2025-38275.html * https://www.suse.com/security/cve/CVE-2025-38277.html * https://www.suse.com/security/cve/CVE-2025-38279.html * https://www.suse.com/security/cve/CVE-2025-38283.html * https://www.suse.com/security/cve/CVE-2025-38286.html * https://www.suse.com/security/cve/CVE-2025-38287.html * https://www.suse.com/security/cve/CVE-2025-38288.html * https://www.suse.com/security/cve/CVE-2025-38289.html * https://www.suse.com/security/cve/CVE-2025-38290.html * https://www.suse.com/security/cve/CVE-2025-38291.html * https://www.suse.com/security/cve/CVE-2025-38292.html * https://www.suse.com/security/cve/CVE-2025-38293.html * https://www.suse.com/security/cve/CVE-2025-38299.html * https://www.suse.com/security/cve/CVE-2025-38300.html * https://www.suse.com/security/cve/CVE-2025-38303.html * https://www.suse.com/security/cve/CVE-2025-38304.html * https://www.suse.com/security/cve/CVE-2025-38305.html * https://www.suse.com/security/cve/CVE-2025-38307.html * https://www.suse.com/security/cve/CVE-2025-38310.html * https://www.suse.com/security/cve/CVE-2025-38312.html * https://www.suse.com/security/cve/CVE-2025-38313.html * https://www.suse.com/security/cve/CVE-2025-38315.html * https://www.suse.com/security/cve/CVE-2025-38317.html * https://www.suse.com/security/cve/CVE-2025-38319.html * https://www.suse.com/security/cve/CVE-2025-38323.html * https://www.suse.com/security/cve/CVE-2025-38326.html * https://www.suse.com/security/cve/CVE-2025-38328.html * https://www.suse.com/security/cve/CVE-2025-38332.html * https://www.suse.com/security/cve/CVE-2025-38334.html * https://www.suse.com/security/cve/CVE-2025-38335.html * https://www.suse.com/security/cve/CVE-2025-38336.html * https://www.suse.com/security/cve/CVE-2025-38337.html * https://www.suse.com/security/cve/CVE-2025-38338.html * https://www.suse.com/security/cve/CVE-2025-38342.html * https://www.suse.com/security/cve/CVE-2025-38343.html * https://www.suse.com/security/cve/CVE-2025-38344.html * https://www.suse.com/security/cve/CVE-2025-38345.html * https://www.suse.com/security/cve/CVE-2025-38348.html * https://www.suse.com/security/cve/CVE-2025-38349.html * https://www.suse.com/security/cve/CVE-2025-38350.html * https://www.suse.com/security/cve/CVE-2025-38352.html * https://www.suse.com/security/cve/CVE-2025-38353.html * https://www.suse.com/security/cve/CVE-2025-38354.html * https://www.suse.com/security/cve/CVE-2025-38355.html * https://www.suse.com/security/cve/CVE-2025-38356.html * https://www.suse.com/security/cve/CVE-2025-38361.html * https://www.suse.com/security/cve/CVE-2025-38362.html * https://www.suse.com/security/cve/CVE-2025-38363.html * https://www.suse.com/security/cve/CVE-2025-38364.html * https://www.suse.com/security/cve/CVE-2025-38365.html * https://www.suse.com/security/cve/CVE-2025-38369.html * https://www.suse.com/security/cve/CVE-2025-38371.html * https://www.suse.com/security/cve/CVE-2025-38373.html * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-38376.html * https://www.suse.com/security/cve/CVE-2025-38377.html * https://www.suse.com/security/cve/CVE-2025-38380.html * https://www.suse.com/security/cve/CVE-2025-38382.html * https://www.suse.com/security/cve/CVE-2025-38384.html * https://www.suse.com/security/cve/CVE-2025-38385.html * https://www.suse.com/security/cve/CVE-2025-38386.html * https://www.suse.com/security/cve/CVE-2025-38387.html * https://www.suse.com/security/cve/CVE-2025-38389.html * https://www.suse.com/security/cve/CVE-2025-38391.html * https://www.suse.com/security/cve/CVE-2025-38392.html * https://www.suse.com/security/cve/CVE-2025-38393.html * https://www.suse.com/security/cve/CVE-2025-38395.html * https://www.suse.com/security/cve/CVE-2025-38396.html * https://www.suse.com/security/cve/CVE-2025-38399.html * https://www.suse.com/security/cve/CVE-2025-38400.html * https://www.suse.com/security/cve/CVE-2025-38401.html * https://www.suse.com/security/cve/CVE-2025-38403.html * https://www.suse.com/security/cve/CVE-2025-38404.html * https://www.suse.com/security/cve/CVE-2025-38406.html * https://www.suse.com/security/cve/CVE-2025-38409.html * https://www.suse.com/security/cve/CVE-2025-38410.html * https://www.suse.com/security/cve/CVE-2025-38412.html * https://www.suse.com/security/cve/CVE-2025-38414.html * https://www.suse.com/security/cve/CVE-2025-38415.html * https://www.suse.com/security/cve/CVE-2025-38416.html * https://www.suse.com/security/cve/CVE-2025-38417.html * https://www.suse.com/security/cve/CVE-2025-38420.html * https://www.suse.com/security/cve/CVE-2025-38424.html * https://www.suse.com/security/cve/CVE-2025-38425.html * https://www.suse.com/security/cve/CVE-2025-38426.html * https://www.suse.com/security/cve/CVE-2025-38427.html * https://www.suse.com/security/cve/CVE-2025-38428.html * https://www.suse.com/security/cve/CVE-2025-38429.html * https://www.suse.com/security/cve/CVE-2025-38430.html * https://www.suse.com/security/cve/CVE-2025-38436.html * https://www.suse.com/security/cve/CVE-2025-38443.html * https://www.suse.com/security/cve/CVE-2025-38448.html * https://www.suse.com/security/cve/CVE-2025-38449.html * https://www.suse.com/security/cve/CVE-2025-38453.html * https://www.suse.com/security/cve/CVE-2025-38455.html * https://www.suse.com/security/cve/CVE-2025-38457.html * https://www.suse.com/security/cve/CVE-2025-38460.html * https://www.suse.com/security/cve/CVE-2025-38461.html * https://www.suse.com/security/cve/CVE-2025-38462.html * https://www.suse.com/security/cve/CVE-2025-38463.html * https://www.suse.com/security/cve/CVE-2025-38465.html * https://www.suse.com/security/cve/CVE-2025-38467.html * https://www.suse.com/security/cve/CVE-2025-38468.html * https://www.suse.com/security/cve/CVE-2025-38470.html * https://www.suse.com/security/cve/CVE-2025-38471.html * https://www.suse.com/security/cve/CVE-2025-38473.html * https://www.suse.com/security/cve/CVE-2025-38474.html * https://www.suse.com/security/cve/CVE-2025-38475.html * https://www.suse.com/security/cve/CVE-2025-38476.html * https://www.suse.com/security/cve/CVE-2025-38477.html * https://www.suse.com/security/cve/CVE-2025-38478.html * https://www.suse.com/security/cve/CVE-2025-38480.html * https://www.suse.com/security/cve/CVE-2025-38481.html * https://www.suse.com/security/cve/CVE-2025-38482.html * https://www.suse.com/security/cve/CVE-2025-38483.html * https://www.suse.com/security/cve/CVE-2025-38485.html * https://www.suse.com/security/cve/CVE-2025-38487.html * https://www.suse.com/security/cve/CVE-2025-38489.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://www.suse.com/security/cve/CVE-2025-38496.html * https://www.suse.com/security/cve/CVE-2025-38497.html * https://www.suse.com/security/cve/CVE-2025-38498.html * https://bugzilla.suse.com/show_bug.cgi?id=1139073 * https://bugzilla.suse.com/show_bug.cgi?id=1204142 * https://bugzilla.suse.com/show_bug.cgi?id=1219338 * https://bugzilla.suse.com/show_bug.cgi?id=1225707 * https://bugzilla.suse.com/show_bug.cgi?id=1227082 * https://bugzilla.suse.com/show_bug.cgi?id=1228664 * https://bugzilla.suse.com/show_bug.cgi?id=1230216 * https://bugzilla.suse.com/show_bug.cgi?id=1232089 * https://bugzilla.suse.com/show_bug.cgi?id=1233300 * https://bugzilla.suse.com/show_bug.cgi?id=1235515 * https://bugzilla.suse.com/show_bug.cgi?id=1235613 * https://bugzilla.suse.com/show_bug.cgi?id=1235837 * https://bugzilla.suse.com/show_bug.cgi?id=1236333 * https://bugzilla.suse.com/show_bug.cgi?id=1236897 * https://bugzilla.suse.com/show_bug.cgi?id=1238896 * https://bugzilla.suse.com/show_bug.cgi?id=1239061 * https://bugzilla.suse.com/show_bug.cgi?id=1239470 * https://bugzilla.suse.com/show_bug.cgi?id=1240323 * https://bugzilla.suse.com/show_bug.cgi?id=1240696 * https://bugzilla.suse.com/show_bug.cgi?id=1240885 * https://bugzilla.suse.com/show_bug.cgi?id=1240966 * https://bugzilla.suse.com/show_bug.cgi?id=1240998 * https://bugzilla.suse.com/show_bug.cgi?id=1241166 * https://bugzilla.suse.com/show_bug.cgi?id=1241200 * https://bugzilla.suse.com/show_bug.cgi?id=1241345 * https://bugzilla.suse.com/show_bug.cgi?id=1241537 * https://bugzilla.suse.com/show_bug.cgi?id=1242086 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242837 * https://bugzilla.suse.com/show_bug.cgi?id=1242960 * https://bugzilla.suse.com/show_bug.cgi?id=1242965 * https://bugzilla.suse.com/show_bug.cgi?id=1242993 * https://bugzilla.suse.com/show_bug.cgi?id=1243042 * https://bugzilla.suse.com/show_bug.cgi?id=1243068 * https://bugzilla.suse.com/show_bug.cgi?id=1243100 * https://bugzilla.suse.com/show_bug.cgi?id=1243479 * https://bugzilla.suse.com/show_bug.cgi?id=1243669 * https://bugzilla.suse.com/show_bug.cgi?id=1243678 * https://bugzilla.suse.com/show_bug.cgi?id=1243806 * https://bugzilla.suse.com/show_bug.cgi?id=1244309 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1244457 * https://bugzilla.suse.com/show_bug.cgi?id=1244735 * https://bugzilla.suse.com/show_bug.cgi?id=1244749 * https://bugzilla.suse.com/show_bug.cgi?id=1244750 * https://bugzilla.suse.com/show_bug.cgi?id=1244792 * https://bugzilla.suse.com/show_bug.cgi?id=1244801 * https://bugzilla.suse.com/show_bug.cgi?id=1245084 * https://bugzilla.suse.com/show_bug.cgi?id=1245151 * https://bugzilla.suse.com/show_bug.cgi?id=1245201 * https://bugzilla.suse.com/show_bug.cgi?id=1245202 * https://bugzilla.suse.com/show_bug.cgi?id=1245216 * https://bugzilla.suse.com/show_bug.cgi?id=1245260 * https://bugzilla.suse.com/show_bug.cgi?id=1245431 * https://bugzilla.suse.com/show_bug.cgi?id=1245440 * https://bugzilla.suse.com/show_bug.cgi?id=1245457 * https://bugzilla.suse.com/show_bug.cgi?id=1245498 * https://bugzilla.suse.com/show_bug.cgi?id=1245499 * https://bugzilla.suse.com/show_bug.cgi?id=1245504 * https://bugzilla.suse.com/show_bug.cgi?id=1245506 * https://bugzilla.suse.com/show_bug.cgi?id=1245508 * https://bugzilla.suse.com/show_bug.cgi?id=1245510 * https://bugzilla.suse.com/show_bug.cgi?id=1245540 * https://bugzilla.suse.com/show_bug.cgi?id=1245598 * https://bugzilla.suse.com/show_bug.cgi?id=1245599 * https://bugzilla.suse.com/show_bug.cgi?id=1245621 * https://bugzilla.suse.com/show_bug.cgi?id=1245646 * https://bugzilla.suse.com/show_bug.cgi?id=1245647 * https://bugzilla.suse.com/show_bug.cgi?id=1245649 * https://bugzilla.suse.com/show_bug.cgi?id=1245650 * https://bugzilla.suse.com/show_bug.cgi?id=1245654 * https://bugzilla.suse.com/show_bug.cgi?id=1245658 * https://bugzilla.suse.com/show_bug.cgi?id=1245660 * https://bugzilla.suse.com/show_bug.cgi?id=1245664 * https://bugzilla.suse.com/show_bug.cgi?id=1245665 * https://bugzilla.suse.com/show_bug.cgi?id=1245666 * https://bugzilla.suse.com/show_bug.cgi?id=1245668 * https://bugzilla.suse.com/show_bug.cgi?id=1245669 * https://bugzilla.suse.com/show_bug.cgi?id=1245670 * https://bugzilla.suse.com/show_bug.cgi?id=1245671 * https://bugzilla.suse.com/show_bug.cgi?id=1245675 * https://bugzilla.suse.com/show_bug.cgi?id=1245676 * https://bugzilla.suse.com/show_bug.cgi?id=1245677 * https://bugzilla.suse.com/show_bug.cgi?id=1245679 * https://bugzilla.suse.com/show_bug.cgi?id=1245682 * https://bugzilla.suse.com/show_bug.cgi?id=1245683 * https://bugzilla.suse.com/show_bug.cgi?id=1245684 * https://bugzilla.suse.com/show_bug.cgi?id=1245686 * https://bugzilla.suse.com/show_bug.cgi?id=1245688 * https://bugzilla.suse.com/show_bug.cgi?id=1245689 * https://bugzilla.suse.com/show_bug.cgi?id=1245690 * https://bugzilla.suse.com/show_bug.cgi?id=1245691 * https://bugzilla.suse.com/show_bug.cgi?id=1245695 * https://bugzilla.suse.com/show_bug.cgi?id=1245705 * https://bugzilla.suse.com/show_bug.cgi?id=1245708 * https://bugzilla.suse.com/show_bug.cgi?id=1245711 * https://bugzilla.suse.com/show_bug.cgi?id=1245713 * https://bugzilla.suse.com/show_bug.cgi?id=1245714 * https://bugzilla.suse.com/show_bug.cgi?id=1245719 * https://bugzilla.suse.com/show_bug.cgi?id=1245723 * https://bugzilla.suse.com/show_bug.cgi?id=1245729 * https://bugzilla.suse.com/show_bug.cgi?id=1245730 * https://bugzilla.suse.com/show_bug.cgi?id=1245731 * https://bugzilla.suse.com/show_bug.cgi?id=1245735 * https://bugzilla.suse.com/show_bug.cgi?id=1245737 * https://bugzilla.suse.com/show_bug.cgi?id=1245744 * https://bugzilla.suse.com/show_bug.cgi?id=1245745 * https://bugzilla.suse.com/show_bug.cgi?id=1245746 * https://bugzilla.suse.com/show_bug.cgi?id=1245747 * https://bugzilla.suse.com/show_bug.cgi?id=1245748 * https://bugzilla.suse.com/show_bug.cgi?id=1245749 * https://bugzilla.suse.com/show_bug.cgi?id=1245750 * https://bugzilla.suse.com/show_bug.cgi?id=1245751 * https://bugzilla.suse.com/show_bug.cgi?id=1245752 * https://bugzilla.suse.com/show_bug.cgi?id=1245757 * https://bugzilla.suse.com/show_bug.cgi?id=1245758 * https://bugzilla.suse.com/show_bug.cgi?id=1245765 * https://bugzilla.suse.com/show_bug.cgi?id=1245768 * https://bugzilla.suse.com/show_bug.cgi?id=1245769 * https://bugzilla.suse.com/show_bug.cgi?id=1245777 * https://bugzilla.suse.com/show_bug.cgi?id=1245781 * https://bugzilla.suse.com/show_bug.cgi?id=1245789 * https://bugzilla.suse.com/show_bug.cgi?id=1245812 * https://bugzilla.suse.com/show_bug.cgi?id=1245937 * https://bugzilla.suse.com/show_bug.cgi?id=1245945 * https://bugzilla.suse.com/show_bug.cgi?id=1245951 * https://bugzilla.suse.com/show_bug.cgi?id=1245952 * https://bugzilla.suse.com/show_bug.cgi?id=1245954 * https://bugzilla.suse.com/show_bug.cgi?id=1245955 * https://bugzilla.suse.com/show_bug.cgi?id=1245957 * https://bugzilla.suse.com/show_bug.cgi?id=1245966 * https://bugzilla.suse.com/show_bug.cgi?id=1245970 * https://bugzilla.suse.com/show_bug.cgi?id=1245976 * https://bugzilla.suse.com/show_bug.cgi?id=1245980 * https://bugzilla.suse.com/show_bug.cgi?id=1245983 * https://bugzilla.suse.com/show_bug.cgi?id=1245986 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246002 * https://bugzilla.suse.com/show_bug.cgi?id=1246006 * https://bugzilla.suse.com/show_bug.cgi?id=1246008 * https://bugzilla.suse.com/show_bug.cgi?id=1246020 * https://bugzilla.suse.com/show_bug.cgi?id=1246023 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246031 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246041 * https://bugzilla.suse.com/show_bug.cgi?id=1246042 * https://bugzilla.suse.com/show_bug.cgi?id=1246044 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246047 * https://bugzilla.suse.com/show_bug.cgi?id=1246049 * https://bugzilla.suse.com/show_bug.cgi?id=1246050 * https://bugzilla.suse.com/show_bug.cgi?id=1246055 * https://bugzilla.suse.com/show_bug.cgi?id=1246073 * https://bugzilla.suse.com/show_bug.cgi?id=1246093 * https://bugzilla.suse.com/show_bug.cgi?id=1246098 * https://bugzilla.suse.com/show_bug.cgi?id=1246109 * https://bugzilla.suse.com/show_bug.cgi?id=1246113 * https://bugzilla.suse.com/show_bug.cgi?id=1246122 * https://bugzilla.suse.com/show_bug.cgi?id=1246125 * https://bugzilla.suse.com/show_bug.cgi?id=1246134 * https://bugzilla.suse.com/show_bug.cgi?id=1246171 * https://bugzilla.suse.com/show_bug.cgi?id=1246173 * https://bugzilla.suse.com/show_bug.cgi?id=1246178 * https://bugzilla.suse.com/show_bug.cgi?id=1246179 * https://bugzilla.suse.com/show_bug.cgi?id=1246182 * https://bugzilla.suse.com/show_bug.cgi?id=1246183 * https://bugzilla.suse.com/show_bug.cgi?id=1246186 * https://bugzilla.suse.com/show_bug.cgi?id=1246188 * https://bugzilla.suse.com/show_bug.cgi?id=1246203 * https://bugzilla.suse.com/show_bug.cgi?id=1246212 * https://bugzilla.suse.com/show_bug.cgi?id=1246217 * https://bugzilla.suse.com/show_bug.cgi?id=1246220 * https://bugzilla.suse.com/show_bug.cgi?id=1246236 * https://bugzilla.suse.com/show_bug.cgi?id=1246240 * https://bugzilla.suse.com/show_bug.cgi?id=1246243 * https://bugzilla.suse.com/show_bug.cgi?id=1246244 * https://bugzilla.suse.com/show_bug.cgi?id=1246246 * https://bugzilla.suse.com/show_bug.cgi?id=1246249 * https://bugzilla.suse.com/show_bug.cgi?id=1246250 * https://bugzilla.suse.com/show_bug.cgi?id=1246253 * https://bugzilla.suse.com/show_bug.cgi?id=1246258 * https://bugzilla.suse.com/show_bug.cgi?id=1246262 * https://bugzilla.suse.com/show_bug.cgi?id=1246264 * https://bugzilla.suse.com/show_bug.cgi?id=1246266 * https://bugzilla.suse.com/show_bug.cgi?id=1246268 * https://bugzilla.suse.com/show_bug.cgi?id=1246273 * https://bugzilla.suse.com/show_bug.cgi?id=1246283 * https://bugzilla.suse.com/show_bug.cgi?id=1246285 * https://bugzilla.suse.com/show_bug.cgi?id=1246286 * https://bugzilla.suse.com/show_bug.cgi?id=1246287 * https://bugzilla.suse.com/show_bug.cgi?id=1246290 * https://bugzilla.suse.com/show_bug.cgi?id=1246292 * https://bugzilla.suse.com/show_bug.cgi?id=1246293 * https://bugzilla.suse.com/show_bug.cgi?id=1246295 * https://bugzilla.suse.com/show_bug.cgi?id=1246297 * https://bugzilla.suse.com/show_bug.cgi?id=1246333 * https://bugzilla.suse.com/show_bug.cgi?id=1246334 * https://bugzilla.suse.com/show_bug.cgi?id=1246337 * https://bugzilla.suse.com/show_bug.cgi?id=1246342 * https://bugzilla.suse.com/show_bug.cgi?id=1246349 * https://bugzilla.suse.com/show_bug.cgi?id=1246354 * https://bugzilla.suse.com/show_bug.cgi?id=1246358 * https://bugzilla.suse.com/show_bug.cgi?id=1246361 * https://bugzilla.suse.com/show_bug.cgi?id=1246364 * https://bugzilla.suse.com/show_bug.cgi?id=1246370 * https://bugzilla.suse.com/show_bug.cgi?id=1246375 * https://bugzilla.suse.com/show_bug.cgi?id=1246384 * https://bugzilla.suse.com/show_bug.cgi?id=1246385 * https://bugzilla.suse.com/show_bug.cgi?id=1246386 * https://bugzilla.suse.com/show_bug.cgi?id=1246387 * https://bugzilla.suse.com/show_bug.cgi?id=1246438 * https://bugzilla.suse.com/show_bug.cgi?id=1246443 * https://bugzilla.suse.com/show_bug.cgi?id=1246449 * https://bugzilla.suse.com/show_bug.cgi?id=1246453 * https://bugzilla.suse.com/show_bug.cgi?id=1246473 * https://bugzilla.suse.com/show_bug.cgi?id=1246490 * https://bugzilla.suse.com/show_bug.cgi?id=1246506 * https://bugzilla.suse.com/show_bug.cgi?id=1246547 * https://bugzilla.suse.com/show_bug.cgi?id=1246644 * https://bugzilla.suse.com/show_bug.cgi?id=1246695 * https://bugzilla.suse.com/show_bug.cgi?id=1246777 * https://bugzilla.suse.com/show_bug.cgi?id=1246781 * https://bugzilla.suse.com/show_bug.cgi?id=1246870 * https://bugzilla.suse.com/show_bug.cgi?id=1246879 * https://bugzilla.suse.com/show_bug.cgi?id=1246911 * https://bugzilla.suse.com/show_bug.cgi?id=1247018 * https://bugzilla.suse.com/show_bug.cgi?id=1247021 * https://bugzilla.suse.com/show_bug.cgi?id=1247023 * https://bugzilla.suse.com/show_bug.cgi?id=1247028 * https://bugzilla.suse.com/show_bug.cgi?id=1247031 * https://bugzilla.suse.com/show_bug.cgi?id=1247033 * https://bugzilla.suse.com/show_bug.cgi?id=1247035 * https://bugzilla.suse.com/show_bug.cgi?id=1247061 * https://bugzilla.suse.com/show_bug.cgi?id=1247062 * https://bugzilla.suse.com/show_bug.cgi?id=1247064 * https://bugzilla.suse.com/show_bug.cgi?id=1247079 * https://bugzilla.suse.com/show_bug.cgi?id=1247089 * https://bugzilla.suse.com/show_bug.cgi?id=1247091 * https://bugzilla.suse.com/show_bug.cgi?id=1247097 * https://bugzilla.suse.com/show_bug.cgi?id=1247098 * https://bugzilla.suse.com/show_bug.cgi?id=1247101 * https://bugzilla.suse.com/show_bug.cgi?id=1247103 * https://bugzilla.suse.com/show_bug.cgi?id=1247104 * https://bugzilla.suse.com/show_bug.cgi?id=1247113 * https://bugzilla.suse.com/show_bug.cgi?id=1247118 * https://bugzilla.suse.com/show_bug.cgi?id=1247123 * https://bugzilla.suse.com/show_bug.cgi?id=1247125 * https://bugzilla.suse.com/show_bug.cgi?id=1247128 * https://bugzilla.suse.com/show_bug.cgi?id=1247132 * https://bugzilla.suse.com/show_bug.cgi?id=1247138 * https://bugzilla.suse.com/show_bug.cgi?id=1247141 * https://bugzilla.suse.com/show_bug.cgi?id=1247143 * https://bugzilla.suse.com/show_bug.cgi?id=1247145 * https://bugzilla.suse.com/show_bug.cgi?id=1247146 * https://bugzilla.suse.com/show_bug.cgi?id=1247147 * https://bugzilla.suse.com/show_bug.cgi?id=1247149 * https://bugzilla.suse.com/show_bug.cgi?id=1247150 * https://bugzilla.suse.com/show_bug.cgi?id=1247151 * https://bugzilla.suse.com/show_bug.cgi?id=1247152 * https://bugzilla.suse.com/show_bug.cgi?id=1247153 * https://bugzilla.suse.com/show_bug.cgi?id=1247154 * https://bugzilla.suse.com/show_bug.cgi?id=1247156 * https://bugzilla.suse.com/show_bug.cgi?id=1247160 * https://bugzilla.suse.com/show_bug.cgi?id=1247164 * https://bugzilla.suse.com/show_bug.cgi?id=1247169 * https://bugzilla.suse.com/show_bug.cgi?id=1247170 * https://bugzilla.suse.com/show_bug.cgi?id=1247171 * https://bugzilla.suse.com/show_bug.cgi?id=1247172 * https://bugzilla.suse.com/show_bug.cgi?id=1247174 * https://bugzilla.suse.com/show_bug.cgi?id=1247176 * https://bugzilla.suse.com/show_bug.cgi?id=1247177 * https://bugzilla.suse.com/show_bug.cgi?id=1247178 * https://bugzilla.suse.com/show_bug.cgi?id=1247181 * https://bugzilla.suse.com/show_bug.cgi?id=1247209 * https://bugzilla.suse.com/show_bug.cgi?id=1247210 * https://bugzilla.suse.com/show_bug.cgi?id=1247227 * https://bugzilla.suse.com/show_bug.cgi?id=1247233 * https://bugzilla.suse.com/show_bug.cgi?id=1247234 * https://bugzilla.suse.com/show_bug.cgi?id=1247236 * https://bugzilla.suse.com/show_bug.cgi?id=1247238 * https://bugzilla.suse.com/show_bug.cgi?id=1247241 * https://bugzilla.suse.com/show_bug.cgi?id=1247251 * https://bugzilla.suse.com/show_bug.cgi?id=1247252 * https://bugzilla.suse.com/show_bug.cgi?id=1247253 * https://bugzilla.suse.com/show_bug.cgi?id=1247255 * https://bugzilla.suse.com/show_bug.cgi?id=1247265 * https://bugzilla.suse.com/show_bug.cgi?id=1247271 * https://bugzilla.suse.com/show_bug.cgi?id=1247273 * https://bugzilla.suse.com/show_bug.cgi?id=1247274 * https://bugzilla.suse.com/show_bug.cgi?id=1247276 * https://bugzilla.suse.com/show_bug.cgi?id=1247277 * https://bugzilla.suse.com/show_bug.cgi?id=1247278 * https://bugzilla.suse.com/show_bug.cgi?id=1247279 * https://bugzilla.suse.com/show_bug.cgi?id=1247282 * https://bugzilla.suse.com/show_bug.cgi?id=1247284 * https://bugzilla.suse.com/show_bug.cgi?id=1247285 * https://bugzilla.suse.com/show_bug.cgi?id=1247288 * https://bugzilla.suse.com/show_bug.cgi?id=1247289 * https://bugzilla.suse.com/show_bug.cgi?id=1247293 * https://bugzilla.suse.com/show_bug.cgi?id=1247308 * https://bugzilla.suse.com/show_bug.cgi?id=1247311 * https://bugzilla.suse.com/show_bug.cgi?id=1247314 * https://bugzilla.suse.com/show_bug.cgi?id=1247317 * https://bugzilla.suse.com/show_bug.cgi?id=1247347 * https://bugzilla.suse.com/show_bug.cgi?id=1247348 * https://bugzilla.suse.com/show_bug.cgi?id=1247349 * https://bugzilla.suse.com/show_bug.cgi?id=1247374 * https://bugzilla.suse.com/show_bug.cgi?id=1247437 * https://bugzilla.suse.com/show_bug.cgi?id=1247450 * https://bugzilla.suse.com/show_bug.cgi?id=1247712 * https://bugzilla.suse.com/show_bug.cgi?id=1247831 * https://jira.suse.com/browse/PED-12731 * https://jira.suse.com/browse/PED-12745 * https://jira.suse.com/browse/PED-13248 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 08:30:18 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 08:30:18 -0000 Subject: SUSE-SU-2025:03012-1: important: security update for git, git-lfs, obs-scm-bridge, python-PyYAML Message-ID: <175645621851.25799.13001186809577495001@smelt2.prg2.suse.org> # security update for git, git-lfs, obs-scm-bridge, python-PyYAML Announcement ID: SUSE-SU-2025:03012-1 Release Date: 2025-08-29T00:08:05Z Rating: important References: * bsc#1212476 * bsc#1216545 * bsc#1218588 * bsc#1218664 * bsc#1243197 * bsc#1245938 * bsc#1245939 * bsc#1245942 * bsc#1245943 * bsc#1245946 Cross-References: * CVE-2025-27613 * CVE-2025-27614 * CVE-2025-46835 * CVE-2025-48384 * CVE-2025-48385 CVSS scores: * CVE-2025-27613 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-27613 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2025-27613 ( NVD ): 3.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N * CVE-2025-27614 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-27614 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-27614 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2025-46835 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-46835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2025-46835 ( NVD ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L * CVE-2025-48384 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-48384 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-48384 ( NVD ): 8.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H * CVE-2025-48385 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-48385 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-48385 ( NVD ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves five vulnerabilities and has five security fixes can now be installed. ## Description: This update for git, git-lfs, obs-scm-bridge, python-PyYAML fixes the following issues: git was updated from version 2.43.0 to 2.51.0 (bsc#1243197): * Security issues fixed: * CVE-2025-27613 Fixed arbitrary writable file creation and truncation in Gitk(bsc#1245938) * CVE-2025-27614 Fixed arbitrary script execution via repository clonation in gitk(bsc#1245939) * CVE-2025-46835 Fixed arbitrary writable file creation in Git GUI when untrusted repository is cloned (bsc#1245942) * CVE-2025-48384 Fixed the unintentional execution of a script after checkout due to CRLF transforming (bsc#1245943) * CVE-2025-48385 Fixed arbitrary code execution due to protocol injection via fetching advertised bundle(bsc#1245946) * Other changes and bugs fixed: * Other changes and bugs fixed: * Added SHA256 support (bsc#1243197) * Git moved to /usr/libexec/git/git and updated AppArmor profile accordingly (bsc#1218588) * gitweb AppArmor profile: allow reading etc/gitweb-common.conf (bsc#1218664) * Do not replace apparmor configuration (bsc#1216545) * Fixed the Python version required (bsc#1212476) * Version Updates Release Notes: * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.51.0.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.50.1.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.50.0.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.49.0.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.48.1.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.48.0.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.47.1.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.47.0.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.46.2.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.46.1.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.46.0.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.45.3.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.45.2.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.45.1.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.45.0.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.44.0.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.3.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.2.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.1.adoc git-lfs is included in version 3.7.0. python-PyYAML was updated from version 6.0.1 to 6.0.2: * Added support for Cython 3.x and Python 3.13 obs-scm-bridge was updated from version 0.5.4 to 0.7.4: * New Features and Improvements: * Manifest File Support: Support has been added for a `_manifest file`, which serves as a successor to the `_subdirs` file. * Control Over Git Information: A new noobsinfo query parameter was added to hide git information in source and binary files. * Enhanced Submodule Handling: The system now records the configured branch of submodules and stays on that branch during checkout. * Git SHA Tracking: In project mode, the tool now uses git SHA sums instead of md5sum to track package sources. * SSH URL Support: ssh:// SCM URLs can now be used. * Improved Error Messages: Error reporting for invalid files within package subdirectories has been improved. * Standardized Config Location: In project mode, the _config file is now always located in the top-level directory, even when using subdirs. * Reduced Unnecessary Changes: In project mode, unnecessary modifications to the package meta URL are now avoided. * Limit Asset Handling: A new mechanism has been introduced to limit how assets are handled. * Branch Information Export: The trackingbranch is now exported to scmsync.obsinfo. * Bugs fixed: * Syntax Fix: A syntax issue was corrected. * Git Submodule Parsing: The .gitsubmodule parser was fixed to correctly handle files that contain a mix of spaces and tabs. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-3012=1 openSUSE-SLE-15.6-2025-3012=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3012=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-3012=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-3012=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-3012=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-3012=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2025-3012=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python311-PyYAML-debuginfo-6.0.2-150600.10.3.1 * perl-Git-2.51.0-150600.3.12.1 * python-PyYAML-debugsource-6.0.2-150600.10.3.1 * python311-PyYAML-6.0.2-150600.10.3.1 * git-email-2.51.0-150600.3.12.1 * git-core-debuginfo-2.51.0-150600.3.12.1 * git-lfs-3.7.0-150600.13.3.1 * git-core-2.51.0-150600.3.12.1 * git-gui-2.51.0-150600.3.12.1 * git-p4-2.51.0-150600.3.12.1 * git-cvs-2.51.0-150600.3.12.1 * git-credential-libsecret-debuginfo-2.51.0-150600.3.12.1 * git-2.51.0-150600.3.12.1 * git-daemon-2.51.0-150600.3.12.1 * git-arch-2.51.0-150600.3.12.1 * gitk-2.51.0-150600.3.12.1 * git-web-2.51.0-150600.3.12.1 * git-debuginfo-2.51.0-150600.3.12.1 * git-svn-2.51.0-150600.3.12.1 * git-debugsource-2.51.0-150600.3.12.1 * git-credential-libsecret-2.51.0-150600.3.12.1 * git-daemon-debuginfo-2.51.0-150600.3.12.1 * openSUSE Leap 15.6 (noarch) * git-doc-2.51.0-150600.3.12.1 * obs-scm-bridge-0.7.4-150600.14.4.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * git-debugsource-2.51.0-150600.3.12.1 * git-core-2.51.0-150600.3.12.1 * git-core-debuginfo-2.51.0-150600.3.12.1 * git-debuginfo-2.51.0-150600.3.12.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * git-debugsource-2.51.0-150600.3.12.1 * git-core-2.51.0-150600.3.12.1 * git-core-debuginfo-2.51.0-150600.3.12.1 * git-debuginfo-2.51.0-150600.3.12.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * git-arch-2.51.0-150600.3.12.1 * git-gui-2.51.0-150600.3.12.1 * gitk-2.51.0-150600.3.12.1 * perl-Git-2.51.0-150600.3.12.1 * git-web-2.51.0-150600.3.12.1 * git-debugsource-2.51.0-150600.3.12.1 * git-cvs-2.51.0-150600.3.12.1 * git-debuginfo-2.51.0-150600.3.12.1 * git-daemon-debuginfo-2.51.0-150600.3.12.1 * git-2.51.0-150600.3.12.1 * git-email-2.51.0-150600.3.12.1 * git-daemon-2.51.0-150600.3.12.1 * git-svn-2.51.0-150600.3.12.1 * git-lfs-3.7.0-150600.13.3.1 * Development Tools Module 15-SP6 (noarch) * git-doc-2.51.0-150600.3.12.1 * obs-scm-bridge-0.7.4-150600.14.4.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * git-arch-2.51.0-150600.3.12.1 * git-gui-2.51.0-150600.3.12.1 * gitk-2.51.0-150600.3.12.1 * perl-Git-2.51.0-150600.3.12.1 * git-web-2.51.0-150600.3.12.1 * git-debugsource-2.51.0-150600.3.12.1 * git-cvs-2.51.0-150600.3.12.1 * git-debuginfo-2.51.0-150600.3.12.1 * git-daemon-debuginfo-2.51.0-150600.3.12.1 * git-2.51.0-150600.3.12.1 * git-email-2.51.0-150600.3.12.1 * git-daemon-2.51.0-150600.3.12.1 * git-svn-2.51.0-150600.3.12.1 * git-lfs-3.7.0-150600.13.3.1 * Development Tools Module 15-SP7 (noarch) * git-doc-2.51.0-150600.3.12.1 * obs-scm-bridge-0.7.4-150600.14.4.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-PyYAML-6.0.2-150600.10.3.1 * python-PyYAML-debugsource-6.0.2-150600.10.3.1 * python311-PyYAML-debuginfo-6.0.2-150600.10.3.1 * Python 3 Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python311-PyYAML-6.0.2-150600.10.3.1 * python-PyYAML-debugsource-6.0.2-150600.10.3.1 * python311-PyYAML-debuginfo-6.0.2-150600.10.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27613.html * https://www.suse.com/security/cve/CVE-2025-27614.html * https://www.suse.com/security/cve/CVE-2025-46835.html * https://www.suse.com/security/cve/CVE-2025-48384.html * https://www.suse.com/security/cve/CVE-2025-48385.html * https://bugzilla.suse.com/show_bug.cgi?id=1212476 * https://bugzilla.suse.com/show_bug.cgi?id=1216545 * https://bugzilla.suse.com/show_bug.cgi?id=1218588 * https://bugzilla.suse.com/show_bug.cgi?id=1218664 * https://bugzilla.suse.com/show_bug.cgi?id=1243197 * https://bugzilla.suse.com/show_bug.cgi?id=1245938 * https://bugzilla.suse.com/show_bug.cgi?id=1245939 * https://bugzilla.suse.com/show_bug.cgi?id=1245942 * https://bugzilla.suse.com/show_bug.cgi?id=1245943 * https://bugzilla.suse.com/show_bug.cgi?id=1245946 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 12:33:47 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 12:33:47 -0000 Subject: SUSE-SU-2025:03023-1: important: Security update for the Linux Kernel Message-ID: <175647082743.11069.4030591956456254063@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:03023-1 Release Date: 2025-08-29T11:54:10Z Rating: important References: * bsc#1139073 * bsc#1204142 * bsc#1219338 * bsc#1225707 * bsc#1230216 * bsc#1233300 * bsc#1235613 * bsc#1235837 * bsc#1236333 * bsc#1236897 * bsc#1238896 * bsc#1239061 * bsc#1240323 * bsc#1240885 * bsc#1240966 * bsc#1241166 * bsc#1241345 * bsc#1242086 * bsc#1242414 * bsc#1242837 * bsc#1242960 * bsc#1242965 * bsc#1242993 * bsc#1243068 * bsc#1243100 * bsc#1243479 * bsc#1243669 * bsc#1243806 * bsc#1244309 * bsc#1244457 * bsc#1244735 * bsc#1244749 * bsc#1244750 * bsc#1244792 * bsc#1244801 * bsc#1245151 * bsc#1245201 * bsc#1245202 * bsc#1245216 * bsc#1245260 * bsc#1245431 * bsc#1245440 * bsc#1245457 * bsc#1245498 * bsc#1245499 * bsc#1245504 * bsc#1245506 * bsc#1245508 * bsc#1245510 * bsc#1245540 * bsc#1245598 * bsc#1245599 * bsc#1245646 * bsc#1245647 * bsc#1245649 * bsc#1245650 * bsc#1245654 * bsc#1245658 * bsc#1245660 * bsc#1245665 * bsc#1245666 * bsc#1245668 * bsc#1245669 * bsc#1245670 * bsc#1245671 * bsc#1245675 * bsc#1245676 * bsc#1245677 * bsc#1245679 * bsc#1245682 * bsc#1245683 * bsc#1245684 * bsc#1245688 * bsc#1245689 * bsc#1245690 * bsc#1245691 * bsc#1245695 * bsc#1245705 * bsc#1245708 * bsc#1245711 * bsc#1245713 * bsc#1245714 * bsc#1245719 * bsc#1245723 * bsc#1245729 * bsc#1245730 * bsc#1245731 * bsc#1245735 * bsc#1245737 * bsc#1245744 * bsc#1245745 * bsc#1245746 * bsc#1245747 * bsc#1245748 * bsc#1245749 * bsc#1245750 * bsc#1245751 * bsc#1245752 * bsc#1245757 * bsc#1245758 * bsc#1245765 * bsc#1245768 * bsc#1245769 * bsc#1245777 * bsc#1245781 * bsc#1245789 * bsc#1245937 * bsc#1245945 * bsc#1245951 * bsc#1245952 * bsc#1245954 * bsc#1245957 * bsc#1245966 * bsc#1245970 * bsc#1245976 * bsc#1245980 * bsc#1245983 * bsc#1245986 * bsc#1246000 * bsc#1246002 * bsc#1246006 * bsc#1246008 * bsc#1246020 * bsc#1246023 * bsc#1246029 * bsc#1246031 * bsc#1246037 * bsc#1246041 * bsc#1246042 * bsc#1246044 * bsc#1246045 * bsc#1246047 * bsc#1246049 * bsc#1246050 * bsc#1246055 * bsc#1246073 * bsc#1246093 * bsc#1246098 * bsc#1246109 * bsc#1246122 * bsc#1246125 * bsc#1246171 * bsc#1246173 * bsc#1246178 * bsc#1246182 * bsc#1246183 * bsc#1246186 * bsc#1246195 * bsc#1246203 * bsc#1246212 * bsc#1246220 * bsc#1246236 * bsc#1246240 * bsc#1246243 * bsc#1246246 * bsc#1246249 * bsc#1246250 * bsc#1246253 * bsc#1246258 * bsc#1246262 * bsc#1246264 * bsc#1246266 * bsc#1246268 * bsc#1246273 * bsc#1246283 * bsc#1246287 * bsc#1246292 * bsc#1246293 * bsc#1246295 * bsc#1246334 * bsc#1246337 * bsc#1246342 * bsc#1246349 * bsc#1246354 * bsc#1246358 * bsc#1246361 * bsc#1246364 * bsc#1246370 * bsc#1246375 * bsc#1246384 * bsc#1246386 * bsc#1246387 * bsc#1246438 * bsc#1246453 * bsc#1246473 * bsc#1246490 * bsc#1246506 * bsc#1246547 * bsc#1246777 * bsc#1246781 * bsc#1246870 * bsc#1246879 * bsc#1246911 * bsc#1247018 * bsc#1247023 * bsc#1247028 * bsc#1247031 * bsc#1247033 * bsc#1247035 * bsc#1247061 * bsc#1247089 * bsc#1247091 * bsc#1247097 * bsc#1247098 * bsc#1247101 * bsc#1247103 * bsc#1247104 * bsc#1247113 * bsc#1247118 * bsc#1247123 * bsc#1247125 * bsc#1247128 * bsc#1247132 * bsc#1247138 * bsc#1247141 * bsc#1247143 * bsc#1247145 * bsc#1247146 * bsc#1247147 * bsc#1247149 * bsc#1247150 * bsc#1247151 * bsc#1247153 * bsc#1247154 * bsc#1247156 * bsc#1247160 * bsc#1247164 * bsc#1247169 * bsc#1247170 * bsc#1247171 * bsc#1247172 * bsc#1247174 * bsc#1247176 * bsc#1247177 * bsc#1247178 * bsc#1247181 * bsc#1247209 * bsc#1247210 * bsc#1247227 * bsc#1247233 * bsc#1247236 * bsc#1247238 * bsc#1247241 * bsc#1247251 * bsc#1247252 * bsc#1247253 * bsc#1247255 * bsc#1247271 * bsc#1247273 * bsc#1247274 * bsc#1247276 * bsc#1247277 * bsc#1247278 * bsc#1247279 * bsc#1247284 * bsc#1247285 * bsc#1247288 * bsc#1247289 * bsc#1247293 * bsc#1247311 * bsc#1247314 * bsc#1247317 * bsc#1247347 * bsc#1247348 * bsc#1247349 * bsc#1247374 * bsc#1247437 * bsc#1247450 Cross-References: * CVE-2019-11135 * CVE-2024-36028 * CVE-2024-36348 * CVE-2024-36349 * CVE-2024-36350 * CVE-2024-36357 * CVE-2024-44963 * CVE-2024-56742 * CVE-2024-57947 * CVE-2025-21839 * CVE-2025-21872 * CVE-2025-23163 * CVE-2025-37798 * CVE-2025-37856 * CVE-2025-37864 * CVE-2025-37885 * CVE-2025-37920 * CVE-2025-37984 * CVE-2025-38034 * CVE-2025-38035 * CVE-2025-38051 * CVE-2025-38052 * CVE-2025-38058 * CVE-2025-38061 * CVE-2025-38062 * CVE-2025-38063 * CVE-2025-38064 * CVE-2025-38074 * CVE-2025-38084 * CVE-2025-38085 * CVE-2025-38087 * CVE-2025-38088 * CVE-2025-38089 * CVE-2025-38090 * CVE-2025-38094 * CVE-2025-38095 * CVE-2025-38097 * CVE-2025-38098 * CVE-2025-38099 * CVE-2025-38100 * CVE-2025-38102 * CVE-2025-38105 * CVE-2025-38107 * CVE-2025-38108 * CVE-2025-38109 * CVE-2025-38110 * CVE-2025-38111 * CVE-2025-38112 * CVE-2025-38113 * CVE-2025-38115 * CVE-2025-38117 * CVE-2025-38118 * CVE-2025-38120 * CVE-2025-38122 * CVE-2025-38123 * CVE-2025-38124 * CVE-2025-38126 * CVE-2025-38127 * CVE-2025-38129 * CVE-2025-38131 * CVE-2025-38132 * CVE-2025-38135 * CVE-2025-38136 * CVE-2025-38138 * CVE-2025-38142 * CVE-2025-38143 * CVE-2025-38145 * CVE-2025-38147 * CVE-2025-38148 * CVE-2025-38149 * CVE-2025-38151 * CVE-2025-38153 * CVE-2025-38154 * CVE-2025-38155 * CVE-2025-38157 * CVE-2025-38158 * CVE-2025-38159 * CVE-2025-38161 * CVE-2025-38162 * CVE-2025-38165 * CVE-2025-38166 * CVE-2025-38173 * CVE-2025-38174 * CVE-2025-38177 * CVE-2025-38180 * CVE-2025-38181 * CVE-2025-38182 * CVE-2025-38183 * CVE-2025-38187 * CVE-2025-38188 * CVE-2025-38192 * CVE-2025-38193 * CVE-2025-38194 * CVE-2025-38197 * CVE-2025-38198 * CVE-2025-38200 * CVE-2025-38202 * CVE-2025-38203 * CVE-2025-38204 * CVE-2025-38206 * CVE-2025-38210 * CVE-2025-38211 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38214 * CVE-2025-38215 * CVE-2025-38217 * CVE-2025-38220 * CVE-2025-38222 * CVE-2025-38225 * CVE-2025-38226 * CVE-2025-38227 * CVE-2025-38229 * CVE-2025-38231 * CVE-2025-38236 * CVE-2025-38239 * CVE-2025-38244 * CVE-2025-38246 * CVE-2025-38248 * CVE-2025-38249 * CVE-2025-38250 * CVE-2025-38257 * CVE-2025-38259 * CVE-2025-38264 * CVE-2025-38272 * CVE-2025-38273 * CVE-2025-38275 * CVE-2025-38277 * CVE-2025-38279 * CVE-2025-38283 * CVE-2025-38286 * CVE-2025-38289 * CVE-2025-38290 * CVE-2025-38292 * CVE-2025-38293 * CVE-2025-38300 * CVE-2025-38303 * CVE-2025-38304 * CVE-2025-38305 * CVE-2025-38307 * CVE-2025-38310 * CVE-2025-38312 * CVE-2025-38313 * CVE-2025-38319 * CVE-2025-38323 * CVE-2025-38326 * CVE-2025-38328 * CVE-2025-38332 * CVE-2025-38334 * CVE-2025-38335 * CVE-2025-38336 * CVE-2025-38337 * CVE-2025-38338 * CVE-2025-38342 * CVE-2025-38343 * CVE-2025-38344 * CVE-2025-38345 * CVE-2025-38348 * CVE-2025-38349 * CVE-2025-38350 * CVE-2025-38352 * CVE-2025-38354 * CVE-2025-38362 * CVE-2025-38363 * CVE-2025-38364 * CVE-2025-38365 * CVE-2025-38369 * CVE-2025-38371 * CVE-2025-38373 * CVE-2025-38375 * CVE-2025-38376 * CVE-2025-38377 * CVE-2025-38380 * CVE-2025-38382 * CVE-2025-38384 * CVE-2025-38385 * CVE-2025-38386 * CVE-2025-38387 * CVE-2025-38389 * CVE-2025-38391 * CVE-2025-38392 * CVE-2025-38393 * CVE-2025-38395 * CVE-2025-38396 * CVE-2025-38399 * CVE-2025-38400 * CVE-2025-38401 * CVE-2025-38403 * CVE-2025-38404 * CVE-2025-38406 * CVE-2025-38409 * CVE-2025-38410 * CVE-2025-38412 * CVE-2025-38414 * CVE-2025-38415 * CVE-2025-38416 * CVE-2025-38420 * CVE-2025-38424 * CVE-2025-38425 * CVE-2025-38426 * CVE-2025-38428 * CVE-2025-38429 * CVE-2025-38430 * CVE-2025-38436 * CVE-2025-38443 * CVE-2025-38448 * CVE-2025-38449 * CVE-2025-38455 * CVE-2025-38457 * CVE-2025-38460 * CVE-2025-38461 * CVE-2025-38462 * CVE-2025-38463 * CVE-2025-38465 * CVE-2025-38467 * CVE-2025-38468 * CVE-2025-38470 * CVE-2025-38471 * CVE-2025-38473 * CVE-2025-38474 * CVE-2025-38476 * CVE-2025-38477 * CVE-2025-38478 * CVE-2025-38480 * CVE-2025-38481 * CVE-2025-38482 * CVE-2025-38483 * CVE-2025-38485 * CVE-2025-38487 * CVE-2025-38489 * CVE-2025-38494 * CVE-2025-38495 * CVE-2025-38496 * CVE-2025-38497 * CVE-2025-38498 CVSS scores: * CVE-2019-11135 ( SUSE ): 6.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2019-11135 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36348 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36349 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36350 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36357 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-44963 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-44963 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56742 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-57947 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57947 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21872 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23163 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23163 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37856 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37856 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37864 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37920 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37920 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-37984 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-37984 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38034 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38034 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38035 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38035 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38051 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38052 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38058 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38058 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38061 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38062 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38062 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38063 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38063 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38064 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38064 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38074 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38084 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38084 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38085 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38085 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38087 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38088 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38088 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38089 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38089 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38090 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38090 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38095 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38097 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38097 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38098 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38098 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38099 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38099 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38100 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38102 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38102 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38105 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38105 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38107 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38107 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38108 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38108 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38109 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38109 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38110 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38110 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38111 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38111 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38112 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38112 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38113 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38115 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38115 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38117 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38117 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38118 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38120 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-38120 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-38122 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38123 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38124 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38126 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38126 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38127 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38127 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38129 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38129 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38131 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38131 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38132 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38132 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38135 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38136 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38138 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38142 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38142 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38143 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38143 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38145 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38145 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38147 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38148 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38149 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38149 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38151 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38151 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38153 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38153 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38154 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38154 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38155 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38155 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38157 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38157 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38158 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38158 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38159 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38159 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38161 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38162 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38165 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38166 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38166 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38173 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38173 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38174 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38174 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38180 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38180 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38182 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38183 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38183 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38187 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38187 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38188 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38192 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38192 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38193 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38193 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38194 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38197 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38197 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38198 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38203 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38203 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38204 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38204 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38206 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38206 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38211 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38211 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38214 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38214 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38215 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38217 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38217 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38220 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38220 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38222 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-38222 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2025-38225 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38226 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38226 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38227 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38227 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38229 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38229 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-38231 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38231 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38239 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38239 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38244 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38244 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38246 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38248 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38248 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38249 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38249 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38250 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38250 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38257 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38259 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38259 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38264 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38272 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38273 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38273 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38275 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38277 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38277 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38279 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38279 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38283 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38283 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38286 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38286 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38289 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38289 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38290 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38290 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38292 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38292 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38293 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38293 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38300 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38300 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38303 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38303 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38304 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38305 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38307 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38310 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38310 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38312 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38313 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38319 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38323 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38323 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38326 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38326 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38328 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38332 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38334 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38334 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38335 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38335 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38336 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38337 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38338 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38338 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38342 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-38344 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38344 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38345 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38345 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38348 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38349 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38349 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38350 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38350 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38352 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38352 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38354 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38354 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38362 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38363 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38364 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38364 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38365 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38365 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38369 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38369 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38371 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38371 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38373 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38373 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38375 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38376 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38376 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38377 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38377 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38380 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38380 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38382 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38382 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38384 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38384 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38385 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38385 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38386 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38386 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38387 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38387 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38389 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38389 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38391 ( SUSE ): 5.2 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38391 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38392 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38392 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38393 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38393 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38395 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38395 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38396 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38396 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38399 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38399 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38400 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38400 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38401 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38401 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38403 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38406 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38406 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38409 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38409 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38410 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38410 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38412 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38412 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38414 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38414 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38415 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38415 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38416 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38416 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38425 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38425 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38426 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38426 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38428 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38428 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38429 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38429 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38430 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38430 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38436 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38436 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38448 ( SUSE ): 4.1 CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38448 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38455 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38455 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38457 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38457 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38460 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38460 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38461 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38461 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38462 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38462 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38463 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38463 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38465 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38465 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38467 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38467 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38470 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38471 ( SUSE ): 8.4 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38471 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2025-38473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38474 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38474 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38476 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38476 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38477 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38477 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38478 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38478 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38480 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38480 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38481 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38481 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38482 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38482 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38483 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38483 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38485 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38485 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38487 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38487 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38489 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38489 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38496 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38496 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38497 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38497 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38498 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38498 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Real Time Module 15-SP6 An update that solves 235 vulnerabilities and has 33 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may (bsc#1139073) * CVE-2024-36028: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() (bsc#1225707). * CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357: x86/process: Move the buffer clearing before MONITOR (bsc#1238896). * CVE-2024-44963: btrfs: do not BUG_ON() when freeing tree block after error (bsc#1230216). * CVE-2024-56742: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() (bsc#1235613). * CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061). * CVE-2025-21872: efi/mokvar-table: Avoid repeated map/unmap of the same page (bsc#1240323). * CVE-2025-23163: net: vlan: do not propagate flags on open (bsc#1242837). * CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068). * CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965). * CVE-2025-37885: KVM: x86: Reset IRTE to host control if _new_ route isn't postable (bsc#1242960). * CVE-2025-37920: kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (bsc#1243479). * CVE-2025-37984: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (bsc#1243669). * CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792). * CVE-2025-38035: nvmet-tcp: do not restore null sk_state_change (bsc#1244801). * CVE-2025-38051: smb: client: Fix use-after-free in cifs_fill_dirent (bsc#1244750). * CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151). * CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() (bsc#1245440). * CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216). * CVE-2025-38063: dm: fix unconditional IO throttle caused by REQ_PREFLUSH (bsc#1245202). * CVE-2025-38064: virtio: break and reset virtio devices on device_shutdown() (bsc#1245201). * CVE-2025-38074: vhost-scsi: protect vq->log_used with vq->mutex (bsc#1244735). * CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macb_halt_tx (bsc#1245649). * CVE-2025-38097: kabi: restore encap_sk in struct xfrm_state (bsc#1245660). * CVE-2025-38098: drm/amd/display: Do not treat wb connector as physical in (bsc#1245654). * CVE-2025-38099: Bluetooth: btusb: Fix regression in the initialization of fake Bluetooth controllers (bsc#1245671). * CVE-2025-38100: x86/iopl: Cure TIF_IO_BITMAP inconsistencies (bsc#1245650). * CVE-2025-38105: ALSA: usb-audio: Kill timer properly at removal (bsc#1245682). * CVE-2025-38115: net_sched: sch_sfq: fix a potential crash on gso_skb handling (bsc#1245689). * CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695). * CVE-2025-38126: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (bsc#1245708). * CVE-2025-38131: coresight: prevent deactivate active config while enabling the config (bsc#1245677). * CVE-2025-38132: coresight: holding cscfg_csdev_lock while removing cscfg from csdev (bsc#1245679). * CVE-2025-38147: calipso: unlock rcu before returning -EAFNOSUPPORT (bsc#1245768). * CVE-2025-38158: hisi_acc_vfio_pci: fix XQE dma address error (bsc#1245750). * CVE-2025-38162: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (bsc#1245752). * CVE-2025-38166: bpf: fix ktls panic with sockmap (bsc#1245758). * CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970). * CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937). * CVE-2025-38183: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (bsc#1246006). * CVE-2025-38187: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951). * CVE-2025-38188: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (bsc#1246098). * CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045). * CVE-2025-38202: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980). * CVE-2025-38203: jfs: Fix null-ptr-deref in jfs_ioc_trim (bsc#1246044). * CVE-2025-38204: jfs: fix array-index-out-of-bounds read in add_missing_indices (bsc#1245983). * CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073). * CVE-2025-38210: configfs-tsm-report: Fix NULL dereference of tsm_ops (bsc#1246020). * CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029). * CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966). * CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976). * CVE-2025-38236: af_unix: Disable MSG_OOB for unprivileged users (bsc#1246093). * CVE-2025-38239: scsi: megaraid_sas: Fix invalid node index (bsc#1246178). * CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183). * CVE-2025-38248: bridge: mcast: Fix use-after-free during router port configuration (bsc#1246173). * CVE-2025-38250: kABI workaround for bluetooth hci_dev changes (bsc#1246182). * CVE-2025-38264: llist: add interface to check if a node is on a list (bsc#1246387). * CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268). * CVE-2025-38279: selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264). * CVE-2025-38283: hisi_acc_vfio_pci: bugfix live migration function without VF device driver (bsc#1246273). * CVE-2025-38303: Bluetooth: eir: Fix possible crashes on eir_create_adv_data (bsc#1246354). * CVE-2025-38310: seg6: Fix validation of nexthop addresses (bsc#1246361). * CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473). * CVE-2025-38334: x86/sgx: Prevent attempts to reclaim poisoned pages (bsc#1246384). * CVE-2025-38335: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (bsc#1246250). * CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253). * CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777). * CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781). * CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911). * CVE-2025-38364: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (bsc#1247091). * CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023). * CVE-2025-38371: drm/v3d: Disable interrupts before resetting the GPU (bsc#1247178). * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177). * CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031). * CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169). * CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156). * CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (bsc#1247097). * CVE-2025-38403: vsock/vmci: Clear the vmci transport packet properly when initializing it (bsc#1247141). * CVE-2025-38414: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (bsc#1247145). * CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252). * CVE-2025-38429: bus: mhi: ep: Update read pointer only after buffer is written (bsc#1247253). * CVE-2025-38455: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (bsc#1247101). * CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098). * CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143). * CVE-2025-38461: vsock: Fix transport_* TOCTOU (bsc#1247103). * CVE-2025-38462: vsock: Fix transport_{g2h,h2g} TOCTOU (bsc#1247104). * CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113). * CVE-2025-38465: netlink: make sure we allow at least one dump skb (bsc#1247118). * CVE-2025-38470: kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (bsc#1247288). * CVE-2025-38471: tls: always refresh the queue when reading sock (bsc#1247450). * CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). * CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374). The following non-security bugs were fixed: * Fix dma_unmap_sg() nents value (git-fixes) * Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes). * Revert "ACPI: battery: negate current when discharging" (stable-fixes). * Revert "cgroup_freezer: cgroup_freezing: Check if not frozen" (bsc#1219338). * Revert "drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1" (stable-fixes). * Revert "mmc: sdhci: Disable SD card clock before changing parameters" (git- fixes). * Revert "usb: xhci: Implement xhci_handshake_check_state() helper" (git- fixes). * Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" (stable-fixes). * [SMB3] send channel sequence number in SMB3 requests after reconnects (git- fixes). * acpi: LPSS: Remove AudioDSP related ID (git-fixes). * acpi: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122). * acpi: processor: perflib: Fix initial _PPC limit application (git-fixes). * acpica: Refuse to evaluate a method if arguments are missing (stable-fixes). * af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes). * af_unix: Add a prompt to CONFIG_AF_UNIX_OOB (bsc#1246093). * alsa: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes). * alsa: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable- fixes). * alsa: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable- fixes). * alsa: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes). * alsa: hda/tegra: Add Tegra264 support (stable-fixes). * alsa: hda: Add missing NVIDIA HDA codec IDs (stable-fixes). * alsa: hda: Add new pci id for AMD GPU display HD audio controller (stable- fixes). * alsa: hda: Ignore unsol events for cards being shut down (stable-fixes). * alsa: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git- fixes). * alsa: sb: Do not allow changing the DMA mode during operations (stable- fixes). * alsa: sb: Force to disable DMAs once when DMA mode is changed (stable- fixes). * amd/amdkfd: fix a kfd_process ref leak (stable-fixes). * aoe: clean device rq_list in aoedev_downdev() (git-fixes). * apple-mfi-fastcharge: protect first device name (git-fixes). * asoc: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes). * asoc: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes). * asoc: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable- fixes). * asoc: amd: yc: update quirk data for HP Victus (stable-fixes). * asoc: codec: wcd9335: Convert to GPIO descriptors (stable-fixes). * asoc: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes). * asoc: codecs: wcd9335: Handle nicer probe deferral and simplify with dev_err_probe() (stable-fixes). * asoc: cs35l56: probe() should fail if the device ID is not recognized (git- fixes). * asoc: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git- fixes). * asoc: fsl_xcvr: get channel status data when PHY is not exists (git-fixes). * asoc: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes). * asoc: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git- fixes). * ata: pata_cs5536: fix build on 32-bit UML (stable-fixes). * audit,module: restore audit logging in load failure case (git-fixes). * bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes). * bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes). * bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes). * bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT (git-fixes). * bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes). * bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes). * bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes). * bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes). * bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes). * bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes). * bluetooth: hci_conn: Fix sending BT_HCI_CMD_LE_CREATE_CONN_CANCEL (git- fixes). * bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git- fixes). * bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes). * bluetooth: hci_sync: Attempt to dequeue connection attempt (git-fixes). * bluetooth: hci_sync: Fix UAF on create_le_conn_complete (git-fixes). * bluetooth: hci_sync: Fix handling of HCI_OP_CREATE_CONN_CANCEL (git-fixes). * bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes). * bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes). * bluetooth: hci_sync: revert some mesh modifications (git-fixes). * bpf, sockmap: Fix sk_msg_reset_curr (git-fixes). * bpf/lpm_trie: Inline longest_prefix_match for fastpath (git-fixes). * bpf/selftests: Check errno when percpu map value size exceeds (git-fixes). * bpf: Add a possibly-zero-sized read test (git-fixes). * bpf: Avoid **hidden** attribute in static object (git-fixes). * bpf: Check percpu map value size first (git-fixes). * bpf: Disable some `attribute ignored' warnings in GCC (git-fixes). * bpf: Fix memory leak in bpf_core_apply (git-fixes). * bpf: Fix potential integer overflow in resolve_btfids (git-fixes). * bpf: Harden __bpf_kfunc tag against linker kfunc removal (git-fixes). * bpf: Make the pointer returned by iter next method valid (git-fixes). * bpf: Simplify checking size of helper accesses (git-fixes). * bpf: fix order of args in call to bpf_map_kvcalloc (git-fixes). * bpf: sockmap, updating the sg structure should also update curr (git-fixes). * bpftool: Fix missing pids during link show (git-fixes). * bpftool: Fix undefined behavior caused by shifting into the sign bit (git- fixes). * bpftool: Mount bpffs on provided dir instead of parent dir (git-fixes). * bpftool: Remove unnecessary source files from bootstrap version (git-fixes). * bpftool: Un-const bpf_func_info to fix it for llvm 17 and newer (git-fixes). * btrfs: do not ignore inode missing when replaying log tree (git-fixes). * btrfs: do not silently ignore unexpected extent type when replaying log (git-fixes). * btrfs: do not skip remaining extrefs if dir not found during log replay (git-fixes). * btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068) * btrfs: fix assertion when building free space tree (git-fixes). * btrfs: fix inode lookup error handling during log replay (git-fixes). * btrfs: fix invalid inode pointer dereferences during log replay (git-fixes). * btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes). * btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes). * btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes). * btrfs: fix ssd_spread overallocation (git-fixes). * btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068) * btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes). * btrfs: rename err to ret in btrfs_rmdir() (git-fixes). * btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes). * btrfs: return a btrfs_inode from read_one_inode() (git-fixes). * btrfs: tests: fix chunk map leak after failure to add it to the tree (git- fixes). * btrfs: update superblock's device bytes_used when dropping chunk (git- fixes). * btrfs: use NOFS context when getting inodes during logging and log replay (git-fixes). * btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes). * bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes). * bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes). * can: dev: can_restart(): move debug message and stats after successful restart (stable-fixes). * can: dev: can_restart(): reverse logic to remove need for goto (stable- fixes). * can: kvaser_pciefd: Store device channel index (git-fixes). * can: kvaser_usb: Assign netdev.dev_port based on device channel index (git- fixes). * can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes). * can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes). * can: peak_usb: fix USB FD devices potential malfunction (git-fixes). * cdc-acm: fix race between initial clearing halt and open (git-fixes). * cgroup,freezer: fix incomplete freezing when attaching tasks (bsc#1245789). * cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166). * cifs: reconnect helper should set reconnect for the right channel (git- fixes). * clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes). * clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes). * clk: sunxi-ng: v3s: Fix de clock definition (git-fixes). * clk: xilinx: vcu: unregister pll_post only if registered correctly (git- fixes). * clocksource: Scale the watchdog read retries automatically (bsc#1241345 bsc#1244457). * clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin (bsc#1241345 bsc#1244457). * comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes). * comedi: Fix initialization of data for instructions that write to subdevice (git-fixes). * comedi: Fix some signed shift left operations (git-fixes). * comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes). * comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes). * comedi: das16m1: Fix bit shift out of bounds (git-fixes). * comedi: das6402: Fix bit shift out of bounds (git-fixes). * comedi: pcl812: Fix bit shift out of bounds (git-fixes). * compiler_types.h: Define **retain for __attribute** (( **retain** )) (git- fixes). * crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes). * crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes). * crypto: ccp - Fix locking on alloc failure handling (git-fixes). * crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes). * crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes). * crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes). * crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes). * crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes). * crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes). * crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes). * crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes). * crypto: qat - fix state restore for banks with exceptions (git-fixes). * crypto: qat - flush misc workqueue during device shutdown (git-fixes). * crypto: qat - use unmanaged allocation for dc_data (git-fixes). * crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes). * dm-bufio: fix sched in atomic context (git-fixes). * dm-flakey: error all IOs when num_features is absent (git-fixes). * dm-flakey: make corrupting read bios work (git-fixes). * dm-mirror: fix a tiny race condition (git-fixes). * dm-raid: fix variable in journal device check (git-fixes). * dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes). * dm: do not change md if dm_table_set_restrictions() fails (git-fixes). * dm: free table mempools if not used in __bind (git-fixes). * dm: restrict dm device size to 2^63-512 bytes (git-fixes). * dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes). * dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes). * dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes). * dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git- fixes). * dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes). * dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes). * dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes). * dmaengine: xilinx_dma: Set dma_device directions (stable-fixes). * docs/aBI: Fix sysfs-kernel-address_bits path (git-fixes). * documentation: ACPI: Fix parent device references (git-fixes). * documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes). * drm/amd/display: Do not overwrite dce60_clk_mgr (git-fixes). * drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git- fixes). * drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes). * drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes). * drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes). * drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes). * drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git- fixes). * drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes). * drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes). * drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes). * drm/exynos: fimd: Guard display clock control with runtime PM calls (git- fixes). * drm/framebuffer: Acquire internal references on GEM handles (git-fixes). * drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes). * drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes). * drm/i915/gsc: mei interrupt top half should be in irq disabled context (git- fixes). * drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes). * drm/i915/selftests: Change mock_request() to return error pointers (git- fixes). * drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes). * drm/msm: Fix a fence leak in submit error path (stable-fixes). * drm/msm: Fix another leak in the submit error path (stable-fixes). * drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes). * drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes). * drm/sched: Increment job count before swapping tail spsc queue (git-fixes). * drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes). * drm/scheduler: signal scheduled fence when kill job (stable-fixes). * drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes). * drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes). * drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes). * exfat: fdatasync flag should be same like generic_write_sync() (git-fixes). * fbcon: Fix outdated registered_fb reference in comment (git-fixes). * fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes). * firewire: ohci: correct code comments about bus_reset tasklet (git-fixes). * fs/jfs: consolidate sanity checking in dbMount (git-fixes). * fs/orangefs: Allow 2 more characters in do_c_string() (git-fixes). * gpio: mlxbf2: use platform_get_irq_optional() (git-fixes). * gpio: pca953x: log an error when failing to get the reset GPIO (git-fixes). * gpio: sim: include a missing header (git-fixes). * gpio: vf610: add locking to gpio direction functions (git-fixes). * gpio: virtio: Fix config space reading (git-fixes). * gpiolib: Fix debug messaging in gpiod_find_and_request() (git-fixes). * gpiolib: Handle no pin_ranges in gpiochip_generic_config() (git-fixes). * gpiolib: acpi: Do not use GPIO chip fwnode in acpi_gpiochip_find() (bsc#1233300). * gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match (bsc#1233300). * gpiolib: cdev: Ignore reconfiguration without direction (git-fixes). * gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes). * hfs: make splice write available again (git-fixes). * hfsplus: make splice write available again (git-fixes). * hfsplus: remove mutex_lock check in hfsplus_free_extents (git-fixes). * hid: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes). * hid: core: do not bypass hid_hw_raw_request (stable-fixes). * hid: core: ensure __hid_request reserves the report ID as the first byte (git-fixes). * hid: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes). * hid: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable- fixes). * hid: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable- fixes). * hv_netvsc: Use VF's tso_max_size value when data path is VF (bsc#1246203). * hwmon: (corsair-cpro) Validate the size of the received input buffer (git- fixes). * hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes). * hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes). * hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes). * i2c/designware: Fix an initialization issue (git-fixes). * i2c: qup: jump out of the loop in case of timeout (git-fixes). * i2c: stm32: fix the device used for the DMA map (git-fixes). * i2c: tegra: Fix reset error handling with ACPI (git-fixes). * i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes). * i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes). * ib/mlx5: Fix potential deadlock in MR deregistration (git-fixes) * iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git- fixes). * iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes). * iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable- fixes). * iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes). * iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes). * iio: adc: max1363: Reorder mode_list[] entries (stable-fixes). * iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes). * iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes). * iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes). * input: iqs7222 - explicitly define number of external channels (git-fixes). * input: xpad - adjust error handling for disconnect (git-fixes). * input: xpad - set correct controller type for Acer NGR200 (git-fixes). * input: xpad - support Acer NGR 200 Controller (stable-fixes). * iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes). * iommu/amd: Set the pgsize_bitmap correctly (git-fixes). * iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes). * iommu/vt-d: Fix possible circular locking dependency (git-fixes). * iommu/vt-d: Fix system hang on reboot -f (git-fixes). * ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes). * ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (git-fixes). * ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes). * ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes). * iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes). * jfs: fix metapage reference count leak in dbAllocCtl (git-fixes). * kABI workaround for struct drm_framebuffer changes (git-fixes). * kABI: Fix the module::name type in audit_context (git-fixes). * kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes). * kernel-syms.spec: Drop old rpm release number hack (bsc#1247172). * leds: multicolor: Fix intensity setting while SW blinking (stable-fixes). * lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1236897). * lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897). * logitech C-270 even more broken (stable-fixes). * maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes). * md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes). * media: gspca: Add bounds checking to firmware parser (git-fixes). * media: hi556: correct the test pattern configuration (git-fixes). * media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes). * media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes). * media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git- fixes). * media: usbtv: Lock resolution while streaming (git-fixes). * media: uvcvideo: Do not mark valid metadata as invalid (git-fixes). * media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git- fixes). * media: v4l2-ctrls: Do not reset handler's error in v4l2_ctrl_handler_free() (git-fixes). * media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes). * media: venus: Add a check for packet size after reading from shared memory (git-fixes). * media: venus: hfi: explicitly release IRQ during teardown (git-fixes). * media: venus: protect against spurious interrupts during probe (git-fixes). * media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git- fixes). * media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git- fixes). * media: vivid: fix wrong pixel_array control size (git-fixes). * memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git- fixes). * mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes). * misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes). * mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes). * mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes). * mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes). * mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes). * mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes). * module: Fix memory deallocation on error path in move_module() (git-fixes). * module: Remove unnecessary +1 from last_unloaded_module::name size (git- fixes). * module: Restore the moduleparam prefix length check (git-fixes). * mtd: fix possible integer overflow in erase_xfer() (git-fixes). * mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes). * mtd: rawnand: atmel: set pmecc data setup time (git-fixes). * mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes). * mtd: rawnand: renesas: Add missing check after DMA map (git-fixes). * mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes). * mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes). * mtd: spinand: fix memory leak of ECC engine conf (stable-fixes). * mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes). * mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes). * mtk-sd: Prevent memory corruption from DMA map failure (git-fixes). * mtk-sd: reset host->mrq on prepare_data() error (git-fixes). * mwl8k: Add missing check after DMA map (git-fixes). * nbd: fix uaf in nbd_genl_connect() error path (git-fixes). * net/packet: fix a race in packet_set_ring() and packet_notifier() (git- fixes). * net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes). * net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git- fixes). * net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git- fixes). * net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes). * net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes). * net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes). * net: mana: Add debug logs in MANA network driver (bsc#1246212). * net: mana: Add handler for hardware servicing events (bsc#1245730). * net: mana: Allocate MSI-X vectors dynamically (bsc#1245457). * net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457). * net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (bsc#1246203). * net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729). * net: mana: Set tx_packets to post gso processing packet count (bsc#1245731). * net: mana: explain irq_setup() algorithm (bsc#1245457). * net: phy: Do not register LEDs for genphy (git-fixes). * net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes). * net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes). * net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git- fixes). * net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes). * net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git- fixes). * net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes). * net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes). * net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes). * netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes). * nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git- fixes). * nfs: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes). * nfs: Fix the setting of capabilities when automounting a new filesystem (git-fixes). * nfs: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git- fixes). * nfs: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes). * nfsd: detect mismatch of file handle and delegation stateid in OPEN op (git- fixes). * nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes). * nfsv4.2: another fix for listxattr (git-fixes). * nfsv4.2: fix listxattr to return selinux security label (git-fixes). * nfsv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes). * nfsv4: Always set NLINK even if the server does not support it (git-fixes). * nfsv4: xattr handlers should check for absent nfs filehandles (git-fixes). * nilfs2: reject invalid file types when reading inodes (git-fixes). * nvme-pci: refresh visible attrs after being checked (git-fixes). * nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes). * nvme: fix endianness of command word prints in nvme_log_err_passthru() (git- fixes). * nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes). * nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes). * nvmet-tcp: fix callback lock for TLS handshake (git-fixes). * objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes). * objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks (git-fixes). * objtool: Fix _THIS_IP_ detection for cold functions (git-fixes). * objtool: Fix error handling inconsistencies in check() (git-fixes). * objtool: Ignore dangling jump table entries (git-fixes). * objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes). * objtool: Properly disable uaccess validation (git-fixes). * objtool: Silence more KCOV warnings (git-fixes). * objtool: Silence more KCOV warnings, part 2 (git-fixes). * objtool: Stop UNRET validation on UD2 (git-fixes). * pNFS/flexfiles: do not attempt pnfs on fatal DS errors (git-fixes). * pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes). * pci/msi: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457). * pci: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes). * pci: endpoint: Fix configfs group list head handling (git-fixes). * pci: endpoint: Fix configfs group removal on driver teardown (git-fixes). * pci: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes). * pci: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes). * pci: hv: Allow dynamic MSI-X vector allocation (bsc#1245457). * pci: rockchip-host: Fix "Unexpected Completion" log message (git-fixes). * perf: Fix sample vs do_exit() (bsc#1246547). * phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git- fixes). * pinctrl: amd: Clear GPIO debounce for suspend (git-fixes). * pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes). * pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes). * pinmux: fix race causing mux_owner NULL with active mux_usecount (git- fixes). * platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git- fixes). * platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git- fixes). * platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes). * platform/mellanox: mlxreg-lc: Fix logic error in power state check (git- fixes). * platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes). * platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes). * platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes). * platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes). * platform/x86: think-lmi: Create ksets consecutively (stable-fixes). * platform/x86: think-lmi: Fix kobject cleanup (git-fixes). * platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes). * pm / devfreq: Check governor before using governor->name (git-fixes). * power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes). * power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git- fixes). * powercap: call put_device() on an error path in powercap_register_control_type() (stable-fixes). * powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git- fixes). * powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes). * powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH (git-fixes). * ptp: fix breakage after ptp_vclock_in_use() rework (bsc#1246506). * pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes). * pwm: mediatek: Ensure to disable clocks in error path (git-fixes). * rdma/core: Rate limit GID cache warning messages (git-fixes) * rdma/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes) * rdma/hns: Drop GFP_NOWARN (git-fixes) * rdma/hns: Fix -Wframe-larger-than issue (git-fixes) * rdma/hns: Fix HW configurations not cleared in error flow (git-fixes) * rdma/hns: Fix accessing uninitialized resources (git-fixes) * rdma/hns: Fix double destruction of rsv_qp (git-fixes) * rdma/hns: Get message length of ack_req from FW (git-fixes) * rdma/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes) * rdma/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes) * rdma/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes) * rdma/mlx5: Fix CC counters query for MPV (git-fixes) * rdma/mlx5: Fix HW counters query for non-representor devices (git-fixes) * rdma/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes) * rdma/mlx5: Fix vport loopback for MPV device (git-fixes) * rdma/mlx5: Initialize obj_event->obj_sub_list before xa_insert (git-fixes) * rdma/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes) * rdma/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes) * rdma/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes) * rdma/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes) * rdma/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git- fixes) * rdma/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes) * regmap: fix potential memory leak of regmap_bus (git-fixes). * regulator: fan53555: add enable_time support and soft-start times (stable- fixes). * regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git- fixes). * regulator: pwm-regulator: Calculate the output voltage for disabled PWMs (stable-fixes). * resource: fix false warning in __request_region() (git-fixes). * restore UCSI_CONNECTOR_RESET_HARD definition (git-fixes). * ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes). * rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes). * rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes). * rpm/kernel-subpackage-spec: Skip brp-strip-debug to avoid file truncation (bsc#1246879) Put the same workaround to avoid file truncation of vmlinux and co in kernel-default-base package, too. * rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes). * rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes). * rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes). * rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes). * rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes). * rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes). * s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246870). * s390/entry: Fix last breaking event handling in case of stack corruption (git-fixes bsc#1243806). * s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245646). * s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245647). * s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245598). * s390: Add z17 elf platform (LTC#214086 bsc#1245540). * samples: mei: Fix building on musl libc (git-fixes). * sched,freezer: Remove unnecessary warning in __thaw_task (bsc#1219338). * sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up() (git- fixes). * scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes). * scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Modify end-of-life adapters' model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142). * scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: megaraid_sas: Fix invalid node index (git-fixes). * scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git- fixes). * scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git- fixes). * scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245599). * selftests/bpf: Add CFLAGS per source file and runner (git-fixes). * selftests/bpf: Add tests for iter next method returning valid pointer (git- fixes). * selftests/bpf: Change functions definitions to support GCC (git-fixes). * selftests/bpf: Fix a few tests for GCC related warnings (git-fixes). * selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect (git-fixes). * selftests/bpf: Fix prog numbers in test_sockmap (git-fixes). * smb3: move server check earlier when setting channel sequence number (git- fixes). * smb3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion (git-fixes). * soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes). * soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes). * soc: aspeed: lpc-snoop: Do not disable channels that are not enabled (git- fixes). * soc: qcom: QMI encoding/decoding for big endian (git-fixes). * soc: qcom: fix endianness for QMI header (git-fixes). * soc: qcom: pmic_glink: fix OF node leak (git-fixes). * soundwire: amd: fix for clearing command status register (git-fixes). * soundwire: stream: restore params when prepare ports fail (git-fixes). * spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git- fixes). * staging: axis-fifo: remove sysfs interface (git-fixes). * staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git- fixes). * staging: nvec: Fix incorrect null termination of battery manufacturer (git- fixes). * struct cdns: move new member to the end (git-fixes). * struct ucsi_operations: use padding for new operation (git-fixes). * sunrpc: do not immediately retransmit on seqno miss (git-fixes). * sunrpc: fix client side handling of tls alerts (git-fixes). * supported.conf: add missing entries for armv7hl * supported.conf: move nvme-apple to optional again * supported.conf: sort entries again * tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes). * thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes). * thunderbolt: Fix copy+paste error in match_service_id() (git-fixes). * thunderbolt: Fix wake on connect at runtime (git-fixes). * tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes). * tracing/kprobes: Fix to free objects when failed to copy a symbol (git- fixes). * types: Complement the aligned types with signed 64-bit one (stable-fixes). * ucount: fix atomic_long_inc_below() argument type (git-fixes). * ucsi-glink: adapt to kABI consistency (git-fixes). * ucsi_ccg: Refine the UCSI Interrupt handling (git-fixes). * ucsi_operations: add stubs for all operations (git-fixes). * ucsi_ops: adapt update_connector to kABI consistency (git-fixes). * usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes). * usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes). * usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes). * usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes). * usb: cdnsp: Fix issue with resuming from L1 (git-fixes). * usb: cdnsp: Replace snprintf() with the safer scnprintf() variant (stable- fixes). * usb: cdnsp: do not disable slot for disabled slot (git-fixes). * usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes). * usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes). * usb: dwc2: also exit clock_gating when stopping udc while suspended (stable- fixes). * usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes). * usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes). * usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes). * usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes). * usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes). * usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes). * usb: hub: Do not try to recover devices lost during warm reset (git-fixes). * usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes). * usb: musb: fix gadget state on disconnect (git-fixes). * usb: musb: omap2430: fix device leak at unbind (git-fixes). * usb: net: sierra: check for no status endpoint (git-fixes). * usb: potential integer overflow in usbg_make_tpg() (stable-fixes). * usb: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes). * usb: serial: option: add Foxconn T99W640 (stable-fixes). * usb: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable- fixes). * usb: typec: Update sysfs when setting ops (git-fixes). * usb: typec: altmodes/displayport: do not index invalid pin_assignments (git- fixes). * usb: typec: displayport: Fix potential deadlock (git-fixes). * usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes). * usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable- fixes). * usb: typec: tcpm: allow switching to mode accessory to mux properly (stable- fixes). * usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes). * usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git- fixes). * usb: typec: ucsi: Add DATA_RESET option of Connector Reset command (git- fixes). * usb: typec: ucsi: Add qcm6490-pmic-glink as needing PDOS quirk (git-fixes). * usb: typec: ucsi: Delay alternate mode discovery (git-fixes). * usb: typec: ucsi: Fix busy loop on ASUS VivoBooks (git-fixes). * usb: typec: ucsi: Fix the partner PD revision (git-fixes). * usb: typec: ucsi: Get PD revision for partner (git-fixes). * usb: typec: ucsi: Set orientation as none when connector is unplugged (git- fixes). * usb: typec: ucsi: Update power_supply on power role change (git-fixes). * usb: typec: ucsi: add callback for connector status updates (git-fixes). * usb: typec: ucsi: add update_connector callback (git-fixes). * usb: typec: ucsi: do not retrieve PDOs if not supported (git-fixes). * usb: typec: ucsi: extract code to read PD caps (git-fixes). * usb: typec: ucsi: fix UCSI on SM8550 & SM8650 Qualcomm devices (git-fixes). * usb: typec: ucsi: glink: fix off-by-one in connector_status (git-fixes). * usb: typec: ucsi: glink: increase max ports for x1e80100 (git-fixes). * usb: typec: ucsi: glink: move GPIO reading into connector_status callback (git-fixes). * usb: typec: ucsi: glink: use typec_set_orientation (git-fixes). * usb: typec: ucsi: move ucsi_acknowledge() from ucsi_read_error() (git- fixes). * usb: typec: ucsi: properly register partner's PD device (git-fixes). * usb: typec: ucsi: support delaying GET_PDOS for device (git-fixes). * usb: typec: ucsi_acpi: Add LG Gram quirk (git-fixes). * usb: typec: ucsi_glink: drop NO_PARTNER_PDOS quirk for sm8550 / sm8650 (git- fixes). * usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk (git-fixes). * usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk on qcm6490 (git-fixes). * usb: typec: ucsi_glink: rework quirks implementation (git-fixes). * usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git- fixes). * usb: xhci: quirk for data loss in ISOC transfers (stable-fixes). * usb:cdnsp: remove TRB_FLUSH_ENDPOINT command (stable-fixes). * virtgpu: do not reset on shutdown (git-fixes). * vmci: Prevent the dispatching of uninitialized payloads (git-fixes). * vt: add missing notification when switching back to text mode (stable- fixes). * vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes). * vt: keyboard: Do not process Unicode characters in K_OFF mode (git-fixes). * watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git- fixes). * wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes). * wifi: ath11k: fix dest ring-buffer corruption (git-fixes). * wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes). * wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes). * wifi: ath11k: fix source ring-buffer corruption (git-fixes). * wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes). * wifi: ath12k: fix dest ring-buffer corruption (git-fixes). * wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes). * wifi: ath12k: fix endianness handling while accessing wmi service bit (git- fixes). * wifi: ath12k: fix source ring-buffer corruption (git-fixes). * wifi: ath6kl: remove WARN on bad firmware input (stable-fixes). * wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes). * wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes). * wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes). * wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes). * wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes). * wifi: mac80211: Add link iteration macro for link data (stable-fixes). * wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes). * wifi: mac80211: Do not call fq_flow_idx() for management frames (git-fixes). * wifi: mac80211: Do not schedule stopped TXQs (git-fixes). * wifi: mac80211: chan: chandef is non-NULL for reserved (stable-fixes). * wifi: mac80211: drop invalid source address OCB frames (stable-fixes). * wifi: mac80211: reject TDLS operations when station is not associated (git- fixes). * wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes). * wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes). * wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes). * wifi: plfxlc: Fix error handling in usb driver probe (git-fixes). * wifi: prevent A-MSDU attacks in mesh networks (stable-fixes). * wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes). * wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes). * wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes). * x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes). * x86/mce/amd: Add default names for MCA banks and blocks (git-fixes). * x86/mce/amd: Fix threshold limit reset (git-fixes). * x86/mce: Do not remove sysfs if thresholding sysfs init fails (git-fixes). * x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git- fixes). * x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git- fixes). * x86/traps: Initialize DR6 by writing its architectural reset value (git- fixes). * x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes). * x86: UV RTC: Add parameter to disable RTC clocksource (bsc#1241345). * xfs: fix off-by-one error in fsmap's end_daddr usage (bsc#1235837). * xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes). * xfs: remove unused event xfs_alloc_near_error (git-fixes). * xfs: remove unused event xfs_alloc_near_nominleft (git-fixes). * xfs: remove unused event xfs_attr_node_removename (git-fixes). * xfs: remove unused event xfs_ioctl_clone (git-fixes). * xfs: remove unused event xfs_pagecache_inval (git-fixes). * xfs: remove unused event xlog_iclog_want_sync (git-fixes). * xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes). * xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes). * xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes). * xfs: remove unused xfs_attr events (git-fixes). * xfs: remove unused xfs_reflink_compare_extents events (git-fixes). * xfs: remove usused xfs_end_io_direct events (git-fixes). * xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git- fixes). * xhci: dbc: Flush queued requests before stopping dbc (git-fixes). * xhci: dbctty: disable ECHO flag by default (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-3023=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-3023=1 * SUSE Real Time Module 15-SP6 zypper in -t patch SUSE-SLE-Module-RT-15-SP6-2025-3023=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * kernel-rt-vdso-6.4.0-150600.10.49.1 * kernel-syms-rt-6.4.0-150600.10.49.1 * reiserfs-kmp-rt-debuginfo-6.4.0-150600.10.49.1 * kernel-rt-optional-6.4.0-150600.10.49.1 * dlm-kmp-rt-6.4.0-150600.10.49.1 * kernel-rt-debugsource-6.4.0-150600.10.49.1 * gfs2-kmp-rt-debuginfo-6.4.0-150600.10.49.1 * gfs2-kmp-rt-6.4.0-150600.10.49.1 * kernel-rt-vdso-debuginfo-6.4.0-150600.10.49.1 * kernel-rt-livepatch-devel-6.4.0-150600.10.49.1 * kernel-rt_debug-debugsource-6.4.0-150600.10.49.1 * kernel-rt-devel-debuginfo-6.4.0-150600.10.49.1 * kernel-rt_debug-vdso-6.4.0-150600.10.49.1 * ocfs2-kmp-rt-6.4.0-150600.10.49.1 * kernel-rt-debuginfo-6.4.0-150600.10.49.1 * kernel-rt-devel-6.4.0-150600.10.49.1 * kselftests-kmp-rt-debuginfo-6.4.0-150600.10.49.1 * kernel-rt-extra-debuginfo-6.4.0-150600.10.49.1 * cluster-md-kmp-rt-debuginfo-6.4.0-150600.10.49.1 * kernel-rt-extra-6.4.0-150600.10.49.1 * kernel-rt_debug-devel-6.4.0-150600.10.49.1 * ocfs2-kmp-rt-debuginfo-6.4.0-150600.10.49.1 * cluster-md-kmp-rt-6.4.0-150600.10.49.1 * dlm-kmp-rt-debuginfo-6.4.0-150600.10.49.1 * kselftests-kmp-rt-6.4.0-150600.10.49.1 * kernel-rt_debug-vdso-debuginfo-6.4.0-150600.10.49.1 * kernel-rt_debug-devel-debuginfo-6.4.0-150600.10.49.1 * kernel-rt-optional-debuginfo-6.4.0-150600.10.49.1 * reiserfs-kmp-rt-6.4.0-150600.10.49.1 * kernel-rt_debug-debuginfo-6.4.0-150600.10.49.1 * openSUSE Leap 15.6 (noarch) * kernel-source-rt-6.4.0-150600.10.49.1 * kernel-devel-rt-6.4.0-150600.10.49.1 * openSUSE Leap 15.6 (nosrc x86_64) * kernel-rt-6.4.0-150600.10.49.1 * kernel-rt_debug-6.4.0-150600.10.49.1 * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_49-rt-debuginfo-1-150600.1.5.1 * kernel-livepatch-SLE15-SP6-RT_Update_14-debugsource-1-150600.1.5.1 * kernel-livepatch-6_4_0-150600_10_49-rt-1-150600.1.5.1 * SUSE Real Time Module 15-SP6 (x86_64) * kernel-rt_debug-debugsource-6.4.0-150600.10.49.1 * kernel-rt-debuginfo-6.4.0-150600.10.49.1 * kernel-syms-rt-6.4.0-150600.10.49.1 * kernel-rt-devel-debuginfo-6.4.0-150600.10.49.1 * kernel-rt_debug-devel-6.4.0-150600.10.49.1 * ocfs2-kmp-rt-debuginfo-6.4.0-150600.10.49.1 * dlm-kmp-rt-6.4.0-150600.10.49.1 * cluster-md-kmp-rt-6.4.0-150600.10.49.1 * kernel-rt-debugsource-6.4.0-150600.10.49.1 * kernel-rt-devel-6.4.0-150600.10.49.1 * dlm-kmp-rt-debuginfo-6.4.0-150600.10.49.1 * gfs2-kmp-rt-debuginfo-6.4.0-150600.10.49.1 * gfs2-kmp-rt-6.4.0-150600.10.49.1 * kernel-rt_debug-devel-debuginfo-6.4.0-150600.10.49.1 * cluster-md-kmp-rt-debuginfo-6.4.0-150600.10.49.1 * ocfs2-kmp-rt-6.4.0-150600.10.49.1 * kernel-rt_debug-debuginfo-6.4.0-150600.10.49.1 * SUSE Real Time Module 15-SP6 (noarch) * kernel-source-rt-6.4.0-150600.10.49.1 * kernel-devel-rt-6.4.0-150600.10.49.1 * SUSE Real Time Module 15-SP6 (nosrc x86_64) * kernel-rt-6.4.0-150600.10.49.1 * kernel-rt_debug-6.4.0-150600.10.49.1 ## References: * https://www.suse.com/security/cve/CVE-2019-11135.html * https://www.suse.com/security/cve/CVE-2024-36028.html * https://www.suse.com/security/cve/CVE-2024-36348.html * https://www.suse.com/security/cve/CVE-2024-36349.html * https://www.suse.com/security/cve/CVE-2024-36350.html * https://www.suse.com/security/cve/CVE-2024-36357.html * https://www.suse.com/security/cve/CVE-2024-44963.html * https://www.suse.com/security/cve/CVE-2024-56742.html * https://www.suse.com/security/cve/CVE-2024-57947.html * https://www.suse.com/security/cve/CVE-2025-21839.html * https://www.suse.com/security/cve/CVE-2025-21872.html * https://www.suse.com/security/cve/CVE-2025-23163.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-37856.html * https://www.suse.com/security/cve/CVE-2025-37864.html * https://www.suse.com/security/cve/CVE-2025-37885.html * https://www.suse.com/security/cve/CVE-2025-37920.html * https://www.suse.com/security/cve/CVE-2025-37984.html * https://www.suse.com/security/cve/CVE-2025-38034.html * https://www.suse.com/security/cve/CVE-2025-38035.html * https://www.suse.com/security/cve/CVE-2025-38051.html * https://www.suse.com/security/cve/CVE-2025-38052.html * https://www.suse.com/security/cve/CVE-2025-38058.html * https://www.suse.com/security/cve/CVE-2025-38061.html * https://www.suse.com/security/cve/CVE-2025-38062.html * https://www.suse.com/security/cve/CVE-2025-38063.html * https://www.suse.com/security/cve/CVE-2025-38064.html * https://www.suse.com/security/cve/CVE-2025-38074.html * https://www.suse.com/security/cve/CVE-2025-38084.html * https://www.suse.com/security/cve/CVE-2025-38085.html * https://www.suse.com/security/cve/CVE-2025-38087.html * https://www.suse.com/security/cve/CVE-2025-38088.html * https://www.suse.com/security/cve/CVE-2025-38089.html * https://www.suse.com/security/cve/CVE-2025-38090.html * https://www.suse.com/security/cve/CVE-2025-38094.html * https://www.suse.com/security/cve/CVE-2025-38095.html * https://www.suse.com/security/cve/CVE-2025-38097.html * https://www.suse.com/security/cve/CVE-2025-38098.html * https://www.suse.com/security/cve/CVE-2025-38099.html * https://www.suse.com/security/cve/CVE-2025-38100.html * https://www.suse.com/security/cve/CVE-2025-38102.html * https://www.suse.com/security/cve/CVE-2025-38105.html * https://www.suse.com/security/cve/CVE-2025-38107.html * https://www.suse.com/security/cve/CVE-2025-38108.html * https://www.suse.com/security/cve/CVE-2025-38109.html * https://www.suse.com/security/cve/CVE-2025-38110.html * https://www.suse.com/security/cve/CVE-2025-38111.html * https://www.suse.com/security/cve/CVE-2025-38112.html * https://www.suse.com/security/cve/CVE-2025-38113.html * https://www.suse.com/security/cve/CVE-2025-38115.html * https://www.suse.com/security/cve/CVE-2025-38117.html * https://www.suse.com/security/cve/CVE-2025-38118.html * https://www.suse.com/security/cve/CVE-2025-38120.html * https://www.suse.com/security/cve/CVE-2025-38122.html * https://www.suse.com/security/cve/CVE-2025-38123.html * https://www.suse.com/security/cve/CVE-2025-38124.html * https://www.suse.com/security/cve/CVE-2025-38126.html * https://www.suse.com/security/cve/CVE-2025-38127.html * https://www.suse.com/security/cve/CVE-2025-38129.html * https://www.suse.com/security/cve/CVE-2025-38131.html * https://www.suse.com/security/cve/CVE-2025-38132.html * https://www.suse.com/security/cve/CVE-2025-38135.html * https://www.suse.com/security/cve/CVE-2025-38136.html * https://www.suse.com/security/cve/CVE-2025-38138.html * https://www.suse.com/security/cve/CVE-2025-38142.html * https://www.suse.com/security/cve/CVE-2025-38143.html * https://www.suse.com/security/cve/CVE-2025-38145.html * https://www.suse.com/security/cve/CVE-2025-38147.html * https://www.suse.com/security/cve/CVE-2025-38148.html * https://www.suse.com/security/cve/CVE-2025-38149.html * https://www.suse.com/security/cve/CVE-2025-38151.html * https://www.suse.com/security/cve/CVE-2025-38153.html * https://www.suse.com/security/cve/CVE-2025-38154.html * https://www.suse.com/security/cve/CVE-2025-38155.html * https://www.suse.com/security/cve/CVE-2025-38157.html * https://www.suse.com/security/cve/CVE-2025-38158.html * https://www.suse.com/security/cve/CVE-2025-38159.html * https://www.suse.com/security/cve/CVE-2025-38161.html * https://www.suse.com/security/cve/CVE-2025-38162.html * https://www.suse.com/security/cve/CVE-2025-38165.html * https://www.suse.com/security/cve/CVE-2025-38166.html * https://www.suse.com/security/cve/CVE-2025-38173.html * https://www.suse.com/security/cve/CVE-2025-38174.html * https://www.suse.com/security/cve/CVE-2025-38177.html * https://www.suse.com/security/cve/CVE-2025-38180.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38182.html * https://www.suse.com/security/cve/CVE-2025-38183.html * https://www.suse.com/security/cve/CVE-2025-38187.html * https://www.suse.com/security/cve/CVE-2025-38188.html * https://www.suse.com/security/cve/CVE-2025-38192.html * https://www.suse.com/security/cve/CVE-2025-38193.html * https://www.suse.com/security/cve/CVE-2025-38194.html * https://www.suse.com/security/cve/CVE-2025-38197.html * https://www.suse.com/security/cve/CVE-2025-38198.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38202.html * https://www.suse.com/security/cve/CVE-2025-38203.html * https://www.suse.com/security/cve/CVE-2025-38204.html * https://www.suse.com/security/cve/CVE-2025-38206.html * https://www.suse.com/security/cve/CVE-2025-38210.html * https://www.suse.com/security/cve/CVE-2025-38211.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38214.html * https://www.suse.com/security/cve/CVE-2025-38215.html * https://www.suse.com/security/cve/CVE-2025-38217.html * https://www.suse.com/security/cve/CVE-2025-38220.html * https://www.suse.com/security/cve/CVE-2025-38222.html * https://www.suse.com/security/cve/CVE-2025-38225.html * https://www.suse.com/security/cve/CVE-2025-38226.html * https://www.suse.com/security/cve/CVE-2025-38227.html * https://www.suse.com/security/cve/CVE-2025-38229.html * https://www.suse.com/security/cve/CVE-2025-38231.html * https://www.suse.com/security/cve/CVE-2025-38236.html * https://www.suse.com/security/cve/CVE-2025-38239.html * https://www.suse.com/security/cve/CVE-2025-38244.html * https://www.suse.com/security/cve/CVE-2025-38246.html * https://www.suse.com/security/cve/CVE-2025-38248.html * https://www.suse.com/security/cve/CVE-2025-38249.html * https://www.suse.com/security/cve/CVE-2025-38250.html * https://www.suse.com/security/cve/CVE-2025-38257.html * https://www.suse.com/security/cve/CVE-2025-38259.html * https://www.suse.com/security/cve/CVE-2025-38264.html * https://www.suse.com/security/cve/CVE-2025-38272.html * https://www.suse.com/security/cve/CVE-2025-38273.html * https://www.suse.com/security/cve/CVE-2025-38275.html * https://www.suse.com/security/cve/CVE-2025-38277.html * https://www.suse.com/security/cve/CVE-2025-38279.html * https://www.suse.com/security/cve/CVE-2025-38283.html * https://www.suse.com/security/cve/CVE-2025-38286.html * https://www.suse.com/security/cve/CVE-2025-38289.html * https://www.suse.com/security/cve/CVE-2025-38290.html * https://www.suse.com/security/cve/CVE-2025-38292.html * https://www.suse.com/security/cve/CVE-2025-38293.html * https://www.suse.com/security/cve/CVE-2025-38300.html * https://www.suse.com/security/cve/CVE-2025-38303.html * https://www.suse.com/security/cve/CVE-2025-38304.html * https://www.suse.com/security/cve/CVE-2025-38305.html * https://www.suse.com/security/cve/CVE-2025-38307.html * https://www.suse.com/security/cve/CVE-2025-38310.html * https://www.suse.com/security/cve/CVE-2025-38312.html * https://www.suse.com/security/cve/CVE-2025-38313.html * https://www.suse.com/security/cve/CVE-2025-38319.html * https://www.suse.com/security/cve/CVE-2025-38323.html * https://www.suse.com/security/cve/CVE-2025-38326.html * https://www.suse.com/security/cve/CVE-2025-38328.html * https://www.suse.com/security/cve/CVE-2025-38332.html * https://www.suse.com/security/cve/CVE-2025-38334.html * https://www.suse.com/security/cve/CVE-2025-38335.html * https://www.suse.com/security/cve/CVE-2025-38336.html * https://www.suse.com/security/cve/CVE-2025-38337.html * https://www.suse.com/security/cve/CVE-2025-38338.html * https://www.suse.com/security/cve/CVE-2025-38342.html * https://www.suse.com/security/cve/CVE-2025-38343.html * https://www.suse.com/security/cve/CVE-2025-38344.html * https://www.suse.com/security/cve/CVE-2025-38345.html * https://www.suse.com/security/cve/CVE-2025-38348.html * https://www.suse.com/security/cve/CVE-2025-38349.html * https://www.suse.com/security/cve/CVE-2025-38350.html * https://www.suse.com/security/cve/CVE-2025-38352.html * https://www.suse.com/security/cve/CVE-2025-38354.html * https://www.suse.com/security/cve/CVE-2025-38362.html * https://www.suse.com/security/cve/CVE-2025-38363.html * https://www.suse.com/security/cve/CVE-2025-38364.html * https://www.suse.com/security/cve/CVE-2025-38365.html * https://www.suse.com/security/cve/CVE-2025-38369.html * https://www.suse.com/security/cve/CVE-2025-38371.html * https://www.suse.com/security/cve/CVE-2025-38373.html * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-38376.html * https://www.suse.com/security/cve/CVE-2025-38377.html * https://www.suse.com/security/cve/CVE-2025-38380.html * https://www.suse.com/security/cve/CVE-2025-38382.html * https://www.suse.com/security/cve/CVE-2025-38384.html * https://www.suse.com/security/cve/CVE-2025-38385.html * https://www.suse.com/security/cve/CVE-2025-38386.html * https://www.suse.com/security/cve/CVE-2025-38387.html * https://www.suse.com/security/cve/CVE-2025-38389.html * https://www.suse.com/security/cve/CVE-2025-38391.html * https://www.suse.com/security/cve/CVE-2025-38392.html * https://www.suse.com/security/cve/CVE-2025-38393.html * https://www.suse.com/security/cve/CVE-2025-38395.html * https://www.suse.com/security/cve/CVE-2025-38396.html * https://www.suse.com/security/cve/CVE-2025-38399.html * https://www.suse.com/security/cve/CVE-2025-38400.html * https://www.suse.com/security/cve/CVE-2025-38401.html * https://www.suse.com/security/cve/CVE-2025-38403.html * https://www.suse.com/security/cve/CVE-2025-38404.html * https://www.suse.com/security/cve/CVE-2025-38406.html * https://www.suse.com/security/cve/CVE-2025-38409.html * https://www.suse.com/security/cve/CVE-2025-38410.html * https://www.suse.com/security/cve/CVE-2025-38412.html * https://www.suse.com/security/cve/CVE-2025-38414.html * https://www.suse.com/security/cve/CVE-2025-38415.html * https://www.suse.com/security/cve/CVE-2025-38416.html * https://www.suse.com/security/cve/CVE-2025-38420.html * https://www.suse.com/security/cve/CVE-2025-38424.html * https://www.suse.com/security/cve/CVE-2025-38425.html * https://www.suse.com/security/cve/CVE-2025-38426.html * https://www.suse.com/security/cve/CVE-2025-38428.html * https://www.suse.com/security/cve/CVE-2025-38429.html * https://www.suse.com/security/cve/CVE-2025-38430.html * https://www.suse.com/security/cve/CVE-2025-38436.html * https://www.suse.com/security/cve/CVE-2025-38443.html * https://www.suse.com/security/cve/CVE-2025-38448.html * https://www.suse.com/security/cve/CVE-2025-38449.html * https://www.suse.com/security/cve/CVE-2025-38455.html * https://www.suse.com/security/cve/CVE-2025-38457.html * https://www.suse.com/security/cve/CVE-2025-38460.html * https://www.suse.com/security/cve/CVE-2025-38461.html * https://www.suse.com/security/cve/CVE-2025-38462.html * https://www.suse.com/security/cve/CVE-2025-38463.html * https://www.suse.com/security/cve/CVE-2025-38465.html * https://www.suse.com/security/cve/CVE-2025-38467.html * https://www.suse.com/security/cve/CVE-2025-38468.html * https://www.suse.com/security/cve/CVE-2025-38470.html * https://www.suse.com/security/cve/CVE-2025-38471.html * https://www.suse.com/security/cve/CVE-2025-38473.html * https://www.suse.com/security/cve/CVE-2025-38474.html * https://www.suse.com/security/cve/CVE-2025-38476.html * https://www.suse.com/security/cve/CVE-2025-38477.html * https://www.suse.com/security/cve/CVE-2025-38478.html * https://www.suse.com/security/cve/CVE-2025-38480.html * https://www.suse.com/security/cve/CVE-2025-38481.html * https://www.suse.com/security/cve/CVE-2025-38482.html * https://www.suse.com/security/cve/CVE-2025-38483.html * https://www.suse.com/security/cve/CVE-2025-38485.html * https://www.suse.com/security/cve/CVE-2025-38487.html * https://www.suse.com/security/cve/CVE-2025-38489.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://www.suse.com/security/cve/CVE-2025-38496.html * https://www.suse.com/security/cve/CVE-2025-38497.html * https://www.suse.com/security/cve/CVE-2025-38498.html * https://bugzilla.suse.com/show_bug.cgi?id=1139073 * https://bugzilla.suse.com/show_bug.cgi?id=1204142 * https://bugzilla.suse.com/show_bug.cgi?id=1219338 * https://bugzilla.suse.com/show_bug.cgi?id=1225707 * https://bugzilla.suse.com/show_bug.cgi?id=1230216 * https://bugzilla.suse.com/show_bug.cgi?id=1233300 * https://bugzilla.suse.com/show_bug.cgi?id=1235613 * https://bugzilla.suse.com/show_bug.cgi?id=1235837 * https://bugzilla.suse.com/show_bug.cgi?id=1236333 * https://bugzilla.suse.com/show_bug.cgi?id=1236897 * https://bugzilla.suse.com/show_bug.cgi?id=1238896 * https://bugzilla.suse.com/show_bug.cgi?id=1239061 * https://bugzilla.suse.com/show_bug.cgi?id=1240323 * https://bugzilla.suse.com/show_bug.cgi?id=1240885 * https://bugzilla.suse.com/show_bug.cgi?id=1240966 * https://bugzilla.suse.com/show_bug.cgi?id=1241166 * https://bugzilla.suse.com/show_bug.cgi?id=1241345 * https://bugzilla.suse.com/show_bug.cgi?id=1242086 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242837 * https://bugzilla.suse.com/show_bug.cgi?id=1242960 * https://bugzilla.suse.com/show_bug.cgi?id=1242965 * https://bugzilla.suse.com/show_bug.cgi?id=1242993 * https://bugzilla.suse.com/show_bug.cgi?id=1243068 * https://bugzilla.suse.com/show_bug.cgi?id=1243100 * https://bugzilla.suse.com/show_bug.cgi?id=1243479 * https://bugzilla.suse.com/show_bug.cgi?id=1243669 * https://bugzilla.suse.com/show_bug.cgi?id=1243806 * https://bugzilla.suse.com/show_bug.cgi?id=1244309 * https://bugzilla.suse.com/show_bug.cgi?id=1244457 * https://bugzilla.suse.com/show_bug.cgi?id=1244735 * https://bugzilla.suse.com/show_bug.cgi?id=1244749 * https://bugzilla.suse.com/show_bug.cgi?id=1244750 * https://bugzilla.suse.com/show_bug.cgi?id=1244792 * https://bugzilla.suse.com/show_bug.cgi?id=1244801 * https://bugzilla.suse.com/show_bug.cgi?id=1245151 * https://bugzilla.suse.com/show_bug.cgi?id=1245201 * https://bugzilla.suse.com/show_bug.cgi?id=1245202 * https://bugzilla.suse.com/show_bug.cgi?id=1245216 * https://bugzilla.suse.com/show_bug.cgi?id=1245260 * https://bugzilla.suse.com/show_bug.cgi?id=1245431 * https://bugzilla.suse.com/show_bug.cgi?id=1245440 * https://bugzilla.suse.com/show_bug.cgi?id=1245457 * https://bugzilla.suse.com/show_bug.cgi?id=1245498 * https://bugzilla.suse.com/show_bug.cgi?id=1245499 * https://bugzilla.suse.com/show_bug.cgi?id=1245504 * https://bugzilla.suse.com/show_bug.cgi?id=1245506 * https://bugzilla.suse.com/show_bug.cgi?id=1245508 * https://bugzilla.suse.com/show_bug.cgi?id=1245510 * https://bugzilla.suse.com/show_bug.cgi?id=1245540 * https://bugzilla.suse.com/show_bug.cgi?id=1245598 * https://bugzilla.suse.com/show_bug.cgi?id=1245599 * https://bugzilla.suse.com/show_bug.cgi?id=1245646 * https://bugzilla.suse.com/show_bug.cgi?id=1245647 * https://bugzilla.suse.com/show_bug.cgi?id=1245649 * https://bugzilla.suse.com/show_bug.cgi?id=1245650 * https://bugzilla.suse.com/show_bug.cgi?id=1245654 * https://bugzilla.suse.com/show_bug.cgi?id=1245658 * https://bugzilla.suse.com/show_bug.cgi?id=1245660 * https://bugzilla.suse.com/show_bug.cgi?id=1245665 * https://bugzilla.suse.com/show_bug.cgi?id=1245666 * https://bugzilla.suse.com/show_bug.cgi?id=1245668 * https://bugzilla.suse.com/show_bug.cgi?id=1245669 * https://bugzilla.suse.com/show_bug.cgi?id=1245670 * https://bugzilla.suse.com/show_bug.cgi?id=1245671 * https://bugzilla.suse.com/show_bug.cgi?id=1245675 * https://bugzilla.suse.com/show_bug.cgi?id=1245676 * https://bugzilla.suse.com/show_bug.cgi?id=1245677 * https://bugzilla.suse.com/show_bug.cgi?id=1245679 * https://bugzilla.suse.com/show_bug.cgi?id=1245682 * https://bugzilla.suse.com/show_bug.cgi?id=1245683 * https://bugzilla.suse.com/show_bug.cgi?id=1245684 * https://bugzilla.suse.com/show_bug.cgi?id=1245688 * https://bugzilla.suse.com/show_bug.cgi?id=1245689 * https://bugzilla.suse.com/show_bug.cgi?id=1245690 * https://bugzilla.suse.com/show_bug.cgi?id=1245691 * https://bugzilla.suse.com/show_bug.cgi?id=1245695 * https://bugzilla.suse.com/show_bug.cgi?id=1245705 * https://bugzilla.suse.com/show_bug.cgi?id=1245708 * https://bugzilla.suse.com/show_bug.cgi?id=1245711 * https://bugzilla.suse.com/show_bug.cgi?id=1245713 * https://bugzilla.suse.com/show_bug.cgi?id=1245714 * https://bugzilla.suse.com/show_bug.cgi?id=1245719 * https://bugzilla.suse.com/show_bug.cgi?id=1245723 * https://bugzilla.suse.com/show_bug.cgi?id=1245729 * https://bugzilla.suse.com/show_bug.cgi?id=1245730 * https://bugzilla.suse.com/show_bug.cgi?id=1245731 * https://bugzilla.suse.com/show_bug.cgi?id=1245735 * https://bugzilla.suse.com/show_bug.cgi?id=1245737 * https://bugzilla.suse.com/show_bug.cgi?id=1245744 * https://bugzilla.suse.com/show_bug.cgi?id=1245745 * https://bugzilla.suse.com/show_bug.cgi?id=1245746 * https://bugzilla.suse.com/show_bug.cgi?id=1245747 * https://bugzilla.suse.com/show_bug.cgi?id=1245748 * https://bugzilla.suse.com/show_bug.cgi?id=1245749 * https://bugzilla.suse.com/show_bug.cgi?id=1245750 * https://bugzilla.suse.com/show_bug.cgi?id=1245751 * https://bugzilla.suse.com/show_bug.cgi?id=1245752 * https://bugzilla.suse.com/show_bug.cgi?id=1245757 * https://bugzilla.suse.com/show_bug.cgi?id=1245758 * https://bugzilla.suse.com/show_bug.cgi?id=1245765 * https://bugzilla.suse.com/show_bug.cgi?id=1245768 * https://bugzilla.suse.com/show_bug.cgi?id=1245769 * https://bugzilla.suse.com/show_bug.cgi?id=1245777 * https://bugzilla.suse.com/show_bug.cgi?id=1245781 * https://bugzilla.suse.com/show_bug.cgi?id=1245789 * https://bugzilla.suse.com/show_bug.cgi?id=1245937 * https://bugzilla.suse.com/show_bug.cgi?id=1245945 * https://bugzilla.suse.com/show_bug.cgi?id=1245951 * https://bugzilla.suse.com/show_bug.cgi?id=1245952 * https://bugzilla.suse.com/show_bug.cgi?id=1245954 * https://bugzilla.suse.com/show_bug.cgi?id=1245957 * https://bugzilla.suse.com/show_bug.cgi?id=1245966 * https://bugzilla.suse.com/show_bug.cgi?id=1245970 * https://bugzilla.suse.com/show_bug.cgi?id=1245976 * https://bugzilla.suse.com/show_bug.cgi?id=1245980 * https://bugzilla.suse.com/show_bug.cgi?id=1245983 * https://bugzilla.suse.com/show_bug.cgi?id=1245986 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246002 * https://bugzilla.suse.com/show_bug.cgi?id=1246006 * https://bugzilla.suse.com/show_bug.cgi?id=1246008 * https://bugzilla.suse.com/show_bug.cgi?id=1246020 * https://bugzilla.suse.com/show_bug.cgi?id=1246023 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246031 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246041 * https://bugzilla.suse.com/show_bug.cgi?id=1246042 * https://bugzilla.suse.com/show_bug.cgi?id=1246044 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246047 * https://bugzilla.suse.com/show_bug.cgi?id=1246049 * https://bugzilla.suse.com/show_bug.cgi?id=1246050 * https://bugzilla.suse.com/show_bug.cgi?id=1246055 * https://bugzilla.suse.com/show_bug.cgi?id=1246073 * https://bugzilla.suse.com/show_bug.cgi?id=1246093 * https://bugzilla.suse.com/show_bug.cgi?id=1246098 * https://bugzilla.suse.com/show_bug.cgi?id=1246109 * https://bugzilla.suse.com/show_bug.cgi?id=1246122 * https://bugzilla.suse.com/show_bug.cgi?id=1246125 * https://bugzilla.suse.com/show_bug.cgi?id=1246171 * https://bugzilla.suse.com/show_bug.cgi?id=1246173 * https://bugzilla.suse.com/show_bug.cgi?id=1246178 * https://bugzilla.suse.com/show_bug.cgi?id=1246182 * https://bugzilla.suse.com/show_bug.cgi?id=1246183 * https://bugzilla.suse.com/show_bug.cgi?id=1246186 * https://bugzilla.suse.com/show_bug.cgi?id=1246195 * https://bugzilla.suse.com/show_bug.cgi?id=1246203 * https://bugzilla.suse.com/show_bug.cgi?id=1246212 * https://bugzilla.suse.com/show_bug.cgi?id=1246220 * https://bugzilla.suse.com/show_bug.cgi?id=1246236 * https://bugzilla.suse.com/show_bug.cgi?id=1246240 * https://bugzilla.suse.com/show_bug.cgi?id=1246243 * https://bugzilla.suse.com/show_bug.cgi?id=1246246 * https://bugzilla.suse.com/show_bug.cgi?id=1246249 * https://bugzilla.suse.com/show_bug.cgi?id=1246250 * https://bugzilla.suse.com/show_bug.cgi?id=1246253 * https://bugzilla.suse.com/show_bug.cgi?id=1246258 * https://bugzilla.suse.com/show_bug.cgi?id=1246262 * https://bugzilla.suse.com/show_bug.cgi?id=1246264 * https://bugzilla.suse.com/show_bug.cgi?id=1246266 * https://bugzilla.suse.com/show_bug.cgi?id=1246268 * https://bugzilla.suse.com/show_bug.cgi?id=1246273 * https://bugzilla.suse.com/show_bug.cgi?id=1246283 * https://bugzilla.suse.com/show_bug.cgi?id=1246287 * https://bugzilla.suse.com/show_bug.cgi?id=1246292 * https://bugzilla.suse.com/show_bug.cgi?id=1246293 * https://bugzilla.suse.com/show_bug.cgi?id=1246295 * https://bugzilla.suse.com/show_bug.cgi?id=1246334 * https://bugzilla.suse.com/show_bug.cgi?id=1246337 * https://bugzilla.suse.com/show_bug.cgi?id=1246342 * https://bugzilla.suse.com/show_bug.cgi?id=1246349 * https://bugzilla.suse.com/show_bug.cgi?id=1246354 * https://bugzilla.suse.com/show_bug.cgi?id=1246358 * https://bugzilla.suse.com/show_bug.cgi?id=1246361 * https://bugzilla.suse.com/show_bug.cgi?id=1246364 * https://bugzilla.suse.com/show_bug.cgi?id=1246370 * https://bugzilla.suse.com/show_bug.cgi?id=1246375 * https://bugzilla.suse.com/show_bug.cgi?id=1246384 * https://bugzilla.suse.com/show_bug.cgi?id=1246386 * https://bugzilla.suse.com/show_bug.cgi?id=1246387 * https://bugzilla.suse.com/show_bug.cgi?id=1246438 * https://bugzilla.suse.com/show_bug.cgi?id=1246453 * https://bugzilla.suse.com/show_bug.cgi?id=1246473 * https://bugzilla.suse.com/show_bug.cgi?id=1246490 * https://bugzilla.suse.com/show_bug.cgi?id=1246506 * https://bugzilla.suse.com/show_bug.cgi?id=1246547 * https://bugzilla.suse.com/show_bug.cgi?id=1246777 * https://bugzilla.suse.com/show_bug.cgi?id=1246781 * https://bugzilla.suse.com/show_bug.cgi?id=1246870 * https://bugzilla.suse.com/show_bug.cgi?id=1246879 * https://bugzilla.suse.com/show_bug.cgi?id=1246911 * https://bugzilla.suse.com/show_bug.cgi?id=1247018 * https://bugzilla.suse.com/show_bug.cgi?id=1247023 * https://bugzilla.suse.com/show_bug.cgi?id=1247028 * https://bugzilla.suse.com/show_bug.cgi?id=1247031 * https://bugzilla.suse.com/show_bug.cgi?id=1247033 * https://bugzilla.suse.com/show_bug.cgi?id=1247035 * https://bugzilla.suse.com/show_bug.cgi?id=1247061 * https://bugzilla.suse.com/show_bug.cgi?id=1247089 * https://bugzilla.suse.com/show_bug.cgi?id=1247091 * https://bugzilla.suse.com/show_bug.cgi?id=1247097 * https://bugzilla.suse.com/show_bug.cgi?id=1247098 * https://bugzilla.suse.com/show_bug.cgi?id=1247101 * https://bugzilla.suse.com/show_bug.cgi?id=1247103 * https://bugzilla.suse.com/show_bug.cgi?id=1247104 * https://bugzilla.suse.com/show_bug.cgi?id=1247113 * https://bugzilla.suse.com/show_bug.cgi?id=1247118 * https://bugzilla.suse.com/show_bug.cgi?id=1247123 * https://bugzilla.suse.com/show_bug.cgi?id=1247125 * https://bugzilla.suse.com/show_bug.cgi?id=1247128 * https://bugzilla.suse.com/show_bug.cgi?id=1247132 * https://bugzilla.suse.com/show_bug.cgi?id=1247138 * https://bugzilla.suse.com/show_bug.cgi?id=1247141 * https://bugzilla.suse.com/show_bug.cgi?id=1247143 * https://bugzilla.suse.com/show_bug.cgi?id=1247145 * https://bugzilla.suse.com/show_bug.cgi?id=1247146 * https://bugzilla.suse.com/show_bug.cgi?id=1247147 * https://bugzilla.suse.com/show_bug.cgi?id=1247149 * https://bugzilla.suse.com/show_bug.cgi?id=1247150 * https://bugzilla.suse.com/show_bug.cgi?id=1247151 * https://bugzilla.suse.com/show_bug.cgi?id=1247153 * https://bugzilla.suse.com/show_bug.cgi?id=1247154 * https://bugzilla.suse.com/show_bug.cgi?id=1247156 * https://bugzilla.suse.com/show_bug.cgi?id=1247160 * https://bugzilla.suse.com/show_bug.cgi?id=1247164 * https://bugzilla.suse.com/show_bug.cgi?id=1247169 * https://bugzilla.suse.com/show_bug.cgi?id=1247170 * https://bugzilla.suse.com/show_bug.cgi?id=1247171 * https://bugzilla.suse.com/show_bug.cgi?id=1247172 * https://bugzilla.suse.com/show_bug.cgi?id=1247174 * https://bugzilla.suse.com/show_bug.cgi?id=1247176 * https://bugzilla.suse.com/show_bug.cgi?id=1247177 * https://bugzilla.suse.com/show_bug.cgi?id=1247178 * https://bugzilla.suse.com/show_bug.cgi?id=1247181 * https://bugzilla.suse.com/show_bug.cgi?id=1247209 * https://bugzilla.suse.com/show_bug.cgi?id=1247210 * https://bugzilla.suse.com/show_bug.cgi?id=1247227 * https://bugzilla.suse.com/show_bug.cgi?id=1247233 * https://bugzilla.suse.com/show_bug.cgi?id=1247236 * https://bugzilla.suse.com/show_bug.cgi?id=1247238 * https://bugzilla.suse.com/show_bug.cgi?id=1247241 * https://bugzilla.suse.com/show_bug.cgi?id=1247251 * https://bugzilla.suse.com/show_bug.cgi?id=1247252 * https://bugzilla.suse.com/show_bug.cgi?id=1247253 * https://bugzilla.suse.com/show_bug.cgi?id=1247255 * https://bugzilla.suse.com/show_bug.cgi?id=1247271 * https://bugzilla.suse.com/show_bug.cgi?id=1247273 * https://bugzilla.suse.com/show_bug.cgi?id=1247274 * https://bugzilla.suse.com/show_bug.cgi?id=1247276 * https://bugzilla.suse.com/show_bug.cgi?id=1247277 * https://bugzilla.suse.com/show_bug.cgi?id=1247278 * https://bugzilla.suse.com/show_bug.cgi?id=1247279 * https://bugzilla.suse.com/show_bug.cgi?id=1247284 * https://bugzilla.suse.com/show_bug.cgi?id=1247285 * https://bugzilla.suse.com/show_bug.cgi?id=1247288 * https://bugzilla.suse.com/show_bug.cgi?id=1247289 * https://bugzilla.suse.com/show_bug.cgi?id=1247293 * https://bugzilla.suse.com/show_bug.cgi?id=1247311 * https://bugzilla.suse.com/show_bug.cgi?id=1247314 * https://bugzilla.suse.com/show_bug.cgi?id=1247317 * https://bugzilla.suse.com/show_bug.cgi?id=1247347 * https://bugzilla.suse.com/show_bug.cgi?id=1247348 * https://bugzilla.suse.com/show_bug.cgi?id=1247349 * https://bugzilla.suse.com/show_bug.cgi?id=1247374 * https://bugzilla.suse.com/show_bug.cgi?id=1247437 * https://bugzilla.suse.com/show_bug.cgi?id=1247450 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 12:33:56 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 12:33:56 -0000 Subject: SUSE-SU-2025:03022-1: important: Security update for git Message-ID: <175647083610.11069.13241228966507700002@smelt2.prg2.suse.org> # Security update for git Announcement ID: SUSE-SU-2025:03022-1 Release Date: 2025-08-29T11:52:01Z Rating: important References: * bsc#1245938 * bsc#1245942 * bsc#1245943 Cross-References: * CVE-2025-27613 * CVE-2025-46835 * CVE-2025-48384 CVSS scores: * CVE-2025-27613 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-27613 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2025-27613 ( NVD ): 3.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N * CVE-2025-46835 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-46835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2025-46835 ( NVD ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L * CVE-2025-48384 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-48384 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-48384 ( NVD ): 8.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for git fixes the following issues: * CVE-2025-27613: Fixed arbitrary writable file creation and truncation in Gitk (bsc#1245938) * CVE-2025-46835: Fixed arbitrary writable file creation when cloning untrusted repository in Git GUI (bsc#1245942) * CVE-2025-48384: Fixed arbitrary writable file creation when cloning untrusted repositories with submodules using the --recursive flag (bsc#1245943) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-3022=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3022=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * git-debugsource-2.26.2-27.81.1 * git-daemon-2.26.2-27.81.1 * git-web-2.26.2-27.81.1 * git-svn-2.26.2-27.81.1 * git-daemon-debuginfo-2.26.2-27.81.1 * git-email-2.26.2-27.81.1 * git-core-2.26.2-27.81.1 * git-2.26.2-27.81.1 * git-core-debuginfo-2.26.2-27.81.1 * gitk-2.26.2-27.81.1 * git-gui-2.26.2-27.81.1 * git-cvs-2.26.2-27.81.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * git-debugsource-2.26.2-27.81.1 * git-daemon-2.26.2-27.81.1 * git-web-2.26.2-27.81.1 * git-svn-2.26.2-27.81.1 * git-daemon-debuginfo-2.26.2-27.81.1 * git-email-2.26.2-27.81.1 * git-core-2.26.2-27.81.1 * git-2.26.2-27.81.1 * git-core-debuginfo-2.26.2-27.81.1 * gitk-2.26.2-27.81.1 * git-gui-2.26.2-27.81.1 * git-cvs-2.26.2-27.81.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27613.html * https://www.suse.com/security/cve/CVE-2025-46835.html * https://www.suse.com/security/cve/CVE-2025-48384.html * https://bugzilla.suse.com/show_bug.cgi?id=1245938 * https://bugzilla.suse.com/show_bug.cgi?id=1245942 * https://bugzilla.suse.com/show_bug.cgi?id=1245943 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 12:33:59 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 12:33:59 -0000 Subject: SUSE-SU-2025:03021-1: important: Security update for netty Message-ID: <175647083992.11069.16593184678362913975@smelt2.prg2.suse.org> # Security update for netty Announcement ID: SUSE-SU-2025:03021-1 Release Date: 2025-08-29T09:42:17Z Rating: important References: * bsc#1247991 Cross-References: * CVE-2025-55163 CVSS scores: * CVE-2025-55163 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-55163 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-55163 ( NVD ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS An update that solves one vulnerability can now be installed. ## Description: This update for netty fixes the following issues: * CVE-2025-55163: Fixed "MadeYouReset" DoS attack in HTTP/2 protocol (including DNS over HTTPS) (bsc#1247991) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3021=1 ## Package List: * SUSE Manager Server 4.3 LTS (noarch) * netty-4.1.44.Final-150400.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-55163.html * https://bugzilla.suse.com/show_bug.cgi?id=1247991 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 12:34:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 12:34:04 -0000 Subject: SUSE-SU-2025:03020-1: important: Security update for postgresql14 Message-ID: <175647084428.11069.8433553342591317742@smelt2.prg2.suse.org> # Security update for postgresql14 Announcement ID: SUSE-SU-2025:03020-1 Release Date: 2025-08-29T08:32:27Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql14 fixes the following issues: Upgrade to 14.19: * CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table (bsc#1248120). * CVE-2025-8714: untrusted data inclusion in `pg_dump` lets superuser of origin server execute arbitrary code in psql client (bsc#1248122). * CVE-2025-8715: improper neutralization of newlines in `pg_dump` allows execution of arbitrary code in psql client and in restore target server (bsc#1248119). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-3020=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3020=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql14-14.19-3.60.1 * postgresql14-contrib-14.19-3.60.1 * postgresql14-devel-debuginfo-14.19-3.60.1 * postgresql14-pltcl-debuginfo-14.19-3.60.1 * postgresql14-plpython-debuginfo-14.19-3.60.1 * postgresql14-server-14.19-3.60.1 * postgresql14-debuginfo-14.19-3.60.1 * postgresql14-pltcl-14.19-3.60.1 * postgresql14-plpython-14.19-3.60.1 * postgresql14-devel-14.19-3.60.1 * postgresql14-debugsource-14.19-3.60.1 * postgresql14-plperl-debuginfo-14.19-3.60.1 * postgresql14-server-debuginfo-14.19-3.60.1 * postgresql14-plperl-14.19-3.60.1 * postgresql14-contrib-debuginfo-14.19-3.60.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * postgresql14-docs-14.19-3.60.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * postgresql14-server-devel-debuginfo-14.19-3.60.1 * postgresql14-server-devel-14.19-3.60.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * postgresql14-14.19-3.60.1 * postgresql14-contrib-14.19-3.60.1 * postgresql14-devel-debuginfo-14.19-3.60.1 * postgresql14-pltcl-debuginfo-14.19-3.60.1 * postgresql14-plpython-debuginfo-14.19-3.60.1 * postgresql14-server-14.19-3.60.1 * postgresql14-debuginfo-14.19-3.60.1 * postgresql14-pltcl-14.19-3.60.1 * postgresql14-plpython-14.19-3.60.1 * postgresql14-server-devel-14.19-3.60.1 * postgresql14-devel-14.19-3.60.1 * postgresql14-debugsource-14.19-3.60.1 * postgresql14-plperl-debuginfo-14.19-3.60.1 * postgresql14-server-devel-debuginfo-14.19-3.60.1 * postgresql14-server-debuginfo-14.19-3.60.1 * postgresql14-plperl-14.19-3.60.1 * postgresql14-contrib-debuginfo-14.19-3.60.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * postgresql14-docs-14.19-3.60.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 12:34:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 12:34:09 -0000 Subject: SUSE-SU-2025:03019-1: important: Security update for postgresql14 Message-ID: <175647084942.11069.16585637812801099540@smelt2.prg2.suse.org> # Security update for postgresql14 Announcement ID: SUSE-SU-2025:03019-1 Release Date: 2025-08-29T08:32:13Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql14 fixes the following issues: Upgrade to 14.19: * CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table (bsc#1248120). * CVE-2025-8714: untrusted data inclusion in `pg_dump` lets superuser of origin server execute arbitrary code in psql client (bsc#1248122). * CVE-2025-8715: improper neutralization of newlines in `pg_dump` allows execution of arbitrary code in psql client and in restore target server (bsc#1248119). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-3019=1 openSUSE-SLE-15.6-2025-3019=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-3019=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-3019=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-3019=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql14-contrib-debuginfo-14.19-150600.16.20.1 * postgresql14-contrib-14.19-150600.16.20.1 * postgresql14-pltcl-14.19-150600.16.20.1 * postgresql14-server-debuginfo-14.19-150600.16.20.1 * postgresql14-llvmjit-debuginfo-14.19-150600.16.20.1 * postgresql14-llvmjit-devel-14.19-150600.16.20.1 * postgresql14-server-devel-debuginfo-14.19-150600.16.20.1 * postgresql14-server-14.19-150600.16.20.1 * postgresql14-devel-debuginfo-14.19-150600.16.20.1 * postgresql14-debugsource-14.19-150600.16.20.1 * postgresql14-14.19-150600.16.20.1 * postgresql14-plperl-14.19-150600.16.20.1 * postgresql14-server-devel-14.19-150600.16.20.1 * postgresql14-plpython-debuginfo-14.19-150600.16.20.1 * postgresql14-llvmjit-14.19-150600.16.20.1 * postgresql14-plperl-debuginfo-14.19-150600.16.20.1 * postgresql14-devel-14.19-150600.16.20.1 * postgresql14-test-14.19-150600.16.20.1 * postgresql14-debuginfo-14.19-150600.16.20.1 * postgresql14-pltcl-debuginfo-14.19-150600.16.20.1 * postgresql14-plpython-14.19-150600.16.20.1 * openSUSE Leap 15.6 (noarch) * postgresql14-docs-14.19-150600.16.20.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql14-devel-debuginfo-14.19-150600.16.20.1 * postgresql14-contrib-debuginfo-14.19-150600.16.20.1 * postgresql14-debugsource-14.19-150600.16.20.1 * postgresql14-contrib-14.19-150600.16.20.1 * postgresql14-server-devel-14.19-150600.16.20.1 * postgresql14-plperl-debuginfo-14.19-150600.16.20.1 * postgresql14-14.19-150600.16.20.1 * postgresql14-devel-14.19-150600.16.20.1 * postgresql14-pltcl-14.19-150600.16.20.1 * postgresql14-plperl-14.19-150600.16.20.1 * postgresql14-server-debuginfo-14.19-150600.16.20.1 * postgresql14-server-devel-debuginfo-14.19-150600.16.20.1 * postgresql14-debuginfo-14.19-150600.16.20.1 * postgresql14-server-14.19-150600.16.20.1 * postgresql14-plpython-debuginfo-14.19-150600.16.20.1 * postgresql14-pltcl-debuginfo-14.19-150600.16.20.1 * postgresql14-plpython-14.19-150600.16.20.1 * Legacy Module 15-SP6 (noarch) * postgresql14-docs-14.19-150600.16.20.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql14-debugsource-14.19-150600.16.20.1 * postgresql14-llvmjit-14.19-150600.16.20.1 * postgresql14-test-14.19-150600.16.20.1 * postgresql14-llvmjit-debuginfo-14.19-150600.16.20.1 * postgresql14-debuginfo-14.19-150600.16.20.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql14-debugsource-14.19-150600.16.20.1 * postgresql14-llvmjit-14.19-150600.16.20.1 * postgresql14-test-14.19-150600.16.20.1 * postgresql14-llvmjit-debuginfo-14.19-150600.16.20.1 * postgresql14-debuginfo-14.19-150600.16.20.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 12:34:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 12:34:13 -0000 Subject: SUSE-SU-2025:03018-1: important: Security update for postgresql15 Message-ID: <175647085355.11069.4588531783853225186@smelt2.prg2.suse.org> # Security update for postgresql15 Announcement ID: SUSE-SU-2025:03018-1 Release Date: 2025-08-29T08:31:32Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Legacy Module 15-SP6 * Legacy Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql15 fixes the following issues: Upgrade to 15.14: * CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table (bsc#1248120). * CVE-2025-8714: untrusted data inclusion in `pg_dump` lets superuser of origin server execute arbitrary code in psql client (bsc#1248122). * CVE-2025-8715: improper neutralization of newlines in `pg_dump` allows execution of arbitrary code in psql client and in restore target server (bsc#1248119). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-3018=1 openSUSE-SLE-15.6-2025-3018=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-3018=1 * Legacy Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2025-3018=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql15-server-devel-debuginfo-15.14-150600.16.20.1 * postgresql15-15.14-150600.16.20.1 * postgresql15-pltcl-debuginfo-15.14-150600.16.20.1 * postgresql15-server-debuginfo-15.14-150600.16.20.1 * postgresql15-debugsource-15.14-150600.16.20.1 * postgresql15-server-15.14-150600.16.20.1 * postgresql15-pltcl-15.14-150600.16.20.1 * postgresql15-plperl-debuginfo-15.14-150600.16.20.1 * postgresql15-plpython-15.14-150600.16.20.1 * postgresql15-plpython-debuginfo-15.14-150600.16.20.1 * postgresql15-plperl-15.14-150600.16.20.1 * postgresql15-llvmjit-15.14-150600.16.20.1 * postgresql15-test-15.14-150600.16.20.1 * postgresql15-contrib-debuginfo-15.14-150600.16.20.1 * postgresql15-devel-15.14-150600.16.20.1 * postgresql15-server-devel-15.14-150600.16.20.1 * postgresql15-llvmjit-debuginfo-15.14-150600.16.20.1 * postgresql15-debuginfo-15.14-150600.16.20.1 * postgresql15-devel-debuginfo-15.14-150600.16.20.1 * postgresql15-llvmjit-devel-15.14-150600.16.20.1 * postgresql15-contrib-15.14-150600.16.20.1 * openSUSE Leap 15.6 (noarch) * postgresql15-docs-15.14-150600.16.20.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql15-15.14-150600.16.20.1 * postgresql15-pltcl-debuginfo-15.14-150600.16.20.1 * postgresql15-server-debuginfo-15.14-150600.16.20.1 * postgresql15-server-devel-15.14-150600.16.20.1 * postgresql15-debuginfo-15.14-150600.16.20.1 * postgresql15-server-devel-debuginfo-15.14-150600.16.20.1 * postgresql15-debugsource-15.14-150600.16.20.1 * postgresql15-devel-debuginfo-15.14-150600.16.20.1 * postgresql15-server-15.14-150600.16.20.1 * postgresql15-contrib-debuginfo-15.14-150600.16.20.1 * postgresql15-contrib-15.14-150600.16.20.1 * postgresql15-devel-15.14-150600.16.20.1 * postgresql15-plperl-debuginfo-15.14-150600.16.20.1 * postgresql15-pltcl-15.14-150600.16.20.1 * postgresql15-plpython-15.14-150600.16.20.1 * postgresql15-plpython-debuginfo-15.14-150600.16.20.1 * postgresql15-plperl-15.14-150600.16.20.1 * Legacy Module 15-SP6 (noarch) * postgresql15-docs-15.14-150600.16.20.1 * Legacy Module 15-SP7 (aarch64 ppc64le s390x x86_64) * postgresql15-15.14-150600.16.20.1 * postgresql15-server-debuginfo-15.14-150600.16.20.1 * postgresql15-debuginfo-15.14-150600.16.20.1 * postgresql15-debugsource-15.14-150600.16.20.1 * postgresql15-devel-debuginfo-15.14-150600.16.20.1 * postgresql15-server-15.14-150600.16.20.1 * postgresql15-contrib-debuginfo-15.14-150600.16.20.1 * postgresql15-contrib-15.14-150600.16.20.1 * postgresql15-devel-15.14-150600.16.20.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 12:34:19 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 12:34:19 -0000 Subject: SUSE-SU-2025:03017-1: important: Security update for udisks2 Message-ID: <175647085946.11069.14424272398207943886@smelt2.prg2.suse.org> # Security update for udisks2 Announcement ID: SUSE-SU-2025:03017-1 Release Date: 2025-08-29T08:30:59Z Rating: important References: * bsc#1248502 Cross-References: * CVE-2025-8067 CVSS scores: * CVE-2025-8067 ( SUSE ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H * CVE-2025-8067 ( NVD ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for udisks2 fixes the following issues: * CVE-2025-8067: Fixed missing bounds check can lead to out-of-bounds read in udisks daemon (bsc#1248502) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-3017=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-3017=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-3017=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-3017=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-3017=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-3017=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-3017=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3017=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-3017=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-3017=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-3017=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3017=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3017=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3017=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3017=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3017=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3017=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3017=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3017=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-3017=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-3017=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3017=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libudisks2-0_vdo-2.9.2-150400.3.11.1 * libudisks2-0_btrfs-2.9.2-150400.3.11.1 * libudisks2-0_lsm-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0_bcache-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0_lsm-2.9.2-150400.3.11.1 * libudisks2-0_lvm2-2.9.2-150400.3.11.1 * libudisks2-0_btrfs-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0_zram-2.9.2-150400.3.11.1 * libudisks2-0_vdo-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0_zram-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * typelib-1_0-UDisks-2_0-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0-devel-2.9.2-150400.3.11.1 * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * libudisks2-0_bcache-2.9.2-150400.3.11.1 * libudisks2-0_lvm2-debuginfo-2.9.2-150400.3.11.1 * openSUSE Leap 15.4 (noarch) * udisks2-lang-2.9.2-150400.3.11.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libudisks2-0_vdo-2.9.2-150400.3.11.1 * libudisks2-0_btrfs-2.9.2-150400.3.11.1 * libudisks2-0_lsm-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0_bcache-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0_lsm-2.9.2-150400.3.11.1 * libudisks2-0_lvm2-2.9.2-150400.3.11.1 * libudisks2-0_btrfs-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0_zram-2.9.2-150400.3.11.1 * libudisks2-0_vdo-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0_zram-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * typelib-1_0-UDisks-2_0-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0-devel-2.9.2-150400.3.11.1 * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * libudisks2-0_bcache-2.9.2-150400.3.11.1 * libudisks2-0_lvm2-debuginfo-2.9.2-150400.3.11.1 * openSUSE Leap 15.6 (noarch) * udisks2-lang-2.9.2-150400.3.11.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libudisks2-0_lvm2-2.9.2-150400.3.11.1 * libudisks2-0_btrfs-2.9.2-150400.3.11.1 * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0_btrfs-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0_lvm2-debuginfo-2.9.2-150400.3.11.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libudisks2-0_lvm2-2.9.2-150400.3.11.1 * libudisks2-0_btrfs-2.9.2-150400.3.11.1 * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0_btrfs-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0_lvm2-debuginfo-2.9.2-150400.3.11.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libudisks2-0_lvm2-2.9.2-150400.3.11.1 * libudisks2-0_btrfs-2.9.2-150400.3.11.1 * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0_btrfs-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0_lvm2-debuginfo-2.9.2-150400.3.11.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libudisks2-0_lvm2-2.9.2-150400.3.11.1 * libudisks2-0_btrfs-2.9.2-150400.3.11.1 * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0_btrfs-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0_lvm2-debuginfo-2.9.2-150400.3.11.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libudisks2-0_lvm2-2.9.2-150400.3.11.1 * libudisks2-0_btrfs-2.9.2-150400.3.11.1 * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0_btrfs-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0_lvm2-debuginfo-2.9.2-150400.3.11.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * typelib-1_0-UDisks-2_0-2.9.2-150400.3.11.1 * libudisks2-0-devel-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * Basesystem Module 15-SP6 (noarch) * udisks2-lang-2.9.2-150400.3.11.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * typelib-1_0-UDisks-2_0-2.9.2-150400.3.11.1 * libudisks2-0-devel-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * Basesystem Module 15-SP7 (noarch) * udisks2-lang-2.9.2-150400.3.11.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * libudisks2-0_lvm2-2.9.2-150400.3.11.1 * libudisks2-0_btrfs-2.9.2-150400.3.11.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * libudisks2-0_btrfs-2.9.2-150400.3.11.1 * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0_btrfs-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0_lvm2-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * libudisks2-0_lvm2-debuginfo-2.9.2-150400.3.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * typelib-1_0-UDisks-2_0-2.9.2-150400.3.11.1 * libudisks2-0-devel-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * udisks2-lang-2.9.2-150400.3.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * typelib-1_0-UDisks-2_0-2.9.2-150400.3.11.1 * libudisks2-0-devel-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * udisks2-lang-2.9.2-150400.3.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * typelib-1_0-UDisks-2_0-2.9.2-150400.3.11.1 * libudisks2-0-devel-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * udisks2-lang-2.9.2-150400.3.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * typelib-1_0-UDisks-2_0-2.9.2-150400.3.11.1 * libudisks2-0-devel-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * udisks2-lang-2.9.2-150400.3.11.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * typelib-1_0-UDisks-2_0-2.9.2-150400.3.11.1 * libudisks2-0-devel-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * udisks2-lang-2.9.2-150400.3.11.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * typelib-1_0-UDisks-2_0-2.9.2-150400.3.11.1 * libudisks2-0-devel-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * udisks2-lang-2.9.2-150400.3.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * typelib-1_0-UDisks-2_0-2.9.2-150400.3.11.1 * libudisks2-0-devel-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * udisks2-lang-2.9.2-150400.3.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * typelib-1_0-UDisks-2_0-2.9.2-150400.3.11.1 * libudisks2-0-devel-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * udisks2-lang-2.9.2-150400.3.11.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * typelib-1_0-UDisks-2_0-2.9.2-150400.3.11.1 * libudisks2-0-devel-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * SUSE Manager Proxy 4.3 LTS (noarch) * udisks2-lang-2.9.2-150400.3.11.1 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * typelib-1_0-UDisks-2_0-2.9.2-150400.3.11.1 * libudisks2-0-devel-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * SUSE Manager Retail Branch Server 4.3 LTS (noarch) * udisks2-lang-2.9.2-150400.3.11.1 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * udisks2-debugsource-2.9.2-150400.3.11.1 * libudisks2-0-debuginfo-2.9.2-150400.3.11.1 * udisks2-2.9.2-150400.3.11.1 * typelib-1_0-UDisks-2_0-2.9.2-150400.3.11.1 * libudisks2-0-devel-2.9.2-150400.3.11.1 * libudisks2-0-2.9.2-150400.3.11.1 * udisks2-debuginfo-2.9.2-150400.3.11.1 * SUSE Manager Server 4.3 LTS (noarch) * udisks2-lang-2.9.2-150400.3.11.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8067.html * https://bugzilla.suse.com/show_bug.cgi?id=1248502 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 12:34:23 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 12:34:23 -0000 Subject: SUSE-SU-2025:03016-1: important: Security update for udisks2 Message-ID: <175647086332.11069.12800780207501758669@smelt2.prg2.suse.org> # Security update for udisks2 Announcement ID: SUSE-SU-2025:03016-1 Release Date: 2025-08-29T08:28:28Z Rating: important References: * bsc#1248502 Cross-References: * CVE-2025-8067 CVSS scores: * CVE-2025-8067 ( SUSE ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H * CVE-2025-8067 ( NVD ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for udisks2 fixes the following issues: * CVE-2025-8067: Fixed missing bounds check can lead to out-of-bounds read in udisks daemon (bsc#1248502) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3016=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3016=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3016=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-3016=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * udisks2-debugsource-2.8.1-150200.3.6.1 * libudisks2-0-2.8.1-150200.3.6.1 * typelib-1_0-UDisks-2_0-2.8.1-150200.3.6.1 * udisks2-debuginfo-2.8.1-150200.3.6.1 * libudisks2-0-debuginfo-2.8.1-150200.3.6.1 * udisks2-2.8.1-150200.3.6.1 * libudisks2-0-devel-2.8.1-150200.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * udisks2-lang-2.8.1-150200.3.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * udisks2-debugsource-2.8.1-150200.3.6.1 * libudisks2-0-2.8.1-150200.3.6.1 * typelib-1_0-UDisks-2_0-2.8.1-150200.3.6.1 * udisks2-debuginfo-2.8.1-150200.3.6.1 * libudisks2-0-debuginfo-2.8.1-150200.3.6.1 * udisks2-2.8.1-150200.3.6.1 * libudisks2-0-devel-2.8.1-150200.3.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * udisks2-lang-2.8.1-150200.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * udisks2-debugsource-2.8.1-150200.3.6.1 * libudisks2-0-2.8.1-150200.3.6.1 * typelib-1_0-UDisks-2_0-2.8.1-150200.3.6.1 * udisks2-debuginfo-2.8.1-150200.3.6.1 * libudisks2-0-debuginfo-2.8.1-150200.3.6.1 * udisks2-2.8.1-150200.3.6.1 * libudisks2-0-devel-2.8.1-150200.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * udisks2-lang-2.8.1-150200.3.6.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * udisks2-debugsource-2.8.1-150200.3.6.1 * libudisks2-0-2.8.1-150200.3.6.1 * typelib-1_0-UDisks-2_0-2.8.1-150200.3.6.1 * udisks2-debuginfo-2.8.1-150200.3.6.1 * libudisks2-0-debuginfo-2.8.1-150200.3.6.1 * udisks2-2.8.1-150200.3.6.1 * libudisks2-0-devel-2.8.1-150200.3.6.1 * SUSE Enterprise Storage 7.1 (noarch) * udisks2-lang-2.8.1-150200.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8067.html * https://bugzilla.suse.com/show_bug.cgi?id=1248502 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 12:34:26 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 12:34:26 -0000 Subject: SUSE-SU-2025:03015-1: important: Security update for udisks2 Message-ID: <175647086626.11069.876900412251834056@smelt2.prg2.suse.org> # Security update for udisks2 Announcement ID: SUSE-SU-2025:03015-1 Release Date: 2025-08-29T08:28:10Z Rating: important References: * bsc#1248502 Cross-References: * CVE-2025-8067 CVSS scores: * CVE-2025-8067 ( SUSE ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H * CVE-2025-8067 ( NVD ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for udisks2 fixes the following issues: * CVE-2025-8067: Fixed missing bounds check can lead to out-of-bounds read in udisks daemon (bsc#1248502) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-3015=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3015=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libudisks2-0-debuginfo-2.1.3-3.11.1 * udisks2-debugsource-2.1.3-3.11.1 * udisks2-2.1.3-3.11.1 * libudisks2-0-2.1.3-3.11.1 * udisks2-debuginfo-2.1.3-3.11.1 * udisks2-devel-2.1.3-3.11.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * udisks2-lang-2.1.3-3.11.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libudisks2-0-debuginfo-2.1.3-3.11.1 * udisks2-debugsource-2.1.3-3.11.1 * udisks2-2.1.3-3.11.1 * libudisks2-0-2.1.3-3.11.1 * udisks2-debuginfo-2.1.3-3.11.1 * udisks2-devel-2.1.3-3.11.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * udisks2-lang-2.1.3-3.11.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8067.html * https://bugzilla.suse.com/show_bug.cgi?id=1248502 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 16:30:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 16:30:04 -0000 Subject: SUSE-SU-2025:03032-1: moderate: Security update for python Message-ID: <175648500461.22309.9967432320431660296@smelt2.prg2.suse.org> # Security update for python Announcement ID: SUSE-SU-2025:03032-1 Release Date: 2025-08-29T15:14:42Z Rating: moderate References: * bsc#1247249 Cross-References: * CVE-2025-8194 CVSS scores: * CVE-2025-8194 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-8194 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-8194 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python fixes the following issues: * CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets (bsc#1247249). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3032=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * python-base-32bit-2.7.18-33.53.1 * python-curses-debuginfo-2.7.18-33.53.1 * python-debugsource-2.7.18-33.53.1 * python-tk-debuginfo-2.7.18-33.53.1 * python-xml-debuginfo-2.7.18-33.53.1 * python-debuginfo-32bit-2.7.18-33.53.1 * python-base-debuginfo-32bit-2.7.18-33.53.1 * python-gdbm-debuginfo-2.7.18-33.53.1 * python-xml-2.7.18-33.53.1 * python-gdbm-2.7.18-33.53.1 * libpython2_7-1_0-2.7.18-33.53.1 * python-base-debuginfo-2.7.18-33.53.1 * python-2.7.18-33.53.1 * python-curses-2.7.18-33.53.1 * python-tk-2.7.18-33.53.1 * python-base-2.7.18-33.53.1 * python-devel-2.7.18-33.53.1 * python-32bit-2.7.18-33.53.1 * python-idle-2.7.18-33.53.1 * libpython2_7-1_0-debuginfo-2.7.18-33.53.1 * libpython2_7-1_0-debuginfo-32bit-2.7.18-33.53.1 * libpython2_7-1_0-32bit-2.7.18-33.53.1 * python-base-debugsource-2.7.18-33.53.1 * python-debuginfo-2.7.18-33.53.1 * python-demo-2.7.18-33.53.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * python-doc-pdf-2.7.18-33.53.1 * python-doc-2.7.18-33.53.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8194.html * https://bugzilla.suse.com/show_bug.cgi?id=1247249 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 16:30:10 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 16:30:10 -0000 Subject: SUSE-SU-2025:03031-1: important: Security update for postgresql14 Message-ID: <175648501021.22309.5477487144528054352@smelt2.prg2.suse.org> # Security update for postgresql14 Announcement ID: SUSE-SU-2025:03031-1 Release Date: 2025-08-29T15:14:26Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS * SUSE Package Hub 15 15-SP3 * SUSE Package Hub 15 15-SP4 * SUSE Package Hub 15 15-SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql14 fixes the following issues: Upgrade to 14.19: * CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table (bsc#1248120). * CVE-2025-8714: untrusted data inclusion in `pg_dump` lets superuser of origin server execute arbitrary code in psql client (bsc#1248122). * CVE-2025-8715: improper neutralization of newlines in `pg_dump` allows execution of arbitrary code in psql client and in restore target server (bsc#1248119). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3031=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-3031=1 * SUSE Package Hub 15 15-SP3 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2025-3031=1 * SUSE Package Hub 15 15-SP4 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2025-3031=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2025-3031=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3031=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3031=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3031=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3031=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3031=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3031=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3031=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3031=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3031=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-3031=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-3031=1 ## Package List: * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * postgresql14-devel-14.19-150200.5.61.1 * postgresql14-server-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-debugsource-14.19-150200.5.61.1 * postgresql14-14.19-150200.5.61.1 * postgresql14-contrib-14.19-150200.5.61.1 * postgresql14-server-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-debuginfo-14.19-150200.5.61.1 * postgresql14-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-pltcl-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-14.19-150200.5.61.1 * postgresql14-plpython-debuginfo-14.19-150200.5.61.1 * postgresql14-debuginfo-14.19-150200.5.61.1 * postgresql14-server-devel-14.19-150200.5.61.1 * postgresql14-server-14.19-150200.5.61.1 * postgresql14-contrib-debuginfo-14.19-150200.5.61.1 * postgresql14-plpython-14.19-150200.5.61.1 * postgresql14-pltcl-14.19-150200.5.61.1 * SUSE Manager Server 4.3 LTS (noarch) * postgresql14-docs-14.19-150200.5.61.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql14-devel-14.19-150200.5.61.1 * postgresql14-server-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-debugsource-14.19-150200.5.61.1 * postgresql14-14.19-150200.5.61.1 * postgresql14-contrib-14.19-150200.5.61.1 * postgresql14-server-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-debuginfo-14.19-150200.5.61.1 * postgresql14-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-pltcl-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-14.19-150200.5.61.1 * postgresql14-plpython-debuginfo-14.19-150200.5.61.1 * postgresql14-debuginfo-14.19-150200.5.61.1 * postgresql14-server-devel-14.19-150200.5.61.1 * postgresql14-server-14.19-150200.5.61.1 * postgresql14-contrib-debuginfo-14.19-150200.5.61.1 * postgresql14-plpython-14.19-150200.5.61.1 * postgresql14-pltcl-14.19-150200.5.61.1 * SUSE Enterprise Storage 7.1 (noarch) * postgresql14-docs-14.19-150200.5.61.1 * SUSE Package Hub 15 15-SP3 (aarch64 ppc64le s390x x86_64) * postgresql14-llvmjit-debuginfo-14.19-150200.5.61.1 * postgresql14-llvmjit-14.19-150200.5.61.1 * SUSE Package Hub 15 15-SP3 (x86_64) * postgresql14-test-14.19-150200.5.61.1 * SUSE Package Hub 15 15-SP4 (aarch64 ppc64le s390x x86_64) * postgresql14-debugsource-14.19-150200.5.61.1 * postgresql14-llvmjit-14.19-150200.5.61.1 * postgresql14-test-14.19-150200.5.61.1 * postgresql14-debuginfo-14.19-150200.5.61.1 * postgresql14-llvmjit-devel-14.19-150200.5.61.1 * postgresql14-llvmjit-debuginfo-14.19-150200.5.61.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql14-debugsource-14.19-150200.5.61.1 * postgresql14-test-14.19-150200.5.61.1 * postgresql14-llvmjit-14.19-150200.5.61.1 * postgresql14-debuginfo-14.19-150200.5.61.1 * postgresql14-llvmjit-debuginfo-14.19-150200.5.61.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql14-devel-14.19-150200.5.61.1 * postgresql14-server-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-debugsource-14.19-150200.5.61.1 * postgresql14-14.19-150200.5.61.1 * postgresql14-contrib-14.19-150200.5.61.1 * postgresql14-server-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-debuginfo-14.19-150200.5.61.1 * postgresql14-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-pltcl-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-14.19-150200.5.61.1 * postgresql14-plpython-debuginfo-14.19-150200.5.61.1 * postgresql14-debuginfo-14.19-150200.5.61.1 * postgresql14-server-devel-14.19-150200.5.61.1 * postgresql14-server-14.19-150200.5.61.1 * postgresql14-contrib-debuginfo-14.19-150200.5.61.1 * postgresql14-plpython-14.19-150200.5.61.1 * postgresql14-pltcl-14.19-150200.5.61.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * postgresql14-docs-14.19-150200.5.61.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql14-devel-14.19-150200.5.61.1 * postgresql14-server-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-debugsource-14.19-150200.5.61.1 * postgresql14-14.19-150200.5.61.1 * postgresql14-contrib-14.19-150200.5.61.1 * postgresql14-server-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-debuginfo-14.19-150200.5.61.1 * postgresql14-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-pltcl-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-14.19-150200.5.61.1 * postgresql14-plpython-debuginfo-14.19-150200.5.61.1 * postgresql14-debuginfo-14.19-150200.5.61.1 * postgresql14-server-devel-14.19-150200.5.61.1 * postgresql14-server-14.19-150200.5.61.1 * postgresql14-contrib-debuginfo-14.19-150200.5.61.1 * postgresql14-plpython-14.19-150200.5.61.1 * postgresql14-pltcl-14.19-150200.5.61.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * postgresql14-docs-14.19-150200.5.61.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql14-devel-14.19-150200.5.61.1 * postgresql14-server-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-debugsource-14.19-150200.5.61.1 * postgresql14-14.19-150200.5.61.1 * postgresql14-contrib-14.19-150200.5.61.1 * postgresql14-server-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-debuginfo-14.19-150200.5.61.1 * postgresql14-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-pltcl-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-14.19-150200.5.61.1 * postgresql14-plpython-debuginfo-14.19-150200.5.61.1 * postgresql14-debuginfo-14.19-150200.5.61.1 * postgresql14-server-devel-14.19-150200.5.61.1 * postgresql14-server-14.19-150200.5.61.1 * postgresql14-contrib-debuginfo-14.19-150200.5.61.1 * postgresql14-plpython-14.19-150200.5.61.1 * postgresql14-pltcl-14.19-150200.5.61.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * postgresql14-docs-14.19-150200.5.61.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * postgresql14-devel-14.19-150200.5.61.1 * postgresql14-server-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-debugsource-14.19-150200.5.61.1 * postgresql14-14.19-150200.5.61.1 * postgresql14-contrib-14.19-150200.5.61.1 * postgresql14-server-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-debuginfo-14.19-150200.5.61.1 * postgresql14-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-pltcl-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-14.19-150200.5.61.1 * postgresql14-plpython-debuginfo-14.19-150200.5.61.1 * postgresql14-debuginfo-14.19-150200.5.61.1 * postgresql14-server-devel-14.19-150200.5.61.1 * postgresql14-server-14.19-150200.5.61.1 * postgresql14-contrib-debuginfo-14.19-150200.5.61.1 * postgresql14-plpython-14.19-150200.5.61.1 * postgresql14-pltcl-14.19-150200.5.61.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * postgresql14-docs-14.19-150200.5.61.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * postgresql14-devel-14.19-150200.5.61.1 * postgresql14-server-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-debugsource-14.19-150200.5.61.1 * postgresql14-14.19-150200.5.61.1 * postgresql14-contrib-14.19-150200.5.61.1 * postgresql14-server-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-debuginfo-14.19-150200.5.61.1 * postgresql14-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-pltcl-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-14.19-150200.5.61.1 * postgresql14-plpython-debuginfo-14.19-150200.5.61.1 * postgresql14-debuginfo-14.19-150200.5.61.1 * postgresql14-server-devel-14.19-150200.5.61.1 * postgresql14-server-14.19-150200.5.61.1 * postgresql14-contrib-debuginfo-14.19-150200.5.61.1 * postgresql14-plpython-14.19-150200.5.61.1 * postgresql14-pltcl-14.19-150200.5.61.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * postgresql14-docs-14.19-150200.5.61.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql14-devel-14.19-150200.5.61.1 * postgresql14-server-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-debugsource-14.19-150200.5.61.1 * postgresql14-pltcl-14.19-150200.5.61.1 * postgresql14-14.19-150200.5.61.1 * postgresql14-llvmjit-14.19-150200.5.61.1 * postgresql14-contrib-14.19-150200.5.61.1 * postgresql14-llvmjit-devel-14.19-150200.5.61.1 * postgresql14-server-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-debuginfo-14.19-150200.5.61.1 * postgresql14-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-pltcl-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-14.19-150200.5.61.1 * postgresql14-plpython-debuginfo-14.19-150200.5.61.1 * postgresql14-debuginfo-14.19-150200.5.61.1 * postgresql14-server-devel-14.19-150200.5.61.1 * postgresql14-server-14.19-150200.5.61.1 * postgresql14-contrib-debuginfo-14.19-150200.5.61.1 * postgresql14-plpython-14.19-150200.5.61.1 * postgresql14-llvmjit-debuginfo-14.19-150200.5.61.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * postgresql14-docs-14.19-150200.5.61.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql14-devel-14.19-150200.5.61.1 * postgresql14-server-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-debugsource-14.19-150200.5.61.1 * postgresql14-14.19-150200.5.61.1 * postgresql14-contrib-14.19-150200.5.61.1 * postgresql14-server-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-debuginfo-14.19-150200.5.61.1 * postgresql14-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-pltcl-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-14.19-150200.5.61.1 * postgresql14-plpython-debuginfo-14.19-150200.5.61.1 * postgresql14-debuginfo-14.19-150200.5.61.1 * postgresql14-server-devel-14.19-150200.5.61.1 * postgresql14-server-14.19-150200.5.61.1 * postgresql14-contrib-debuginfo-14.19-150200.5.61.1 * postgresql14-plpython-14.19-150200.5.61.1 * postgresql14-pltcl-14.19-150200.5.61.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * postgresql14-docs-14.19-150200.5.61.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql14-devel-14.19-150200.5.61.1 * postgresql14-server-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-debugsource-14.19-150200.5.61.1 * postgresql14-14.19-150200.5.61.1 * postgresql14-contrib-14.19-150200.5.61.1 * postgresql14-server-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-debuginfo-14.19-150200.5.61.1 * postgresql14-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-pltcl-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-14.19-150200.5.61.1 * postgresql14-plpython-debuginfo-14.19-150200.5.61.1 * postgresql14-debuginfo-14.19-150200.5.61.1 * postgresql14-server-devel-14.19-150200.5.61.1 * postgresql14-server-14.19-150200.5.61.1 * postgresql14-contrib-debuginfo-14.19-150200.5.61.1 * postgresql14-plpython-14.19-150200.5.61.1 * postgresql14-pltcl-14.19-150200.5.61.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql14-docs-14.19-150200.5.61.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * postgresql14-devel-14.19-150200.5.61.1 * postgresql14-server-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-debugsource-14.19-150200.5.61.1 * postgresql14-pltcl-14.19-150200.5.61.1 * postgresql14-14.19-150200.5.61.1 * postgresql14-llvmjit-14.19-150200.5.61.1 * postgresql14-contrib-14.19-150200.5.61.1 * postgresql14-llvmjit-devel-14.19-150200.5.61.1 * postgresql14-server-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-debuginfo-14.19-150200.5.61.1 * postgresql14-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-pltcl-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-14.19-150200.5.61.1 * postgresql14-plpython-debuginfo-14.19-150200.5.61.1 * postgresql14-debuginfo-14.19-150200.5.61.1 * postgresql14-server-devel-14.19-150200.5.61.1 * postgresql14-server-14.19-150200.5.61.1 * postgresql14-contrib-debuginfo-14.19-150200.5.61.1 * postgresql14-plpython-14.19-150200.5.61.1 * postgresql14-llvmjit-debuginfo-14.19-150200.5.61.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * postgresql14-docs-14.19-150200.5.61.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * postgresql14-devel-14.19-150200.5.61.1 * postgresql14-server-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-debugsource-14.19-150200.5.61.1 * postgresql14-14.19-150200.5.61.1 * postgresql14-contrib-14.19-150200.5.61.1 * postgresql14-server-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-debuginfo-14.19-150200.5.61.1 * postgresql14-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-pltcl-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-14.19-150200.5.61.1 * postgresql14-plpython-debuginfo-14.19-150200.5.61.1 * postgresql14-debuginfo-14.19-150200.5.61.1 * postgresql14-server-devel-14.19-150200.5.61.1 * postgresql14-server-14.19-150200.5.61.1 * postgresql14-contrib-debuginfo-14.19-150200.5.61.1 * postgresql14-plpython-14.19-150200.5.61.1 * postgresql14-pltcl-14.19-150200.5.61.1 * SUSE Manager Proxy 4.3 LTS (noarch) * postgresql14-docs-14.19-150200.5.61.1 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * postgresql14-devel-14.19-150200.5.61.1 * postgresql14-server-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-debugsource-14.19-150200.5.61.1 * postgresql14-14.19-150200.5.61.1 * postgresql14-contrib-14.19-150200.5.61.1 * postgresql14-server-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-debuginfo-14.19-150200.5.61.1 * postgresql14-devel-debuginfo-14.19-150200.5.61.1 * postgresql14-pltcl-debuginfo-14.19-150200.5.61.1 * postgresql14-plperl-14.19-150200.5.61.1 * postgresql14-plpython-debuginfo-14.19-150200.5.61.1 * postgresql14-debuginfo-14.19-150200.5.61.1 * postgresql14-server-devel-14.19-150200.5.61.1 * postgresql14-server-14.19-150200.5.61.1 * postgresql14-contrib-debuginfo-14.19-150200.5.61.1 * postgresql14-plpython-14.19-150200.5.61.1 * postgresql14-pltcl-14.19-150200.5.61.1 * SUSE Manager Retail Branch Server 4.3 LTS (noarch) * postgresql14-docs-14.19-150200.5.61.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 16:30:27 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 16:30:27 -0000 Subject: SUSE-SU-2025:03030-1: important: Security update for postgresql15 Message-ID: <175648502782.22309.14814071298796453504@smelt2.prg2.suse.org> # Security update for postgresql15 Announcement ID: SUSE-SU-2025:03030-1 Release Date: 2025-08-29T15:12:41Z Rating: important References: * bsc#1248119 * bsc#1248120 * bsc#1248122 Cross-References: * CVE-2025-8713 * CVE-2025-8714 * CVE-2025-8715 CVSS scores: * CVE-2025-8713 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-8713 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8713 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-8714 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8714 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-8715 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-8715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS * SUSE Package Hub 15 15-SP3 * SUSE Package Hub 15 15-SP4 An update that solves three vulnerabilities can now be installed. ## Description: This update for postgresql15 fixes the following issues: Upgrade to 15.14: * CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table (bsc#1248120). * CVE-2025-8714: untrusted data inclusion in `pg_dump` lets superuser of origin server execute arbitrary code in psql client (bsc#1248122). * CVE-2025-8715: improper neutralization of newlines in `pg_dump` allows execution of arbitrary code in psql client and in restore target server (bsc#1248119). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP3 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2025-3030=1 * SUSE Package Hub 15 15-SP4 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2025-3030=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3030=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3030=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3030=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3030=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3030=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3030=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3030=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3030=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3030=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3030=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3030=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-3030=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-3030=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3030=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-3030=1 ## Package List: * SUSE Package Hub 15 15-SP3 (aarch64 s390x x86_64) * postgresql15-llvmjit-devel-15.14-150200.5.44.1 * postgresql15-llvmjit-debuginfo-15.14-150200.5.44.1 * postgresql15-llvmjit-15.14-150200.5.44.1 * postgresql15-test-15.14-150200.5.44.1 * SUSE Package Hub 15 15-SP4 (aarch64 ppc64le s390x x86_64) * postgresql15-llvmjit-devel-15.14-150200.5.44.1 * postgresql15-llvmjit-debuginfo-15.14-150200.5.44.1 * postgresql15-llvmjit-15.14-150200.5.44.1 * postgresql15-test-15.14-150200.5.44.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql15-plperl-15.14-150200.5.44.1 * postgresql15-plperl-debuginfo-15.14-150200.5.44.1 * postgresql15-server-15.14-150200.5.44.1 * postgresql15-server-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-debuginfo-15.14-150200.5.44.1 * postgresql15-debugsource-15.14-150200.5.44.1 * postgresql15-pltcl-15.14-150200.5.44.1 * postgresql15-pltcl-debuginfo-15.14-150200.5.44.1 * postgresql15-devel-15.14-150200.5.44.1 * postgresql15-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-server-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-15.14-150200.5.44.1 * postgresql15-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-15.14-150200.5.44.1 * postgresql15-server-devel-15.14-150200.5.44.1 * postgresql15-15.14-150200.5.44.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * postgresql15-docs-15.14-150200.5.44.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql15-plperl-15.14-150200.5.44.1 * postgresql15-plperl-debuginfo-15.14-150200.5.44.1 * postgresql15-server-15.14-150200.5.44.1 * postgresql15-server-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-debuginfo-15.14-150200.5.44.1 * postgresql15-debugsource-15.14-150200.5.44.1 * postgresql15-pltcl-15.14-150200.5.44.1 * postgresql15-pltcl-debuginfo-15.14-150200.5.44.1 * postgresql15-devel-15.14-150200.5.44.1 * postgresql15-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-server-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-15.14-150200.5.44.1 * postgresql15-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-15.14-150200.5.44.1 * postgresql15-server-devel-15.14-150200.5.44.1 * postgresql15-15.14-150200.5.44.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * postgresql15-docs-15.14-150200.5.44.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql15-plperl-15.14-150200.5.44.1 * postgresql15-plperl-debuginfo-15.14-150200.5.44.1 * postgresql15-server-15.14-150200.5.44.1 * postgresql15-server-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-debuginfo-15.14-150200.5.44.1 * postgresql15-debugsource-15.14-150200.5.44.1 * postgresql15-pltcl-15.14-150200.5.44.1 * postgresql15-pltcl-debuginfo-15.14-150200.5.44.1 * postgresql15-devel-15.14-150200.5.44.1 * postgresql15-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-server-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-15.14-150200.5.44.1 * postgresql15-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-15.14-150200.5.44.1 * postgresql15-server-devel-15.14-150200.5.44.1 * postgresql15-15.14-150200.5.44.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * postgresql15-docs-15.14-150200.5.44.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * postgresql15-plperl-15.14-150200.5.44.1 * postgresql15-plperl-debuginfo-15.14-150200.5.44.1 * postgresql15-server-15.14-150200.5.44.1 * postgresql15-server-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-debuginfo-15.14-150200.5.44.1 * postgresql15-debugsource-15.14-150200.5.44.1 * postgresql15-pltcl-15.14-150200.5.44.1 * postgresql15-pltcl-debuginfo-15.14-150200.5.44.1 * postgresql15-devel-15.14-150200.5.44.1 * postgresql15-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-server-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-15.14-150200.5.44.1 * postgresql15-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-15.14-150200.5.44.1 * postgresql15-server-devel-15.14-150200.5.44.1 * postgresql15-15.14-150200.5.44.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * postgresql15-docs-15.14-150200.5.44.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * postgresql15-plperl-15.14-150200.5.44.1 * postgresql15-plperl-debuginfo-15.14-150200.5.44.1 * postgresql15-server-15.14-150200.5.44.1 * postgresql15-server-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-debuginfo-15.14-150200.5.44.1 * postgresql15-debugsource-15.14-150200.5.44.1 * postgresql15-pltcl-15.14-150200.5.44.1 * postgresql15-pltcl-debuginfo-15.14-150200.5.44.1 * postgresql15-devel-15.14-150200.5.44.1 * postgresql15-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-server-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-15.14-150200.5.44.1 * postgresql15-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-15.14-150200.5.44.1 * postgresql15-server-devel-15.14-150200.5.44.1 * postgresql15-15.14-150200.5.44.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * postgresql15-docs-15.14-150200.5.44.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * postgresql15-plperl-15.14-150200.5.44.1 * postgresql15-plperl-debuginfo-15.14-150200.5.44.1 * postgresql15-server-15.14-150200.5.44.1 * postgresql15-server-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-debuginfo-15.14-150200.5.44.1 * postgresql15-debugsource-15.14-150200.5.44.1 * postgresql15-pltcl-15.14-150200.5.44.1 * postgresql15-pltcl-debuginfo-15.14-150200.5.44.1 * postgresql15-devel-15.14-150200.5.44.1 * postgresql15-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-server-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-15.14-150200.5.44.1 * postgresql15-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-15.14-150200.5.44.1 * postgresql15-server-devel-15.14-150200.5.44.1 * postgresql15-15.14-150200.5.44.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * postgresql15-docs-15.14-150200.5.44.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * postgresql15-plperl-15.14-150200.5.44.1 * postgresql15-plperl-debuginfo-15.14-150200.5.44.1 * postgresql15-server-15.14-150200.5.44.1 * postgresql15-server-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-debuginfo-15.14-150200.5.44.1 * postgresql15-debugsource-15.14-150200.5.44.1 * postgresql15-pltcl-15.14-150200.5.44.1 * postgresql15-pltcl-debuginfo-15.14-150200.5.44.1 * postgresql15-devel-15.14-150200.5.44.1 * postgresql15-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-server-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-15.14-150200.5.44.1 * postgresql15-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-15.14-150200.5.44.1 * postgresql15-server-devel-15.14-150200.5.44.1 * postgresql15-15.14-150200.5.44.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * postgresql15-docs-15.14-150200.5.44.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql15-plperl-15.14-150200.5.44.1 * postgresql15-plperl-debuginfo-15.14-150200.5.44.1 * postgresql15-server-15.14-150200.5.44.1 * postgresql15-server-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-debuginfo-15.14-150200.5.44.1 * postgresql15-debugsource-15.14-150200.5.44.1 * postgresql15-pltcl-15.14-150200.5.44.1 * postgresql15-pltcl-debuginfo-15.14-150200.5.44.1 * postgresql15-devel-15.14-150200.5.44.1 * postgresql15-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-server-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-15.14-150200.5.44.1 * postgresql15-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-15.14-150200.5.44.1 * postgresql15-server-devel-15.14-150200.5.44.1 * postgresql15-15.14-150200.5.44.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * postgresql15-docs-15.14-150200.5.44.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql15-plperl-15.14-150200.5.44.1 * postgresql15-plperl-debuginfo-15.14-150200.5.44.1 * postgresql15-server-15.14-150200.5.44.1 * postgresql15-server-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-debuginfo-15.14-150200.5.44.1 * postgresql15-debugsource-15.14-150200.5.44.1 * postgresql15-pltcl-15.14-150200.5.44.1 * postgresql15-pltcl-debuginfo-15.14-150200.5.44.1 * postgresql15-devel-15.14-150200.5.44.1 * postgresql15-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-server-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-15.14-150200.5.44.1 * postgresql15-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-15.14-150200.5.44.1 * postgresql15-server-devel-15.14-150200.5.44.1 * postgresql15-15.14-150200.5.44.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * postgresql15-docs-15.14-150200.5.44.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql15-plperl-15.14-150200.5.44.1 * postgresql15-plperl-debuginfo-15.14-150200.5.44.1 * postgresql15-server-15.14-150200.5.44.1 * postgresql15-server-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-debuginfo-15.14-150200.5.44.1 * postgresql15-debugsource-15.14-150200.5.44.1 * postgresql15-pltcl-15.14-150200.5.44.1 * postgresql15-pltcl-debuginfo-15.14-150200.5.44.1 * postgresql15-devel-15.14-150200.5.44.1 * postgresql15-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-server-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-15.14-150200.5.44.1 * postgresql15-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-15.14-150200.5.44.1 * postgresql15-server-devel-15.14-150200.5.44.1 * postgresql15-15.14-150200.5.44.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql15-docs-15.14-150200.5.44.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * postgresql15-plperl-15.14-150200.5.44.1 * postgresql15-plperl-debuginfo-15.14-150200.5.44.1 * postgresql15-server-15.14-150200.5.44.1 * postgresql15-server-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-debuginfo-15.14-150200.5.44.1 * postgresql15-debugsource-15.14-150200.5.44.1 * postgresql15-pltcl-15.14-150200.5.44.1 * postgresql15-pltcl-debuginfo-15.14-150200.5.44.1 * postgresql15-devel-15.14-150200.5.44.1 * postgresql15-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-server-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-15.14-150200.5.44.1 * postgresql15-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-15.14-150200.5.44.1 * postgresql15-server-devel-15.14-150200.5.44.1 * postgresql15-15.14-150200.5.44.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * postgresql15-docs-15.14-150200.5.44.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * postgresql15-plperl-15.14-150200.5.44.1 * postgresql15-plperl-debuginfo-15.14-150200.5.44.1 * postgresql15-server-15.14-150200.5.44.1 * postgresql15-server-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-debuginfo-15.14-150200.5.44.1 * postgresql15-debugsource-15.14-150200.5.44.1 * postgresql15-pltcl-15.14-150200.5.44.1 * postgresql15-pltcl-debuginfo-15.14-150200.5.44.1 * postgresql15-devel-15.14-150200.5.44.1 * postgresql15-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-server-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-15.14-150200.5.44.1 * postgresql15-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-15.14-150200.5.44.1 * postgresql15-server-devel-15.14-150200.5.44.1 * postgresql15-15.14-150200.5.44.1 * SUSE Manager Proxy 4.3 LTS (noarch) * postgresql15-docs-15.14-150200.5.44.1 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * postgresql15-plperl-15.14-150200.5.44.1 * postgresql15-plperl-debuginfo-15.14-150200.5.44.1 * postgresql15-server-15.14-150200.5.44.1 * postgresql15-server-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-debuginfo-15.14-150200.5.44.1 * postgresql15-debugsource-15.14-150200.5.44.1 * postgresql15-pltcl-15.14-150200.5.44.1 * postgresql15-pltcl-debuginfo-15.14-150200.5.44.1 * postgresql15-devel-15.14-150200.5.44.1 * postgresql15-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-server-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-15.14-150200.5.44.1 * postgresql15-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-15.14-150200.5.44.1 * postgresql15-server-devel-15.14-150200.5.44.1 * postgresql15-15.14-150200.5.44.1 * SUSE Manager Retail Branch Server 4.3 LTS (noarch) * postgresql15-docs-15.14-150200.5.44.1 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * postgresql15-plperl-15.14-150200.5.44.1 * postgresql15-plperl-debuginfo-15.14-150200.5.44.1 * postgresql15-server-15.14-150200.5.44.1 * postgresql15-server-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-debuginfo-15.14-150200.5.44.1 * postgresql15-debugsource-15.14-150200.5.44.1 * postgresql15-pltcl-15.14-150200.5.44.1 * postgresql15-pltcl-debuginfo-15.14-150200.5.44.1 * postgresql15-devel-15.14-150200.5.44.1 * postgresql15-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-server-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-15.14-150200.5.44.1 * postgresql15-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-15.14-150200.5.44.1 * postgresql15-server-devel-15.14-150200.5.44.1 * postgresql15-15.14-150200.5.44.1 * SUSE Manager Server 4.3 LTS (noarch) * postgresql15-docs-15.14-150200.5.44.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql15-plperl-15.14-150200.5.44.1 * postgresql15-plperl-debuginfo-15.14-150200.5.44.1 * postgresql15-server-15.14-150200.5.44.1 * postgresql15-server-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-debuginfo-15.14-150200.5.44.1 * postgresql15-debugsource-15.14-150200.5.44.1 * postgresql15-pltcl-15.14-150200.5.44.1 * postgresql15-pltcl-debuginfo-15.14-150200.5.44.1 * postgresql15-devel-15.14-150200.5.44.1 * postgresql15-devel-debuginfo-15.14-150200.5.44.1 * postgresql15-server-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-15.14-150200.5.44.1 * postgresql15-debuginfo-15.14-150200.5.44.1 * postgresql15-contrib-debuginfo-15.14-150200.5.44.1 * postgresql15-plpython-15.14-150200.5.44.1 * postgresql15-server-devel-15.14-150200.5.44.1 * postgresql15-15.14-150200.5.44.1 * SUSE Enterprise Storage 7.1 (noarch) * postgresql15-docs-15.14-150200.5.44.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8713.html * https://www.suse.com/security/cve/CVE-2025-8714.html * https://www.suse.com/security/cve/CVE-2025-8715.html * https://bugzilla.suse.com/show_bug.cgi?id=1248119 * https://bugzilla.suse.com/show_bug.cgi?id=1248120 * https://bugzilla.suse.com/show_bug.cgi?id=1248122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 16:30:32 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 16:30:32 -0000 Subject: SUSE-SU-2025:03029-1: important: Security update for python-future Message-ID: <175648503232.22309.5644142675577098624@smelt2.prg2.suse.org> # Security update for python-future Announcement ID: SUSE-SU-2025:03029-1 Release Date: 2025-08-29T13:49:16Z Rating: important References: * bsc#1248124 Cross-References: * CVE-2025-50817 CVSS scores: * CVE-2025-50817 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-50817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-50817 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python-future fixes the following issues: * CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py (bsc#1248124) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-3029=1 ## Package List: * Public Cloud Module 12 (noarch) * python-future-0.15.2-3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-50817.html * https://bugzilla.suse.com/show_bug.cgi?id=1248124 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 16:30:38 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 16:30:38 -0000 Subject: SUSE-SU-2025:03028-1: important: Security update for python-future Message-ID: <175648503825.22309.1151432170120243610@smelt2.prg2.suse.org> # Security update for python-future Announcement ID: SUSE-SU-2025:03028-1 Release Date: 2025-08-29T13:49:06Z Rating: important References: * bsc#1248124 Cross-References: * CVE-2025-50817 CVSS scores: * CVE-2025-50817 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-50817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-50817 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python-future fixes the following issues: * CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py (bsc#1248124) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-3028=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3028=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * python-future-0.15.2-3.8.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * python-future-0.15.2-3.8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-50817.html * https://bugzilla.suse.com/show_bug.cgi?id=1248124 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 16:30:43 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 16:30:43 -0000 Subject: SUSE-SU-2025:03026-1: low: Security update for libsoup Message-ID: <175648504318.22309.12591589297767370492@smelt2.prg2.suse.org> # Security update for libsoup Announcement ID: SUSE-SU-2025:03026-1 Release Date: 2025-08-29T12:42:45Z Rating: low References: * bsc#1243314 Cross-References: * CVE-2025-4945 CVSS scores: * CVE-2025-4945 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-4945 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-4945 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libsoup fixes the following issues: * CVE-2025-4945: Add value checks for date/time parsing (bsc#1243314). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3026=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libsoup-2_4-1-2.62.2-5.18.1 * libsoup-2_4-1-32bit-2.62.2-5.18.1 * libsoup-devel-2.62.2-5.18.1 * libsoup-2_4-1-debuginfo-2.62.2-5.18.1 * libsoup-debugsource-2.62.2-5.18.1 * typelib-1_0-Soup-2_4-2.62.2-5.18.1 * libsoup-2_4-1-debuginfo-32bit-2.62.2-5.18.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * libsoup-lang-2.62.2-5.18.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4945.html * https://bugzilla.suse.com/show_bug.cgi?id=1243314 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 16:30:45 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 16:30:45 -0000 Subject: SUSE-SU-2025:03025-1: moderate: Security update for javamail Message-ID: <175648504531.22309.12623430372889389962@smelt2.prg2.suse.org> # Security update for javamail Announcement ID: SUSE-SU-2025:03025-1 Release Date: 2025-08-29T12:42:38Z Rating: moderate References: * bsc#1246873 Cross-References: * CVE-2025-7962 CVSS scores: * CVE-2025-7962 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-7962 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-7962 ( NVD ): 6.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-7962 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for javamail fixes the following issues: * Update to version 1.6.2 * CVE-2025-7962: Fixed an improper neutralization of \r and \n UTF-8 characters can lead to SMTP injection (bsc#1246873) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-3025=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3025=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-3025=1 ## Package List: * openSUSE Leap 15.6 (noarch) * javamail-1.6.2-150200.3.7.1 * javamail-javadoc-1.6.2-150200.3.7.1 * Basesystem Module 15-SP6 (noarch) * javamail-1.6.2-150200.3.7.1 * Basesystem Module 15-SP7 (noarch) * javamail-1.6.2-150200.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2025-7962.html * https://bugzilla.suse.com/show_bug.cgi?id=1246873 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 16:30:52 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 16:30:52 -0000 Subject: SUSE-SU-2025:03024-1: important: Security update for tomcat Message-ID: <175648505218.22309.1094376085008305701@smelt2.prg2.suse.org> # Security update for tomcat Announcement ID: SUSE-SU-2025:03024-1 Release Date: 2025-08-29T12:42:03Z Rating: important References: * bsc#1243895 * bsc#1246318 * bsc#1246388 * bsc#1246389 Cross-References: * CVE-2025-48989 * CVE-2025-49125 * CVE-2025-52434 * CVE-2025-52520 * CVE-2025-53506 CVSS scores: * CVE-2025-48989 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-48989 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-48989 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-49125 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-49125 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-49125 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-52434 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-52434 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-52434 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-52520 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-52520 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-52520 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-53506 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-53506 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-53506 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS * Web and Scripting Module 15-SP6 * Web and Scripting Module 15-SP7 An update that solves five vulnerabilities can now be installed. ## Description: This update for tomcat fixes the following issues: Updated to 9.0.108: * CVE-2025-52520: Fixed integer overflow can lead to DoS for some unlikely configurations of multipart upload (bsc#1246388) * CVE-2025-53506: Fixed uncontrolled resource HTTP/2 client consumption vulnerability (bsc#1246318) * CVE-2025-52434: Fixed race condition on connection close when using the APR/Native connector leading to a JVM crash (bsc#1246389) * CVE-2025-48989: Fixed "MadeYouReset" DoS in HTTP/2 due to client triggered stream reset (bsc#1243895) Other: * Correct a regression in the fix for CVE-2025-49125 that prevented access to PreResources and PostResources when mounted below the web application root with a path that was terminated with a file separator. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-3024=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2025-3024=1 * Web and Scripting Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP7-2025-3024=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3024=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3024=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3024=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3024=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3024=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3024=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3024=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3024=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3024=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3024=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3024=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3024=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-3024=1 ## Package List: * openSUSE Leap 15.6 (noarch) * tomcat-javadoc-9.0.108-150200.91.1 * tomcat-servlet-4_0-api-9.0.108-150200.91.1 * tomcat-embed-9.0.108-150200.91.1 * tomcat-el-3_0-api-9.0.108-150200.91.1 * tomcat-9.0.108-150200.91.1 * tomcat-jsvc-9.0.108-150200.91.1 * tomcat-lib-9.0.108-150200.91.1 * tomcat-webapps-9.0.108-150200.91.1 * tomcat-jsp-2_3-api-9.0.108-150200.91.1 * tomcat-admin-webapps-9.0.108-150200.91.1 * tomcat-docs-webapp-9.0.108-150200.91.1 * Web and Scripting Module 15-SP6 (noarch) * tomcat-servlet-4_0-api-9.0.108-150200.91.1 * tomcat-el-3_0-api-9.0.108-150200.91.1 * tomcat-9.0.108-150200.91.1 * tomcat-lib-9.0.108-150200.91.1 * tomcat-webapps-9.0.108-150200.91.1 * tomcat-admin-webapps-9.0.108-150200.91.1 * tomcat-jsp-2_3-api-9.0.108-150200.91.1 * Web and Scripting Module 15-SP7 (noarch) * tomcat-servlet-4_0-api-9.0.108-150200.91.1 * tomcat-el-3_0-api-9.0.108-150200.91.1 * tomcat-9.0.108-150200.91.1 * tomcat-lib-9.0.108-150200.91.1 * tomcat-webapps-9.0.108-150200.91.1 * tomcat-admin-webapps-9.0.108-150200.91.1 * tomcat-jsp-2_3-api-9.0.108-150200.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * tomcat-servlet-4_0-api-9.0.108-150200.91.1 * tomcat-el-3_0-api-9.0.108-150200.91.1 * tomcat-9.0.108-150200.91.1 * tomcat-lib-9.0.108-150200.91.1 * tomcat-webapps-9.0.108-150200.91.1 * tomcat-admin-webapps-9.0.108-150200.91.1 * tomcat-jsp-2_3-api-9.0.108-150200.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * tomcat-servlet-4_0-api-9.0.108-150200.91.1 * tomcat-el-3_0-api-9.0.108-150200.91.1 * tomcat-9.0.108-150200.91.1 * tomcat-lib-9.0.108-150200.91.1 * tomcat-webapps-9.0.108-150200.91.1 * tomcat-admin-webapps-9.0.108-150200.91.1 * tomcat-jsp-2_3-api-9.0.108-150200.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * tomcat-servlet-4_0-api-9.0.108-150200.91.1 * tomcat-el-3_0-api-9.0.108-150200.91.1 * tomcat-9.0.108-150200.91.1 * tomcat-lib-9.0.108-150200.91.1 * tomcat-webapps-9.0.108-150200.91.1 * tomcat-admin-webapps-9.0.108-150200.91.1 * tomcat-jsp-2_3-api-9.0.108-150200.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * tomcat-servlet-4_0-api-9.0.108-150200.91.1 * tomcat-el-3_0-api-9.0.108-150200.91.1 * tomcat-9.0.108-150200.91.1 * tomcat-lib-9.0.108-150200.91.1 * tomcat-webapps-9.0.108-150200.91.1 * tomcat-admin-webapps-9.0.108-150200.91.1 * tomcat-jsp-2_3-api-9.0.108-150200.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * tomcat-servlet-4_0-api-9.0.108-150200.91.1 * tomcat-el-3_0-api-9.0.108-150200.91.1 * tomcat-9.0.108-150200.91.1 * tomcat-lib-9.0.108-150200.91.1 * tomcat-webapps-9.0.108-150200.91.1 * tomcat-admin-webapps-9.0.108-150200.91.1 * tomcat-jsp-2_3-api-9.0.108-150200.91.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * tomcat-servlet-4_0-api-9.0.108-150200.91.1 * tomcat-el-3_0-api-9.0.108-150200.91.1 * tomcat-9.0.108-150200.91.1 * tomcat-lib-9.0.108-150200.91.1 * tomcat-webapps-9.0.108-150200.91.1 * tomcat-admin-webapps-9.0.108-150200.91.1 * tomcat-jsp-2_3-api-9.0.108-150200.91.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * tomcat-servlet-4_0-api-9.0.108-150200.91.1 * tomcat-el-3_0-api-9.0.108-150200.91.1 * tomcat-9.0.108-150200.91.1 * tomcat-lib-9.0.108-150200.91.1 * tomcat-webapps-9.0.108-150200.91.1 * tomcat-admin-webapps-9.0.108-150200.91.1 * tomcat-jsp-2_3-api-9.0.108-150200.91.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * tomcat-servlet-4_0-api-9.0.108-150200.91.1 * tomcat-el-3_0-api-9.0.108-150200.91.1 * tomcat-9.0.108-150200.91.1 * tomcat-lib-9.0.108-150200.91.1 * tomcat-webapps-9.0.108-150200.91.1 * tomcat-admin-webapps-9.0.108-150200.91.1 * tomcat-jsp-2_3-api-9.0.108-150200.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * tomcat-servlet-4_0-api-9.0.108-150200.91.1 * tomcat-el-3_0-api-9.0.108-150200.91.1 * tomcat-9.0.108-150200.91.1 * tomcat-lib-9.0.108-150200.91.1 * tomcat-webapps-9.0.108-150200.91.1 * tomcat-admin-webapps-9.0.108-150200.91.1 * tomcat-jsp-2_3-api-9.0.108-150200.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * tomcat-servlet-4_0-api-9.0.108-150200.91.1 * tomcat-el-3_0-api-9.0.108-150200.91.1 * tomcat-9.0.108-150200.91.1 * tomcat-lib-9.0.108-150200.91.1 * tomcat-webapps-9.0.108-150200.91.1 * tomcat-admin-webapps-9.0.108-150200.91.1 * tomcat-jsp-2_3-api-9.0.108-150200.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * tomcat-servlet-4_0-api-9.0.108-150200.91.1 * tomcat-el-3_0-api-9.0.108-150200.91.1 * tomcat-9.0.108-150200.91.1 * tomcat-lib-9.0.108-150200.91.1 * tomcat-webapps-9.0.108-150200.91.1 * tomcat-admin-webapps-9.0.108-150200.91.1 * tomcat-jsp-2_3-api-9.0.108-150200.91.1 * SUSE Manager Server 4.3 LTS (noarch) * tomcat-servlet-4_0-api-9.0.108-150200.91.1 * tomcat-el-3_0-api-9.0.108-150200.91.1 * tomcat-9.0.108-150200.91.1 * tomcat-lib-9.0.108-150200.91.1 * tomcat-webapps-9.0.108-150200.91.1 * tomcat-admin-webapps-9.0.108-150200.91.1 * tomcat-jsp-2_3-api-9.0.108-150200.91.1 * SUSE Enterprise Storage 7.1 (noarch) * tomcat-servlet-4_0-api-9.0.108-150200.91.1 * tomcat-el-3_0-api-9.0.108-150200.91.1 * tomcat-9.0.108-150200.91.1 * tomcat-lib-9.0.108-150200.91.1 * tomcat-webapps-9.0.108-150200.91.1 * tomcat-admin-webapps-9.0.108-150200.91.1 * tomcat-jsp-2_3-api-9.0.108-150200.91.1 ## References: * https://www.suse.com/security/cve/CVE-2025-48989.html * https://www.suse.com/security/cve/CVE-2025-49125.html * https://www.suse.com/security/cve/CVE-2025-52434.html * https://www.suse.com/security/cve/CVE-2025-52520.html * https://www.suse.com/security/cve/CVE-2025-53506.html * https://bugzilla.suse.com/show_bug.cgi?id=1243895 * https://bugzilla.suse.com/show_bug.cgi?id=1246318 * https://bugzilla.suse.com/show_bug.cgi?id=1246388 * https://bugzilla.suse.com/show_bug.cgi?id=1246389 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:30:09 -0000 Subject: SUSE-SU-2025:20626-1: moderate: Security update for kernel-livepatch-MICRO-6-0-RT_Update_11 Message-ID: <175649940938.10939.9220954268115533562@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_11 Announcement ID: SUSE-SU-2025:20626-1 Release Date: 2025-08-25T12:45:12Z Rating: moderate References: Affected Products: * SUSE Linux Micro 6.1 An update that can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_11 fixes the following issues: This is the initial livepatch for the Update 11 of the RT Kernel for SL Micro 6.0 and 6.1. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-84=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-35-rt-1-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_11-debugsource-1-1.1 * kernel-livepatch-6_4_0-35-rt-debuginfo-1-1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:30:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:30:16 -0000 Subject: SUSE-SU-2025:20625-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 Message-ID: <175649941653.10939.16536018828646482123@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 Announcement ID: SUSE-SU-2025:20625-1 Release Date: 2025-08-25T12:45:12Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues: * CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250) * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-81=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_2-debugsource-9-1.1 * kernel-livepatch-6_4_0-10-rt-debuginfo-9-1.1 * kernel-livepatch-6_4_0-10-rt-9-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:30:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:30:21 -0000 Subject: SUSE-SU-2025:20624-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 Message-ID: <175649942148.10939.6052956658012848570@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 Announcement ID: SUSE-SU-2025:20624-1 Release Date: 2025-08-25T12:45:12Z Rating: important References: * bsc#1244337 * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves three vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-72=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_8-debugsource-2-1.2 * kernel-livepatch-6_4_0-31-rt-2-1.2 * kernel-livepatch-6_4_0-31-rt-debuginfo-2-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:30:27 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:30:27 -0000 Subject: SUSE-SU-2025:20623-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 Message-ID: <175649942765.10939.2015800142080411357@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 Announcement ID: SUSE-SU-2025:20623-1 Release Date: 2025-08-25T12:45:12Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves three vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-71=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-30-rt-debuginfo-3-1.3 * kernel-livepatch-MICRO-6-0-RT_Update_7-debugsource-3-1.3 * kernel-livepatch-6_4_0-30-rt-3-1.3 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:30:31 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:30:31 -0000 Subject: SUSE-SU-2025:20622-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 Message-ID: <175649943157.10939.488685161104861625@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 Announcement ID: SUSE-SU-2025:20622-1 Release Date: 2025-08-25T12:45:12Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves three vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-70=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-28-rt-3-3.1 * kernel-livepatch-MICRO-6-0-RT_Update_6-debugsource-3-3.1 * kernel-livepatch-6_4_0-28-rt-debuginfo-3-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:30:37 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:30:37 -0000 Subject: SUSE-SU-2025:20621-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 Message-ID: <175649943712.10939.595210099207035476@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 Announcement ID: SUSE-SU-2025:20621-1 Release Date: 2025-08-25T12:45:12Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves three vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-69=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-25-rt-5-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_5-debugsource-5-1.1 * kernel-livepatch-6_4_0-25-rt-debuginfo-5-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:30:43 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:30:43 -0000 Subject: SUSE-SU-2025:20620-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 Message-ID: <175649944383.10939.7250761078101642836@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 Announcement ID: SUSE-SU-2025:20620-1 Release Date: 2025-08-25T12:45:12Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues: * CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250) * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-68=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-22-rt-6-1.1 * kernel-livepatch-6_4_0-22-rt-debuginfo-6-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_4-debugsource-6-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:30:55 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:30:55 -0000 Subject: SUSE-SU-2025:20617-1: moderate: Security update for kernel-livepatch-MICRO-6-0_Update_10 Message-ID: <175649945526.10939.8039115859114234250@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_10 Announcement ID: SUSE-SU-2025:20617-1 Release Date: 2025-08-25T12:16:44Z Rating: moderate References: Affected Products: * SUSE Linux Micro 6.1 An update that can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_10 fixes the following issues: This is the initial livepatch for SL Micro 6.0 and 6.1 kernel update 10. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-66=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-32-default-debuginfo-1-1.1 * kernel-livepatch-MICRO-6-0_Update_10-debugsource-1-1.1 * kernel-livepatch-6_4_0-32-default-1-1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:31:00 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:31:00 -0000 Subject: SUSE-SU-2025:20616-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_9 Message-ID: <175649946040.10939.7223148530842614168@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_9 Announcement ID: SUSE-SU-2025:20616-1 Release Date: 2025-08-25T12:16:44Z Rating: important References: * bsc#1244337 * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves three vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_9 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-80=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-31-default-2-1.2 * kernel-livepatch-6_4_0-31-default-debuginfo-2-1.2 * kernel-livepatch-MICRO-6-0_Update_9-debugsource-2-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:31:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:31:05 -0000 Subject: SUSE-SU-2025:20615-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_8 Message-ID: <175649946585.10939.1125450354691342383@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_8 Announcement ID: SUSE-SU-2025:20615-1 Release Date: 2025-08-25T12:16:44Z Rating: important References: * bsc#1244337 * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves three vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-79=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-30-default-2-1.2 * kernel-livepatch-MICRO-6-0_Update_8-debugsource-2-1.2 * kernel-livepatch-6_4_0-30-default-debuginfo-2-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:31:10 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:31:10 -0000 Subject: SUSE-SU-2025:20614-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_7 Message-ID: <175649947040.10939.8085050584693534114@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_7 Announcement ID: SUSE-SU-2025:20614-1 Release Date: 2025-08-25T12:16:44Z Rating: important References: * bsc#1244337 * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves three vulnerabilities and has one fix can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_7 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-78=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-29-default-debuginfo-2-1.2 * kernel-livepatch-6_4_0-29-default-2-1.2 * kernel-livepatch-MICRO-6-0_Update_7-debugsource-2-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:31:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:31:14 -0000 Subject: SUSE-SU-2025:20613-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_6 Message-ID: <175649947406.10939.3672726685341581573@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_6 Announcement ID: SUSE-SU-2025:20613-1 Release Date: 2025-08-25T12:16:44Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves three vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-77=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-28-default-3-3.1 * kernel-livepatch-6_4_0-28-default-debuginfo-3-3.1 * kernel-livepatch-MICRO-6-0_Update_6-debugsource-3-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:31:18 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:31:18 -0000 Subject: SUSE-SU-2025:20612-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_5 Message-ID: <175649947895.10939.12005774154356816987@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_5 Announcement ID: SUSE-SU-2025:20612-1 Release Date: 2025-08-25T12:16:44Z Rating: important References: * bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References: * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves three vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-76=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-25-default-5-1.2 * kernel-livepatch-MICRO-6-0_Update_5-debugsource-5-1.2 * kernel-livepatch-6_4_0-25-default-debuginfo-5-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:31:24 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:31:24 -0000 Subject: SUSE-SU-2025:20611-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_4 Message-ID: <175649948400.10939.16453927622774982491@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_4 Announcement ID: SUSE-SU-2025:20611-1 Release Date: 2025-08-25T12:16:43Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues: * CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250) * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-75=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-24-default-debuginfo-7-1.2 * kernel-livepatch-MICRO-6-0_Update_4-debugsource-7-1.2 * kernel-livepatch-6_4_0-24-default-7-1.2 ## References: * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:31:29 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:31:29 -0000 Subject: SUSE-SU-2025:20610-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_2 Message-ID: <175649948935.10939.14404802853724330505@smelt2.prg2.suse.org> # Security update for kernel-livepatch-MICRO-6-0_Update_2 Announcement ID: SUSE-SU-2025:20610-1 Release Date: 2025-08-25T12:16:43Z Rating: important References: * bsc#1235250 * bsc#1245776 * bsc#1245793 * bsc#1245797 * bsc#1245804 Cross-References: * CVE-2024-53125 * CVE-2024-56664 * CVE-2025-21702 * CVE-2025-37752 * CVE-2025-37797 CVSS scores: * CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues: * CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250) * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-73=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-19-default-9-1.1 * kernel-livepatch-6_4_0-19-default-debuginfo-9-1.1 * kernel-livepatch-MICRO-6-0_Update_2-debugsource-9-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2025-21702.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://bugzilla.suse.com/show_bug.cgi?id=1235250 * https://bugzilla.suse.com/show_bug.cgi?id=1245776 * https://bugzilla.suse.com/show_bug.cgi?id=1245793 * https://bugzilla.suse.com/show_bug.cgi?id=1245797 * https://bugzilla.suse.com/show_bug.cgi?id=1245804 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:31:50 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:31:50 -0000 Subject: SUSE-SU-2025:20607-1: important: Security update for libxml2 Message-ID: <175649951091.10939.118788751392507381@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2025:20607-1 Release Date: 2025-08-27T09:46:23Z Rating: important References: * bsc#1244554 * bsc#1244555 * bsc#1244557 * bsc#1244580 * bsc#1244700 * bsc#1246296 Cross-References: * CVE-2025-49794 * CVE-2025-49795 * CVE-2025-49796 * CVE-2025-6021 * CVE-2025-6170 * CVE-2025-7425 CVSS scores: * CVE-2025-49794 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-49794 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-49794 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2025-49795 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-49795 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-49795 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-49796 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-49796 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2025-6021 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-6021 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-6021 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-6170 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-6170 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-6170 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-6170 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-7425 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-7425 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2025-7425 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2025-6021: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 [bsc#1244580] * CVE-2025-6170: stack buffer overflow may lead to a crash [bsc#1244700] * CVE-2025-7425: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr [bsc#1246296] * CVE-2025-49794: heap use after free (UAF) can lead to Denial of service (DoS) [bsc#1244554] * CVE-2025-49795: null pointer dereference may lead to Denial of service (DoS) [bsc#1244555] * CVE-2025-49796: type confusion may lead to Denial of service (DoS) [bsc#1244557] ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-236=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * libxml2-2-2.11.6-slfo.1.1_6.1 * libxml2-debugsource-2.11.6-slfo.1.1_6.1 * libxml2-2-debuginfo-2.11.6-slfo.1.1_6.1 * libxml2-tools-debuginfo-2.11.6-slfo.1.1_6.1 * libxml2-tools-2.11.6-slfo.1.1_6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-49794.html * https://www.suse.com/security/cve/CVE-2025-49795.html * https://www.suse.com/security/cve/CVE-2025-49796.html * https://www.suse.com/security/cve/CVE-2025-6021.html * https://www.suse.com/security/cve/CVE-2025-6170.html * https://www.suse.com/security/cve/CVE-2025-7425.html * https://bugzilla.suse.com/show_bug.cgi?id=1244554 * https://bugzilla.suse.com/show_bug.cgi?id=1244555 * https://bugzilla.suse.com/show_bug.cgi?id=1244557 * https://bugzilla.suse.com/show_bug.cgi?id=1244580 * https://bugzilla.suse.com/show_bug.cgi?id=1244700 * https://bugzilla.suse.com/show_bug.cgi?id=1246296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:35:43 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:35:43 -0000 Subject: SUSE-SU-2025:20602-1: important: Security update for the Linux Kernel Message-ID: <175649974397.10939.8394414950942986284@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:20602-1 Release Date: 2025-08-25T13:33:57Z Rating: important References: * bsc#1204142 * bsc#1219338 * bsc#1225707 * bsc#1230216 * bsc#1233300 * bsc#1235613 * bsc#1235837 * bsc#1236333 * bsc#1236897 * bsc#1238896 * bsc#1239061 * bsc#1240323 * bsc#1240885 * bsc#1240966 * bsc#1241166 * bsc#1241345 * bsc#1242086 * bsc#1242414 * bsc#1242837 * bsc#1242960 * bsc#1242965 * bsc#1242993 * bsc#1243068 * bsc#1243100 * bsc#1243479 * bsc#1243669 * bsc#1243806 * bsc#1244309 * bsc#1244337 * bsc#1244457 * bsc#1244735 * bsc#1244749 * bsc#1244750 * bsc#1244792 * bsc#1244801 * bsc#1245151 * bsc#1245201 * bsc#1245202 * bsc#1245216 * bsc#1245260 * bsc#1245431 * bsc#1245440 * bsc#1245457 * bsc#1245498 * bsc#1245499 * bsc#1245504 * bsc#1245506 * bsc#1245508 * bsc#1245510 * bsc#1245540 * bsc#1245598 * bsc#1245599 * bsc#1245646 * bsc#1245647 * bsc#1245649 * bsc#1245650 * bsc#1245654 * bsc#1245658 * bsc#1245660 * bsc#1245665 * bsc#1245666 * bsc#1245668 * bsc#1245669 * bsc#1245670 * bsc#1245671 * bsc#1245675 * bsc#1245676 * bsc#1245677 * bsc#1245679 * bsc#1245682 * bsc#1245683 * bsc#1245684 * bsc#1245688 * bsc#1245689 * bsc#1245690 * bsc#1245691 * bsc#1245695 * bsc#1245705 * bsc#1245708 * bsc#1245711 * bsc#1245713 * bsc#1245714 * bsc#1245719 * bsc#1245723 * bsc#1245729 * bsc#1245730 * bsc#1245731 * bsc#1245735 * bsc#1245737 * bsc#1245744 * bsc#1245745 * bsc#1245746 * bsc#1245747 * bsc#1245748 * bsc#1245749 * bsc#1245750 * bsc#1245751 * bsc#1245752 * bsc#1245757 * bsc#1245758 * bsc#1245765 * bsc#1245768 * bsc#1245769 * bsc#1245777 * bsc#1245781 * bsc#1245789 * bsc#1245937 * bsc#1245945 * bsc#1245951 * bsc#1245952 * bsc#1245954 * bsc#1245957 * bsc#1245966 * bsc#1245970 * bsc#1245976 * bsc#1245980 * bsc#1245983 * bsc#1245986 * bsc#1246000 * bsc#1246002 * bsc#1246006 * bsc#1246008 * bsc#1246020 * bsc#1246023 * bsc#1246029 * bsc#1246031 * bsc#1246037 * bsc#1246041 * bsc#1246042 * bsc#1246044 * bsc#1246045 * bsc#1246047 * bsc#1246049 * bsc#1246050 * bsc#1246055 * bsc#1246073 * bsc#1246093 * bsc#1246098 * bsc#1246109 * bsc#1246122 * bsc#1246125 * bsc#1246171 * bsc#1246173 * bsc#1246178 * bsc#1246182 * bsc#1246183 * bsc#1246186 * bsc#1246195 * bsc#1246203 * bsc#1246212 * bsc#1246220 * bsc#1246236 * bsc#1246240 * bsc#1246243 * bsc#1246246 * bsc#1246249 * bsc#1246250 * bsc#1246253 * bsc#1246258 * bsc#1246262 * bsc#1246264 * bsc#1246266 * bsc#1246268 * bsc#1246273 * bsc#1246283 * bsc#1246287 * bsc#1246292 * bsc#1246293 * bsc#1246295 * bsc#1246334 * bsc#1246337 * bsc#1246342 * bsc#1246349 * bsc#1246354 * bsc#1246358 * bsc#1246361 * bsc#1246364 * bsc#1246370 * bsc#1246375 * bsc#1246384 * bsc#1246386 * bsc#1246387 * bsc#1246438 * bsc#1246453 * bsc#1246473 * bsc#1246490 * bsc#1246506 * bsc#1246547 * bsc#1246777 * bsc#1246781 * bsc#1246870 * bsc#1246879 * bsc#1246911 * bsc#1247018 * bsc#1247023 * bsc#1247028 * bsc#1247031 * bsc#1247033 * bsc#1247035 * bsc#1247061 * bsc#1247089 * bsc#1247091 * bsc#1247097 * bsc#1247098 * bsc#1247101 * bsc#1247103 * bsc#1247104 * bsc#1247113 * bsc#1247118 * bsc#1247123 * bsc#1247125 * bsc#1247128 * bsc#1247132 * bsc#1247138 * bsc#1247141 * bsc#1247143 * bsc#1247145 * bsc#1247146 * bsc#1247147 * bsc#1247149 * bsc#1247150 * bsc#1247151 * bsc#1247153 * bsc#1247154 * bsc#1247156 * bsc#1247160 * bsc#1247164 * bsc#1247169 * bsc#1247170 * bsc#1247171 * bsc#1247172 * bsc#1247174 * bsc#1247176 * bsc#1247177 * bsc#1247178 * bsc#1247181 * bsc#1247209 * bsc#1247210 * bsc#1247227 * bsc#1247233 * bsc#1247236 * bsc#1247238 * bsc#1247241 * bsc#1247251 * bsc#1247252 * bsc#1247253 * bsc#1247255 * bsc#1247271 * bsc#1247273 * bsc#1247274 * bsc#1247276 * bsc#1247277 * bsc#1247278 * bsc#1247279 * bsc#1247284 * bsc#1247285 * bsc#1247288 * bsc#1247289 * bsc#1247293 * bsc#1247311 * bsc#1247314 * bsc#1247317 * bsc#1247347 * bsc#1247348 * bsc#1247349 * bsc#1247374 * bsc#1247437 * bsc#1247450 * jsc#PED-13238 Cross-References: * CVE-2019-11135 * CVE-2024-36028 * CVE-2024-36348 * CVE-2024-36349 * CVE-2024-36350 * CVE-2024-36357 * CVE-2024-44963 * CVE-2024-56742 * CVE-2024-57947 * CVE-2025-21839 * CVE-2025-21872 * CVE-2025-23163 * CVE-2025-37798 * CVE-2025-37856 * CVE-2025-37864 * CVE-2025-37885 * CVE-2025-37920 * CVE-2025-37984 * CVE-2025-38034 * CVE-2025-38035 * CVE-2025-38051 * CVE-2025-38052 * CVE-2025-38058 * CVE-2025-38061 * CVE-2025-38062 * CVE-2025-38063 * CVE-2025-38064 * CVE-2025-38074 * CVE-2025-38084 * CVE-2025-38085 * CVE-2025-38087 * CVE-2025-38088 * CVE-2025-38089 * CVE-2025-38090 * CVE-2025-38094 * CVE-2025-38095 * CVE-2025-38097 * CVE-2025-38098 * CVE-2025-38099 * CVE-2025-38100 * CVE-2025-38102 * CVE-2025-38105 * CVE-2025-38107 * CVE-2025-38108 * CVE-2025-38109 * CVE-2025-38110 * CVE-2025-38111 * CVE-2025-38112 * CVE-2025-38113 * CVE-2025-38115 * CVE-2025-38117 * CVE-2025-38118 * CVE-2025-38120 * CVE-2025-38122 * CVE-2025-38123 * CVE-2025-38124 * CVE-2025-38126 * CVE-2025-38127 * CVE-2025-38129 * CVE-2025-38131 * CVE-2025-38132 * CVE-2025-38135 * CVE-2025-38136 * CVE-2025-38138 * CVE-2025-38142 * CVE-2025-38143 * CVE-2025-38145 * CVE-2025-38147 * CVE-2025-38148 * CVE-2025-38149 * CVE-2025-38151 * CVE-2025-38153 * CVE-2025-38154 * CVE-2025-38155 * CVE-2025-38157 * CVE-2025-38158 * CVE-2025-38159 * CVE-2025-38161 * CVE-2025-38162 * CVE-2025-38165 * CVE-2025-38166 * CVE-2025-38173 * CVE-2025-38174 * CVE-2025-38177 * CVE-2025-38180 * CVE-2025-38181 * CVE-2025-38182 * CVE-2025-38183 * CVE-2025-38187 * CVE-2025-38188 * CVE-2025-38192 * CVE-2025-38193 * CVE-2025-38194 * CVE-2025-38197 * CVE-2025-38198 * CVE-2025-38200 * CVE-2025-38202 * CVE-2025-38203 * CVE-2025-38204 * CVE-2025-38206 * CVE-2025-38210 * CVE-2025-38211 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38214 * CVE-2025-38215 * CVE-2025-38217 * CVE-2025-38220 * CVE-2025-38222 * CVE-2025-38225 * CVE-2025-38226 * CVE-2025-38227 * CVE-2025-38229 * CVE-2025-38231 * CVE-2025-38236 * CVE-2025-38239 * CVE-2025-38244 * CVE-2025-38246 * CVE-2025-38248 * CVE-2025-38249 * CVE-2025-38250 * CVE-2025-38257 * CVE-2025-38259 * CVE-2025-38264 * CVE-2025-38272 * CVE-2025-38273 * CVE-2025-38275 * CVE-2025-38277 * CVE-2025-38279 * CVE-2025-38283 * CVE-2025-38286 * CVE-2025-38289 * CVE-2025-38290 * CVE-2025-38292 * CVE-2025-38293 * CVE-2025-38300 * CVE-2025-38303 * CVE-2025-38304 * CVE-2025-38305 * CVE-2025-38307 * CVE-2025-38310 * CVE-2025-38312 * CVE-2025-38313 * CVE-2025-38319 * CVE-2025-38323 * CVE-2025-38326 * CVE-2025-38328 * CVE-2025-38332 * CVE-2025-38334 * CVE-2025-38335 * CVE-2025-38336 * CVE-2025-38337 * CVE-2025-38338 * CVE-2025-38342 * CVE-2025-38343 * CVE-2025-38344 * CVE-2025-38345 * CVE-2025-38348 * CVE-2025-38349 * CVE-2025-38350 * CVE-2025-38352 * CVE-2025-38354 * CVE-2025-38362 * CVE-2025-38363 * CVE-2025-38364 * CVE-2025-38365 * CVE-2025-38369 * CVE-2025-38371 * CVE-2025-38373 * CVE-2025-38375 * CVE-2025-38376 * CVE-2025-38377 * CVE-2025-38380 * CVE-2025-38382 * CVE-2025-38384 * CVE-2025-38385 * CVE-2025-38386 * CVE-2025-38387 * CVE-2025-38389 * CVE-2025-38391 * CVE-2025-38392 * CVE-2025-38393 * CVE-2025-38395 * CVE-2025-38396 * CVE-2025-38399 * CVE-2025-38400 * CVE-2025-38401 * CVE-2025-38403 * CVE-2025-38404 * CVE-2025-38406 * CVE-2025-38409 * CVE-2025-38410 * CVE-2025-38412 * CVE-2025-38414 * CVE-2025-38415 * CVE-2025-38416 * CVE-2025-38420 * CVE-2025-38424 * CVE-2025-38425 * CVE-2025-38426 * CVE-2025-38428 * CVE-2025-38429 * CVE-2025-38430 * CVE-2025-38436 * CVE-2025-38443 * CVE-2025-38448 * CVE-2025-38449 * CVE-2025-38455 * CVE-2025-38457 * CVE-2025-38460 * CVE-2025-38461 * CVE-2025-38462 * CVE-2025-38463 * CVE-2025-38465 * CVE-2025-38467 * CVE-2025-38468 * CVE-2025-38470 * CVE-2025-38471 * CVE-2025-38473 * CVE-2025-38474 * CVE-2025-38476 * CVE-2025-38477 * CVE-2025-38478 * CVE-2025-38480 * CVE-2025-38481 * CVE-2025-38482 * CVE-2025-38483 * CVE-2025-38485 * CVE-2025-38487 * CVE-2025-38489 * CVE-2025-38494 * CVE-2025-38495 * CVE-2025-38496 * CVE-2025-38497 * CVE-2025-38498 CVSS scores: * CVE-2019-11135 ( SUSE ): 6.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2019-11135 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36348 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36349 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36350 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36357 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-44963 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-44963 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56742 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-57947 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57947 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21872 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23163 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23163 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37856 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37856 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37864 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37920 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37920 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-37984 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-37984 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38034 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38034 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38035 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38035 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38051 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38052 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38058 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38058 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38061 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38062 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38062 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38063 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38063 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38064 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38064 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38074 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38084 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38084 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38085 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38085 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38087 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38088 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38088 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38089 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38089 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38090 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38090 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38095 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38097 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38097 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38098 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38098 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38099 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38099 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38100 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38102 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38102 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38105 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38105 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38107 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38107 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38108 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38108 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38109 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38109 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38110 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38110 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38111 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38111 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38112 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38112 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38113 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38115 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38115 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38117 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38117 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38118 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38120 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-38120 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-38122 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38123 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38124 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38126 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38126 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38127 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38127 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38129 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38129 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38131 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38131 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38132 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38132 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38135 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38136 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38138 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38142 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38142 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38143 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38143 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38145 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38145 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38147 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38148 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38149 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38149 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38151 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38151 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38153 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38153 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38154 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38154 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38155 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38155 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38157 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38157 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38158 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38158 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38159 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38159 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38161 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38162 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38165 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38166 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38166 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38173 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38173 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38174 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38174 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38180 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38180 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38182 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38183 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38183 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38187 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38187 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38188 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38192 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38192 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38193 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38193 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38194 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38197 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38197 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38198 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38203 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38203 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38204 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38204 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38206 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38206 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38211 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38211 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38214 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38214 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38215 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38217 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38217 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38220 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38220 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38222 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-38222 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2025-38225 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38226 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38226 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38227 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38227 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38229 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38229 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-38231 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38231 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38239 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38239 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38244 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38244 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38246 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38248 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38248 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38249 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38249 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38250 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38250 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38257 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38259 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38259 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38264 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38272 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38273 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38273 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38275 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38277 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38277 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38279 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38279 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38283 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38283 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38286 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38286 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38289 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38289 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38290 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38290 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38292 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38292 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38293 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38293 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38300 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38300 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38303 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38303 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38304 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38305 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38307 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38310 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38310 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38312 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38313 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38319 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38323 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38323 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38326 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38326 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38328 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38332 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38334 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38334 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38335 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38335 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38336 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38337 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38338 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38338 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38342 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-38344 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38344 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38345 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38345 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38348 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38349 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38349 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38350 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38350 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38352 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38352 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38354 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38354 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38362 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38363 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38364 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38364 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38365 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38365 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38369 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38369 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38371 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38371 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38373 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38373 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38375 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38376 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38376 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38377 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38377 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38380 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38380 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38382 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38382 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38384 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38384 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38385 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38385 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38386 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38386 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38387 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38387 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38389 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38389 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38391 ( SUSE ): 5.2 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38391 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38392 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38392 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38393 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38393 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38395 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38395 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38396 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38396 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38399 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38399 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38400 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38400 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38401 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38401 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38403 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38406 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38406 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38409 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38409 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38410 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38410 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38412 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38412 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38414 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38414 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38415 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38415 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38416 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38416 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38425 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38425 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38426 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38426 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38428 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38428 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38429 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38429 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38430 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38430 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38436 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38436 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38448 ( SUSE ): 4.1 CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38448 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38455 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38455 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38457 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38457 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38460 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38460 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38461 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38461 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38462 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38462 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38463 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38463 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38465 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38465 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38467 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38467 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38470 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38471 ( SUSE ): 8.4 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38471 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2025-38473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38474 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38474 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38476 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38476 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38477 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38477 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38478 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38478 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38480 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38480 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38481 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38481 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38482 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38482 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38483 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38483 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38485 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38485 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38487 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38487 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38489 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38489 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38496 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38496 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38497 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38497 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38498 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38498 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves 235 vulnerabilities, contains one feature and has 33 fixes can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may * CVE-2024-36028: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() (bsc#1225707). * CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357: x86/process: Move the buffer clearing before MONITOR (bsc#1238896). * CVE-2024-44963: btrfs: do not BUG_ON() when freeing tree block after error (bsc#1230216). * CVE-2024-56742: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() (bsc#1235613). * CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061). * CVE-2025-21872: efi/mokvar-table: Avoid repeated map/unmap of the same page (bsc#1240323). * CVE-2025-23163: net: vlan: do not propagate flags on open (bsc#1242837). * CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068). * CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965). * CVE-2025-37885: KVM: x86: Reset IRTE to host control if _new_ route isn't postable (bsc#1242960). * CVE-2025-37920: kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (bsc#1243479). * CVE-2025-37984: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (bsc#1243669). * CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792). * CVE-2025-38035: nvmet-tcp: do not restore null sk_state_change (bsc#1244801). * CVE-2025-38051: smb: client: Fix use-after-free in cifs_fill_dirent (bsc#1244750). * CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151). * CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() (bsc#1245440). * CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216). * CVE-2025-38063: dm: fix unconditional IO throttle caused by REQ_PREFLUSH (bsc#1245202). * CVE-2025-38064: virtio: break and reset virtio devices on device_shutdown() (bsc#1245201). * CVE-2025-38074: vhost-scsi: protect vq->log_used with vq->mutex (bsc#1244735). * CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macb_halt_tx (bsc#1245649). * CVE-2025-38097: kabi: restore encap_sk in struct xfrm_state (bsc#1245660). * CVE-2025-38098: drm/amd/display: Do not treat wb connector as physical in (bsc#1245654). * CVE-2025-38099: Bluetooth: btusb: Fix regression in the initialization of fake Bluetooth controllers (bsc#1245671). * CVE-2025-38100: x86/iopl: Cure TIF_IO_BITMAP inconsistencies (bsc#1245650). * CVE-2025-38105: ALSA: usb-audio: Kill timer properly at removal (bsc#1245682). * CVE-2025-38115: net_sched: sch_sfq: fix a potential crash on gso_skb handling (bsc#1245689). * CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695). * CVE-2025-38126: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (bsc#1245708). * CVE-2025-38131: coresight: prevent deactivate active config while enabling the config (bsc#1245677). * CVE-2025-38132: coresight: holding cscfg_csdev_lock while removing cscfg from csdev (bsc#1245679). * CVE-2025-38147: calipso: unlock rcu before returning -EAFNOSUPPORT (bsc#1245768). * CVE-2025-38158: hisi_acc_vfio_pci: fix XQE dma address error (bsc#1245750). * CVE-2025-38162: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (bsc#1245752). * CVE-2025-38166: bpf: fix ktls panic with sockmap (bsc#1245758). * CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970). * CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937). * CVE-2025-38183: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (bsc#1246006). * CVE-2025-38187: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951). * CVE-2025-38188: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (bsc#1246098). * CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045). * CVE-2025-38202: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980). * CVE-2025-38203: jfs: Fix null-ptr-deref in jfs_ioc_trim (bsc#1246044). * CVE-2025-38204: jfs: fix array-index-out-of-bounds read in add_missing_indices (bsc#1245983). * CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073). * CVE-2025-38210: configfs-tsm-report: Fix NULL dereference of tsm_ops (bsc#1246020). * CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029). * CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966). * CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976). * CVE-2025-38236: af_unix: Disable MSG_OOB for unprivileged users (bsc#1246093). * CVE-2025-38239: scsi: megaraid_sas: Fix invalid node index (bsc#1246178). * CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183). * CVE-2025-38248: bridge: mcast: Fix use-after-free during router port configuration (bsc#1246173). * CVE-2025-38250: kABI workaround for bluetooth hci_dev changes (bsc#1246182). * CVE-2025-38264: llist: add interface to check if a node is on a list (bsc#1246387). * CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268). * CVE-2025-38279: selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264). * CVE-2025-38283: hisi_acc_vfio_pci: bugfix live migration function without VF device driver (bsc#1246273). * CVE-2025-38303: Bluetooth: eir: Fix possible crashes on eir_create_adv_data (bsc#1246354). * CVE-2025-38310: seg6: Fix validation of nexthop addresses (bsc#1246361). * CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473). * CVE-2025-38334: x86/sgx: Prevent attempts to reclaim poisoned pages (bsc#1246384). * CVE-2025-38335: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (bsc#1246250). * CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253). * CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777). * CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781). * CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911). * CVE-2025-38364: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (bsc#1247091). * CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023). * CVE-2025-38371: drm/v3d: Disable interrupts before resetting the GPU (bsc#1247178). * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177). * CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031). * CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169). * CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156). * CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (bsc#1247097). * CVE-2025-38403: vsock/vmci: Clear the vmci transport packet properly when initializing it (bsc#1247141). * CVE-2025-38414: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (bsc#1247145). * CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252). * CVE-2025-38429: bus: mhi: ep: Update read pointer only after buffer is written (bsc#1247253). * CVE-2025-38455: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (bsc#1247101). * CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098). * CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143). * CVE-2025-38461: vsock: Fix transport_* TOCTOU (bsc#1247103). * CVE-2025-38462: vsock: Fix transport_{g2h,h2g} TOCTOU (bsc#1247104). * CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113). * CVE-2025-38465: netlink: make sure we allow at least one dump skb (bsc#1247118). * CVE-2025-38470: kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (bsc#1247288). * CVE-2025-38471: tls: always refresh the queue when reading sock (bsc#1247450). * CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). * CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374). The following non-security bugs were fixed: * ACPI: LPSS: Remove AudioDSP related ID (git-fixes). * ACPI: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122). * ACPI: processor: perflib: Fix initial _PPC limit application (git-fixes). * ACPICA: Refuse to evaluate a method if arguments are missing (stable-fixes). * ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes). * ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable- fixes). * ALSA: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable- fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes). * ALSA: hda/tegra: Add Tegra264 support (stable-fixes). * ALSA: hda: Add missing NVIDIA HDA codec IDs (stable-fixes). * ALSA: hda: Add new pci id for AMD GPU display HD audio controller (stable- fixes). * ALSA: hda: Ignore unsol events for cards being shut down (stable-fixes). * ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git- fixes). * ALSA: sb: Do not allow changing the DMA mode during operations (stable- fixes). * ALSA: sb: Force to disable DMAs once when DMA mode is changed (stable- fixes). * ASoC: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes). * ASoC: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes). * ASoC: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable- fixes). * ASoC: amd: yc: update quirk data for HP Victus (stable-fixes). * ASoC: codec: wcd9335: Convert to GPIO descriptors (stable-fixes). * ASoC: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes). * ASoC: codecs: wcd9335: Handle nicer probe deferral and simplify with dev_err_probe() (stable-fixes). * ASoC: cs35l56: probe() should fail if the device ID is not recognized (git- fixes). * ASoC: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git- fixes). * ASoC: fsl_xcvr: get channel status data when PHY is not exists (git-fixes). * ASoC: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes). * ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git- fixes). * Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes). * Bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes). * Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes). * Bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT (git-fixes). * Bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes). * Bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes). * Bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes). * Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes). * Bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes). * Bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes). * Bluetooth: hci_conn: Fix sending BT_HCI_CMD_LE_CREATE_CONN_CANCEL (git- fixes). * Bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git- fixes). * Bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes). * Bluetooth: hci_sync: Attempt to dequeue connection attempt (git-fixes). * Bluetooth: hci_sync: Fix UAF on create_le_conn_complete (git-fixes). * Bluetooth: hci_sync: Fix handling of HCI_OP_CREATE_CONN_CANCEL (git-fixes). * Bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes). * Bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes). * Bluetooth: hci_sync: revert some mesh modifications (git-fixes). * Docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes). * Documentation: ACPI: Fix parent device references (git-fixes). * Documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes). * Fix dma_unmap_sg() nents value (git-fixes) * HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes). * HID: core: do not bypass hid_hw_raw_request (stable-fixes). * HID: core: ensure __hid_request reserves the report ID as the first byte (git-fixes). * HID: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes). * HID: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable- fixes). * HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable- fixes). * IB/mlx5: Fix potential deadlock in MR deregistration (git-fixes) * Input: iqs7222 - explicitly define number of external channels (git-fixes). * Input: xpad - adjust error handling for disconnect (git-fixes). * Input: xpad - set correct controller type for Acer NGR200 (git-fixes). * Input: xpad - support Acer NGR 200 Controller (stable-fixes). * Logitech C-270 even more broken (stable-fixes). * Move upstreamed SCSI and ACPI patches into sorted section * NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes). * NFS: Fix the setting of capabilities when automounting a new filesystem (git-fixes). * NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git- fixes). * NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes). * NFSD: detect mismatch of file handle and delegation stateid in OPEN op (git- fixes). * NFSv4.2: another fix for listxattr (git-fixes). * NFSv4.2: fix listxattr to return selinux security label (git-fixes). * NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes). * NFSv4: Always set NLINK even if the server does not support it (git-fixes). * NFSv4: xattr handlers should check for absent nfs filehandles (git-fixes). * PCI/MSI: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457). * PCI: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes). * PCI: endpoint: Fix configfs group list head handling (git-fixes). * PCI: endpoint: Fix configfs group removal on driver teardown (git-fixes). * PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes). * PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes). * PCI: hv: Allow dynamic MSI-X vector allocation (bsc#1245457). * PCI: rockchip-host: Fix "Unexpected Completion" log message (git-fixes). * PM / devfreq: Check governor before using governor->name (git-fixes). * RDMA/core: Rate limit GID cache warning messages (git-fixes) * RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes) * RDMA/hns: Drop GFP_NOWARN (git-fixes) * RDMA/hns: Fix -Wframe-larger-than issue (git-fixes) * RDMA/hns: Fix HW configurations not cleared in error flow (git-fixes) * RDMA/hns: Fix accessing uninitialized resources (git-fixes) * RDMA/hns: Fix double destruction of rsv_qp (git-fixes) * RDMA/hns: Get message length of ack_req from FW (git-fixes) * RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes) * RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes) * RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes) * RDMA/mlx5: Fix CC counters query for MPV (git-fixes) * RDMA/mlx5: Fix HW counters query for non-representor devices (git-fixes) * RDMA/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes) * RDMA/mlx5: Fix vport loopback for MPV device (git-fixes) * RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert (git-fixes) * RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes) * RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes) * RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes) * RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes) * RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git- fixes) * RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes) * Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes). * Revert "ACPI: battery: negate current when discharging" (stable-fixes). * Revert "cgroup_freezer: cgroup_freezing: Check if not frozen" (bsc#1219338). * Revert "drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1" (stable-fixes). * Revert "mmc: sdhci: Disable SD card clock before changing parameters" (git- fixes). * Revert "usb: xhci: Implement xhci_handshake_check_state() helper" (git- fixes). * Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" (stable-fixes). * SMB3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion (git-fixes). * USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes). * USB: serial: option: add Foxconn T99W640 (stable-fixes). * USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable- fixes). * [SMB3] send channel sequence number in SMB3 requests after reconnects (git- fixes). * af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes). * af_unix: Add a prompt to CONFIG_AF_UNIX_OOB (bsc#1246093). * amd/amdkfd: fix a kfd_process ref leak (stable-fixes). * aoe: clean device rq_list in aoedev_downdev() (git-fixes). * apple-mfi-fastcharge: protect first device name (git-fixes). * ata: pata_cs5536: fix build on 32-bit UML (stable-fixes). * audit,module: restore audit logging in load failure case (git-fixes). * bpf, sockmap: Fix sk_msg_reset_curr (git-fixes). * bpf/lpm_trie: Inline longest_prefix_match for fastpath (git-fixes). * bpf/selftests: Check errno when percpu map value size exceeds (git-fixes). * bpf: Add a possibly-zero-sized read test (git-fixes). * bpf: Avoid **hidden** attribute in static object (git-fixes). * bpf: Check percpu map value size first (git-fixes). * bpf: Disable some `attribute ignored' warnings in GCC (git-fixes). * bpf: Fix memory leak in bpf_core_apply (git-fixes). * bpf: Fix potential integer overflow in resolve_btfids (git-fixes). * bpf: Harden __bpf_kfunc tag against linker kfunc removal (git-fixes). * bpf: Make the pointer returned by iter next method valid (git-fixes). * bpf: Simplify checking size of helper accesses (git-fixes). * bpf: fix order of args in call to bpf_map_kvcalloc (git-fixes). * bpf: sockmap, updating the sg structure should also update curr (git-fixes). * bpftool: Fix missing pids during link show (git-fixes). * bpftool: Fix undefined behavior caused by shifting into the sign bit (git- fixes). * bpftool: Mount bpffs on provided dir instead of parent dir (git-fixes). * bpftool: Remove unnecessary source files from bootstrap version (git-fixes). * bpftool: Un-const bpf_func_info to fix it for llvm 17 and newer (git-fixes). * btrfs: do not ignore inode missing when replaying log tree (git-fixes). * btrfs: do not silently ignore unexpected extent type when replaying log (git-fixes). * btrfs: do not skip remaining extrefs if dir not found during log replay (git-fixes). * btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068) * btrfs: fix assertion when building free space tree (git-fixes). * btrfs: fix inode lookup error handling during log replay (git-fixes). * btrfs: fix invalid inode pointer dereferences during log replay (git-fixes). * btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes). * btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes). * btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes). * btrfs: fix ssd_spread overallocation (git-fixes). * btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068) * btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes). * btrfs: rename err to ret in btrfs_rmdir() (git-fixes). * btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes). * btrfs: return a btrfs_inode from read_one_inode() (git-fixes). * btrfs: tests: fix chunk map leak after failure to add it to the tree (git- fixes). * btrfs: update superblock's device bytes_used when dropping chunk (git- fixes). * btrfs: use NOFS context when getting inodes during logging and log replay (git-fixes). * btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes). * bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes). * bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes). * can: dev: can_restart(): move debug message and stats after successful restart (stable-fixes). * can: dev: can_restart(): reverse logic to remove need for goto (stable- fixes). * can: kvaser_pciefd: Store device channel index (git-fixes). * can: kvaser_usb: Assign netdev.dev_port based on device channel index (git- fixes). * can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes). * can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes). * can: peak_usb: fix USB FD devices potential malfunction (git-fixes). * cdc-acm: fix race between initial clearing halt and open (git-fixes). * cgroup,freezer: fix incomplete freezing when attaching tasks (bsc#1245789). * cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166). * cifs: reconnect helper should set reconnect for the right channel (git- fixes). * clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes). * clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes). * clk: sunxi-ng: v3s: Fix de clock definition (git-fixes). * clk: xilinx: vcu: unregister pll_post only if registered correctly (git- fixes). * clocksource: Scale the watchdog read retries automatically (bsc#1241345 bsc#1244457). * clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin (bsc#1241345 bsc#1244457). * comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes). * comedi: Fix initialization of data for instructions that write to subdevice (git-fixes). * comedi: Fix some signed shift left operations (git-fixes). * comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes). * comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes). * comedi: das16m1: Fix bit shift out of bounds (git-fixes). * comedi: das6402: Fix bit shift out of bounds (git-fixes). * comedi: pcl812: Fix bit shift out of bounds (git-fixes). * compiler_types.h: Define **retain for __attribute** (( **retain** )) (git- fixes). * config: enable RBD (jsc#PED-13238) * crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes). * crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes). * crypto: ccp - Fix locking on alloc failure handling (git-fixes). * crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes). * crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes). * crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes). * crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes). * crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes). * crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes). * crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes). * crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes). * crypto: qat - fix state restore for banks with exceptions (git-fixes). * crypto: qat - flush misc workqueue during device shutdown (git-fixes). * crypto: qat - use unmanaged allocation for dc_data (git-fixes). * crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes). * dm-bufio: fix sched in atomic context (git-fixes). * dm-flakey: error all IOs when num_features is absent (git-fixes). * dm-flakey: make corrupting read bios work (git-fixes). * dm-mirror: fix a tiny race condition (git-fixes). * dm-raid: fix variable in journal device check (git-fixes). * dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes). * dm: do not change md if dm_table_set_restrictions() fails (git-fixes). * dm: free table mempools if not used in __bind (git-fixes). * dm: restrict dm device size to 2^63-512 bytes (git-fixes). * dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes). * dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes). * dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes). * dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git- fixes). * dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes). * dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes). * dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes). * dmaengine: xilinx_dma: Set dma_device directions (stable-fixes). * drm/amd/display: Do not overwrite dce60_clk_mgr (git-fixes). * drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git- fixes). * drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes). * drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes). * drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes). * drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes). * drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git- fixes). * drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes). * drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes). * drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes). * drm/exynos: fimd: Guard display clock control with runtime PM calls (git- fixes). * drm/framebuffer: Acquire internal references on GEM handles (git-fixes). * drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes). * drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes). * drm/i915/gsc: mei interrupt top half should be in irq disabled context (git- fixes). * drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes). * drm/i915/selftests: Change mock_request() to return error pointers (git- fixes). * drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes). * drm/msm: Fix a fence leak in submit error path (stable-fixes). * drm/msm: Fix another leak in the submit error path (stable-fixes). * drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes). * drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes). * drm/sched: Increment job count before swapping tail spsc queue (git-fixes). * drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes). * drm/scheduler: signal scheduled fence when kill job (stable-fixes). * drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes). * drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes). * drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes). * exfat: fdatasync flag should be same like generic_write_sync() (git-fixes). * fbcon: Fix outdated registered_fb reference in comment (git-fixes). * fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes). * firewire: ohci: correct code comments about bus_reset tasklet (git-fixes). * fs/jfs: consolidate sanity checking in dbMount (git-fixes). * fs/orangefs: Allow 2 more characters in do_c_string() (git-fixes). * gpio: mlxbf2: use platform_get_irq_optional() (git-fixes). * gpio: pca953x: log an error when failing to get the reset GPIO (git-fixes). * gpio: sim: include a missing header (git-fixes). * gpio: vf610: add locking to gpio direction functions (git-fixes). * gpio: virtio: Fix config space reading (git-fixes). * gpiolib: Fix debug messaging in gpiod_find_and_request() (git-fixes). * gpiolib: Handle no pin_ranges in gpiochip_generic_config() (git-fixes). * gpiolib: acpi: Do not use GPIO chip fwnode in acpi_gpiochip_find() (bsc#1233300). * gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match (bsc#1233300). * gpiolib: cdev: Ignore reconfiguration without direction (git-fixes). * gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes). * hfs: make splice write available again (git-fixes). * hfsplus: make splice write available again (git-fixes). * hfsplus: remove mutex_lock check in hfsplus_free_extents (git-fixes). * hv_netvsc: Use VF's tso_max_size value when data path is VF (bsc#1246203). * hwmon: (corsair-cpro) Validate the size of the received input buffer (git- fixes). * hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes). * hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes). * hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes). * i2c/designware: Fix an initialization issue (git-fixes). * i2c: qup: jump out of the loop in case of timeout (git-fixes). * i2c: stm32: fix the device used for the DMA map (git-fixes). * i2c: tegra: Fix reset error handling with ACPI (git-fixes). * i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes). * i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes). * iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git- fixes). * iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes). * iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable- fixes). * iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes). * iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes). * iio: adc: max1363: Reorder mode_list[] entries (stable-fixes). * iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes). * iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes). * iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes). * iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes). * iommu/amd: Set the pgsize_bitmap correctly (git-fixes). * iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes). * iommu/vt-d: Fix possible circular locking dependency (git-fixes). * iommu/vt-d: Fix system hang on reboot -f (git-fixes). * ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes). * ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (git-fixes). * ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes). * ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes). * iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes). * jfs: fix metapage reference count leak in dbAllocCtl (git-fixes). * kABI workaround for struct drm_framebuffer changes (git-fixes). * kABI: Fix the module::name type in audit_context (git-fixes). * kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes). * kernel-syms.spec: Drop old rpm release number hack (bsc#1247172). * leds: multicolor: Fix intensity setting while SW blinking (stable-fixes). * lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1236897). * lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897). * maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes). * md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes). * media: gspca: Add bounds checking to firmware parser (git-fixes). * media: hi556: correct the test pattern configuration (git-fixes). * media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes). * media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes). * media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git- fixes). * media: usbtv: Lock resolution while streaming (git-fixes). * media: uvcvideo: Do not mark valid metadata as invalid (git-fixes). * media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git- fixes). * media: v4l2-ctrls: Do not reset handler's error in v4l2_ctrl_handler_free() (git-fixes). * media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes). * media: venus: Add a check for packet size after reading from shared memory (git-fixes). * media: venus: hfi: explicitly release IRQ during teardown (git-fixes). * media: venus: protect against spurious interrupts during probe (git-fixes). * media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git- fixes). * media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git- fixes). * media: vivid: fix wrong pixel_array control size (git-fixes). * memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git- fixes). * mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes). * misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes). * mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes). * mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes). * mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes). * mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes). * mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes). * module: Fix memory deallocation on error path in move_module() (git-fixes). * module: Remove unnecessary +1 from last_unloaded_module::name size (git- fixes). * module: Restore the moduleparam prefix length check (git-fixes). * mtd: fix possible integer overflow in erase_xfer() (git-fixes). * mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes). * mtd: rawnand: atmel: set pmecc data setup time (git-fixes). * mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes). * mtd: rawnand: renesas: Add missing check after DMA map (git-fixes). * mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes). * mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes). * mtd: spinand: fix memory leak of ECC engine conf (stable-fixes). * mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes). * mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes). * mtk-sd: Prevent memory corruption from DMA map failure (git-fixes). * mtk-sd: reset host->mrq on prepare_data() error (git-fixes). * mwl8k: Add missing check after DMA map (git-fixes). * nbd: fix uaf in nbd_genl_connect() error path (git-fixes). * net/packet: fix a race in packet_set_ring() and packet_notifier() (git- fixes). * net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes). * net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git- fixes). * net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git- fixes). * net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes). * net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes). * net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes). * net: mana: Add debug logs in MANA network driver (bsc#1246212). * net: mana: Add handler for hardware servicing events (bsc#1245730). * net: mana: Allocate MSI-X vectors dynamically (bsc#1245457). * net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457). * net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (bsc#1246203). * net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729). * net: mana: Set tx_packets to post gso processing packet count (bsc#1245731). * net: mana: explain irq_setup() algorithm (bsc#1245457). * net: phy: Do not register LEDs for genphy (git-fixes). * net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes). * net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes). * net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git- fixes). * net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes). * net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git- fixes). * net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes). * net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes). * net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes). * netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes). * nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git- fixes). * nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes). * nilfs2: reject invalid file types when reading inodes (git-fixes). * nvme-pci: refresh visible attrs after being checked (git-fixes). * nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes). * nvme: fix endianness of command word prints in nvme_log_err_passthru() (git- fixes). * nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes). * nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes). * nvmet-tcp: fix callback lock for TLS handshake (git-fixes). * objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes). * objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks (git-fixes). * objtool: Fix _THIS_IP_ detection for cold functions (git-fixes). * objtool: Fix error handling inconsistencies in check() (git-fixes). * objtool: Ignore dangling jump table entries (git-fixes). * objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes). * objtool: Properly disable uaccess validation (git-fixes). * objtool: Silence more KCOV warnings (git-fixes). * objtool: Silence more KCOV warnings, part 2 (git-fixes). * objtool: Stop UNRET validation on UD2 (git-fixes). * pNFS/flexfiles: do not attempt pnfs on fatal DS errors (git-fixes). * pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes). * perf: Fix sample vs do_exit() (bsc#1246547). * phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git- fixes). * pinctrl: amd: Clear GPIO debounce for suspend (git-fixes). * pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes). * pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes). * pinmux: fix race causing mux_owner NULL with active mux_usecount (git- fixes). * platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git- fixes). * platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git- fixes). * platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes). * platform/mellanox: mlxreg-lc: Fix logic error in power state check (git- fixes). * platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes). * platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes). * platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes). * platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes). * platform/x86: think-lmi: Create ksets consecutively (stable-fixes). * platform/x86: think-lmi: Fix kobject cleanup (git-fixes). * platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes). * power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes). * power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git- fixes). * powercap: call put_device() on an error path in powercap_register_control_type() (stable-fixes). * powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git- fixes). * powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes). * powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH (git-fixes). * ptp: fix breakage after ptp_vclock_in_use() rework (bsc#1246506). * pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes). * pwm: mediatek: Ensure to disable clocks in error path (git-fixes). * regmap: fix potential memory leak of regmap_bus (git-fixes). * regulator: fan53555: add enable_time support and soft-start times (stable- fixes). * regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git- fixes). * regulator: pwm-regulator: Calculate the output voltage for disabled PWMs (stable-fixes). * resource: fix false warning in __request_region() (git-fixes). * restore UCSI_CONNECTOR_RESET_HARD definition (git-fixes). * ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes). * rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes). * rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes). * rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337) * rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes). * rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes). * rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes). * rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes). * rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes). * rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes). * s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246870). * s390/entry: Fix last breaking event handling in case of stack corruption (git-fixes bsc#1243806). * s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245646). * s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245647). * s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245598). * s390: Add z17 elf platform (LTC#214086 bsc#1245540). * samples: mei: Fix building on musl libc (git-fixes). * sched,freezer: Remove unnecessary warning in __thaw_task (bsc#1219338). * sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up() (git- fixes). * scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes). * scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Copyright updates for 14.4.0.10 patches (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Modify end-of-life adapters' model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142). * scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: megaraid_sas: Fix invalid node index (git-fixes). * scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git- fixes). * scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git- fixes). * scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245599). * selftests/bpf: Add CFLAGS per source file and runner (git-fixes). * selftests/bpf: Add tests for iter next method returning valid pointer (git- fixes). * selftests/bpf: Change functions definitions to support GCC (git-fixes). * selftests/bpf: Fix a few tests for GCC related warnings (git-fixes). * selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect (git-fixes). * selftests/bpf: Fix prog numbers in test_sockmap (git-fixes). * smb3: move server check earlier when setting channel sequence number (git- fixes). * soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes). * soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes). * soc: aspeed: lpc-snoop: Do not disable channels that are not enabled (git- fixes). * soc: qcom: QMI encoding/decoding for big endian (git-fixes). * soc: qcom: fix endianness for QMI header (git-fixes). * soc: qcom: pmic_glink: fix OF node leak (git-fixes). * soundwire: amd: fix for clearing command status register (git-fixes). * soundwire: stream: restore params when prepare ports fail (git-fixes). * spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git- fixes). * staging: axis-fifo: remove sysfs interface (git-fixes). * staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git- fixes). * staging: nvec: Fix incorrect null termination of battery manufacturer (git- fixes). * struct cdns: move new member to the end (git-fixes). * struct ucsi_operations: use padding for new operation (git-fixes). * sunrpc: do not immediately retransmit on seqno miss (git-fixes). * sunrpc: fix client side handling of tls alerts (git-fixes). * tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes). * thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes). * thunderbolt: Fix copy+paste error in match_service_id() (git-fixes). * thunderbolt: Fix wake on connect at runtime (git-fixes). * tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes). * tracing/kprobes: Fix to free objects when failed to copy a symbol (git- fixes). * types: Complement the aligned types with signed 64-bit one (stable-fixes). * ucount: fix atomic_long_inc_below() argument type (git-fixes). * ucsi-glink: adapt to kABI consistency (git-fixes). * ucsi_ccg: Refine the UCSI Interrupt handling (git-fixes). * ucsi_operations: add stubs for all operations (git-fixes). * ucsi_ops: adapt update_connector to kABI consistency (git-fixes). * usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes). * usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes). * usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes). * usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes). * usb: cdnsp: Fix issue with resuming from L1 (git-fixes). * usb: cdnsp: Replace snprintf() with the safer scnprintf() variant (stable- fixes). * usb: cdnsp: do not disable slot for disabled slot (git-fixes). * usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes). * usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes). * usb: dwc2: also exit clock_gating when stopping udc while suspended (stable- fixes). * usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes). * usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes). * usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes). * usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes). * usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes). * usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes). * usb: hub: Do not try to recover devices lost during warm reset (git-fixes). * usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes). * usb: musb: fix gadget state on disconnect (git-fixes). * usb: musb: omap2430: fix device leak at unbind (git-fixes). * usb: net: sierra: check for no status endpoint (git-fixes). * usb: potential integer overflow in usbg_make_tpg() (stable-fixes). * usb: typec: Update sysfs when setting ops (git-fixes). * usb: typec: altmodes/displayport: do not index invalid pin_assignments (git- fixes). * usb: typec: displayport: Fix potential deadlock (git-fixes). * usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes). * usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable- fixes). * usb: typec: tcpm: allow switching to mode accessory to mux properly (stable- fixes). * usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes). * usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git- fixes). * usb: typec: ucsi: Add DATA_RESET option of Connector Reset command (git- fixes). * usb: typec: ucsi: Add qcm6490-pmic-glink as needing PDOS quirk (git-fixes). * usb: typec: ucsi: Delay alternate mode discovery (git-fixes). * usb: typec: ucsi: Fix busy loop on ASUS VivoBooks (git-fixes). * usb: typec: ucsi: Fix the partner PD revision (git-fixes). * usb: typec: ucsi: Get PD revision for partner (git-fixes). * usb: typec: ucsi: Set orientation as none when connector is unplugged (git- fixes). * usb: typec: ucsi: Update power_supply on power role change (git-fixes). * usb: typec: ucsi: add callback for connector status updates (git-fixes). * usb: typec: ucsi: add update_connector callback (git-fixes). * usb: typec: ucsi: do not retrieve PDOs if not supported (git-fixes). * usb: typec: ucsi: extract code to read PD caps (git-fixes). * usb: typec: ucsi: fix UCSI on SM8550 & SM8650 Qualcomm devices (git-fixes). * usb: typec: ucsi: glink: fix off-by-one in connector_status (git-fixes). * usb: typec: ucsi: glink: increase max ports for x1e80100 (git-fixes). * usb: typec: ucsi: glink: move GPIO reading into connector_status callback (git-fixes). * usb: typec: ucsi: glink: use typec_set_orientation (git-fixes). * usb: typec: ucsi: move ucsi_acknowledge() from ucsi_read_error() (git- fixes). * usb: typec: ucsi: properly register partner's PD device (git-fixes). * usb: typec: ucsi: support delaying GET_PDOS for device (git-fixes). * usb: typec: ucsi_acpi: Add LG Gram quirk (git-fixes). * usb: typec: ucsi_glink: drop NO_PARTNER_PDOS quirk for sm8550 / sm8650 (git- fixes). * usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk (git-fixes). * usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk on qcm6490 (git-fixes). * usb: typec: ucsi_glink: rework quirks implementation (git-fixes). * usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git- fixes). * usb: xhci: quirk for data loss in ISOC transfers (stable-fixes). * usb:cdnsp: remove TRB_FLUSH_ENDPOINT command (stable-fixes). * virtgpu: do not reset on shutdown (git-fixes). * vmci: Prevent the dispatching of uninitialized payloads (git-fixes). * vt: add missing notification when switching back to text mode (stable- fixes). * vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes). * vt: keyboard: Do not process Unicode characters in K_OFF mode (git-fixes). * watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git- fixes). * wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes). * wifi: ath11k: fix dest ring-buffer corruption (git-fixes). * wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes). * wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes). * wifi: ath11k: fix source ring-buffer corruption (git-fixes). * wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes). * wifi: ath12k: fix dest ring-buffer corruption (git-fixes). * wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes). * wifi: ath12k: fix endianness handling while accessing wmi service bit (git- fixes). * wifi: ath12k: fix source ring-buffer corruption (git-fixes). * wifi: ath6kl: remove WARN on bad firmware input (stable-fixes). * wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes). * wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes). * wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes). * wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes). * wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes). * wifi: mac80211: Add link iteration macro for link data (stable-fixes). * wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes). * wifi: mac80211: Do not call fq_flow_idx() for management frames (git-fixes). * wifi: mac80211: Do not schedule stopped TXQs (git-fixes). * wifi: mac80211: chan: chandef is non-NULL for reserved (stable-fixes). * wifi: mac80211: drop invalid source address OCB frames (stable-fixes). * wifi: mac80211: reject TDLS operations when station is not associated (git- fixes). * wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes). * wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes). * wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes). * wifi: plfxlc: Fix error handling in usb driver probe (git-fixes). * wifi: prevent A-MSDU attacks in mesh networks (stable-fixes). * wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes). * wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes). * wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes). * x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes). * x86/mce/amd: Add default names for MCA banks and blocks (git-fixes). * x86/mce/amd: Fix threshold limit reset (git-fixes). * x86/mce: Do not remove sysfs if thresholding sysfs init fails (git-fixes). * x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git- fixes). * x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git- fixes). * x86/traps: Initialize DR6 by writing its architectural reset value (git- fixes). * x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes). * x86: UV RTC: Add parameter to disable RTC clocksource (bsc#1241345). * xfs: fix off-by-one error in fsmap's end_daddr usage (bsc#1235837). * xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes). * xfs: remove unused event xfs_alloc_near_error (git-fixes). * xfs: remove unused event xfs_alloc_near_nominleft (git-fixes). * xfs: remove unused event xfs_attr_node_removename (git-fixes). * xfs: remove unused event xfs_ioctl_clone (git-fixes). * xfs: remove unused event xfs_pagecache_inval (git-fixes). * xfs: remove unused event xlog_iclog_want_sync (git-fixes). * xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes). * xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes). * xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes). * xfs: remove unused xfs_attr events (git-fixes). * xfs: remove unused xfs_reflink_compare_extents events (git-fixes). * xfs: remove usused xfs_end_io_direct events (git-fixes). * xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git- fixes). * xhci: dbc: Flush queued requests before stopping dbc (git-fixes). * xhci: dbctty: disable ECHO flag by default (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-82=1 ## Package List: * SUSE Linux Micro 6.1 (noarch) * kernel-source-6.4.0-32.1 * kernel-devel-6.4.0-32.1 * kernel-macros-6.4.0-32.1 * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-32.1 * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-6.4.0-32.1 * kernel-default-debugsource-6.4.0-32.1 * kernel-default-devel-6.4.0-32.1 * SUSE Linux Micro 6.1 (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-32.1.21.10 * SUSE Linux Micro 6.1 (ppc64le x86_64) * kernel-default-devel-debuginfo-6.4.0-32.1 * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-default-livepatch-6.4.0-32.1 * SUSE Linux Micro 6.1 (nosrc x86_64) * kernel-kvmsmall-6.4.0-32.1 * SUSE Linux Micro 6.1 (x86_64) * kernel-kvmsmall-debuginfo-6.4.0-32.1 * kernel-kvmsmall-debugsource-6.4.0-32.1 ## References: * https://www.suse.com/security/cve/CVE-2019-11135.html * https://www.suse.com/security/cve/CVE-2024-36028.html * https://www.suse.com/security/cve/CVE-2024-36348.html * https://www.suse.com/security/cve/CVE-2024-36349.html * https://www.suse.com/security/cve/CVE-2024-36350.html * https://www.suse.com/security/cve/CVE-2024-36357.html * https://www.suse.com/security/cve/CVE-2024-44963.html * https://www.suse.com/security/cve/CVE-2024-56742.html * https://www.suse.com/security/cve/CVE-2024-57947.html * https://www.suse.com/security/cve/CVE-2025-21839.html * https://www.suse.com/security/cve/CVE-2025-21872.html * https://www.suse.com/security/cve/CVE-2025-23163.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-37856.html * https://www.suse.com/security/cve/CVE-2025-37864.html * https://www.suse.com/security/cve/CVE-2025-37885.html * https://www.suse.com/security/cve/CVE-2025-37920.html * https://www.suse.com/security/cve/CVE-2025-37984.html * https://www.suse.com/security/cve/CVE-2025-38034.html * https://www.suse.com/security/cve/CVE-2025-38035.html * https://www.suse.com/security/cve/CVE-2025-38051.html * https://www.suse.com/security/cve/CVE-2025-38052.html * https://www.suse.com/security/cve/CVE-2025-38058.html * https://www.suse.com/security/cve/CVE-2025-38061.html * https://www.suse.com/security/cve/CVE-2025-38062.html * https://www.suse.com/security/cve/CVE-2025-38063.html * https://www.suse.com/security/cve/CVE-2025-38064.html * https://www.suse.com/security/cve/CVE-2025-38074.html * https://www.suse.com/security/cve/CVE-2025-38084.html * https://www.suse.com/security/cve/CVE-2025-38085.html * https://www.suse.com/security/cve/CVE-2025-38087.html * https://www.suse.com/security/cve/CVE-2025-38088.html * https://www.suse.com/security/cve/CVE-2025-38089.html * https://www.suse.com/security/cve/CVE-2025-38090.html * https://www.suse.com/security/cve/CVE-2025-38094.html * https://www.suse.com/security/cve/CVE-2025-38095.html * https://www.suse.com/security/cve/CVE-2025-38097.html * https://www.suse.com/security/cve/CVE-2025-38098.html * https://www.suse.com/security/cve/CVE-2025-38099.html * https://www.suse.com/security/cve/CVE-2025-38100.html * https://www.suse.com/security/cve/CVE-2025-38102.html * https://www.suse.com/security/cve/CVE-2025-38105.html * https://www.suse.com/security/cve/CVE-2025-38107.html * https://www.suse.com/security/cve/CVE-2025-38108.html * https://www.suse.com/security/cve/CVE-2025-38109.html * https://www.suse.com/security/cve/CVE-2025-38110.html * https://www.suse.com/security/cve/CVE-2025-38111.html * https://www.suse.com/security/cve/CVE-2025-38112.html * https://www.suse.com/security/cve/CVE-2025-38113.html * https://www.suse.com/security/cve/CVE-2025-38115.html * https://www.suse.com/security/cve/CVE-2025-38117.html * https://www.suse.com/security/cve/CVE-2025-38118.html * https://www.suse.com/security/cve/CVE-2025-38120.html * https://www.suse.com/security/cve/CVE-2025-38122.html * https://www.suse.com/security/cve/CVE-2025-38123.html * https://www.suse.com/security/cve/CVE-2025-38124.html * https://www.suse.com/security/cve/CVE-2025-38126.html * https://www.suse.com/security/cve/CVE-2025-38127.html * https://www.suse.com/security/cve/CVE-2025-38129.html * https://www.suse.com/security/cve/CVE-2025-38131.html * https://www.suse.com/security/cve/CVE-2025-38132.html * https://www.suse.com/security/cve/CVE-2025-38135.html * https://www.suse.com/security/cve/CVE-2025-38136.html * https://www.suse.com/security/cve/CVE-2025-38138.html * https://www.suse.com/security/cve/CVE-2025-38142.html * https://www.suse.com/security/cve/CVE-2025-38143.html * https://www.suse.com/security/cve/CVE-2025-38145.html * https://www.suse.com/security/cve/CVE-2025-38147.html * https://www.suse.com/security/cve/CVE-2025-38148.html * https://www.suse.com/security/cve/CVE-2025-38149.html * https://www.suse.com/security/cve/CVE-2025-38151.html * https://www.suse.com/security/cve/CVE-2025-38153.html * https://www.suse.com/security/cve/CVE-2025-38154.html * https://www.suse.com/security/cve/CVE-2025-38155.html * https://www.suse.com/security/cve/CVE-2025-38157.html * https://www.suse.com/security/cve/CVE-2025-38158.html * https://www.suse.com/security/cve/CVE-2025-38159.html * https://www.suse.com/security/cve/CVE-2025-38161.html * https://www.suse.com/security/cve/CVE-2025-38162.html * https://www.suse.com/security/cve/CVE-2025-38165.html * https://www.suse.com/security/cve/CVE-2025-38166.html * https://www.suse.com/security/cve/CVE-2025-38173.html * https://www.suse.com/security/cve/CVE-2025-38174.html * https://www.suse.com/security/cve/CVE-2025-38177.html * https://www.suse.com/security/cve/CVE-2025-38180.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38182.html * https://www.suse.com/security/cve/CVE-2025-38183.html * https://www.suse.com/security/cve/CVE-2025-38187.html * https://www.suse.com/security/cve/CVE-2025-38188.html * https://www.suse.com/security/cve/CVE-2025-38192.html * https://www.suse.com/security/cve/CVE-2025-38193.html * https://www.suse.com/security/cve/CVE-2025-38194.html * https://www.suse.com/security/cve/CVE-2025-38197.html * https://www.suse.com/security/cve/CVE-2025-38198.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38202.html * https://www.suse.com/security/cve/CVE-2025-38203.html * https://www.suse.com/security/cve/CVE-2025-38204.html * https://www.suse.com/security/cve/CVE-2025-38206.html * https://www.suse.com/security/cve/CVE-2025-38210.html * https://www.suse.com/security/cve/CVE-2025-38211.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38214.html * https://www.suse.com/security/cve/CVE-2025-38215.html * https://www.suse.com/security/cve/CVE-2025-38217.html * https://www.suse.com/security/cve/CVE-2025-38220.html * https://www.suse.com/security/cve/CVE-2025-38222.html * https://www.suse.com/security/cve/CVE-2025-38225.html * https://www.suse.com/security/cve/CVE-2025-38226.html * https://www.suse.com/security/cve/CVE-2025-38227.html * https://www.suse.com/security/cve/CVE-2025-38229.html * https://www.suse.com/security/cve/CVE-2025-38231.html * https://www.suse.com/security/cve/CVE-2025-38236.html * https://www.suse.com/security/cve/CVE-2025-38239.html * https://www.suse.com/security/cve/CVE-2025-38244.html * https://www.suse.com/security/cve/CVE-2025-38246.html * https://www.suse.com/security/cve/CVE-2025-38248.html * https://www.suse.com/security/cve/CVE-2025-38249.html * https://www.suse.com/security/cve/CVE-2025-38250.html * https://www.suse.com/security/cve/CVE-2025-38257.html * https://www.suse.com/security/cve/CVE-2025-38259.html * https://www.suse.com/security/cve/CVE-2025-38264.html * https://www.suse.com/security/cve/CVE-2025-38272.html * https://www.suse.com/security/cve/CVE-2025-38273.html * https://www.suse.com/security/cve/CVE-2025-38275.html * https://www.suse.com/security/cve/CVE-2025-38277.html * https://www.suse.com/security/cve/CVE-2025-38279.html * https://www.suse.com/security/cve/CVE-2025-38283.html * https://www.suse.com/security/cve/CVE-2025-38286.html * https://www.suse.com/security/cve/CVE-2025-38289.html * https://www.suse.com/security/cve/CVE-2025-38290.html * https://www.suse.com/security/cve/CVE-2025-38292.html * https://www.suse.com/security/cve/CVE-2025-38293.html * https://www.suse.com/security/cve/CVE-2025-38300.html * https://www.suse.com/security/cve/CVE-2025-38303.html * https://www.suse.com/security/cve/CVE-2025-38304.html * https://www.suse.com/security/cve/CVE-2025-38305.html * https://www.suse.com/security/cve/CVE-2025-38307.html * https://www.suse.com/security/cve/CVE-2025-38310.html * https://www.suse.com/security/cve/CVE-2025-38312.html * https://www.suse.com/security/cve/CVE-2025-38313.html * https://www.suse.com/security/cve/CVE-2025-38319.html * https://www.suse.com/security/cve/CVE-2025-38323.html * https://www.suse.com/security/cve/CVE-2025-38326.html * https://www.suse.com/security/cve/CVE-2025-38328.html * https://www.suse.com/security/cve/CVE-2025-38332.html * https://www.suse.com/security/cve/CVE-2025-38334.html * https://www.suse.com/security/cve/CVE-2025-38335.html * https://www.suse.com/security/cve/CVE-2025-38336.html * https://www.suse.com/security/cve/CVE-2025-38337.html * https://www.suse.com/security/cve/CVE-2025-38338.html * https://www.suse.com/security/cve/CVE-2025-38342.html * https://www.suse.com/security/cve/CVE-2025-38343.html * https://www.suse.com/security/cve/CVE-2025-38344.html * https://www.suse.com/security/cve/CVE-2025-38345.html * https://www.suse.com/security/cve/CVE-2025-38348.html * https://www.suse.com/security/cve/CVE-2025-38349.html * https://www.suse.com/security/cve/CVE-2025-38350.html * https://www.suse.com/security/cve/CVE-2025-38352.html * https://www.suse.com/security/cve/CVE-2025-38354.html * https://www.suse.com/security/cve/CVE-2025-38362.html * https://www.suse.com/security/cve/CVE-2025-38363.html * https://www.suse.com/security/cve/CVE-2025-38364.html * https://www.suse.com/security/cve/CVE-2025-38365.html * https://www.suse.com/security/cve/CVE-2025-38369.html * https://www.suse.com/security/cve/CVE-2025-38371.html * https://www.suse.com/security/cve/CVE-2025-38373.html * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-38376.html * https://www.suse.com/security/cve/CVE-2025-38377.html * https://www.suse.com/security/cve/CVE-2025-38380.html * https://www.suse.com/security/cve/CVE-2025-38382.html * https://www.suse.com/security/cve/CVE-2025-38384.html * https://www.suse.com/security/cve/CVE-2025-38385.html * https://www.suse.com/security/cve/CVE-2025-38386.html * https://www.suse.com/security/cve/CVE-2025-38387.html * https://www.suse.com/security/cve/CVE-2025-38389.html * https://www.suse.com/security/cve/CVE-2025-38391.html * https://www.suse.com/security/cve/CVE-2025-38392.html * https://www.suse.com/security/cve/CVE-2025-38393.html * https://www.suse.com/security/cve/CVE-2025-38395.html * https://www.suse.com/security/cve/CVE-2025-38396.html * https://www.suse.com/security/cve/CVE-2025-38399.html * https://www.suse.com/security/cve/CVE-2025-38400.html * https://www.suse.com/security/cve/CVE-2025-38401.html * https://www.suse.com/security/cve/CVE-2025-38403.html * https://www.suse.com/security/cve/CVE-2025-38404.html * https://www.suse.com/security/cve/CVE-2025-38406.html * https://www.suse.com/security/cve/CVE-2025-38409.html * https://www.suse.com/security/cve/CVE-2025-38410.html * https://www.suse.com/security/cve/CVE-2025-38412.html * https://www.suse.com/security/cve/CVE-2025-38414.html * https://www.suse.com/security/cve/CVE-2025-38415.html * https://www.suse.com/security/cve/CVE-2025-38416.html * https://www.suse.com/security/cve/CVE-2025-38420.html * https://www.suse.com/security/cve/CVE-2025-38424.html * https://www.suse.com/security/cve/CVE-2025-38425.html * https://www.suse.com/security/cve/CVE-2025-38426.html * https://www.suse.com/security/cve/CVE-2025-38428.html * https://www.suse.com/security/cve/CVE-2025-38429.html * https://www.suse.com/security/cve/CVE-2025-38430.html * https://www.suse.com/security/cve/CVE-2025-38436.html * https://www.suse.com/security/cve/CVE-2025-38443.html * https://www.suse.com/security/cve/CVE-2025-38448.html * https://www.suse.com/security/cve/CVE-2025-38449.html * https://www.suse.com/security/cve/CVE-2025-38455.html * https://www.suse.com/security/cve/CVE-2025-38457.html * https://www.suse.com/security/cve/CVE-2025-38460.html * https://www.suse.com/security/cve/CVE-2025-38461.html * https://www.suse.com/security/cve/CVE-2025-38462.html * https://www.suse.com/security/cve/CVE-2025-38463.html * https://www.suse.com/security/cve/CVE-2025-38465.html * https://www.suse.com/security/cve/CVE-2025-38467.html * https://www.suse.com/security/cve/CVE-2025-38468.html * https://www.suse.com/security/cve/CVE-2025-38470.html * https://www.suse.com/security/cve/CVE-2025-38471.html * https://www.suse.com/security/cve/CVE-2025-38473.html * https://www.suse.com/security/cve/CVE-2025-38474.html * https://www.suse.com/security/cve/CVE-2025-38476.html * https://www.suse.com/security/cve/CVE-2025-38477.html * https://www.suse.com/security/cve/CVE-2025-38478.html * https://www.suse.com/security/cve/CVE-2025-38480.html * https://www.suse.com/security/cve/CVE-2025-38481.html * https://www.suse.com/security/cve/CVE-2025-38482.html * https://www.suse.com/security/cve/CVE-2025-38483.html * https://www.suse.com/security/cve/CVE-2025-38485.html * https://www.suse.com/security/cve/CVE-2025-38487.html * https://www.suse.com/security/cve/CVE-2025-38489.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://www.suse.com/security/cve/CVE-2025-38496.html * https://www.suse.com/security/cve/CVE-2025-38497.html * https://www.suse.com/security/cve/CVE-2025-38498.html * https://bugzilla.suse.com/show_bug.cgi?id=1204142 * https://bugzilla.suse.com/show_bug.cgi?id=1219338 * https://bugzilla.suse.com/show_bug.cgi?id=1225707 * https://bugzilla.suse.com/show_bug.cgi?id=1230216 * https://bugzilla.suse.com/show_bug.cgi?id=1233300 * https://bugzilla.suse.com/show_bug.cgi?id=1235613 * https://bugzilla.suse.com/show_bug.cgi?id=1235837 * https://bugzilla.suse.com/show_bug.cgi?id=1236333 * https://bugzilla.suse.com/show_bug.cgi?id=1236897 * https://bugzilla.suse.com/show_bug.cgi?id=1238896 * https://bugzilla.suse.com/show_bug.cgi?id=1239061 * https://bugzilla.suse.com/show_bug.cgi?id=1240323 * https://bugzilla.suse.com/show_bug.cgi?id=1240885 * https://bugzilla.suse.com/show_bug.cgi?id=1240966 * https://bugzilla.suse.com/show_bug.cgi?id=1241166 * https://bugzilla.suse.com/show_bug.cgi?id=1241345 * https://bugzilla.suse.com/show_bug.cgi?id=1242086 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242837 * https://bugzilla.suse.com/show_bug.cgi?id=1242960 * https://bugzilla.suse.com/show_bug.cgi?id=1242965 * https://bugzilla.suse.com/show_bug.cgi?id=1242993 * https://bugzilla.suse.com/show_bug.cgi?id=1243068 * https://bugzilla.suse.com/show_bug.cgi?id=1243100 * https://bugzilla.suse.com/show_bug.cgi?id=1243479 * https://bugzilla.suse.com/show_bug.cgi?id=1243669 * https://bugzilla.suse.com/show_bug.cgi?id=1243806 * https://bugzilla.suse.com/show_bug.cgi?id=1244309 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1244457 * https://bugzilla.suse.com/show_bug.cgi?id=1244735 * https://bugzilla.suse.com/show_bug.cgi?id=1244749 * https://bugzilla.suse.com/show_bug.cgi?id=1244750 * https://bugzilla.suse.com/show_bug.cgi?id=1244792 * https://bugzilla.suse.com/show_bug.cgi?id=1244801 * https://bugzilla.suse.com/show_bug.cgi?id=1245151 * https://bugzilla.suse.com/show_bug.cgi?id=1245201 * https://bugzilla.suse.com/show_bug.cgi?id=1245202 * https://bugzilla.suse.com/show_bug.cgi?id=1245216 * https://bugzilla.suse.com/show_bug.cgi?id=1245260 * https://bugzilla.suse.com/show_bug.cgi?id=1245431 * https://bugzilla.suse.com/show_bug.cgi?id=1245440 * https://bugzilla.suse.com/show_bug.cgi?id=1245457 * https://bugzilla.suse.com/show_bug.cgi?id=1245498 * https://bugzilla.suse.com/show_bug.cgi?id=1245499 * https://bugzilla.suse.com/show_bug.cgi?id=1245504 * https://bugzilla.suse.com/show_bug.cgi?id=1245506 * https://bugzilla.suse.com/show_bug.cgi?id=1245508 * https://bugzilla.suse.com/show_bug.cgi?id=1245510 * https://bugzilla.suse.com/show_bug.cgi?id=1245540 * https://bugzilla.suse.com/show_bug.cgi?id=1245598 * https://bugzilla.suse.com/show_bug.cgi?id=1245599 * https://bugzilla.suse.com/show_bug.cgi?id=1245646 * https://bugzilla.suse.com/show_bug.cgi?id=1245647 * https://bugzilla.suse.com/show_bug.cgi?id=1245649 * https://bugzilla.suse.com/show_bug.cgi?id=1245650 * https://bugzilla.suse.com/show_bug.cgi?id=1245654 * https://bugzilla.suse.com/show_bug.cgi?id=1245658 * https://bugzilla.suse.com/show_bug.cgi?id=1245660 * https://bugzilla.suse.com/show_bug.cgi?id=1245665 * https://bugzilla.suse.com/show_bug.cgi?id=1245666 * https://bugzilla.suse.com/show_bug.cgi?id=1245668 * https://bugzilla.suse.com/show_bug.cgi?id=1245669 * https://bugzilla.suse.com/show_bug.cgi?id=1245670 * https://bugzilla.suse.com/show_bug.cgi?id=1245671 * https://bugzilla.suse.com/show_bug.cgi?id=1245675 * https://bugzilla.suse.com/show_bug.cgi?id=1245676 * https://bugzilla.suse.com/show_bug.cgi?id=1245677 * https://bugzilla.suse.com/show_bug.cgi?id=1245679 * https://bugzilla.suse.com/show_bug.cgi?id=1245682 * https://bugzilla.suse.com/show_bug.cgi?id=1245683 * https://bugzilla.suse.com/show_bug.cgi?id=1245684 * https://bugzilla.suse.com/show_bug.cgi?id=1245688 * https://bugzilla.suse.com/show_bug.cgi?id=1245689 * https://bugzilla.suse.com/show_bug.cgi?id=1245690 * https://bugzilla.suse.com/show_bug.cgi?id=1245691 * https://bugzilla.suse.com/show_bug.cgi?id=1245695 * https://bugzilla.suse.com/show_bug.cgi?id=1245705 * https://bugzilla.suse.com/show_bug.cgi?id=1245708 * https://bugzilla.suse.com/show_bug.cgi?id=1245711 * https://bugzilla.suse.com/show_bug.cgi?id=1245713 * https://bugzilla.suse.com/show_bug.cgi?id=1245714 * https://bugzilla.suse.com/show_bug.cgi?id=1245719 * https://bugzilla.suse.com/show_bug.cgi?id=1245723 * https://bugzilla.suse.com/show_bug.cgi?id=1245729 * https://bugzilla.suse.com/show_bug.cgi?id=1245730 * https://bugzilla.suse.com/show_bug.cgi?id=1245731 * https://bugzilla.suse.com/show_bug.cgi?id=1245735 * https://bugzilla.suse.com/show_bug.cgi?id=1245737 * https://bugzilla.suse.com/show_bug.cgi?id=1245744 * https://bugzilla.suse.com/show_bug.cgi?id=1245745 * https://bugzilla.suse.com/show_bug.cgi?id=1245746 * https://bugzilla.suse.com/show_bug.cgi?id=1245747 * https://bugzilla.suse.com/show_bug.cgi?id=1245748 * https://bugzilla.suse.com/show_bug.cgi?id=1245749 * https://bugzilla.suse.com/show_bug.cgi?id=1245750 * https://bugzilla.suse.com/show_bug.cgi?id=1245751 * https://bugzilla.suse.com/show_bug.cgi?id=1245752 * https://bugzilla.suse.com/show_bug.cgi?id=1245757 * https://bugzilla.suse.com/show_bug.cgi?id=1245758 * https://bugzilla.suse.com/show_bug.cgi?id=1245765 * https://bugzilla.suse.com/show_bug.cgi?id=1245768 * https://bugzilla.suse.com/show_bug.cgi?id=1245769 * https://bugzilla.suse.com/show_bug.cgi?id=1245777 * https://bugzilla.suse.com/show_bug.cgi?id=1245781 * https://bugzilla.suse.com/show_bug.cgi?id=1245789 * https://bugzilla.suse.com/show_bug.cgi?id=1245937 * https://bugzilla.suse.com/show_bug.cgi?id=1245945 * https://bugzilla.suse.com/show_bug.cgi?id=1245951 * https://bugzilla.suse.com/show_bug.cgi?id=1245952 * https://bugzilla.suse.com/show_bug.cgi?id=1245954 * https://bugzilla.suse.com/show_bug.cgi?id=1245957 * https://bugzilla.suse.com/show_bug.cgi?id=1245966 * https://bugzilla.suse.com/show_bug.cgi?id=1245970 * https://bugzilla.suse.com/show_bug.cgi?id=1245976 * https://bugzilla.suse.com/show_bug.cgi?id=1245980 * https://bugzilla.suse.com/show_bug.cgi?id=1245983 * https://bugzilla.suse.com/show_bug.cgi?id=1245986 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246002 * https://bugzilla.suse.com/show_bug.cgi?id=1246006 * https://bugzilla.suse.com/show_bug.cgi?id=1246008 * https://bugzilla.suse.com/show_bug.cgi?id=1246020 * https://bugzilla.suse.com/show_bug.cgi?id=1246023 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246031 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246041 * https://bugzilla.suse.com/show_bug.cgi?id=1246042 * https://bugzilla.suse.com/show_bug.cgi?id=1246044 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246047 * https://bugzilla.suse.com/show_bug.cgi?id=1246049 * https://bugzilla.suse.com/show_bug.cgi?id=1246050 * https://bugzilla.suse.com/show_bug.cgi?id=1246055 * https://bugzilla.suse.com/show_bug.cgi?id=1246073 * https://bugzilla.suse.com/show_bug.cgi?id=1246093 * https://bugzilla.suse.com/show_bug.cgi?id=1246098 * https://bugzilla.suse.com/show_bug.cgi?id=1246109 * https://bugzilla.suse.com/show_bug.cgi?id=1246122 * https://bugzilla.suse.com/show_bug.cgi?id=1246125 * https://bugzilla.suse.com/show_bug.cgi?id=1246171 * https://bugzilla.suse.com/show_bug.cgi?id=1246173 * https://bugzilla.suse.com/show_bug.cgi?id=1246178 * https://bugzilla.suse.com/show_bug.cgi?id=1246182 * https://bugzilla.suse.com/show_bug.cgi?id=1246183 * https://bugzilla.suse.com/show_bug.cgi?id=1246186 * https://bugzilla.suse.com/show_bug.cgi?id=1246195 * https://bugzilla.suse.com/show_bug.cgi?id=1246203 * https://bugzilla.suse.com/show_bug.cgi?id=1246212 * https://bugzilla.suse.com/show_bug.cgi?id=1246220 * https://bugzilla.suse.com/show_bug.cgi?id=1246236 * https://bugzilla.suse.com/show_bug.cgi?id=1246240 * https://bugzilla.suse.com/show_bug.cgi?id=1246243 * https://bugzilla.suse.com/show_bug.cgi?id=1246246 * https://bugzilla.suse.com/show_bug.cgi?id=1246249 * https://bugzilla.suse.com/show_bug.cgi?id=1246250 * https://bugzilla.suse.com/show_bug.cgi?id=1246253 * https://bugzilla.suse.com/show_bug.cgi?id=1246258 * https://bugzilla.suse.com/show_bug.cgi?id=1246262 * https://bugzilla.suse.com/show_bug.cgi?id=1246264 * https://bugzilla.suse.com/show_bug.cgi?id=1246266 * https://bugzilla.suse.com/show_bug.cgi?id=1246268 * https://bugzilla.suse.com/show_bug.cgi?id=1246273 * https://bugzilla.suse.com/show_bug.cgi?id=1246283 * https://bugzilla.suse.com/show_bug.cgi?id=1246287 * https://bugzilla.suse.com/show_bug.cgi?id=1246292 * https://bugzilla.suse.com/show_bug.cgi?id=1246293 * https://bugzilla.suse.com/show_bug.cgi?id=1246295 * https://bugzilla.suse.com/show_bug.cgi?id=1246334 * https://bugzilla.suse.com/show_bug.cgi?id=1246337 * https://bugzilla.suse.com/show_bug.cgi?id=1246342 * https://bugzilla.suse.com/show_bug.cgi?id=1246349 * https://bugzilla.suse.com/show_bug.cgi?id=1246354 * https://bugzilla.suse.com/show_bug.cgi?id=1246358 * https://bugzilla.suse.com/show_bug.cgi?id=1246361 * https://bugzilla.suse.com/show_bug.cgi?id=1246364 * https://bugzilla.suse.com/show_bug.cgi?id=1246370 * https://bugzilla.suse.com/show_bug.cgi?id=1246375 * https://bugzilla.suse.com/show_bug.cgi?id=1246384 * https://bugzilla.suse.com/show_bug.cgi?id=1246386 * https://bugzilla.suse.com/show_bug.cgi?id=1246387 * https://bugzilla.suse.com/show_bug.cgi?id=1246438 * https://bugzilla.suse.com/show_bug.cgi?id=1246453 * https://bugzilla.suse.com/show_bug.cgi?id=1246473 * https://bugzilla.suse.com/show_bug.cgi?id=1246490 * https://bugzilla.suse.com/show_bug.cgi?id=1246506 * https://bugzilla.suse.com/show_bug.cgi?id=1246547 * https://bugzilla.suse.com/show_bug.cgi?id=1246777 * https://bugzilla.suse.com/show_bug.cgi?id=1246781 * https://bugzilla.suse.com/show_bug.cgi?id=1246870 * https://bugzilla.suse.com/show_bug.cgi?id=1246879 * https://bugzilla.suse.com/show_bug.cgi?id=1246911 * https://bugzilla.suse.com/show_bug.cgi?id=1247018 * https://bugzilla.suse.com/show_bug.cgi?id=1247023 * https://bugzilla.suse.com/show_bug.cgi?id=1247028 * https://bugzilla.suse.com/show_bug.cgi?id=1247031 * https://bugzilla.suse.com/show_bug.cgi?id=1247033 * https://bugzilla.suse.com/show_bug.cgi?id=1247035 * https://bugzilla.suse.com/show_bug.cgi?id=1247061 * https://bugzilla.suse.com/show_bug.cgi?id=1247089 * https://bugzilla.suse.com/show_bug.cgi?id=1247091 * https://bugzilla.suse.com/show_bug.cgi?id=1247097 * https://bugzilla.suse.com/show_bug.cgi?id=1247098 * https://bugzilla.suse.com/show_bug.cgi?id=1247101 * https://bugzilla.suse.com/show_bug.cgi?id=1247103 * https://bugzilla.suse.com/show_bug.cgi?id=1247104 * https://bugzilla.suse.com/show_bug.cgi?id=1247113 * https://bugzilla.suse.com/show_bug.cgi?id=1247118 * https://bugzilla.suse.com/show_bug.cgi?id=1247123 * https://bugzilla.suse.com/show_bug.cgi?id=1247125 * https://bugzilla.suse.com/show_bug.cgi?id=1247128 * https://bugzilla.suse.com/show_bug.cgi?id=1247132 * https://bugzilla.suse.com/show_bug.cgi?id=1247138 * https://bugzilla.suse.com/show_bug.cgi?id=1247141 * https://bugzilla.suse.com/show_bug.cgi?id=1247143 * https://bugzilla.suse.com/show_bug.cgi?id=1247145 * https://bugzilla.suse.com/show_bug.cgi?id=1247146 * https://bugzilla.suse.com/show_bug.cgi?id=1247147 * https://bugzilla.suse.com/show_bug.cgi?id=1247149 * https://bugzilla.suse.com/show_bug.cgi?id=1247150 * https://bugzilla.suse.com/show_bug.cgi?id=1247151 * https://bugzilla.suse.com/show_bug.cgi?id=1247153 * https://bugzilla.suse.com/show_bug.cgi?id=1247154 * https://bugzilla.suse.com/show_bug.cgi?id=1247156 * https://bugzilla.suse.com/show_bug.cgi?id=1247160 * https://bugzilla.suse.com/show_bug.cgi?id=1247164 * https://bugzilla.suse.com/show_bug.cgi?id=1247169 * https://bugzilla.suse.com/show_bug.cgi?id=1247170 * https://bugzilla.suse.com/show_bug.cgi?id=1247171 * https://bugzilla.suse.com/show_bug.cgi?id=1247172 * https://bugzilla.suse.com/show_bug.cgi?id=1247174 * https://bugzilla.suse.com/show_bug.cgi?id=1247176 * https://bugzilla.suse.com/show_bug.cgi?id=1247177 * https://bugzilla.suse.com/show_bug.cgi?id=1247178 * https://bugzilla.suse.com/show_bug.cgi?id=1247181 * https://bugzilla.suse.com/show_bug.cgi?id=1247209 * https://bugzilla.suse.com/show_bug.cgi?id=1247210 * https://bugzilla.suse.com/show_bug.cgi?id=1247227 * https://bugzilla.suse.com/show_bug.cgi?id=1247233 * https://bugzilla.suse.com/show_bug.cgi?id=1247236 * https://bugzilla.suse.com/show_bug.cgi?id=1247238 * https://bugzilla.suse.com/show_bug.cgi?id=1247241 * https://bugzilla.suse.com/show_bug.cgi?id=1247251 * https://bugzilla.suse.com/show_bug.cgi?id=1247252 * https://bugzilla.suse.com/show_bug.cgi?id=1247253 * https://bugzilla.suse.com/show_bug.cgi?id=1247255 * https://bugzilla.suse.com/show_bug.cgi?id=1247271 * https://bugzilla.suse.com/show_bug.cgi?id=1247273 * https://bugzilla.suse.com/show_bug.cgi?id=1247274 * https://bugzilla.suse.com/show_bug.cgi?id=1247276 * https://bugzilla.suse.com/show_bug.cgi?id=1247277 * https://bugzilla.suse.com/show_bug.cgi?id=1247278 * https://bugzilla.suse.com/show_bug.cgi?id=1247279 * https://bugzilla.suse.com/show_bug.cgi?id=1247284 * https://bugzilla.suse.com/show_bug.cgi?id=1247285 * https://bugzilla.suse.com/show_bug.cgi?id=1247288 * https://bugzilla.suse.com/show_bug.cgi?id=1247289 * https://bugzilla.suse.com/show_bug.cgi?id=1247293 * https://bugzilla.suse.com/show_bug.cgi?id=1247311 * https://bugzilla.suse.com/show_bug.cgi?id=1247314 * https://bugzilla.suse.com/show_bug.cgi?id=1247317 * https://bugzilla.suse.com/show_bug.cgi?id=1247347 * https://bugzilla.suse.com/show_bug.cgi?id=1247348 * https://bugzilla.suse.com/show_bug.cgi?id=1247349 * https://bugzilla.suse.com/show_bug.cgi?id=1247374 * https://bugzilla.suse.com/show_bug.cgi?id=1247437 * https://bugzilla.suse.com/show_bug.cgi?id=1247450 * https://jira.suse.com/browse/PED-13238 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:39:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:39:09 -0000 Subject: SUSE-SU-2025:20601-1: important: Security update for the Linux Kernel Message-ID: <175649994916.10939.9886081625543626342@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:20601-1 Release Date: 2025-08-25T13:29:45Z Rating: important References: * bsc#1204142 * bsc#1219338 * bsc#1225707 * bsc#1230216 * bsc#1233300 * bsc#1235613 * bsc#1235837 * bsc#1236333 * bsc#1236897 * bsc#1238896 * bsc#1239061 * bsc#1240323 * bsc#1240885 * bsc#1240966 * bsc#1241166 * bsc#1241345 * bsc#1242086 * bsc#1242414 * bsc#1242837 * bsc#1242960 * bsc#1242965 * bsc#1242993 * bsc#1243068 * bsc#1243100 * bsc#1243479 * bsc#1243669 * bsc#1243806 * bsc#1244309 * bsc#1244457 * bsc#1244735 * bsc#1244749 * bsc#1244750 * bsc#1244792 * bsc#1244801 * bsc#1245151 * bsc#1245201 * bsc#1245202 * bsc#1245216 * bsc#1245260 * bsc#1245431 * bsc#1245440 * bsc#1245457 * bsc#1245498 * bsc#1245499 * bsc#1245504 * bsc#1245506 * bsc#1245508 * bsc#1245510 * bsc#1245540 * bsc#1245598 * bsc#1245599 * bsc#1245646 * bsc#1245647 * bsc#1245649 * bsc#1245650 * bsc#1245654 * bsc#1245658 * bsc#1245660 * bsc#1245665 * bsc#1245666 * bsc#1245668 * bsc#1245669 * bsc#1245670 * bsc#1245671 * bsc#1245675 * bsc#1245676 * bsc#1245677 * bsc#1245679 * bsc#1245682 * bsc#1245683 * bsc#1245684 * bsc#1245688 * bsc#1245689 * bsc#1245690 * bsc#1245691 * bsc#1245695 * bsc#1245705 * bsc#1245708 * bsc#1245711 * bsc#1245713 * bsc#1245714 * bsc#1245719 * bsc#1245723 * bsc#1245729 * bsc#1245730 * bsc#1245731 * bsc#1245735 * bsc#1245737 * bsc#1245744 * bsc#1245745 * bsc#1245746 * bsc#1245747 * bsc#1245748 * bsc#1245749 * bsc#1245750 * bsc#1245751 * bsc#1245752 * bsc#1245757 * bsc#1245758 * bsc#1245765 * bsc#1245768 * bsc#1245769 * bsc#1245777 * bsc#1245781 * bsc#1245789 * bsc#1245937 * bsc#1245945 * bsc#1245951 * bsc#1245952 * bsc#1245954 * bsc#1245957 * bsc#1245966 * bsc#1245970 * bsc#1245976 * bsc#1245980 * bsc#1245983 * bsc#1245986 * bsc#1246000 * bsc#1246002 * bsc#1246006 * bsc#1246008 * bsc#1246020 * bsc#1246023 * bsc#1246029 * bsc#1246031 * bsc#1246037 * bsc#1246041 * bsc#1246042 * bsc#1246044 * bsc#1246045 * bsc#1246047 * bsc#1246049 * bsc#1246050 * bsc#1246055 * bsc#1246073 * bsc#1246093 * bsc#1246098 * bsc#1246109 * bsc#1246122 * bsc#1246125 * bsc#1246171 * bsc#1246173 * bsc#1246178 * bsc#1246182 * bsc#1246183 * bsc#1246186 * bsc#1246195 * bsc#1246203 * bsc#1246212 * bsc#1246220 * bsc#1246236 * bsc#1246240 * bsc#1246243 * bsc#1246246 * bsc#1246249 * bsc#1246250 * bsc#1246253 * bsc#1246258 * bsc#1246262 * bsc#1246264 * bsc#1246266 * bsc#1246268 * bsc#1246273 * bsc#1246283 * bsc#1246287 * bsc#1246292 * bsc#1246293 * bsc#1246295 * bsc#1246334 * bsc#1246337 * bsc#1246342 * bsc#1246349 * bsc#1246354 * bsc#1246358 * bsc#1246361 * bsc#1246364 * bsc#1246370 * bsc#1246375 * bsc#1246384 * bsc#1246386 * bsc#1246387 * bsc#1246438 * bsc#1246453 * bsc#1246473 * bsc#1246490 * bsc#1246506 * bsc#1246547 * bsc#1246777 * bsc#1246781 * bsc#1246870 * bsc#1246879 * bsc#1246911 * bsc#1247018 * bsc#1247023 * bsc#1247028 * bsc#1247031 * bsc#1247033 * bsc#1247035 * bsc#1247061 * bsc#1247089 * bsc#1247091 * bsc#1247097 * bsc#1247098 * bsc#1247101 * bsc#1247103 * bsc#1247104 * bsc#1247113 * bsc#1247118 * bsc#1247123 * bsc#1247125 * bsc#1247128 * bsc#1247132 * bsc#1247138 * bsc#1247141 * bsc#1247143 * bsc#1247145 * bsc#1247146 * bsc#1247147 * bsc#1247149 * bsc#1247150 * bsc#1247151 * bsc#1247153 * bsc#1247154 * bsc#1247156 * bsc#1247160 * bsc#1247164 * bsc#1247169 * bsc#1247170 * bsc#1247171 * bsc#1247172 * bsc#1247174 * bsc#1247176 * bsc#1247177 * bsc#1247178 * bsc#1247181 * bsc#1247209 * bsc#1247210 * bsc#1247227 * bsc#1247233 * bsc#1247236 * bsc#1247238 * bsc#1247241 * bsc#1247251 * bsc#1247252 * bsc#1247253 * bsc#1247255 * bsc#1247271 * bsc#1247273 * bsc#1247274 * bsc#1247276 * bsc#1247277 * bsc#1247278 * bsc#1247279 * bsc#1247284 * bsc#1247285 * bsc#1247288 * bsc#1247289 * bsc#1247293 * bsc#1247311 * bsc#1247314 * bsc#1247317 * bsc#1247347 * bsc#1247348 * bsc#1247349 * bsc#1247374 * bsc#1247437 * bsc#1247450 * jsc#PED-13238 Cross-References: * CVE-2019-11135 * CVE-2024-36028 * CVE-2024-36348 * CVE-2024-36349 * CVE-2024-36350 * CVE-2024-36357 * CVE-2024-44963 * CVE-2024-56742 * CVE-2024-57947 * CVE-2025-21839 * CVE-2025-21872 * CVE-2025-23163 * CVE-2025-37798 * CVE-2025-37856 * CVE-2025-37864 * CVE-2025-37885 * CVE-2025-37920 * CVE-2025-37984 * CVE-2025-38034 * CVE-2025-38035 * CVE-2025-38051 * CVE-2025-38052 * CVE-2025-38058 * CVE-2025-38061 * CVE-2025-38062 * CVE-2025-38063 * CVE-2025-38064 * CVE-2025-38074 * CVE-2025-38084 * CVE-2025-38085 * CVE-2025-38087 * CVE-2025-38088 * CVE-2025-38089 * CVE-2025-38090 * CVE-2025-38094 * CVE-2025-38095 * CVE-2025-38097 * CVE-2025-38098 * CVE-2025-38099 * CVE-2025-38100 * CVE-2025-38102 * CVE-2025-38105 * CVE-2025-38107 * CVE-2025-38108 * CVE-2025-38109 * CVE-2025-38110 * CVE-2025-38111 * CVE-2025-38112 * CVE-2025-38113 * CVE-2025-38115 * CVE-2025-38117 * CVE-2025-38118 * CVE-2025-38120 * CVE-2025-38122 * CVE-2025-38123 * CVE-2025-38124 * CVE-2025-38126 * CVE-2025-38127 * CVE-2025-38129 * CVE-2025-38131 * CVE-2025-38132 * CVE-2025-38135 * CVE-2025-38136 * CVE-2025-38138 * CVE-2025-38142 * CVE-2025-38143 * CVE-2025-38145 * CVE-2025-38147 * CVE-2025-38148 * CVE-2025-38149 * CVE-2025-38151 * CVE-2025-38153 * CVE-2025-38154 * CVE-2025-38155 * CVE-2025-38157 * CVE-2025-38158 * CVE-2025-38159 * CVE-2025-38161 * CVE-2025-38162 * CVE-2025-38165 * CVE-2025-38166 * CVE-2025-38173 * CVE-2025-38174 * CVE-2025-38177 * CVE-2025-38180 * CVE-2025-38181 * CVE-2025-38182 * CVE-2025-38183 * CVE-2025-38187 * CVE-2025-38188 * CVE-2025-38192 * CVE-2025-38193 * CVE-2025-38194 * CVE-2025-38197 * CVE-2025-38198 * CVE-2025-38200 * CVE-2025-38202 * CVE-2025-38203 * CVE-2025-38204 * CVE-2025-38206 * CVE-2025-38210 * CVE-2025-38211 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38214 * CVE-2025-38215 * CVE-2025-38217 * CVE-2025-38220 * CVE-2025-38222 * CVE-2025-38225 * CVE-2025-38226 * CVE-2025-38227 * CVE-2025-38229 * CVE-2025-38231 * CVE-2025-38236 * CVE-2025-38239 * CVE-2025-38244 * CVE-2025-38246 * CVE-2025-38248 * CVE-2025-38249 * CVE-2025-38250 * CVE-2025-38257 * CVE-2025-38259 * CVE-2025-38264 * CVE-2025-38272 * CVE-2025-38273 * CVE-2025-38275 * CVE-2025-38277 * CVE-2025-38279 * CVE-2025-38283 * CVE-2025-38286 * CVE-2025-38289 * CVE-2025-38290 * CVE-2025-38292 * CVE-2025-38293 * CVE-2025-38300 * CVE-2025-38303 * CVE-2025-38304 * CVE-2025-38305 * CVE-2025-38307 * CVE-2025-38310 * CVE-2025-38312 * CVE-2025-38313 * CVE-2025-38319 * CVE-2025-38323 * CVE-2025-38326 * CVE-2025-38328 * CVE-2025-38332 * CVE-2025-38334 * CVE-2025-38335 * CVE-2025-38336 * CVE-2025-38337 * CVE-2025-38338 * CVE-2025-38342 * CVE-2025-38343 * CVE-2025-38344 * CVE-2025-38345 * CVE-2025-38348 * CVE-2025-38349 * CVE-2025-38350 * CVE-2025-38352 * CVE-2025-38354 * CVE-2025-38362 * CVE-2025-38363 * CVE-2025-38364 * CVE-2025-38365 * CVE-2025-38369 * CVE-2025-38371 * CVE-2025-38373 * CVE-2025-38375 * CVE-2025-38376 * CVE-2025-38377 * CVE-2025-38380 * CVE-2025-38382 * CVE-2025-38384 * CVE-2025-38385 * CVE-2025-38386 * CVE-2025-38387 * CVE-2025-38389 * CVE-2025-38391 * CVE-2025-38392 * CVE-2025-38393 * CVE-2025-38395 * CVE-2025-38396 * CVE-2025-38399 * CVE-2025-38400 * CVE-2025-38401 * CVE-2025-38403 * CVE-2025-38404 * CVE-2025-38406 * CVE-2025-38409 * CVE-2025-38410 * CVE-2025-38412 * CVE-2025-38414 * CVE-2025-38415 * CVE-2025-38416 * CVE-2025-38420 * CVE-2025-38424 * CVE-2025-38425 * CVE-2025-38426 * CVE-2025-38428 * CVE-2025-38429 * CVE-2025-38430 * CVE-2025-38436 * CVE-2025-38443 * CVE-2025-38448 * CVE-2025-38449 * CVE-2025-38455 * CVE-2025-38457 * CVE-2025-38460 * CVE-2025-38461 * CVE-2025-38462 * CVE-2025-38463 * CVE-2025-38465 * CVE-2025-38467 * CVE-2025-38468 * CVE-2025-38470 * CVE-2025-38471 * CVE-2025-38473 * CVE-2025-38474 * CVE-2025-38476 * CVE-2025-38477 * CVE-2025-38478 * CVE-2025-38480 * CVE-2025-38481 * CVE-2025-38482 * CVE-2025-38483 * CVE-2025-38485 * CVE-2025-38487 * CVE-2025-38489 * CVE-2025-38494 * CVE-2025-38495 * CVE-2025-38496 * CVE-2025-38497 * CVE-2025-38498 CVSS scores: * CVE-2019-11135 ( SUSE ): 6.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2019-11135 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36348 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36349 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-36350 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36357 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-44963 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-44963 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56742 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56742 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-57947 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57947 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21872 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23163 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23163 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37856 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37856 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37864 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37920 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37920 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-37984 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-37984 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38034 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38034 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38035 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38035 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38051 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38052 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38058 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38058 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38061 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38062 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38062 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38063 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38063 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38064 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38064 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38074 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38084 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38084 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38085 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38085 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38087 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38088 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38088 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38089 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38089 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38090 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38090 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38095 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38097 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38097 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38098 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38098 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38099 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38099 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38100 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38102 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38102 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38105 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38105 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38107 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38107 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38108 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38108 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38109 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38109 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38110 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38110 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38111 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38111 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38112 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38112 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38113 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38115 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38115 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38117 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38117 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38118 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38120 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-38120 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-38122 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38123 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38124 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38126 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38126 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38127 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38127 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38129 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38129 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38131 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38131 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38132 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38132 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38135 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38136 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38138 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38142 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38142 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38143 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38143 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38145 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38145 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38147 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38148 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38149 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38149 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38151 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38151 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38153 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38153 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38154 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38154 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38155 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38155 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38157 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38157 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38158 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38158 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38159 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38159 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38161 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38162 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38165 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38166 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38166 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38173 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38173 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38174 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38174 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38180 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38180 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38182 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38183 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38183 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38187 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38187 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38188 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38192 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38192 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38193 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38193 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38194 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38197 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38197 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38198 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38203 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38203 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38204 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38204 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38206 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38206 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38211 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38211 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38214 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38214 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38215 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38217 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38217 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38220 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38220 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38222 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-38222 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2025-38225 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38226 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38226 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38227 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38227 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38229 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38229 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-38231 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38231 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38236 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38236 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38239 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38239 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38244 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38244 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38246 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38248 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38248 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38249 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38249 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38250 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38250 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38257 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38259 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38259 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38264 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38272 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38273 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38273 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38275 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38277 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38277 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38279 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38279 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38283 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38283 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38286 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38286 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38289 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38289 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38290 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38290 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38292 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38292 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38293 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38293 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38300 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38300 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38303 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38303 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38304 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38305 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38307 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38310 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38310 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38312 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38313 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38319 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38323 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38323 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38326 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38326 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38328 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38332 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38334 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38334 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38335 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38335 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38336 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38337 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38338 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38338 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38342 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-38344 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38344 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38345 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38345 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38348 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38349 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38349 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38350 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38350 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38352 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38352 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38354 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38354 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38362 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38363 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38363 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38364 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38364 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38365 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38365 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38369 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38369 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38371 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38371 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38373 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38373 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38375 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38376 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38376 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38377 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38377 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38380 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38380 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38382 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38382 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38384 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38384 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38385 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38385 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38386 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38386 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38387 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38387 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38389 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38389 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38391 ( SUSE ): 5.2 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38391 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38392 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38392 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38393 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38393 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38395 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38395 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38396 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38396 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38399 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38399 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38400 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38400 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38401 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38401 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38403 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38403 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38404 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38404 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38406 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38406 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38409 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38409 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38410 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38410 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38412 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38412 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38414 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38414 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38415 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38415 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38416 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38416 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38420 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38420 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38424 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38425 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38425 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38426 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38426 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38428 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38428 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38429 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38429 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38430 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38430 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38436 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38436 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38443 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38443 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38448 ( SUSE ): 4.1 CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38448 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38449 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38449 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38455 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38455 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38457 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38457 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38460 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38460 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38461 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38461 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38462 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38462 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38463 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38463 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38465 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38465 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38467 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38467 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38470 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38471 ( SUSE ): 8.4 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38471 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2025-38473 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38473 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38474 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38474 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38476 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38476 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38477 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38477 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38478 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38478 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38480 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38480 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38481 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38481 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38482 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38482 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38483 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38483 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-38485 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38485 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38487 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38487 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38489 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38489 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38496 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38496 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38497 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38497 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38498 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38498 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves 235 vulnerabilities, contains one feature and has 32 fixes can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may * CVE-2024-36028: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() (bsc#1225707). * CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357: x86/process: Move the buffer clearing before MONITOR (bsc#1238896). * CVE-2024-44963: btrfs: do not BUG_ON() when freeing tree block after error (bsc#1230216). * CVE-2024-56742: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() (bsc#1235613). * CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061). * CVE-2025-21872: efi/mokvar-table: Avoid repeated map/unmap of the same page (bsc#1240323). * CVE-2025-23163: net: vlan: do not propagate flags on open (bsc#1242837). * CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068). * CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965). * CVE-2025-37885: KVM: x86: Reset IRTE to host control if _new_ route isn't postable (bsc#1242960). * CVE-2025-37920: kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (bsc#1243479). * CVE-2025-37984: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (bsc#1243669). * CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792). * CVE-2025-38035: nvmet-tcp: do not restore null sk_state_change (bsc#1244801). * CVE-2025-38051: smb: client: Fix use-after-free in cifs_fill_dirent (bsc#1244750). * CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151). * CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() (bsc#1245440). * CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216). * CVE-2025-38063: dm: fix unconditional IO throttle caused by REQ_PREFLUSH (bsc#1245202). * CVE-2025-38064: virtio: break and reset virtio devices on device_shutdown() (bsc#1245201). * CVE-2025-38074: vhost-scsi: protect vq->log_used with vq->mutex (bsc#1244735). * CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macb_halt_tx (bsc#1245649). * CVE-2025-38097: kabi: restore encap_sk in struct xfrm_state (bsc#1245660). * CVE-2025-38098: drm/amd/display: Do not treat wb connector as physical in (bsc#1245654). * CVE-2025-38099: Bluetooth: btusb: Fix regression in the initialization of fake Bluetooth controllers (bsc#1245671). * CVE-2025-38100: x86/iopl: Cure TIF_IO_BITMAP inconsistencies (bsc#1245650). * CVE-2025-38105: ALSA: usb-audio: Kill timer properly at removal (bsc#1245682). * CVE-2025-38115: net_sched: sch_sfq: fix a potential crash on gso_skb handling (bsc#1245689). * CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695). * CVE-2025-38126: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (bsc#1245708). * CVE-2025-38131: coresight: prevent deactivate active config while enabling the config (bsc#1245677). * CVE-2025-38132: coresight: holding cscfg_csdev_lock while removing cscfg from csdev (bsc#1245679). * CVE-2025-38147: calipso: unlock rcu before returning -EAFNOSUPPORT (bsc#1245768). * CVE-2025-38158: hisi_acc_vfio_pci: fix XQE dma address error (bsc#1245750). * CVE-2025-38162: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (bsc#1245752). * CVE-2025-38166: bpf: fix ktls panic with sockmap (bsc#1245758). * CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970). * CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937). * CVE-2025-38183: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (bsc#1246006). * CVE-2025-38187: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951). * CVE-2025-38188: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (bsc#1246098). * CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045). * CVE-2025-38202: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980). * CVE-2025-38203: jfs: Fix null-ptr-deref in jfs_ioc_trim (bsc#1246044). * CVE-2025-38204: jfs: fix array-index-out-of-bounds read in add_missing_indices (bsc#1245983). * CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073). * CVE-2025-38210: configfs-tsm-report: Fix NULL dereference of tsm_ops (bsc#1246020). * CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029). * CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966). * CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976). * CVE-2025-38236: af_unix: Disable MSG_OOB for unprivileged users (bsc#1246093). * CVE-2025-38239: scsi: megaraid_sas: Fix invalid node index (bsc#1246178). * CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183). * CVE-2025-38248: bridge: mcast: Fix use-after-free during router port configuration (bsc#1246173). * CVE-2025-38250: kABI workaround for bluetooth hci_dev changes (bsc#1246182). * CVE-2025-38264: llist: add interface to check if a node is on a list (bsc#1246387). * CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268). * CVE-2025-38279: selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264). * CVE-2025-38283: hisi_acc_vfio_pci: bugfix live migration function without VF device driver (bsc#1246273). * CVE-2025-38303: Bluetooth: eir: Fix possible crashes on eir_create_adv_data (bsc#1246354). * CVE-2025-38310: seg6: Fix validation of nexthop addresses (bsc#1246361). * CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473). * CVE-2025-38334: x86/sgx: Prevent attempts to reclaim poisoned pages (bsc#1246384). * CVE-2025-38335: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (bsc#1246250). * CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253). * CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777). * CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781). * CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911). * CVE-2025-38364: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (bsc#1247091). * CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023). * CVE-2025-38371: drm/v3d: Disable interrupts before resetting the GPU (bsc#1247178). * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177). * CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031). * CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169). * CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156). * CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (bsc#1247097). * CVE-2025-38403: vsock/vmci: Clear the vmci transport packet properly when initializing it (bsc#1247141). * CVE-2025-38414: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (bsc#1247145). * CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252). * CVE-2025-38429: bus: mhi: ep: Update read pointer only after buffer is written (bsc#1247253). * CVE-2025-38455: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (bsc#1247101). * CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098). * CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143). * CVE-2025-38461: vsock: Fix transport_* TOCTOU (bsc#1247103). * CVE-2025-38462: vsock: Fix transport_{g2h,h2g} TOCTOU (bsc#1247104). * CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113). * CVE-2025-38465: netlink: make sure we allow at least one dump skb (bsc#1247118). * CVE-2025-38470: kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (bsc#1247288). * CVE-2025-38471: tls: always refresh the queue when reading sock (bsc#1247450). * CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). * CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374). The following non-security bugs were fixed: * ACPI: LPSS: Remove AudioDSP related ID (git-fixes). * ACPI: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122). * ACPI: processor: perflib: Fix initial _PPC limit application (git-fixes). * ACPICA: Refuse to evaluate a method if arguments are missing (stable-fixes). * ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes). * ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable- fixes). * ALSA: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable- fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes). * ALSA: hda/tegra: Add Tegra264 support (stable-fixes). * ALSA: hda: Add missing NVIDIA HDA codec IDs (stable-fixes). * ALSA: hda: Add new pci id for AMD GPU display HD audio controller (stable- fixes). * ALSA: hda: Ignore unsol events for cards being shut down (stable-fixes). * ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git- fixes). * ALSA: sb: Do not allow changing the DMA mode during operations (stable- fixes). * ALSA: sb: Force to disable DMAs once when DMA mode is changed (stable- fixes). * ASoC: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes). * ASoC: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes). * ASoC: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable- fixes). * ASoC: amd: yc: update quirk data for HP Victus (stable-fixes). * ASoC: codec: wcd9335: Convert to GPIO descriptors (stable-fixes). * ASoC: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes). * ASoC: codecs: wcd9335: Handle nicer probe deferral and simplify with dev_err_probe() (stable-fixes). * ASoC: cs35l56: probe() should fail if the device ID is not recognized (git- fixes). * ASoC: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git- fixes). * ASoC: fsl_xcvr: get channel status data when PHY is not exists (git-fixes). * ASoC: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes). * ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git- fixes). * Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes). * Bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes). * Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes). * Bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT (git-fixes). * Bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes). * Bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes). * Bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes). * Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes). * Bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes). * Bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes). * Bluetooth: hci_conn: Fix sending BT_HCI_CMD_LE_CREATE_CONN_CANCEL (git- fixes). * Bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git- fixes). * Bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes). * Bluetooth: hci_sync: Attempt to dequeue connection attempt (git-fixes). * Bluetooth: hci_sync: Fix UAF on create_le_conn_complete (git-fixes). * Bluetooth: hci_sync: Fix handling of HCI_OP_CREATE_CONN_CANCEL (git-fixes). * Bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes). * Bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes). * Bluetooth: hci_sync: revert some mesh modifications (git-fixes). * Correctly put RDMA kabi patch into patches.kabi instead of patches.suse * Docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes). * Documentation: ACPI: Fix parent device references (git-fixes). * Documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes). * Fix dma_unmap_sg() nents value (git-fixes) * HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes). * HID: core: do not bypass hid_hw_raw_request (stable-fixes). * HID: core: ensure __hid_request reserves the report ID as the first byte (git-fixes). * HID: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes). * HID: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable- fixes). * HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable- fixes). * IB/mlx5: Fix potential deadlock in MR deregistration (git-fixes) * Input: iqs7222 - explicitly define number of external channels (git-fixes). * Input: xpad - adjust error handling for disconnect (git-fixes). * Input: xpad - set correct controller type for Acer NGR200 (git-fixes). * Input: xpad - support Acer NGR 200 Controller (stable-fixes). * Logitech C-270 even more broken (stable-fixes). * Move upstreamed SCSI and ACPI patches into sorted section * NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes). * NFS: Fix the setting of capabilities when automounting a new filesystem (git-fixes). * NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git- fixes). * NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes). * NFSD: detect mismatch of file handle and delegation stateid in OPEN op (git- fixes). * NFSv4.2: another fix for listxattr (git-fixes). * NFSv4.2: fix listxattr to return selinux security label (git-fixes). * NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes). * NFSv4: Always set NLINK even if the server does not support it (git-fixes). * NFSv4: xattr handlers should check for absent nfs filehandles (git-fixes). * PCI/MSI: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457). * PCI: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes). * PCI: endpoint: Fix configfs group list head handling (git-fixes). * PCI: endpoint: Fix configfs group removal on driver teardown (git-fixes). * PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes). * PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes). * PCI: hv: Allow dynamic MSI-X vector allocation (bsc#1245457). * PCI: rockchip-host: Fix "Unexpected Completion" log message (git-fixes). * PM / devfreq: Check governor before using governor->name (git-fixes). * RDMA/core: Rate limit GID cache warning messages (git-fixes) * RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes) * RDMA/hns: Drop GFP_NOWARN (git-fixes) * RDMA/hns: Fix -Wframe-larger-than issue (git-fixes) * RDMA/hns: Fix HW configurations not cleared in error flow (git-fixes) * RDMA/hns: Fix accessing uninitialized resources (git-fixes) * RDMA/hns: Fix double destruction of rsv_qp (git-fixes) * RDMA/hns: Get message length of ack_req from FW (git-fixes) * RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes) * RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes) * RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes) * RDMA/mlx5: Fix CC counters query for MPV (git-fixes) * RDMA/mlx5: Fix HW counters query for non-representor devices (git-fixes) * RDMA/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes) * RDMA/mlx5: Fix vport loopback for MPV device (git-fixes) * RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert (git-fixes) * RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes) * RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes) * RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes) * RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes) * RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git- fixes) * RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes) * Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes). * Revert "ACPI: battery: negate current when discharging" (stable-fixes). * Revert "cgroup_freezer: cgroup_freezing: Check if not frozen" (bsc#1219338). * Revert "drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1" (stable-fixes). * Revert "mmc: sdhci: Disable SD card clock before changing parameters" (git- fixes). * Revert "usb: xhci: Implement xhci_handshake_check_state() helper" (git- fixes). * Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" (stable-fixes). * SMB3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion (git-fixes). * USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes). * USB: serial: option: add Foxconn T99W640 (stable-fixes). * USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable- fixes). * [SMB3] send channel sequence number in SMB3 requests after reconnects (git- fixes). * af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes). * af_unix: Add a prompt to CONFIG_AF_UNIX_OOB (bsc#1246093). * amd/amdkfd: fix a kfd_process ref leak (stable-fixes). * aoe: clean device rq_list in aoedev_downdev() (git-fixes). * apple-mfi-fastcharge: protect first device name (git-fixes). * ata: pata_cs5536: fix build on 32-bit UML (stable-fixes). * audit,module: restore audit logging in load failure case (git-fixes). * bpf, sockmap: Fix sk_msg_reset_curr (git-fixes). * bpf/lpm_trie: Inline longest_prefix_match for fastpath (git-fixes). * bpf/selftests: Check errno when percpu map value size exceeds (git-fixes). * bpf: Add a possibly-zero-sized read test (git-fixes). * bpf: Avoid **hidden** attribute in static object (git-fixes). * bpf: Check percpu map value size first (git-fixes). * bpf: Disable some `attribute ignored' warnings in GCC (git-fixes). * bpf: Fix memory leak in bpf_core_apply (git-fixes). * bpf: Fix potential integer overflow in resolve_btfids (git-fixes). * bpf: Harden __bpf_kfunc tag against linker kfunc removal (git-fixes). * bpf: Make the pointer returned by iter next method valid (git-fixes). * bpf: Simplify checking size of helper accesses (git-fixes). * bpf: fix order of args in call to bpf_map_kvcalloc (git-fixes). * bpf: sockmap, updating the sg structure should also update curr (git-fixes). * bpftool: Fix missing pids during link show (git-fixes). * bpftool: Fix undefined behavior caused by shifting into the sign bit (git- fixes). * bpftool: Mount bpffs on provided dir instead of parent dir (git-fixes). * bpftool: Remove unnecessary source files from bootstrap version (git-fixes). * bpftool: Un-const bpf_func_info to fix it for llvm 17 and newer (git-fixes). * btrfs: do not ignore inode missing when replaying log tree (git-fixes). * btrfs: do not silently ignore unexpected extent type when replaying log (git-fixes). * btrfs: do not skip remaining extrefs if dir not found during log replay (git-fixes). * btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068) * btrfs: fix assertion when building free space tree (git-fixes). * btrfs: fix inode lookup error handling during log replay (git-fixes). * btrfs: fix invalid inode pointer dereferences during log replay (git-fixes). * btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes). * btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes). * btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes). * btrfs: fix ssd_spread overallocation (git-fixes). * btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068) * btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes). * btrfs: rename err to ret in btrfs_rmdir() (git-fixes). * btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes). * btrfs: return a btrfs_inode from read_one_inode() (git-fixes). * btrfs: tests: fix chunk map leak after failure to add it to the tree (git- fixes). * btrfs: update superblock's device bytes_used when dropping chunk (git- fixes). * btrfs: use NOFS context when getting inodes during logging and log replay (git-fixes). * btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes). * bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes). * bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes). * can: dev: can_restart(): move debug message and stats after successful restart (stable-fixes). * can: dev: can_restart(): reverse logic to remove need for goto (stable- fixes). * can: kvaser_pciefd: Store device channel index (git-fixes). * can: kvaser_usb: Assign netdev.dev_port based on device channel index (git- fixes). * can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes). * can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes). * can: peak_usb: fix USB FD devices potential malfunction (git-fixes). * cdc-acm: fix race between initial clearing halt and open (git-fixes). * cgroup,freezer: fix incomplete freezing when attaching tasks (bsc#1245789). * cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166). * cifs: reconnect helper should set reconnect for the right channel (git- fixes). * clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes). * clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes). * clk: sunxi-ng: v3s: Fix de clock definition (git-fixes). * clk: xilinx: vcu: unregister pll_post only if registered correctly (git- fixes). * clocksource: Scale the watchdog read retries automatically (bsc#1241345 bsc#1244457). * clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin (bsc#1241345 bsc#1244457). * comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes). * comedi: Fix initialization of data for instructions that write to subdevice (git-fixes). * comedi: Fix some signed shift left operations (git-fixes). * comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes). * comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes). * comedi: das16m1: Fix bit shift out of bounds (git-fixes). * comedi: das6402: Fix bit shift out of bounds (git-fixes). * comedi: pcl812: Fix bit shift out of bounds (git-fixes). * compiler_types.h: Define **retain for __attribute** (( **retain** )) (git- fixes). * config: enable RBD (jsc#PED-13238) * crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes). * crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes). * crypto: ccp - Fix locking on alloc failure handling (git-fixes). * crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes). * crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes). * crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes). * crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes). * crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes). * crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes). * crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes). * crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes). * crypto: qat - fix state restore for banks with exceptions (git-fixes). * crypto: qat - flush misc workqueue during device shutdown (git-fixes). * crypto: qat - use unmanaged allocation for dc_data (git-fixes). * crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes). * dm-bufio: fix sched in atomic context (git-fixes). * dm-flakey: error all IOs when num_features is absent (git-fixes). * dm-flakey: make corrupting read bios work (git-fixes). * dm-mirror: fix a tiny race condition (git-fixes). * dm-raid: fix variable in journal device check (git-fixes). * dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes). * dm: do not change md if dm_table_set_restrictions() fails (git-fixes). * dm: free table mempools if not used in __bind (git-fixes). * dm: restrict dm device size to 2^63-512 bytes (git-fixes). * dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes). * dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes). * dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes). * dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git- fixes). * dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes). * dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes). * dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes). * dmaengine: xilinx_dma: Set dma_device directions (stable-fixes). * drm/amd/display: Do not overwrite dce60_clk_mgr (git-fixes). * drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git- fixes). * drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes). * drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes). * drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes). * drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes). * drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git- fixes). * drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes). * drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes). * drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes). * drm/exynos: fimd: Guard display clock control with runtime PM calls (git- fixes). * drm/framebuffer: Acquire internal references on GEM handles (git-fixes). * drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes). * drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes). * drm/i915/gsc: mei interrupt top half should be in irq disabled context (git- fixes). * drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes). * drm/i915/selftests: Change mock_request() to return error pointers (git- fixes). * drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes). * drm/msm: Fix a fence leak in submit error path (stable-fixes). * drm/msm: Fix another leak in the submit error path (stable-fixes). * drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes). * drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes). * drm/sched: Increment job count before swapping tail spsc queue (git-fixes). * drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes). * drm/scheduler: signal scheduled fence when kill job (stable-fixes). * drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes). * drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes). * drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes). * exfat: fdatasync flag should be same like generic_write_sync() (git-fixes). * fbcon: Fix outdated registered_fb reference in comment (git-fixes). * fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes). * firewire: ohci: correct code comments about bus_reset tasklet (git-fixes). * fs/jfs: consolidate sanity checking in dbMount (git-fixes). * fs/orangefs: Allow 2 more characters in do_c_string() (git-fixes). * gpio: mlxbf2: use platform_get_irq_optional() (git-fixes). * gpio: pca953x: log an error when failing to get the reset GPIO (git-fixes). * gpio: sim: include a missing header (git-fixes). * gpio: vf610: add locking to gpio direction functions (git-fixes). * gpio: virtio: Fix config space reading (git-fixes). * gpiolib: Fix debug messaging in gpiod_find_and_request() (git-fixes). * gpiolib: Handle no pin_ranges in gpiochip_generic_config() (git-fixes). * gpiolib: acpi: Do not use GPIO chip fwnode in acpi_gpiochip_find() (bsc#1233300). * gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match (bsc#1233300). * gpiolib: cdev: Ignore reconfiguration without direction (git-fixes). * gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes). * hfs: make splice write available again (git-fixes). * hfsplus: make splice write available again (git-fixes). * hfsplus: remove mutex_lock check in hfsplus_free_extents (git-fixes). * hv_netvsc: Use VF's tso_max_size value when data path is VF (bsc#1246203). * hwmon: (corsair-cpro) Validate the size of the received input buffer (git- fixes). * hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes). * hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes). * hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes). * i2c/designware: Fix an initialization issue (git-fixes). * i2c: qup: jump out of the loop in case of timeout (git-fixes). * i2c: stm32: fix the device used for the DMA map (git-fixes). * i2c: tegra: Fix reset error handling with ACPI (git-fixes). * i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes). * i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes). * iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git- fixes). * iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes). * iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable- fixes). * iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes). * iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes). * iio: adc: max1363: Reorder mode_list[] entries (stable-fixes). * iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes). * iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes). * iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes). * iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes). * iommu/amd: Set the pgsize_bitmap correctly (git-fixes). * iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes). * iommu/vt-d: Fix possible circular locking dependency (git-fixes). * iommu/vt-d: Fix system hang on reboot -f (git-fixes). * ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes). * ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (git-fixes). * ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes). * ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes). * iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes). * jfs: fix metapage reference count leak in dbAllocCtl (git-fixes). * kABI workaround for struct drm_framebuffer changes (git-fixes). * kABI: Fix the module::name type in audit_context (git-fixes). * kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes). * kernel-syms.spec: Drop old rpm release number hack (bsc#1247172). * leds: multicolor: Fix intensity setting while SW blinking (stable-fixes). * lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1236897). * lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897). * maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes). * md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes). * media: gspca: Add bounds checking to firmware parser (git-fixes). * media: hi556: correct the test pattern configuration (git-fixes). * media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes). * media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes). * media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git- fixes). * media: usbtv: Lock resolution while streaming (git-fixes). * media: uvcvideo: Do not mark valid metadata as invalid (git-fixes). * media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git- fixes). * media: v4l2-ctrls: Do not reset handler's error in v4l2_ctrl_handler_free() (git-fixes). * media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes). * media: venus: Add a check for packet size after reading from shared memory (git-fixes). * media: venus: hfi: explicitly release IRQ during teardown (git-fixes). * media: venus: protect against spurious interrupts during probe (git-fixes). * media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git- fixes). * media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git- fixes). * media: vivid: fix wrong pixel_array control size (git-fixes). * memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git- fixes). * mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes). * misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes). * mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes). * mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes). * mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes). * mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes). * mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes). * module: Fix memory deallocation on error path in move_module() (git-fixes). * module: Remove unnecessary +1 from last_unloaded_module::name size (git- fixes). * module: Restore the moduleparam prefix length check (git-fixes). * mtd: fix possible integer overflow in erase_xfer() (git-fixes). * mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes). * mtd: rawnand: atmel: set pmecc data setup time (git-fixes). * mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes). * mtd: rawnand: renesas: Add missing check after DMA map (git-fixes). * mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes). * mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes). * mtd: spinand: fix memory leak of ECC engine conf (stable-fixes). * mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes). * mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes). * mtk-sd: Prevent memory corruption from DMA map failure (git-fixes). * mtk-sd: reset host->mrq on prepare_data() error (git-fixes). * mwl8k: Add missing check after DMA map (git-fixes). * nbd: fix uaf in nbd_genl_connect() error path (git-fixes). * net/packet: fix a race in packet_set_ring() and packet_notifier() (git- fixes). * net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes). * net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git- fixes). * net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git- fixes). * net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes). * net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes). * net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes). * net: mana: Add debug logs in MANA network driver (bsc#1246212). * net: mana: Add handler for hardware servicing events (bsc#1245730). * net: mana: Allocate MSI-X vectors dynamically (bsc#1245457). * net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457). * net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (bsc#1246203). * net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729). * net: mana: Set tx_packets to post gso processing packet count (bsc#1245731). * net: mana: explain irq_setup() algorithm (bsc#1245457). * net: phy: Do not register LEDs for genphy (git-fixes). * net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes). * net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes). * net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git- fixes). * net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes). * net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git- fixes). * net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes). * net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes). * net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes). * netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes). * nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git- fixes). * nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes). * nilfs2: reject invalid file types when reading inodes (git-fixes). * nvme-pci: refresh visible attrs after being checked (git-fixes). * nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes). * nvme: fix endianness of command word prints in nvme_log_err_passthru() (git- fixes). * nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes). * nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes). * nvmet-tcp: fix callback lock for TLS handshake (git-fixes). * objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes). * objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks (git-fixes). * objtool: Fix _THIS_IP_ detection for cold functions (git-fixes). * objtool: Fix error handling inconsistencies in check() (git-fixes). * objtool: Ignore dangling jump table entries (git-fixes). * objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes). * objtool: Properly disable uaccess validation (git-fixes). * objtool: Silence more KCOV warnings (git-fixes). * objtool: Silence more KCOV warnings, part 2 (git-fixes). * objtool: Stop UNRET validation on UD2 (git-fixes). * pNFS/flexfiles: do not attempt pnfs on fatal DS errors (git-fixes). * pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes). * perf: Fix sample vs do_exit() (bsc#1246547). * phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git- fixes). * pinctrl: amd: Clear GPIO debounce for suspend (git-fixes). * pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes). * pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes). * pinmux: fix race causing mux_owner NULL with active mux_usecount (git- fixes). * platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git- fixes). * platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git- fixes). * platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes). * platform/mellanox: mlxreg-lc: Fix logic error in power state check (git- fixes). * platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes). * platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes). * platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes). * platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes). * platform/x86: think-lmi: Create ksets consecutively (stable-fixes). * platform/x86: think-lmi: Fix kobject cleanup (git-fixes). * platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes). * power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes). * power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git- fixes). * powercap: call put_device() on an error path in powercap_register_control_type() (stable-fixes). * powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git- fixes). * powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes). * powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH (git-fixes). * ptp: fix breakage after ptp_vclock_in_use() rework (bsc#1246506). * pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes). * pwm: mediatek: Ensure to disable clocks in error path (git-fixes). * regmap: fix potential memory leak of regmap_bus (git-fixes). * regulator: fan53555: add enable_time support and soft-start times (stable- fixes). * regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git- fixes). * regulator: pwm-regulator: Calculate the output voltage for disabled PWMs (stable-fixes). * resource: fix false warning in __request_region() (git-fixes). * restore UCSI_CONNECTOR_RESET_HARD definition (git-fixes). * ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes). * rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes). * rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes). * rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes). * rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes). * rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes). * rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes). * rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes). * rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes). * s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246870). * s390/entry: Fix last breaking event handling in case of stack corruption (git-fixes bsc#1243806). * s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245646). * s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245647). * s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245598). * s390: Add z17 elf platform (LTC#214086 bsc#1245540). * samples: mei: Fix building on musl libc (git-fixes). * sched,freezer: Remove unnecessary warning in __thaw_task (bsc#1219338). * sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up() (git- fixes). * scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes). * scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Copyright updates for 14.4.0.10 patches (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Modify end-of-life adapters' model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142). * scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125). * scsi: megaraid_sas: Fix invalid node index (git-fixes). * scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git- fixes). * scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git- fixes). * scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245599). * selftests/bpf: Add CFLAGS per source file and runner (git-fixes). * selftests/bpf: Add tests for iter next method returning valid pointer (git- fixes). * selftests/bpf: Change functions definitions to support GCC (git-fixes). * selftests/bpf: Fix a few tests for GCC related warnings (git-fixes). * selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect (git-fixes). * selftests/bpf: Fix prog numbers in test_sockmap (git-fixes). * smb3: move server check earlier when setting channel sequence number (git- fixes). * soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes). * soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes). * soc: aspeed: lpc-snoop: Do not disable channels that are not enabled (git- fixes). * soc: qcom: QMI encoding/decoding for big endian (git-fixes). * soc: qcom: fix endianness for QMI header (git-fixes). * soc: qcom: pmic_glink: fix OF node leak (git-fixes). * soundwire: amd: fix for clearing command status register (git-fixes). * soundwire: stream: restore params when prepare ports fail (git-fixes). * spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git- fixes). * staging: axis-fifo: remove sysfs interface (git-fixes). * staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git- fixes). * staging: nvec: Fix incorrect null termination of battery manufacturer (git- fixes). * struct cdns: move new member to the end (git-fixes). * struct ucsi_operations: use padding for new operation (git-fixes). * sunrpc: do not immediately retransmit on seqno miss (git-fixes). * sunrpc: fix client side handling of tls alerts (git-fixes). * tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes). * thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes). * thunderbolt: Fix copy+paste error in match_service_id() (git-fixes). * thunderbolt: Fix wake on connect at runtime (git-fixes). * tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes). * tracing/kprobes: Fix to free objects when failed to copy a symbol (git- fixes). * types: Complement the aligned types with signed 64-bit one (stable-fixes). * ucount: fix atomic_long_inc_below() argument type (git-fixes). * ucsi-glink: adapt to kABI consistency (git-fixes). * ucsi_ccg: Refine the UCSI Interrupt handling (git-fixes). * ucsi_operations: add stubs for all operations (git-fixes). * ucsi_ops: adapt update_connector to kABI consistency (git-fixes). * usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes). * usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes). * usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes). * usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes). * usb: cdnsp: Fix issue with resuming from L1 (git-fixes). * usb: cdnsp: Replace snprintf() with the safer scnprintf() variant (stable- fixes). * usb: cdnsp: do not disable slot for disabled slot (git-fixes). * usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes). * usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes). * usb: dwc2: also exit clock_gating when stopping udc while suspended (stable- fixes). * usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes). * usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes). * usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes). * usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes). * usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes). * usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes). * usb: hub: Do not try to recover devices lost during warm reset (git-fixes). * usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes). * usb: musb: fix gadget state on disconnect (git-fixes). * usb: musb: omap2430: fix device leak at unbind (git-fixes). * usb: net: sierra: check for no status endpoint (git-fixes). * usb: potential integer overflow in usbg_make_tpg() (stable-fixes). * usb: typec: Update sysfs when setting ops (git-fixes). * usb: typec: altmodes/displayport: do not index invalid pin_assignments (git- fixes). * usb: typec: displayport: Fix potential deadlock (git-fixes). * usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes). * usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable- fixes). * usb: typec: tcpm: allow switching to mode accessory to mux properly (stable- fixes). * usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes). * usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git- fixes). * usb: typec: ucsi: Add DATA_RESET option of Connector Reset command (git- fixes). * usb: typec: ucsi: Add qcm6490-pmic-glink as needing PDOS quirk (git-fixes). * usb: typec: ucsi: Delay alternate mode discovery (git-fixes). * usb: typec: ucsi: Fix busy loop on ASUS VivoBooks (git-fixes). * usb: typec: ucsi: Fix the partner PD revision (git-fixes). * usb: typec: ucsi: Get PD revision for partner (git-fixes). * usb: typec: ucsi: Set orientation as none when connector is unplugged (git- fixes). * usb: typec: ucsi: Update power_supply on power role change (git-fixes). * usb: typec: ucsi: add callback for connector status updates (git-fixes). * usb: typec: ucsi: add update_connector callback (git-fixes). * usb: typec: ucsi: do not retrieve PDOs if not supported (git-fixes). * usb: typec: ucsi: extract code to read PD caps (git-fixes). * usb: typec: ucsi: fix UCSI on SM8550 & SM8650 Qualcomm devices (git-fixes). * usb: typec: ucsi: glink: fix off-by-one in connector_status (git-fixes). * usb: typec: ucsi: glink: increase max ports for x1e80100 (git-fixes). * usb: typec: ucsi: glink: move GPIO reading into connector_status callback (git-fixes). * usb: typec: ucsi: glink: use typec_set_orientation (git-fixes). * usb: typec: ucsi: move ucsi_acknowledge() from ucsi_read_error() (git- fixes). * usb: typec: ucsi: properly register partner's PD device (git-fixes). * usb: typec: ucsi: support delaying GET_PDOS for device (git-fixes). * usb: typec: ucsi_acpi: Add LG Gram quirk (git-fixes). * usb: typec: ucsi_glink: drop NO_PARTNER_PDOS quirk for sm8550 / sm8650 (git- fixes). * usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk (git-fixes). * usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk on qcm6490 (git-fixes). * usb: typec: ucsi_glink: rework quirks implementation (git-fixes). * usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git- fixes). * usb: xhci: quirk for data loss in ISOC transfers (stable-fixes). * usb:cdnsp: remove TRB_FLUSH_ENDPOINT command (stable-fixes). * virtgpu: do not reset on shutdown (git-fixes). * vmci: Prevent the dispatching of uninitialized payloads (git-fixes). * vt: add missing notification when switching back to text mode (stable- fixes). * vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes). * vt: keyboard: Do not process Unicode characters in K_OFF mode (git-fixes). * watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git- fixes). * wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes). * wifi: ath11k: fix dest ring-buffer corruption (git-fixes). * wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes). * wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes). * wifi: ath11k: fix source ring-buffer corruption (git-fixes). * wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes). * wifi: ath12k: fix dest ring-buffer corruption (git-fixes). * wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes). * wifi: ath12k: fix endianness handling while accessing wmi service bit (git- fixes). * wifi: ath12k: fix source ring-buffer corruption (git-fixes). * wifi: ath6kl: remove WARN on bad firmware input (stable-fixes). * wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes). * wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes). * wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes). * wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes). * wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes). * wifi: mac80211: Add link iteration macro for link data (stable-fixes). * wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes). * wifi: mac80211: Do not call fq_flow_idx() for management frames (git-fixes). * wifi: mac80211: Do not schedule stopped TXQs (git-fixes). * wifi: mac80211: chan: chandef is non-NULL for reserved (stable-fixes). * wifi: mac80211: drop invalid source address OCB frames (stable-fixes). * wifi: mac80211: reject TDLS operations when station is not associated (git- fixes). * wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes). * wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes). * wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes). * wifi: plfxlc: Fix error handling in usb driver probe (git-fixes). * wifi: prevent A-MSDU attacks in mesh networks (stable-fixes). * wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes). * wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes). * wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes). * x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes). * x86/mce/amd: Add default names for MCA banks and blocks (git-fixes). * x86/mce/amd: Fix threshold limit reset (git-fixes). * x86/mce: Do not remove sysfs if thresholding sysfs init fails (git-fixes). * x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git- fixes). * x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git- fixes). * x86/traps: Initialize DR6 by writing its architectural reset value (git- fixes). * x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes). * x86: UV RTC: Add parameter to disable RTC clocksource (bsc#1241345). * xfs: fix off-by-one error in fsmap's end_daddr usage (bsc#1235837). * xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes). * xfs: remove unused event xfs_alloc_near_error (git-fixes). * xfs: remove unused event xfs_alloc_near_nominleft (git-fixes). * xfs: remove unused event xfs_attr_node_removename (git-fixes). * xfs: remove unused event xfs_ioctl_clone (git-fixes). * xfs: remove unused event xfs_pagecache_inval (git-fixes). * xfs: remove unused event xlog_iclog_want_sync (git-fixes). * xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes). * xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes). * xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes). * xfs: remove unused xfs_attr events (git-fixes). * xfs: remove unused xfs_reflink_compare_extents events (git-fixes). * xfs: remove usused xfs_end_io_direct events (git-fixes). * xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git- fixes). * xhci: dbc: Flush queued requests before stopping dbc (git-fixes). * xhci: dbctty: disable ECHO flag by default (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-83=1 ## Package List: * SUSE Linux Micro 6.1 (noarch) * kernel-devel-rt-6.4.0-35.1 * kernel-source-rt-6.4.0-35.1 * SUSE Linux Micro 6.1 (aarch64 nosrc x86_64) * kernel-rt-6.4.0-35.1 * SUSE Linux Micro 6.1 (aarch64 x86_64) * kernel-rt-devel-6.4.0-35.1 * kernel-rt-debugsource-6.4.0-35.1 * kernel-rt-debuginfo-6.4.0-35.1 * SUSE Linux Micro 6.1 (x86_64) * kernel-rt-livepatch-6.4.0-35.1 * kernel-rt-devel-debuginfo-6.4.0-35.1 ## References: * https://www.suse.com/security/cve/CVE-2019-11135.html * https://www.suse.com/security/cve/CVE-2024-36028.html * https://www.suse.com/security/cve/CVE-2024-36348.html * https://www.suse.com/security/cve/CVE-2024-36349.html * https://www.suse.com/security/cve/CVE-2024-36350.html * https://www.suse.com/security/cve/CVE-2024-36357.html * https://www.suse.com/security/cve/CVE-2024-44963.html * https://www.suse.com/security/cve/CVE-2024-56742.html * https://www.suse.com/security/cve/CVE-2024-57947.html * https://www.suse.com/security/cve/CVE-2025-21839.html * https://www.suse.com/security/cve/CVE-2025-21872.html * https://www.suse.com/security/cve/CVE-2025-23163.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-37856.html * https://www.suse.com/security/cve/CVE-2025-37864.html * https://www.suse.com/security/cve/CVE-2025-37885.html * https://www.suse.com/security/cve/CVE-2025-37920.html * https://www.suse.com/security/cve/CVE-2025-37984.html * https://www.suse.com/security/cve/CVE-2025-38034.html * https://www.suse.com/security/cve/CVE-2025-38035.html * https://www.suse.com/security/cve/CVE-2025-38051.html * https://www.suse.com/security/cve/CVE-2025-38052.html * https://www.suse.com/security/cve/CVE-2025-38058.html * https://www.suse.com/security/cve/CVE-2025-38061.html * https://www.suse.com/security/cve/CVE-2025-38062.html * https://www.suse.com/security/cve/CVE-2025-38063.html * https://www.suse.com/security/cve/CVE-2025-38064.html * https://www.suse.com/security/cve/CVE-2025-38074.html * https://www.suse.com/security/cve/CVE-2025-38084.html * https://www.suse.com/security/cve/CVE-2025-38085.html * https://www.suse.com/security/cve/CVE-2025-38087.html * https://www.suse.com/security/cve/CVE-2025-38088.html * https://www.suse.com/security/cve/CVE-2025-38089.html * https://www.suse.com/security/cve/CVE-2025-38090.html * https://www.suse.com/security/cve/CVE-2025-38094.html * https://www.suse.com/security/cve/CVE-2025-38095.html * https://www.suse.com/security/cve/CVE-2025-38097.html * https://www.suse.com/security/cve/CVE-2025-38098.html * https://www.suse.com/security/cve/CVE-2025-38099.html * https://www.suse.com/security/cve/CVE-2025-38100.html * https://www.suse.com/security/cve/CVE-2025-38102.html * https://www.suse.com/security/cve/CVE-2025-38105.html * https://www.suse.com/security/cve/CVE-2025-38107.html * https://www.suse.com/security/cve/CVE-2025-38108.html * https://www.suse.com/security/cve/CVE-2025-38109.html * https://www.suse.com/security/cve/CVE-2025-38110.html * https://www.suse.com/security/cve/CVE-2025-38111.html * https://www.suse.com/security/cve/CVE-2025-38112.html * https://www.suse.com/security/cve/CVE-2025-38113.html * https://www.suse.com/security/cve/CVE-2025-38115.html * https://www.suse.com/security/cve/CVE-2025-38117.html * https://www.suse.com/security/cve/CVE-2025-38118.html * https://www.suse.com/security/cve/CVE-2025-38120.html * https://www.suse.com/security/cve/CVE-2025-38122.html * https://www.suse.com/security/cve/CVE-2025-38123.html * https://www.suse.com/security/cve/CVE-2025-38124.html * https://www.suse.com/security/cve/CVE-2025-38126.html * https://www.suse.com/security/cve/CVE-2025-38127.html * https://www.suse.com/security/cve/CVE-2025-38129.html * https://www.suse.com/security/cve/CVE-2025-38131.html * https://www.suse.com/security/cve/CVE-2025-38132.html * https://www.suse.com/security/cve/CVE-2025-38135.html * https://www.suse.com/security/cve/CVE-2025-38136.html * https://www.suse.com/security/cve/CVE-2025-38138.html * https://www.suse.com/security/cve/CVE-2025-38142.html * https://www.suse.com/security/cve/CVE-2025-38143.html * https://www.suse.com/security/cve/CVE-2025-38145.html * https://www.suse.com/security/cve/CVE-2025-38147.html * https://www.suse.com/security/cve/CVE-2025-38148.html * https://www.suse.com/security/cve/CVE-2025-38149.html * https://www.suse.com/security/cve/CVE-2025-38151.html * https://www.suse.com/security/cve/CVE-2025-38153.html * https://www.suse.com/security/cve/CVE-2025-38154.html * https://www.suse.com/security/cve/CVE-2025-38155.html * https://www.suse.com/security/cve/CVE-2025-38157.html * https://www.suse.com/security/cve/CVE-2025-38158.html * https://www.suse.com/security/cve/CVE-2025-38159.html * https://www.suse.com/security/cve/CVE-2025-38161.html * https://www.suse.com/security/cve/CVE-2025-38162.html * https://www.suse.com/security/cve/CVE-2025-38165.html * https://www.suse.com/security/cve/CVE-2025-38166.html * https://www.suse.com/security/cve/CVE-2025-38173.html * https://www.suse.com/security/cve/CVE-2025-38174.html * https://www.suse.com/security/cve/CVE-2025-38177.html * https://www.suse.com/security/cve/CVE-2025-38180.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38182.html * https://www.suse.com/security/cve/CVE-2025-38183.html * https://www.suse.com/security/cve/CVE-2025-38187.html * https://www.suse.com/security/cve/CVE-2025-38188.html * https://www.suse.com/security/cve/CVE-2025-38192.html * https://www.suse.com/security/cve/CVE-2025-38193.html * https://www.suse.com/security/cve/CVE-2025-38194.html * https://www.suse.com/security/cve/CVE-2025-38197.html * https://www.suse.com/security/cve/CVE-2025-38198.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38202.html * https://www.suse.com/security/cve/CVE-2025-38203.html * https://www.suse.com/security/cve/CVE-2025-38204.html * https://www.suse.com/security/cve/CVE-2025-38206.html * https://www.suse.com/security/cve/CVE-2025-38210.html * https://www.suse.com/security/cve/CVE-2025-38211.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38214.html * https://www.suse.com/security/cve/CVE-2025-38215.html * https://www.suse.com/security/cve/CVE-2025-38217.html * https://www.suse.com/security/cve/CVE-2025-38220.html * https://www.suse.com/security/cve/CVE-2025-38222.html * https://www.suse.com/security/cve/CVE-2025-38225.html * https://www.suse.com/security/cve/CVE-2025-38226.html * https://www.suse.com/security/cve/CVE-2025-38227.html * https://www.suse.com/security/cve/CVE-2025-38229.html * https://www.suse.com/security/cve/CVE-2025-38231.html * https://www.suse.com/security/cve/CVE-2025-38236.html * https://www.suse.com/security/cve/CVE-2025-38239.html * https://www.suse.com/security/cve/CVE-2025-38244.html * https://www.suse.com/security/cve/CVE-2025-38246.html * https://www.suse.com/security/cve/CVE-2025-38248.html * https://www.suse.com/security/cve/CVE-2025-38249.html * https://www.suse.com/security/cve/CVE-2025-38250.html * https://www.suse.com/security/cve/CVE-2025-38257.html * https://www.suse.com/security/cve/CVE-2025-38259.html * https://www.suse.com/security/cve/CVE-2025-38264.html * https://www.suse.com/security/cve/CVE-2025-38272.html * https://www.suse.com/security/cve/CVE-2025-38273.html * https://www.suse.com/security/cve/CVE-2025-38275.html * https://www.suse.com/security/cve/CVE-2025-38277.html * https://www.suse.com/security/cve/CVE-2025-38279.html * https://www.suse.com/security/cve/CVE-2025-38283.html * https://www.suse.com/security/cve/CVE-2025-38286.html * https://www.suse.com/security/cve/CVE-2025-38289.html * https://www.suse.com/security/cve/CVE-2025-38290.html * https://www.suse.com/security/cve/CVE-2025-38292.html * https://www.suse.com/security/cve/CVE-2025-38293.html * https://www.suse.com/security/cve/CVE-2025-38300.html * https://www.suse.com/security/cve/CVE-2025-38303.html * https://www.suse.com/security/cve/CVE-2025-38304.html * https://www.suse.com/security/cve/CVE-2025-38305.html * https://www.suse.com/security/cve/CVE-2025-38307.html * https://www.suse.com/security/cve/CVE-2025-38310.html * https://www.suse.com/security/cve/CVE-2025-38312.html * https://www.suse.com/security/cve/CVE-2025-38313.html * https://www.suse.com/security/cve/CVE-2025-38319.html * https://www.suse.com/security/cve/CVE-2025-38323.html * https://www.suse.com/security/cve/CVE-2025-38326.html * https://www.suse.com/security/cve/CVE-2025-38328.html * https://www.suse.com/security/cve/CVE-2025-38332.html * https://www.suse.com/security/cve/CVE-2025-38334.html * https://www.suse.com/security/cve/CVE-2025-38335.html * https://www.suse.com/security/cve/CVE-2025-38336.html * https://www.suse.com/security/cve/CVE-2025-38337.html * https://www.suse.com/security/cve/CVE-2025-38338.html * https://www.suse.com/security/cve/CVE-2025-38342.html * https://www.suse.com/security/cve/CVE-2025-38343.html * https://www.suse.com/security/cve/CVE-2025-38344.html * https://www.suse.com/security/cve/CVE-2025-38345.html * https://www.suse.com/security/cve/CVE-2025-38348.html * https://www.suse.com/security/cve/CVE-2025-38349.html * https://www.suse.com/security/cve/CVE-2025-38350.html * https://www.suse.com/security/cve/CVE-2025-38352.html * https://www.suse.com/security/cve/CVE-2025-38354.html * https://www.suse.com/security/cve/CVE-2025-38362.html * https://www.suse.com/security/cve/CVE-2025-38363.html * https://www.suse.com/security/cve/CVE-2025-38364.html * https://www.suse.com/security/cve/CVE-2025-38365.html * https://www.suse.com/security/cve/CVE-2025-38369.html * https://www.suse.com/security/cve/CVE-2025-38371.html * https://www.suse.com/security/cve/CVE-2025-38373.html * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-38376.html * https://www.suse.com/security/cve/CVE-2025-38377.html * https://www.suse.com/security/cve/CVE-2025-38380.html * https://www.suse.com/security/cve/CVE-2025-38382.html * https://www.suse.com/security/cve/CVE-2025-38384.html * https://www.suse.com/security/cve/CVE-2025-38385.html * https://www.suse.com/security/cve/CVE-2025-38386.html * https://www.suse.com/security/cve/CVE-2025-38387.html * https://www.suse.com/security/cve/CVE-2025-38389.html * https://www.suse.com/security/cve/CVE-2025-38391.html * https://www.suse.com/security/cve/CVE-2025-38392.html * https://www.suse.com/security/cve/CVE-2025-38393.html * https://www.suse.com/security/cve/CVE-2025-38395.html * https://www.suse.com/security/cve/CVE-2025-38396.html * https://www.suse.com/security/cve/CVE-2025-38399.html * https://www.suse.com/security/cve/CVE-2025-38400.html * https://www.suse.com/security/cve/CVE-2025-38401.html * https://www.suse.com/security/cve/CVE-2025-38403.html * https://www.suse.com/security/cve/CVE-2025-38404.html * https://www.suse.com/security/cve/CVE-2025-38406.html * https://www.suse.com/security/cve/CVE-2025-38409.html * https://www.suse.com/security/cve/CVE-2025-38410.html * https://www.suse.com/security/cve/CVE-2025-38412.html * https://www.suse.com/security/cve/CVE-2025-38414.html * https://www.suse.com/security/cve/CVE-2025-38415.html * https://www.suse.com/security/cve/CVE-2025-38416.html * https://www.suse.com/security/cve/CVE-2025-38420.html * https://www.suse.com/security/cve/CVE-2025-38424.html * https://www.suse.com/security/cve/CVE-2025-38425.html * https://www.suse.com/security/cve/CVE-2025-38426.html * https://www.suse.com/security/cve/CVE-2025-38428.html * https://www.suse.com/security/cve/CVE-2025-38429.html * https://www.suse.com/security/cve/CVE-2025-38430.html * https://www.suse.com/security/cve/CVE-2025-38436.html * https://www.suse.com/security/cve/CVE-2025-38443.html * https://www.suse.com/security/cve/CVE-2025-38448.html * https://www.suse.com/security/cve/CVE-2025-38449.html * https://www.suse.com/security/cve/CVE-2025-38455.html * https://www.suse.com/security/cve/CVE-2025-38457.html * https://www.suse.com/security/cve/CVE-2025-38460.html * https://www.suse.com/security/cve/CVE-2025-38461.html * https://www.suse.com/security/cve/CVE-2025-38462.html * https://www.suse.com/security/cve/CVE-2025-38463.html * https://www.suse.com/security/cve/CVE-2025-38465.html * https://www.suse.com/security/cve/CVE-2025-38467.html * https://www.suse.com/security/cve/CVE-2025-38468.html * https://www.suse.com/security/cve/CVE-2025-38470.html * https://www.suse.com/security/cve/CVE-2025-38471.html * https://www.suse.com/security/cve/CVE-2025-38473.html * https://www.suse.com/security/cve/CVE-2025-38474.html * https://www.suse.com/security/cve/CVE-2025-38476.html * https://www.suse.com/security/cve/CVE-2025-38477.html * https://www.suse.com/security/cve/CVE-2025-38478.html * https://www.suse.com/security/cve/CVE-2025-38480.html * https://www.suse.com/security/cve/CVE-2025-38481.html * https://www.suse.com/security/cve/CVE-2025-38482.html * https://www.suse.com/security/cve/CVE-2025-38483.html * https://www.suse.com/security/cve/CVE-2025-38485.html * https://www.suse.com/security/cve/CVE-2025-38487.html * https://www.suse.com/security/cve/CVE-2025-38489.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://www.suse.com/security/cve/CVE-2025-38496.html * https://www.suse.com/security/cve/CVE-2025-38497.html * https://www.suse.com/security/cve/CVE-2025-38498.html * https://bugzilla.suse.com/show_bug.cgi?id=1204142 * https://bugzilla.suse.com/show_bug.cgi?id=1219338 * https://bugzilla.suse.com/show_bug.cgi?id=1225707 * https://bugzilla.suse.com/show_bug.cgi?id=1230216 * https://bugzilla.suse.com/show_bug.cgi?id=1233300 * https://bugzilla.suse.com/show_bug.cgi?id=1235613 * https://bugzilla.suse.com/show_bug.cgi?id=1235837 * https://bugzilla.suse.com/show_bug.cgi?id=1236333 * https://bugzilla.suse.com/show_bug.cgi?id=1236897 * https://bugzilla.suse.com/show_bug.cgi?id=1238896 * https://bugzilla.suse.com/show_bug.cgi?id=1239061 * https://bugzilla.suse.com/show_bug.cgi?id=1240323 * https://bugzilla.suse.com/show_bug.cgi?id=1240885 * https://bugzilla.suse.com/show_bug.cgi?id=1240966 * https://bugzilla.suse.com/show_bug.cgi?id=1241166 * https://bugzilla.suse.com/show_bug.cgi?id=1241345 * https://bugzilla.suse.com/show_bug.cgi?id=1242086 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242837 * https://bugzilla.suse.com/show_bug.cgi?id=1242960 * https://bugzilla.suse.com/show_bug.cgi?id=1242965 * https://bugzilla.suse.com/show_bug.cgi?id=1242993 * https://bugzilla.suse.com/show_bug.cgi?id=1243068 * https://bugzilla.suse.com/show_bug.cgi?id=1243100 * https://bugzilla.suse.com/show_bug.cgi?id=1243479 * https://bugzilla.suse.com/show_bug.cgi?id=1243669 * https://bugzilla.suse.com/show_bug.cgi?id=1243806 * https://bugzilla.suse.com/show_bug.cgi?id=1244309 * https://bugzilla.suse.com/show_bug.cgi?id=1244457 * https://bugzilla.suse.com/show_bug.cgi?id=1244735 * https://bugzilla.suse.com/show_bug.cgi?id=1244749 * https://bugzilla.suse.com/show_bug.cgi?id=1244750 * https://bugzilla.suse.com/show_bug.cgi?id=1244792 * https://bugzilla.suse.com/show_bug.cgi?id=1244801 * https://bugzilla.suse.com/show_bug.cgi?id=1245151 * https://bugzilla.suse.com/show_bug.cgi?id=1245201 * https://bugzilla.suse.com/show_bug.cgi?id=1245202 * https://bugzilla.suse.com/show_bug.cgi?id=1245216 * https://bugzilla.suse.com/show_bug.cgi?id=1245260 * https://bugzilla.suse.com/show_bug.cgi?id=1245431 * https://bugzilla.suse.com/show_bug.cgi?id=1245440 * https://bugzilla.suse.com/show_bug.cgi?id=1245457 * https://bugzilla.suse.com/show_bug.cgi?id=1245498 * https://bugzilla.suse.com/show_bug.cgi?id=1245499 * https://bugzilla.suse.com/show_bug.cgi?id=1245504 * https://bugzilla.suse.com/show_bug.cgi?id=1245506 * https://bugzilla.suse.com/show_bug.cgi?id=1245508 * https://bugzilla.suse.com/show_bug.cgi?id=1245510 * https://bugzilla.suse.com/show_bug.cgi?id=1245540 * https://bugzilla.suse.com/show_bug.cgi?id=1245598 * https://bugzilla.suse.com/show_bug.cgi?id=1245599 * https://bugzilla.suse.com/show_bug.cgi?id=1245646 * https://bugzilla.suse.com/show_bug.cgi?id=1245647 * https://bugzilla.suse.com/show_bug.cgi?id=1245649 * https://bugzilla.suse.com/show_bug.cgi?id=1245650 * https://bugzilla.suse.com/show_bug.cgi?id=1245654 * https://bugzilla.suse.com/show_bug.cgi?id=1245658 * https://bugzilla.suse.com/show_bug.cgi?id=1245660 * https://bugzilla.suse.com/show_bug.cgi?id=1245665 * https://bugzilla.suse.com/show_bug.cgi?id=1245666 * https://bugzilla.suse.com/show_bug.cgi?id=1245668 * https://bugzilla.suse.com/show_bug.cgi?id=1245669 * https://bugzilla.suse.com/show_bug.cgi?id=1245670 * https://bugzilla.suse.com/show_bug.cgi?id=1245671 * https://bugzilla.suse.com/show_bug.cgi?id=1245675 * https://bugzilla.suse.com/show_bug.cgi?id=1245676 * https://bugzilla.suse.com/show_bug.cgi?id=1245677 * https://bugzilla.suse.com/show_bug.cgi?id=1245679 * https://bugzilla.suse.com/show_bug.cgi?id=1245682 * https://bugzilla.suse.com/show_bug.cgi?id=1245683 * https://bugzilla.suse.com/show_bug.cgi?id=1245684 * https://bugzilla.suse.com/show_bug.cgi?id=1245688 * https://bugzilla.suse.com/show_bug.cgi?id=1245689 * https://bugzilla.suse.com/show_bug.cgi?id=1245690 * https://bugzilla.suse.com/show_bug.cgi?id=1245691 * https://bugzilla.suse.com/show_bug.cgi?id=1245695 * https://bugzilla.suse.com/show_bug.cgi?id=1245705 * https://bugzilla.suse.com/show_bug.cgi?id=1245708 * https://bugzilla.suse.com/show_bug.cgi?id=1245711 * https://bugzilla.suse.com/show_bug.cgi?id=1245713 * https://bugzilla.suse.com/show_bug.cgi?id=1245714 * https://bugzilla.suse.com/show_bug.cgi?id=1245719 * https://bugzilla.suse.com/show_bug.cgi?id=1245723 * https://bugzilla.suse.com/show_bug.cgi?id=1245729 * https://bugzilla.suse.com/show_bug.cgi?id=1245730 * https://bugzilla.suse.com/show_bug.cgi?id=1245731 * https://bugzilla.suse.com/show_bug.cgi?id=1245735 * https://bugzilla.suse.com/show_bug.cgi?id=1245737 * https://bugzilla.suse.com/show_bug.cgi?id=1245744 * https://bugzilla.suse.com/show_bug.cgi?id=1245745 * https://bugzilla.suse.com/show_bug.cgi?id=1245746 * https://bugzilla.suse.com/show_bug.cgi?id=1245747 * https://bugzilla.suse.com/show_bug.cgi?id=1245748 * https://bugzilla.suse.com/show_bug.cgi?id=1245749 * https://bugzilla.suse.com/show_bug.cgi?id=1245750 * https://bugzilla.suse.com/show_bug.cgi?id=1245751 * https://bugzilla.suse.com/show_bug.cgi?id=1245752 * https://bugzilla.suse.com/show_bug.cgi?id=1245757 * https://bugzilla.suse.com/show_bug.cgi?id=1245758 * https://bugzilla.suse.com/show_bug.cgi?id=1245765 * https://bugzilla.suse.com/show_bug.cgi?id=1245768 * https://bugzilla.suse.com/show_bug.cgi?id=1245769 * https://bugzilla.suse.com/show_bug.cgi?id=1245777 * https://bugzilla.suse.com/show_bug.cgi?id=1245781 * https://bugzilla.suse.com/show_bug.cgi?id=1245789 * https://bugzilla.suse.com/show_bug.cgi?id=1245937 * https://bugzilla.suse.com/show_bug.cgi?id=1245945 * https://bugzilla.suse.com/show_bug.cgi?id=1245951 * https://bugzilla.suse.com/show_bug.cgi?id=1245952 * https://bugzilla.suse.com/show_bug.cgi?id=1245954 * https://bugzilla.suse.com/show_bug.cgi?id=1245957 * https://bugzilla.suse.com/show_bug.cgi?id=1245966 * https://bugzilla.suse.com/show_bug.cgi?id=1245970 * https://bugzilla.suse.com/show_bug.cgi?id=1245976 * https://bugzilla.suse.com/show_bug.cgi?id=1245980 * https://bugzilla.suse.com/show_bug.cgi?id=1245983 * https://bugzilla.suse.com/show_bug.cgi?id=1245986 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246002 * https://bugzilla.suse.com/show_bug.cgi?id=1246006 * https://bugzilla.suse.com/show_bug.cgi?id=1246008 * https://bugzilla.suse.com/show_bug.cgi?id=1246020 * https://bugzilla.suse.com/show_bug.cgi?id=1246023 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246031 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246041 * https://bugzilla.suse.com/show_bug.cgi?id=1246042 * https://bugzilla.suse.com/show_bug.cgi?id=1246044 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246047 * https://bugzilla.suse.com/show_bug.cgi?id=1246049 * https://bugzilla.suse.com/show_bug.cgi?id=1246050 * https://bugzilla.suse.com/show_bug.cgi?id=1246055 * https://bugzilla.suse.com/show_bug.cgi?id=1246073 * https://bugzilla.suse.com/show_bug.cgi?id=1246093 * https://bugzilla.suse.com/show_bug.cgi?id=1246098 * https://bugzilla.suse.com/show_bug.cgi?id=1246109 * https://bugzilla.suse.com/show_bug.cgi?id=1246122 * https://bugzilla.suse.com/show_bug.cgi?id=1246125 * https://bugzilla.suse.com/show_bug.cgi?id=1246171 * https://bugzilla.suse.com/show_bug.cgi?id=1246173 * https://bugzilla.suse.com/show_bug.cgi?id=1246178 * https://bugzilla.suse.com/show_bug.cgi?id=1246182 * https://bugzilla.suse.com/show_bug.cgi?id=1246183 * https://bugzilla.suse.com/show_bug.cgi?id=1246186 * https://bugzilla.suse.com/show_bug.cgi?id=1246195 * https://bugzilla.suse.com/show_bug.cgi?id=1246203 * https://bugzilla.suse.com/show_bug.cgi?id=1246212 * https://bugzilla.suse.com/show_bug.cgi?id=1246220 * https://bugzilla.suse.com/show_bug.cgi?id=1246236 * https://bugzilla.suse.com/show_bug.cgi?id=1246240 * https://bugzilla.suse.com/show_bug.cgi?id=1246243 * https://bugzilla.suse.com/show_bug.cgi?id=1246246 * https://bugzilla.suse.com/show_bug.cgi?id=1246249 * https://bugzilla.suse.com/show_bug.cgi?id=1246250 * https://bugzilla.suse.com/show_bug.cgi?id=1246253 * https://bugzilla.suse.com/show_bug.cgi?id=1246258 * https://bugzilla.suse.com/show_bug.cgi?id=1246262 * https://bugzilla.suse.com/show_bug.cgi?id=1246264 * https://bugzilla.suse.com/show_bug.cgi?id=1246266 * https://bugzilla.suse.com/show_bug.cgi?id=1246268 * https://bugzilla.suse.com/show_bug.cgi?id=1246273 * https://bugzilla.suse.com/show_bug.cgi?id=1246283 * https://bugzilla.suse.com/show_bug.cgi?id=1246287 * https://bugzilla.suse.com/show_bug.cgi?id=1246292 * https://bugzilla.suse.com/show_bug.cgi?id=1246293 * https://bugzilla.suse.com/show_bug.cgi?id=1246295 * https://bugzilla.suse.com/show_bug.cgi?id=1246334 * https://bugzilla.suse.com/show_bug.cgi?id=1246337 * https://bugzilla.suse.com/show_bug.cgi?id=1246342 * https://bugzilla.suse.com/show_bug.cgi?id=1246349 * https://bugzilla.suse.com/show_bug.cgi?id=1246354 * https://bugzilla.suse.com/show_bug.cgi?id=1246358 * https://bugzilla.suse.com/show_bug.cgi?id=1246361 * https://bugzilla.suse.com/show_bug.cgi?id=1246364 * https://bugzilla.suse.com/show_bug.cgi?id=1246370 * https://bugzilla.suse.com/show_bug.cgi?id=1246375 * https://bugzilla.suse.com/show_bug.cgi?id=1246384 * https://bugzilla.suse.com/show_bug.cgi?id=1246386 * https://bugzilla.suse.com/show_bug.cgi?id=1246387 * https://bugzilla.suse.com/show_bug.cgi?id=1246438 * https://bugzilla.suse.com/show_bug.cgi?id=1246453 * https://bugzilla.suse.com/show_bug.cgi?id=1246473 * https://bugzilla.suse.com/show_bug.cgi?id=1246490 * https://bugzilla.suse.com/show_bug.cgi?id=1246506 * https://bugzilla.suse.com/show_bug.cgi?id=1246547 * https://bugzilla.suse.com/show_bug.cgi?id=1246777 * https://bugzilla.suse.com/show_bug.cgi?id=1246781 * https://bugzilla.suse.com/show_bug.cgi?id=1246870 * https://bugzilla.suse.com/show_bug.cgi?id=1246879 * https://bugzilla.suse.com/show_bug.cgi?id=1246911 * https://bugzilla.suse.com/show_bug.cgi?id=1247018 * https://bugzilla.suse.com/show_bug.cgi?id=1247023 * https://bugzilla.suse.com/show_bug.cgi?id=1247028 * https://bugzilla.suse.com/show_bug.cgi?id=1247031 * https://bugzilla.suse.com/show_bug.cgi?id=1247033 * https://bugzilla.suse.com/show_bug.cgi?id=1247035 * https://bugzilla.suse.com/show_bug.cgi?id=1247061 * https://bugzilla.suse.com/show_bug.cgi?id=1247089 * https://bugzilla.suse.com/show_bug.cgi?id=1247091 * https://bugzilla.suse.com/show_bug.cgi?id=1247097 * https://bugzilla.suse.com/show_bug.cgi?id=1247098 * https://bugzilla.suse.com/show_bug.cgi?id=1247101 * https://bugzilla.suse.com/show_bug.cgi?id=1247103 * https://bugzilla.suse.com/show_bug.cgi?id=1247104 * https://bugzilla.suse.com/show_bug.cgi?id=1247113 * https://bugzilla.suse.com/show_bug.cgi?id=1247118 * https://bugzilla.suse.com/show_bug.cgi?id=1247123 * https://bugzilla.suse.com/show_bug.cgi?id=1247125 * https://bugzilla.suse.com/show_bug.cgi?id=1247128 * https://bugzilla.suse.com/show_bug.cgi?id=1247132 * https://bugzilla.suse.com/show_bug.cgi?id=1247138 * https://bugzilla.suse.com/show_bug.cgi?id=1247141 * https://bugzilla.suse.com/show_bug.cgi?id=1247143 * https://bugzilla.suse.com/show_bug.cgi?id=1247145 * https://bugzilla.suse.com/show_bug.cgi?id=1247146 * https://bugzilla.suse.com/show_bug.cgi?id=1247147 * https://bugzilla.suse.com/show_bug.cgi?id=1247149 * https://bugzilla.suse.com/show_bug.cgi?id=1247150 * https://bugzilla.suse.com/show_bug.cgi?id=1247151 * https://bugzilla.suse.com/show_bug.cgi?id=1247153 * https://bugzilla.suse.com/show_bug.cgi?id=1247154 * https://bugzilla.suse.com/show_bug.cgi?id=1247156 * https://bugzilla.suse.com/show_bug.cgi?id=1247160 * https://bugzilla.suse.com/show_bug.cgi?id=1247164 * https://bugzilla.suse.com/show_bug.cgi?id=1247169 * https://bugzilla.suse.com/show_bug.cgi?id=1247170 * https://bugzilla.suse.com/show_bug.cgi?id=1247171 * https://bugzilla.suse.com/show_bug.cgi?id=1247172 * https://bugzilla.suse.com/show_bug.cgi?id=1247174 * https://bugzilla.suse.com/show_bug.cgi?id=1247176 * https://bugzilla.suse.com/show_bug.cgi?id=1247177 * https://bugzilla.suse.com/show_bug.cgi?id=1247178 * https://bugzilla.suse.com/show_bug.cgi?id=1247181 * https://bugzilla.suse.com/show_bug.cgi?id=1247209 * https://bugzilla.suse.com/show_bug.cgi?id=1247210 * https://bugzilla.suse.com/show_bug.cgi?id=1247227 * https://bugzilla.suse.com/show_bug.cgi?id=1247233 * https://bugzilla.suse.com/show_bug.cgi?id=1247236 * https://bugzilla.suse.com/show_bug.cgi?id=1247238 * https://bugzilla.suse.com/show_bug.cgi?id=1247241 * https://bugzilla.suse.com/show_bug.cgi?id=1247251 * https://bugzilla.suse.com/show_bug.cgi?id=1247252 * https://bugzilla.suse.com/show_bug.cgi?id=1247253 * https://bugzilla.suse.com/show_bug.cgi?id=1247255 * https://bugzilla.suse.com/show_bug.cgi?id=1247271 * https://bugzilla.suse.com/show_bug.cgi?id=1247273 * https://bugzilla.suse.com/show_bug.cgi?id=1247274 * https://bugzilla.suse.com/show_bug.cgi?id=1247276 * https://bugzilla.suse.com/show_bug.cgi?id=1247277 * https://bugzilla.suse.com/show_bug.cgi?id=1247278 * https://bugzilla.suse.com/show_bug.cgi?id=1247279 * https://bugzilla.suse.com/show_bug.cgi?id=1247284 * https://bugzilla.suse.com/show_bug.cgi?id=1247285 * https://bugzilla.suse.com/show_bug.cgi?id=1247288 * https://bugzilla.suse.com/show_bug.cgi?id=1247289 * https://bugzilla.suse.com/show_bug.cgi?id=1247293 * https://bugzilla.suse.com/show_bug.cgi?id=1247311 * https://bugzilla.suse.com/show_bug.cgi?id=1247314 * https://bugzilla.suse.com/show_bug.cgi?id=1247317 * https://bugzilla.suse.com/show_bug.cgi?id=1247347 * https://bugzilla.suse.com/show_bug.cgi?id=1247348 * https://bugzilla.suse.com/show_bug.cgi?id=1247349 * https://bugzilla.suse.com/show_bug.cgi?id=1247374 * https://bugzilla.suse.com/show_bug.cgi?id=1247437 * https://bugzilla.suse.com/show_bug.cgi?id=1247450 * https://jira.suse.com/browse/PED-13238 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:39:42 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:39:42 -0000 Subject: SUSE-SU-2025:20593-1: moderate: Security update for openssl-3 Message-ID: <175649998294.10939.16024302171456092652@smelt2.prg2.suse.org> # Security update for openssl-3 Announcement ID: SUSE-SU-2025:20593-1 Release Date: 2025-08-14T10:12:18Z Rating: moderate References: * bsc#1220262 Cross-References: * CVE-2023-50782 CVSS scores: * CVE-2023-50782 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-3 fixes the following issues: * CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-215=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * libopenssl3-debuginfo-3.1.4-slfo.1.1_6.1 * openssl-3-3.1.4-slfo.1.1_6.1 * openssl-3-debugsource-3.1.4-slfo.1.1_6.1 * libopenssl-3-devel-3.1.4-slfo.1.1_6.1 * libopenssl3-3.1.4-slfo.1.1_6.1 * openssl-3-debuginfo-3.1.4-slfo.1.1_6.1 * libopenssl-3-fips-provider-debuginfo-3.1.4-slfo.1.1_6.1 * libopenssl-3-fips-provider-3.1.4-slfo.1.1_6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-50782.html * https://bugzilla.suse.com/show_bug.cgi?id=1220262 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:39:18 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:39:18 -0000 Subject: SUSE-SU-2025:20598-1: important: Security update for libsoup Message-ID: <175649995819.10939.17028402683313572195@smelt2.prg2.suse.org> # Security update for libsoup Announcement ID: SUSE-SU-2025:20598-1 Release Date: 2025-08-21T09:32:15Z Rating: important References: * bsc#1243314 * bsc#1243332 * bsc#1243422 * bsc#1243423 Cross-References: * CVE-2025-4476 * CVE-2025-4945 * CVE-2025-4948 * CVE-2025-4969 CVSS scores: * CVE-2025-4476 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-4476 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-4476 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-4945 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-4945 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-4945 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-4948 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-4948 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4948 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4969 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-4969 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-4969 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L Affected Products: * SUSE Linux Micro 6.1 An update that solves four vulnerabilities can now be installed. ## Description: This update for libsoup fixes the following issues: * CVE-2025-4945: Fixed Integer Overflow in Cookie Expiration Date Handling (bsc#1243314) * CVE-2025-4948: Fixed Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service (bsc#1243332) * CVE-2025-4476: Fixed null pointer dereference leading to denial of service (bsc#1243422) * CVE-2025-4969: Fixed off-by-one out-of-bounds read leading to infoleak (bsc#1243423) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-219=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * libsoup-3_0-0-debuginfo-3.4.4-slfo.1.1_4.1 * libsoup-3_0-0-3.4.4-slfo.1.1_4.1 * libsoup-debugsource-3.4.4-slfo.1.1_4.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4476.html * https://www.suse.com/security/cve/CVE-2025-4945.html * https://www.suse.com/security/cve/CVE-2025-4948.html * https://www.suse.com/security/cve/CVE-2025-4969.html * https://bugzilla.suse.com/show_bug.cgi?id=1243314 * https://bugzilla.suse.com/show_bug.cgi?id=1243332 * https://bugzilla.suse.com/show_bug.cgi?id=1243422 * https://bugzilla.suse.com/show_bug.cgi?id=1243423 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:39:31 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:39:31 -0000 Subject: SUSE-SU-2025:20596-1: important: Security update for libssh Message-ID: <175649997199.10939.15781978057335328805@smelt2.prg2.suse.org> # Security update for libssh Announcement ID: SUSE-SU-2025:20596-1 Release Date: 2025-08-14T10:19:26Z Rating: important References: * bsc#1245309 * bsc#1245310 * bsc#1245311 * bsc#1245312 * bsc#1245314 * bsc#1245317 Cross-References: * CVE-2025-4877 * CVE-2025-4878 * CVE-2025-5318 * CVE-2025-5351 * CVE-2025-5372 * CVE-2025-5987 CVSS scores: * CVE-2025-4877 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-4877 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-4877 ( NVD ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-4878 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-4878 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-4878 ( NVD ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-5318 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-5318 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-5318 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-5318 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-5351 ( SUSE ): 6.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-5351 ( SUSE ): 6.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-5351 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-5351 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-5372 ( SUSE ): 7.6 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-5372 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L * CVE-2025-5372 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-5372 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-5987 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-5987 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-5987 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-5987 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for libssh fixes the following issues: * CVE-2025-5372: ssh_kdf() returns a success code on certain failures (bsc#1245314) * CVE-2025-5987: Invalid return code for chacha20 poly1305 with OpenSSL backend (bsc#1245317) * CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions (bsc#1245309) * CVE-2025-4878: Use of uninitialized variable in privatekey_from_file() (bsc#1245310) * CVE-2025-5318: Likely read beyond bounds in sftp server handle management (bsc#1245311) * CVE-2025-5351: Double free in functions exporting keys (bsc#1245312) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-213=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le x86_64) * libssh4-0.10.6-slfo.1.1_2.1 * libssh-config-0.10.6-slfo.1.1_2.1 * libssh4-debuginfo-0.10.6-slfo.1.1_2.1 * libssh-debugsource-0.10.6-slfo.1.1_2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4877.html * https://www.suse.com/security/cve/CVE-2025-4878.html * https://www.suse.com/security/cve/CVE-2025-5318.html * https://www.suse.com/security/cve/CVE-2025-5351.html * https://www.suse.com/security/cve/CVE-2025-5372.html * https://www.suse.com/security/cve/CVE-2025-5987.html * https://bugzilla.suse.com/show_bug.cgi?id=1245309 * https://bugzilla.suse.com/show_bug.cgi?id=1245310 * https://bugzilla.suse.com/show_bug.cgi?id=1245311 * https://bugzilla.suse.com/show_bug.cgi?id=1245312 * https://bugzilla.suse.com/show_bug.cgi?id=1245314 * https://bugzilla.suse.com/show_bug.cgi?id=1245317 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:39:34 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:39:34 -0000 Subject: SUSE-SU-2025:20595-1: important: Security update for helm Message-ID: <175649997408.10939.10822740518886103105@smelt2.prg2.suse.org> # Security update for helm Announcement ID: SUSE-SU-2025:20595-1 Release Date: 2025-08-14T10:17:36Z Rating: important References: * bsc#1246152 Cross-References: * CVE-2025-53547 CVSS scores: * CVE-2025-53547 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H * CVE-2025-53547 ( SUSE ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H * CVE-2025-53547 ( NVD ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for helm fixes the following issues: Update to version 3.18.4 (bsc#1246152, CVE-2025-53547): * Disabling linter due to unknown issue f20a4ad (Matt Farina) * build(deps): bump the k8s-io group with 7 updates 563b094 (dependabot[bot]) * Updating link handling 00de613 (Matt Farina) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-212=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.18.4-slfo.1.1_1.1 * helm-3.18.4-slfo.1.1_1.1 * SUSE Linux Micro 6.1 (noarch) * helm-bash-completion-3.18.4-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-53547.html * https://bugzilla.suse.com/show_bug.cgi?id=1246152 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:39:38 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:39:38 -0000 Subject: SUSE-SU-2025:20594-1: moderate: Security update for libarchive Message-ID: <175649997892.10939.6013974931652669106@smelt2.prg2.suse.org> # Security update for libarchive Announcement ID: SUSE-SU-2025:20594-1 Release Date: 2025-08-14T10:15:05Z Rating: moderate References: * bsc#1244270 * bsc#1244272 * bsc#1244273 * bsc#1244279 * bsc#1244336 Cross-References: * CVE-2025-5914 * CVE-2025-5915 * CVE-2025-5916 * CVE-2025-5917 * CVE-2025-5918 CVSS scores: * CVE-2025-5914 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-5914 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-5914 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-5914 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-5915 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-5915 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5915 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5915 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H * CVE-2025-5916 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-5916 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5916 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5916 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H * CVE-2025-5917 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-5917 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2025-5917 ( NVD ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2025-5917 ( NVD ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2025-5918 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-5918 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5918 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2025-5918 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for libarchive fixes the following issues: * CVE-2025-5918: reading past EOF may be triggered for piped file streams (bsc#1244279) * CVE-2025-5917: off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c (bsc#1244336) * CVE-2025-5916: integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270) * CVE-2025-5915: heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c (bsc#1244273) * CVE-2025-5914: double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-214=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * libarchive13-3.7.4-slfo.1.1_3.1 * libarchive-debugsource-3.7.4-slfo.1.1_3.1 * libarchive13-debuginfo-3.7.4-slfo.1.1_3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-5914.html * https://www.suse.com/security/cve/CVE-2025-5915.html * https://www.suse.com/security/cve/CVE-2025-5916.html * https://www.suse.com/security/cve/CVE-2025-5917.html * https://www.suse.com/security/cve/CVE-2025-5918.html * https://bugzilla.suse.com/show_bug.cgi?id=1244270 * https://bugzilla.suse.com/show_bug.cgi?id=1244272 * https://bugzilla.suse.com/show_bug.cgi?id=1244273 * https://bugzilla.suse.com/show_bug.cgi?id=1244279 * https://bugzilla.suse.com/show_bug.cgi?id=1244336 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:39:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:39:25 -0000 Subject: SUSE-SU-2025:20597-1: moderate: Security update for systemd Message-ID: <175649996506.10939.5675649265977272129@smelt2.prg2.suse.org> # Security update for systemd Announcement ID: SUSE-SU-2025:20597-1 Release Date: 2025-08-16T11:46:56Z Rating: moderate References: * bsc#1242827 * bsc#1243935 * bsc#1247074 Cross-References: * CVE-2025-4598 CVSS scores: * CVE-2025-4598 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-4598 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 * SUSE Linux Micro Extras 6.1 An update that solves one vulnerability and has two fixes can now be installed. ## Description: This update for systemd fixes the following issues: * Remove the script used to help migrating the language and locale settings located in /etc/sysconfig/language on old systems to the systemd default locations (bsc#1247074) The script was introduced more than 7 years ago and all systems running TW should have been migrated since then. Moreover the installer supports the systemd default locations since approximately SLE15. * triggers.systemd: skip update of hwdb, journal-catalog if executed during an offline update. * logs-show: get timestamp and boot ID only when necessary (bsc#1242827) * sd-journal: drop to use Hashmap to manage journal files per boot ID * tree-wide: set SD_JOURNAL_ASSUME_IMMUTABLE where appropriate * sd-journal: introduce SD_JOURNAL_ASSUME_IMMUTABLE flag * sd-journal: make journal_file_read_tail_timestamp() notify to the caller that some new journal entries added * sd-journal: cache last entry offset and journal file state * sd-journal: fix typo in function name * coredump: use %d in kernel core pattern (bsc#1243935 CVE-2025-4598) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-218=1 * SUSE Linux Micro Extras 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-218=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * systemd-debugsource-254.27-slfo.1.1_1.1 * libsystemd0-254.27-slfo.1.1_1.1 * systemd-coredump-debuginfo-254.27-slfo.1.1_1.1 * libsystemd0-debuginfo-254.27-slfo.1.1_1.1 * systemd-debuginfo-254.27-slfo.1.1_1.1 * libudev1-debuginfo-254.27-slfo.1.1_1.1 * systemd-portable-254.27-slfo.1.1_1.1 * udev-254.27-slfo.1.1_1.1 * systemd-journal-remote-254.27-slfo.1.1_1.1 * systemd-254.27-slfo.1.1_1.1 * libudev1-254.27-slfo.1.1_1.1 * systemd-container-debuginfo-254.27-slfo.1.1_1.1 * systemd-experimental-254.27-slfo.1.1_1.1 * systemd-journal-remote-debuginfo-254.27-slfo.1.1_1.1 * systemd-container-254.27-slfo.1.1_1.1 * udev-debuginfo-254.27-slfo.1.1_1.1 * systemd-coredump-254.27-slfo.1.1_1.1 * systemd-experimental-debuginfo-254.27-slfo.1.1_1.1 * systemd-portable-debuginfo-254.27-slfo.1.1_1.1 * SUSE Linux Micro 6.1 (ppc64le) * systemd-sysvcompat-debuginfo-254.27-slfo.1.1_1.1 * systemd-sysvcompat-254.27-slfo.1.1_1.1 * SUSE Linux Micro Extras 6.1 (aarch64 ppc64le s390x x86_64) * systemd-debugsource-254.27-slfo.1.1_1.1 * systemd-devel-254.27-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4598.html * https://bugzilla.suse.com/show_bug.cgi?id=1242827 * https://bugzilla.suse.com/show_bug.cgi?id=1243935 * https://bugzilla.suse.com/show_bug.cgi?id=1247074 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:39:56 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:39:56 -0000 Subject: SUSE-SU-2025:20591-1: important: Security update for jq Message-ID: <175649999656.10939.12654076857591287858@smelt2.prg2.suse.org> # Security update for jq Announcement ID: SUSE-SU-2025:20591-1 Release Date: 2025-08-08T10:28:13Z Rating: important References: * bsc#1238078 * bsc#1243450 * bsc#1244116 Cross-References: * CVE-2024-23337 * CVE-2024-53427 * CVE-2025-48060 CVSS scores: * CVE-2024-23337 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-23337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-23337 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-23337 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-53427 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-53427 ( NVD ): 8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2025-48060 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-48060 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-48060 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-48060 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves three vulnerabilities can now be installed. ## Description: This update for jq fixes the following issues: * CVE-2025-48060: Fixed stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt) (bsc#1244116) * CVE-2024-23337: Fixed signed integer overflow in jv.c:jvp_array_write (bsc#1243450) * CVE-2024-53427: Fixed stack-buffer-overflow in the decNumberCopy function in decNumber.c (bsc#1238078) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-207=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * jq-debugsource-1.7.1-slfo.1.1_2.1 * libjq1-debuginfo-1.7.1-slfo.1.1_2.1 * jq-debuginfo-1.7.1-slfo.1.1_2.1 * libjq1-1.7.1-slfo.1.1_2.1 * jq-1.7.1-slfo.1.1_2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23337.html * https://www.suse.com/security/cve/CVE-2024-53427.html * https://www.suse.com/security/cve/CVE-2025-48060.html * https://bugzilla.suse.com/show_bug.cgi?id=1238078 * https://bugzilla.suse.com/show_bug.cgi?id=1243450 * https://bugzilla.suse.com/show_bug.cgi?id=1244116 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Aug 29 20:39:58 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Aug 2025 20:39:58 -0000 Subject: SUSE-SU-2025:20590-1: important: Security update for xz Message-ID: <175649999894.10939.13944812061250702803@smelt2.prg2.suse.org> # Security update for xz Announcement ID: SUSE-SU-2025:20590-1 Release Date: 2025-08-08T10:26:24Z Rating: important References: * bsc#1240414 Cross-References: * CVE-2025-31115 CVSS scores: * CVE-2025-31115 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-31115 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-31115 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for xz fixes the following issues: * CVE-2025-31115: Fixed heap use after free and writing to an address based on the null pointer plus an offset (bsc#1240414) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-206=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * xz-5.4.3-slfo.1.1_2.1 * xz-debuginfo-5.4.3-slfo.1.1_2.1 * xz-debugsource-5.4.3-slfo.1.1_2.1 * liblzma5-5.4.3-slfo.1.1_2.1 * liblzma5-debuginfo-5.4.3-slfo.1.1_2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-31115.html * https://bugzilla.suse.com/show_bug.cgi?id=1240414 -------------- next part -------------- An HTML attachment was scrubbed... URL: