From null at suse.de Mon Mar 3 12:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 03 Mar 2025 12:30:09 -0000 Subject: SUSE-SU-2025:0767-1: moderate: Security update for gnutls Message-ID: <174100500938.31718.12564258677586489789@smelt2.prg2.suse.org> # Security update for gnutls Announcement ID: SUSE-SU-2025:0767-1 Release Date: 2025-03-03T08:45:03Z Rating: moderate References: * bsc#1236974 Cross-References: * CVE-2024-12243 CVSS scores: * CVE-2024-12243 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-12243 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-12243 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for gnutls fixes the following issues: * CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can lead to a DoS (bsc#1236974). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-767=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libgnutls28-debuginfo-32bit-3.3.27-3.9.1 * libgnutls-openssl27-debuginfo-3.3.27-3.9.1 * gnutls-3.3.27-3.9.1 * libgnutls-devel-3.3.27-3.9.1 * gnutls-debugsource-3.3.27-3.9.1 * libgnutls-openssl-devel-3.3.27-3.9.1 * libgnutls-openssl27-3.3.27-3.9.1 * libgnutls28-32bit-3.3.27-3.9.1 * libgnutls28-3.3.27-3.9.1 * libgnutls28-debuginfo-3.3.27-3.9.1 * libgnutlsxx-devel-3.3.27-3.9.1 * gnutls-debuginfo-3.3.27-3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12243.html * https://bugzilla.suse.com/show_bug.cgi?id=1236974 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 3 12:30:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 03 Mar 2025 12:30:13 -0000 Subject: SUSE-SU-2025:0766-1: moderate: Security update for gnutls Message-ID: <174100501309.31718.12413831723141794253@smelt2.prg2.suse.org> # Security update for gnutls Announcement ID: SUSE-SU-2025:0766-1 Release Date: 2025-03-03T08:44:33Z Rating: moderate References: * bsc#1236974 Cross-References: * CVE-2024-12243 CVSS scores: * CVE-2024-12243 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-12243 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-12243 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for gnutls fixes the following issues: * CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can lead to a DoS (bsc#1236974). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-766=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libgnutls30-debuginfo-3.4.17-8.17.1 * gnutls-debugsource-3.4.17-8.17.1 * libgnutls30-3.4.17-8.17.1 * libgnutls30-32bit-3.4.17-8.17.1 * libgnutls30-debuginfo-32bit-3.4.17-8.17.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12243.html * https://bugzilla.suse.com/show_bug.cgi?id=1236974 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 3 12:30:15 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 03 Mar 2025 12:30:15 -0000 Subject: SUSE-SU-2025:0765-1: moderate: Security update for gnutls Message-ID: <174100501544.31718.4328833764410278314@smelt2.prg2.suse.org> # Security update for gnutls Announcement ID: SUSE-SU-2025:0765-1 Release Date: 2025-03-03T08:44:25Z Rating: moderate References: * bsc#1236974 Cross-References: * CVE-2024-12243 CVSS scores: * CVE-2024-12243 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-12243 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-12243 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for gnutls fixes the following issues: * CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can lead to a DoS (bsc#1236974). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-765=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-765=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-765=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-765=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libgnutls30-debuginfo-3.7.3-150400.4.47.1 * gnutls-debugsource-3.7.3-150400.4.47.1 * libgnutls30-hmac-3.7.3-150400.4.47.1 * gnutls-3.7.3-150400.4.47.1 * gnutls-debuginfo-3.7.3-150400.4.47.1 * libgnutls30-3.7.3-150400.4.47.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libgnutls30-debuginfo-3.7.3-150400.4.47.1 * gnutls-debugsource-3.7.3-150400.4.47.1 * libgnutls30-hmac-3.7.3-150400.4.47.1 * gnutls-3.7.3-150400.4.47.1 * gnutls-debuginfo-3.7.3-150400.4.47.1 * libgnutls30-3.7.3-150400.4.47.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libgnutls30-debuginfo-3.7.3-150400.4.47.1 * gnutls-debugsource-3.7.3-150400.4.47.1 * libgnutls30-hmac-3.7.3-150400.4.47.1 * gnutls-3.7.3-150400.4.47.1 * gnutls-debuginfo-3.7.3-150400.4.47.1 * libgnutls30-3.7.3-150400.4.47.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libgnutls30-debuginfo-3.7.3-150400.4.47.1 * libgnutls-devel-3.7.3-150400.4.47.1 * gnutls-debugsource-3.7.3-150400.4.47.1 * libgnutls30-hmac-3.7.3-150400.4.47.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.47.1 * gnutls-3.7.3-150400.4.47.1 * libgnutlsxx-devel-3.7.3-150400.4.47.1 * gnutls-debuginfo-3.7.3-150400.4.47.1 * gnutls-guile-3.7.3-150400.4.47.1 * libgnutlsxx28-3.7.3-150400.4.47.1 * libgnutls30-3.7.3-150400.4.47.1 * gnutls-guile-debuginfo-3.7.3-150400.4.47.1 * openSUSE Leap 15.4 (x86_64) * libgnutls-devel-32bit-3.7.3-150400.4.47.1 * libgnutls30-32bit-3.7.3-150400.4.47.1 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.47.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.47.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libgnutls-devel-64bit-3.7.3-150400.4.47.1 * libgnutls30-64bit-debuginfo-3.7.3-150400.4.47.1 * libgnutls30-64bit-3.7.3-150400.4.47.1 * libgnutls30-hmac-64bit-3.7.3-150400.4.47.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12243.html * https://bugzilla.suse.com/show_bug.cgi?id=1236974 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 3 12:30:19 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 03 Mar 2025 12:30:19 -0000 Subject: SUSE-SU-2025:0764-1: moderate: Security update for gnutls Message-ID: <174100501924.31718.7921436765593666063@smelt2.prg2.suse.org> # Security update for gnutls Announcement ID: SUSE-SU-2025:0764-1 Release Date: 2025-03-03T08:43:44Z Rating: moderate References: * bsc#1236974 Cross-References: * CVE-2024-12243 CVSS scores: * CVE-2024-12243 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-12243 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-12243 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for gnutls fixes the following issues: * CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can lead to a DoS (bsc#1236974). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-764=1 openSUSE-SLE-15.6-2025-764=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-764=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libgnutlsxx30-3.8.3-150600.4.6.2 * gnutls-debugsource-3.8.3-150600.4.6.2 * libgnutls-devel-3.8.3-150600.4.6.2 * libgnutlsxx30-debuginfo-3.8.3-150600.4.6.2 * gnutls-3.8.3-150600.4.6.2 * libgnutlsxx-devel-3.8.3-150600.4.6.2 * libgnutls30-debuginfo-3.8.3-150600.4.6.2 * gnutls-debuginfo-3.8.3-150600.4.6.2 * libgnutls30-3.8.3-150600.4.6.2 * openSUSE Leap 15.6 (x86_64) * libgnutls30-32bit-3.8.3-150600.4.6.2 * libgnutls30-32bit-debuginfo-3.8.3-150600.4.6.2 * libgnutls-devel-32bit-3.8.3-150600.4.6.2 * openSUSE Leap 15.6 (aarch64_ilp32) * libgnutls-devel-64bit-3.8.3-150600.4.6.2 * libgnutls30-64bit-3.8.3-150600.4.6.2 * libgnutls30-64bit-debuginfo-3.8.3-150600.4.6.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libgnutlsxx30-3.8.3-150600.4.6.2 * gnutls-debugsource-3.8.3-150600.4.6.2 * libgnutls-devel-3.8.3-150600.4.6.2 * libgnutlsxx30-debuginfo-3.8.3-150600.4.6.2 * gnutls-3.8.3-150600.4.6.2 * libgnutlsxx-devel-3.8.3-150600.4.6.2 * libgnutls30-debuginfo-3.8.3-150600.4.6.2 * gnutls-debuginfo-3.8.3-150600.4.6.2 * libgnutls30-3.8.3-150600.4.6.2 * Basesystem Module 15-SP6 (x86_64) * libgnutls30-32bit-3.8.3-150600.4.6.2 * libgnutls30-32bit-debuginfo-3.8.3-150600.4.6.2 ## References: * https://www.suse.com/security/cve/CVE-2024-12243.html * https://bugzilla.suse.com/show_bug.cgi?id=1236974 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 3 12:30:23 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 03 Mar 2025 12:30:23 -0000 Subject: SUSE-SU-2025:0763-1: moderate: Security update for u-boot Message-ID: <174100502340.31718.8002276266869862163@smelt2.prg2.suse.org> # Security update for u-boot Announcement ID: SUSE-SU-2025:0763-1 Release Date: 2025-03-03T08:43:15Z Rating: moderate References: * bsc#1237284 * bsc#1237287 Cross-References: * CVE-2024-57256 * CVE-2024-57258 CVSS scores: * CVE-2024-57256 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-57256 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2024-57256 ( NVD ): 7.1 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-57258 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-57258 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2024-57258 ( NVD ): 7.1 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves two vulnerabilities can now be installed. ## Description: This update for u-boot fixes the following issues: * CVE-2024-57256: integer overflow in U-Boot's ext4 symlink resolution function (bsc#1237284). * CVE-2024-57258: multiple integer overflows in U-Boot's memory allocator (bsc#1237287). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-763=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-763=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-763=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-763=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-763=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-763=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * u-boot-tools-debuginfo-2021.10-150400.4.14.1 * u-boot-tools-2021.10-150400.4.14.1 * openSUSE Leap 15.4 (aarch64) * u-boot-pinebook-doc-2021.10-150400.4.14.1 * u-boot-poplar-2021.10-150400.4.14.1 * u-boot-dragonboard820c-2021.10-150400.4.14.1 * u-boot-p3450-0000-doc-2021.10-150400.4.14.1 * u-boot-libretech-cc-doc-2021.10-150400.4.14.1 * u-boot-pinebook-pro-rk3399-doc-2021.10-150400.4.14.1 * u-boot-dragonboard410c-2021.10-150400.4.14.1 * u-boot-rock960-rk3399-2021.10-150400.4.14.1 * u-boot-nanopia64-doc-2021.10-150400.4.14.1 * u-boot-dragonboard820c-doc-2021.10-150400.4.14.1 * u-boot-geekbox-2021.10-150400.4.14.1 * u-boot-firefly-rk3399-doc-2021.10-150400.4.14.1 * u-boot-odroid-n2-doc-2021.10-150400.4.14.1 * u-boot-pine64plus-2021.10-150400.4.14.1 * u-boot-pineh64-2021.10-150400.4.14.1 * u-boot-rock-pi-4-rk3399-doc-2021.10-150400.4.14.1 * u-boot-khadas-vim-2021.10-150400.4.14.1 * u-boot-rpi3-2021.10-150400.4.14.1 * u-boot-rpi4-doc-2021.10-150400.4.14.1 * u-boot-odroid-n2-2021.10-150400.4.14.1 * u-boot-pinephone-2021.10-150400.4.14.1 * u-boot-rpi4-2021.10-150400.4.14.1 * u-boot-avnetultra96rev1-2021.10-150400.4.14.1 * u-boot-odroid-c2-2021.10-150400.4.14.1 * u-boot-rockpro64-rk3399-2021.10-150400.4.14.1 * u-boot-libretech-ac-2021.10-150400.4.14.1 * u-boot-odroid-c4-doc-2021.10-150400.4.14.1 * u-boot-p2371-2180-doc-2021.10-150400.4.14.1 * u-boot-rpiarm64-2021.10-150400.4.14.1 * u-boot-rock64-rk3328-doc-2021.10-150400.4.14.1 * u-boot-pinephone-doc-2021.10-150400.4.14.1 * u-boot-xilinxzynqmpzcu102rev10-2021.10-150400.4.14.1 * u-boot-p2771-0000-500-doc-2021.10-150400.4.14.1 * u-boot-rock-pi-n10-rk3399pro-2021.10-150400.4.14.1 * u-boot-orangepipc2-2021.10-150400.4.14.1 * u-boot-khadas-vim-doc-2021.10-150400.4.14.1 * u-boot-ls1012afrdmqspi-2021.10-150400.4.14.1 * u-boot-p2371-2180-2021.10-150400.4.14.1 * u-boot-rock-pi-4-rk3399-2021.10-150400.4.14.1 * u-boot-avnetultra96rev1-doc-2021.10-150400.4.14.1 * u-boot-mvebuespressobin-88f3720-doc-2021.10-150400.4.14.1 * u-boot-mvebudbarmada8k-doc-2021.10-150400.4.14.1 * u-boot-rpiarm64-doc-2021.10-150400.4.14.1 * u-boot-rock960-rk3399-doc-2021.10-150400.4.14.1 * u-boot-mvebudb-88f3720-doc-2021.10-150400.4.14.1 * u-boot-pinebook-2021.10-150400.4.14.1 * u-boot-rock64-rk3328-2021.10-150400.4.14.1 * u-boot-rock-pi-n10-rk3399pro-doc-2021.10-150400.4.14.1 * u-boot-p3450-0000-2021.10-150400.4.14.1 * u-boot-evb-rk3399-doc-2021.10-150400.4.14.1 * u-boot-xilinxzynqmpvirt-2021.10-150400.4.14.1 * u-boot-bananapim64-2021.10-150400.4.14.1 * u-boot-libretech-ac-doc-2021.10-150400.4.14.1 * u-boot-pine64plus-doc-2021.10-150400.4.14.1 * u-boot-pineh64-doc-2021.10-150400.4.14.1 * u-boot-xilinxzynqmpvirt-doc-2021.10-150400.4.14.1 * u-boot-xilinxzynqmpzcu102rev10-doc-2021.10-150400.4.14.1 * u-boot-p2771-0000-500-2021.10-150400.4.14.1 * u-boot-libretech-cc-2021.10-150400.4.14.1 * u-boot-khadas-vim2-doc-2021.10-150400.4.14.1 * u-boot-mvebudb-88f3720-2021.10-150400.4.14.1 * u-boot-geekbox-doc-2021.10-150400.4.14.1 * u-boot-dragonboard410c-doc-2021.10-150400.4.14.1 * u-boot-hikey-doc-2021.10-150400.4.14.1 * u-boot-khadas-vim2-2021.10-150400.4.14.1 * u-boot-mvebudbarmada8k-2021.10-150400.4.14.1 * u-boot-mvebuespressobin-88f3720-2021.10-150400.4.14.1 * u-boot-nanopia64-2021.10-150400.4.14.1 * u-boot-odroid-c4-2021.10-150400.4.14.1 * u-boot-hikey-2021.10-150400.4.14.1 * u-boot-poplar-doc-2021.10-150400.4.14.1 * u-boot-ls1012afrdmqspi-doc-2021.10-150400.4.14.1 * u-boot-rockpro64-rk3399-doc-2021.10-150400.4.14.1 * u-boot-orangepipc2-doc-2021.10-150400.4.14.1 * u-boot-bananapim64-doc-2021.10-150400.4.14.1 * u-boot-odroid-c2-doc-2021.10-150400.4.14.1 * u-boot-pinebook-pro-rk3399-2021.10-150400.4.14.1 * u-boot-rpi3-doc-2021.10-150400.4.14.1 * u-boot-evb-rk3399-2021.10-150400.4.14.1 * u-boot-mvebumcbin-88f8040-doc-2021.10-150400.4.14.1 * u-boot-mvebumcbin-88f8040-2021.10-150400.4.14.1 * u-boot-firefly-rk3399-2021.10-150400.4.14.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64) * u-boot-rpiarm64-2021.10-150400.4.14.1 * SUSE Linux Enterprise Micro 5.3 (aarch64) * u-boot-rpiarm64-2021.10-150400.4.14.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64) * u-boot-rpiarm64-2021.10-150400.4.14.1 * SUSE Linux Enterprise Micro 5.4 (aarch64) * u-boot-rpiarm64-2021.10-150400.4.14.1 * SUSE Linux Enterprise Micro 5.5 (aarch64) * u-boot-rpiarm64-2021.10-150400.4.14.1 ## References: * https://www.suse.com/security/cve/CVE-2024-57256.html * https://www.suse.com/security/cve/CVE-2024-57258.html * https://bugzilla.suse.com/show_bug.cgi?id=1237284 * https://bugzilla.suse.com/show_bug.cgi?id=1237287 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 3 16:30:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 03 Mar 2025 16:30:05 -0000 Subject: SUSE-SU-2025:0772-1: important: Security update for skopeo Message-ID: <174101940573.31417.13960919788341967172@smelt2.prg2.suse.org> # Security update for skopeo Announcement ID: SUSE-SU-2025:0772-1 Release Date: 2025-03-03T14:29:50Z Rating: important References: * bsc#1237613 Cross-References: * CVE-2025-27144 CVSS scores: * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for skopeo fixes the following issues: * CVE-2025-27144: excessive memory consumption by Go JOSE when parsing compact JWS or JWE input containing a large number of '.' characters (bsc#1237613). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-772=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-772=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-772=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-772=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-772=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-772=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-772=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-772=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-772=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-772=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-772=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-772=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-772=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-772=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-772=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-772=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-772=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-772=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-772=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 * SUSE Manager Proxy 4.3 (x86_64) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 * openSUSE Leap 15.3 (noarch) * skopeo-fish-completion-1.14.4-150300.11.19.1 * skopeo-bash-completion-1.14.4-150300.11.19.1 * skopeo-zsh-completion-1.14.4-150300.11.19.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 * openSUSE Leap 15.6 (noarch) * skopeo-fish-completion-1.14.4-150300.11.19.1 * skopeo-bash-completion-1.14.4-150300.11.19.1 * skopeo-zsh-completion-1.14.4-150300.11.19.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 * Basesystem Module 15-SP6 (noarch) * skopeo-bash-completion-1.14.4-150300.11.19.1 * skopeo-zsh-completion-1.14.4-150300.11.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * skopeo-debuginfo-1.14.4-150300.11.19.1 * skopeo-1.14.4-150300.11.19.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27144.html * https://bugzilla.suse.com/show_bug.cgi?id=1237613 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 3 16:30:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 03 Mar 2025 16:30:25 -0000 Subject: SUSE-SU-2025:0771-1: important: Security update for the Linux Kernel Message-ID: <174101942521.31417.15060231679177062366@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0771-1 Release Date: 2025-03-03T13:42:47Z Rating: important References: * bsc#1215420 * bsc#1224763 * bsc#1231847 * bsc#1233112 * bsc#1234025 * bsc#1235217 * bsc#1235230 * bsc#1235249 * bsc#1235430 * bsc#1235441 * bsc#1235466 * bsc#1235645 * bsc#1235759 * bsc#1235814 * bsc#1235818 * bsc#1235920 * bsc#1236104 * bsc#1237389 Cross-References: * CVE-2023-4244 * CVE-2023-52923 * CVE-2024-35863 * CVE-2024-50199 * CVE-2024-53104 * CVE-2024-56600 * CVE-2024-56601 * CVE-2024-56623 * CVE-2024-56650 * CVE-2024-56658 * CVE-2024-56664 * CVE-2024-56759 * CVE-2024-57791 * CVE-2024-57798 * CVE-2024-57849 * CVE-2024-57893 CVSS scores: * CVE-2023-4244 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4244 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4244 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52923 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52923 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50199 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53104 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53104 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53104 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56600 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56600 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56601 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56601 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56601 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56601 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56623 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56623 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56623 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56650 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56650 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-56658 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56658 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56759 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56759 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57791 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57791 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57798 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57798 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57849 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57849 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57893 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57893 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Manager Proxy 4.2 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Server 4.2 An update that solves 16 vulnerabilities and has two security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763). * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112). * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025). * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217). * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230). * CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466). * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235430). * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441). * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249). * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645). * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759). * CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (bsc#1235818). * CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling (bsc#1235814). * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages (bsc#1235920). The following non-security bugs were fixed: * NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847). * NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847). * NFS: Improve heuristic for readdirplus (bsc#1231847, bsc#1231847, bsc#1237389). * NFS: Reduce readdir stack usage (bsc#1231847). * NFS: Trigger the "ls -l" readdir heuristic sooner (bsc#1231847). * NFS: Use kmemdup_nul() in nfs_readdir_make_qstr() (bsc#1231847). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-771=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-771=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2025-771=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-771=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-771=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-771=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-771=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-771=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-771=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-771=1 ## Package List: * openSUSE Leap 15.3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.195.1 * openSUSE Leap 15.3 (noarch) * kernel-macros-5.3.18-150300.59.195.1 * kernel-devel-5.3.18-150300.59.195.1 * kernel-source-vanilla-5.3.18-150300.59.195.1 * kernel-source-5.3.18-150300.59.195.1 * kernel-docs-html-5.3.18-150300.59.195.1 * openSUSE Leap 15.3 (nosrc ppc64le x86_64) * kernel-kvmsmall-5.3.18-150300.59.195.1 * kernel-debug-5.3.18-150300.59.195.1 * openSUSE Leap 15.3 (ppc64le x86_64) * kernel-kvmsmall-debugsource-5.3.18-150300.59.195.1 * kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.195.1 * kernel-debug-debugsource-5.3.18-150300.59.195.1 * kernel-debug-debuginfo-5.3.18-150300.59.195.1 * kernel-kvmsmall-debuginfo-5.3.18-150300.59.195.1 * kernel-kvmsmall-devel-5.3.18-150300.59.195.1 * kernel-debug-devel-debuginfo-5.3.18-150300.59.195.1 * kernel-debug-devel-5.3.18-150300.59.195.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * kernel-default-optional-debuginfo-5.3.18-150300.59.195.1 * kernel-default-debuginfo-5.3.18-150300.59.195.1 * cluster-md-kmp-default-5.3.18-150300.59.195.1 * kernel-default-extra-5.3.18-150300.59.195.1 * ocfs2-kmp-default-5.3.18-150300.59.195.1 * kernel-syms-5.3.18-150300.59.195.1 * kselftests-kmp-default-5.3.18-150300.59.195.1 * kernel-obs-build-5.3.18-150300.59.195.1 * kernel-default-livepatch-5.3.18-150300.59.195.1 * kernel-default-base-rebuild-5.3.18-150300.59.195.1.150300.18.116.1 * gfs2-kmp-default-5.3.18-150300.59.195.1 * dlm-kmp-default-5.3.18-150300.59.195.1 * kernel-default-base-5.3.18-150300.59.195.1.150300.18.116.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.195.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.195.1 * kernel-default-debugsource-5.3.18-150300.59.195.1 * reiserfs-kmp-default-5.3.18-150300.59.195.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.195.1 * kernel-obs-qa-5.3.18-150300.59.195.1 * kernel-default-devel-5.3.18-150300.59.195.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.195.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.195.1 * kselftests-kmp-default-debuginfo-5.3.18-150300.59.195.1 * kernel-obs-build-debugsource-5.3.18-150300.59.195.1 * kernel-default-optional-5.3.18-150300.59.195.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.195.1 * kernel-default-extra-debuginfo-5.3.18-150300.59.195.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.195.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_195-default-debuginfo-1-150300.7.3.1 * kernel-default-livepatch-devel-5.3.18-150300.59.195.1 * kernel-livepatch-5_3_18-150300_59_195-default-1-150300.7.3.1 * kernel-livepatch-SLE15-SP3_Update_54-debugsource-1-150300.7.3.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_195-preempt-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_195-preempt-debuginfo-1-150300.7.3.1 * openSUSE Leap 15.3 (aarch64 x86_64) * gfs2-kmp-preempt-5.3.18-150300.59.195.1 * dlm-kmp-preempt-5.3.18-150300.59.195.1 * kernel-preempt-extra-5.3.18-150300.59.195.1 * reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.195.1 * cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.195.1 * reiserfs-kmp-preempt-5.3.18-150300.59.195.1 * gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.195.1 * cluster-md-kmp-preempt-5.3.18-150300.59.195.1 * kernel-preempt-optional-debuginfo-5.3.18-150300.59.195.1 * kselftests-kmp-preempt-5.3.18-150300.59.195.1 * ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.195.1 * kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.195.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.195.1 * kernel-preempt-extra-debuginfo-5.3.18-150300.59.195.1 * kernel-preempt-devel-5.3.18-150300.59.195.1 * kernel-preempt-optional-5.3.18-150300.59.195.1 * kernel-preempt-debugsource-5.3.18-150300.59.195.1 * kernel-preempt-debuginfo-5.3.18-150300.59.195.1 * ocfs2-kmp-preempt-5.3.18-150300.59.195.1 * dlm-kmp-preempt-debuginfo-5.3.18-150300.59.195.1 * openSUSE Leap 15.3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.195.1 * openSUSE Leap 15.3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.195.1 * openSUSE Leap 15.3 (s390x) * kernel-zfcpdump-debugsource-5.3.18-150300.59.195.1 * kernel-zfcpdump-debuginfo-5.3.18-150300.59.195.1 * openSUSE Leap 15.3 (nosrc) * dtb-aarch64-5.3.18-150300.59.195.1 * openSUSE Leap 15.3 (aarch64) * dtb-freescale-5.3.18-150300.59.195.1 * kernel-64kb-devel-5.3.18-150300.59.195.1 * dlm-kmp-64kb-5.3.18-150300.59.195.1 * dtb-broadcom-5.3.18-150300.59.195.1 * dtb-al-5.3.18-150300.59.195.1 * kernel-64kb-debugsource-5.3.18-150300.59.195.1 * kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.195.1 * ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.195.1 * reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.195.1 * kselftests-kmp-64kb-5.3.18-150300.59.195.1 * dtb-socionext-5.3.18-150300.59.195.1 * dtb-sprd-5.3.18-150300.59.195.1 * dtb-renesas-5.3.18-150300.59.195.1 * gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.195.1 * cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.195.1 * dtb-marvell-5.3.18-150300.59.195.1 * dtb-exynos-5.3.18-150300.59.195.1 * kernel-64kb-extra-debuginfo-5.3.18-150300.59.195.1 * reiserfs-kmp-64kb-5.3.18-150300.59.195.1 * dtb-amd-5.3.18-150300.59.195.1 * cluster-md-kmp-64kb-5.3.18-150300.59.195.1 * dtb-hisilicon-5.3.18-150300.59.195.1 * dtb-qcom-5.3.18-150300.59.195.1 * kernel-64kb-optional-debuginfo-5.3.18-150300.59.195.1 * ocfs2-kmp-64kb-5.3.18-150300.59.195.1 * dtb-amlogic-5.3.18-150300.59.195.1 * dtb-zte-5.3.18-150300.59.195.1 * kernel-64kb-debuginfo-5.3.18-150300.59.195.1 * dtb-cavium-5.3.18-150300.59.195.1 * dtb-arm-5.3.18-150300.59.195.1 * dtb-mediatek-5.3.18-150300.59.195.1 * gfs2-kmp-64kb-5.3.18-150300.59.195.1 * kernel-64kb-extra-5.3.18-150300.59.195.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.195.1 * dtb-altera-5.3.18-150300.59.195.1 * dtb-rockchip-5.3.18-150300.59.195.1 * dtb-lg-5.3.18-150300.59.195.1 * kernel-64kb-optional-5.3.18-150300.59.195.1 * dtb-xilinx-5.3.18-150300.59.195.1 * dtb-allwinner-5.3.18-150300.59.195.1 * dtb-nvidia-5.3.18-150300.59.195.1 * dlm-kmp-64kb-debuginfo-5.3.18-150300.59.195.1 * dtb-apm-5.3.18-150300.59.195.1 * openSUSE Leap 15.3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Live Patching 15-SP3 (nosrc) * kernel-default-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_195-default-1-150300.7.3.1 * kernel-default-debuginfo-5.3.18-150300.59.195.1 * kernel-default-livepatch-devel-5.3.18-150300.59.195.1 * kernel-default-debugsource-5.3.18-150300.59.195.1 * kernel-default-livepatch-5.3.18-150300.59.195.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-5.3.18-150300.59.195.1 * kernel-default-debuginfo-5.3.18-150300.59.195.1 * cluster-md-kmp-default-5.3.18-150300.59.195.1 * dlm-kmp-default-5.3.18-150300.59.195.1 * ocfs2-kmp-default-5.3.18-150300.59.195.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.195.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.195.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.195.1 * kernel-default-debugsource-5.3.18-150300.59.195.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.195.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc) * kernel-default-5.3.18-150300.59.195.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.195.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64) * kernel-64kb-debuginfo-5.3.18-150300.59.195.1 * kernel-64kb-debugsource-5.3.18-150300.59.195.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.195.1 * kernel-64kb-devel-5.3.18-150300.59.195.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.195.1 * kernel-default-5.3.18-150300.59.195.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * kernel-default-debuginfo-5.3.18-150300.59.195.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.195.1 * kernel-default-devel-5.3.18-150300.59.195.1 * kernel-default-base-5.3.18-150300.59.195.1.150300.18.116.1 * kernel-obs-build-5.3.18-150300.59.195.1 * kernel-obs-build-debugsource-5.3.18-150300.59.195.1 * kernel-preempt-debugsource-5.3.18-150300.59.195.1 * kernel-preempt-debuginfo-5.3.18-150300.59.195.1 * kernel-preempt-devel-5.3.18-150300.59.195.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.195.1 * kernel-syms-5.3.18-150300.59.195.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.195.1 * kernel-default-debugsource-5.3.18-150300.59.195.1 * reiserfs-kmp-default-5.3.18-150300.59.195.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.195.1 * kernel-macros-5.3.18-150300.59.195.1 * kernel-devel-5.3.18-150300.59.195.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64) * kernel-64kb-debuginfo-5.3.18-150300.59.195.1 * kernel-64kb-debugsource-5.3.18-150300.59.195.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.195.1 * kernel-64kb-devel-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.195.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.195.1 * kernel-default-devel-5.3.18-150300.59.195.1 * kernel-default-base-5.3.18-150300.59.195.1.150300.18.116.1 * kernel-obs-build-5.3.18-150300.59.195.1 * kernel-obs-build-debugsource-5.3.18-150300.59.195.1 * kernel-syms-5.3.18-150300.59.195.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.195.1 * kernel-default-debugsource-5.3.18-150300.59.195.1 * reiserfs-kmp-default-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * kernel-source-5.3.18-150300.59.195.1 * kernel-macros-5.3.18-150300.59.195.1 * kernel-devel-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch nosrc) * kernel-docs-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 x86_64) * kernel-preempt-devel-debuginfo-5.3.18-150300.59.195.1 * kernel-preempt-devel-5.3.18-150300.59.195.1 * kernel-preempt-debugsource-5.3.18-150300.59.195.1 * kernel-preempt-debuginfo-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x) * kernel-zfcpdump-debugsource-5.3.18-150300.59.195.1 * kernel-zfcpdump-debuginfo-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * kernel-default-debuginfo-5.3.18-150300.59.195.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.195.1 * kernel-default-devel-5.3.18-150300.59.195.1 * kernel-default-base-5.3.18-150300.59.195.1.150300.18.116.1 * kernel-obs-build-5.3.18-150300.59.195.1 * kernel-obs-build-debugsource-5.3.18-150300.59.195.1 * kernel-syms-5.3.18-150300.59.195.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.195.1 * kernel-default-debugsource-5.3.18-150300.59.195.1 * reiserfs-kmp-default-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.195.1 * kernel-macros-5.3.18-150300.59.195.1 * kernel-devel-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64) * kernel-preempt-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * kernel-preempt-devel-debuginfo-5.3.18-150300.59.195.1 * kernel-preempt-devel-5.3.18-150300.59.195.1 * kernel-preempt-debugsource-5.3.18-150300.59.195.1 * kernel-preempt-debuginfo-5.3.18-150300.59.195.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.195.1 * SUSE Enterprise Storage 7.1 (aarch64) * kernel-64kb-debuginfo-5.3.18-150300.59.195.1 * kernel-64kb-debugsource-5.3.18-150300.59.195.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.195.1 * kernel-64kb-devel-5.3.18-150300.59.195.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.195.1 * kernel-default-5.3.18-150300.59.195.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * kernel-default-debuginfo-5.3.18-150300.59.195.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.195.1 * kernel-default-devel-5.3.18-150300.59.195.1 * kernel-default-base-5.3.18-150300.59.195.1.150300.18.116.1 * kernel-obs-build-5.3.18-150300.59.195.1 * kernel-obs-build-debugsource-5.3.18-150300.59.195.1 * kernel-preempt-debugsource-5.3.18-150300.59.195.1 * kernel-preempt-debuginfo-5.3.18-150300.59.195.1 * kernel-preempt-devel-5.3.18-150300.59.195.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.195.1 * kernel-syms-5.3.18-150300.59.195.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.195.1 * kernel-default-debugsource-5.3.18-150300.59.195.1 * reiserfs-kmp-default-5.3.18-150300.59.195.1 * SUSE Enterprise Storage 7.1 (noarch) * kernel-source-5.3.18-150300.59.195.1 * kernel-macros-5.3.18-150300.59.195.1 * kernel-devel-5.3.18-150300.59.195.1 * SUSE Enterprise Storage 7.1 (noarch nosrc) * kernel-docs-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * kernel-default-base-5.3.18-150300.59.195.1.150300.18.116.1 * kernel-default-debuginfo-5.3.18-150300.59.195.1 * kernel-default-debugsource-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.195.1.150300.18.116.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.195.1 * kernel-default-debugsource-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.195.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.195.1.150300.18.116.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.195.1 * kernel-default-debugsource-5.3.18-150300.59.195.1 ## References: * https://www.suse.com/security/cve/CVE-2023-4244.html * https://www.suse.com/security/cve/CVE-2023-52923.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-50199.html * https://www.suse.com/security/cve/CVE-2024-53104.html * https://www.suse.com/security/cve/CVE-2024-56600.html * https://www.suse.com/security/cve/CVE-2024-56601.html * https://www.suse.com/security/cve/CVE-2024-56623.html * https://www.suse.com/security/cve/CVE-2024-56650.html * https://www.suse.com/security/cve/CVE-2024-56658.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2024-56759.html * https://www.suse.com/security/cve/CVE-2024-57791.html * https://www.suse.com/security/cve/CVE-2024-57798.html * https://www.suse.com/security/cve/CVE-2024-57849.html * https://www.suse.com/security/cve/CVE-2024-57893.html * https://bugzilla.suse.com/show_bug.cgi?id=1215420 * https://bugzilla.suse.com/show_bug.cgi?id=1224763 * https://bugzilla.suse.com/show_bug.cgi?id=1231847 * https://bugzilla.suse.com/show_bug.cgi?id=1233112 * https://bugzilla.suse.com/show_bug.cgi?id=1234025 * https://bugzilla.suse.com/show_bug.cgi?id=1235217 * https://bugzilla.suse.com/show_bug.cgi?id=1235230 * https://bugzilla.suse.com/show_bug.cgi?id=1235249 * https://bugzilla.suse.com/show_bug.cgi?id=1235430 * https://bugzilla.suse.com/show_bug.cgi?id=1235441 * https://bugzilla.suse.com/show_bug.cgi?id=1235466 * https://bugzilla.suse.com/show_bug.cgi?id=1235645 * https://bugzilla.suse.com/show_bug.cgi?id=1235759 * https://bugzilla.suse.com/show_bug.cgi?id=1235814 * https://bugzilla.suse.com/show_bug.cgi?id=1235818 * https://bugzilla.suse.com/show_bug.cgi?id=1235920 * https://bugzilla.suse.com/show_bug.cgi?id=1236104 * https://bugzilla.suse.com/show_bug.cgi?id=1237389 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 3 16:30:27 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 03 Mar 2025 16:30:27 -0000 Subject: SUSE-SU-2025:0770-1: moderate: Security update for govulncheck-vulndb Message-ID: <174101942735.31417.5623081643812388411@smelt2.prg2.suse.org> # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2025:0770-1 Release Date: 2025-03-03T13:41:36Z Rating: moderate References: * jsc#PED-11136 Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: * Update to version 0.0.20250226T025151 2025-02-26T02:51:51Z. (jsc#PED-11136) * GO-2025-3487 CVE-2025-22869 * GO-2025-3488 CVE-2025-22868 * Update to version 0.0.20250218T203201 2025-02-18T20:32:01Z. (jsc#PED-11136) * GO-2024-3321 CVE-2024-45337 GHSA-v778-237x-gjrc ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-770=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-770=1 ## Package List: * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1 * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1 ## References: * https://jira.suse.com/browse/PED-11136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 4 16:30:10 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 04 Mar 2025 16:30:10 -0000 Subject: SUSE-SU-2025:0776-1: moderate: Security update for docker Message-ID: <174110581090.31417.11826547709902566519@smelt2.prg2.suse.org> # Security update for docker Announcement ID: SUSE-SU-2025:0776-1 Release Date: 2025-03-04T14:55:58Z Rating: moderate References: * bsc#1234089 * bsc#1237335 Cross-References: * CVE-2024-29018 CVSS scores: * CVE-2024-29018 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-29018 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for docker fixes the following issues: Update to Docker 27.5.1-ce (bsc#1237335): * CVE-2024-29018: External DNS requests from 'internal' networks could lead to data exfiltration (bsc#1234089). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-776=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-776=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-776=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-776=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-776=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-776=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-776=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-776=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-776=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-776=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * docker-27.5.1_ce-150000.215.3 * docker-debuginfo-27.5.1_ce-150000.215.3 * openSUSE Leap 15.6 (noarch) * docker-fish-completion-27.5.1_ce-150000.215.3 * docker-bash-completion-27.5.1_ce-150000.215.3 * docker-rootless-extras-27.5.1_ce-150000.215.3 * docker-zsh-completion-27.5.1_ce-150000.215.3 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * docker-27.5.1_ce-150000.215.3 * docker-debuginfo-27.5.1_ce-150000.215.3 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * docker-27.5.1_ce-150000.215.3 * docker-debuginfo-27.5.1_ce-150000.215.3 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * docker-27.5.1_ce-150000.215.3 * docker-debuginfo-27.5.1_ce-150000.215.3 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * docker-27.5.1_ce-150000.215.3 * docker-debuginfo-27.5.1_ce-150000.215.3 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * docker-27.5.1_ce-150000.215.3 * docker-debuginfo-27.5.1_ce-150000.215.3 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * docker-27.5.1_ce-150000.215.3 * docker-debuginfo-27.5.1_ce-150000.215.3 * Containers Module 15-SP6 (noarch) * docker-bash-completion-27.5.1_ce-150000.215.3 * docker-rootless-extras-27.5.1_ce-150000.215.3 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * docker-27.5.1_ce-150000.215.3 * docker-debuginfo-27.5.1_ce-150000.215.3 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * docker-27.5.1_ce-150000.215.3 * docker-debuginfo-27.5.1_ce-150000.215.3 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * docker-27.5.1_ce-150000.215.3 * docker-debuginfo-27.5.1_ce-150000.215.3 ## References: * https://www.suse.com/security/cve/CVE-2024-29018.html * https://bugzilla.suse.com/show_bug.cgi?id=1234089 * https://bugzilla.suse.com/show_bug.cgi?id=1237335 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 4 16:30:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 04 Mar 2025 16:30:25 -0000 Subject: SUSE-SU-2025:0775-1: important: Security update for podman Message-ID: <174110582525.31417.14775521630799736865@smelt2.prg2.suse.org> # Security update for podman Announcement ID: SUSE-SU-2025:0775-1 Release Date: 2025-03-04T12:51:51Z Rating: important References: * bsc#1214612 * bsc#1215807 * bsc#1215926 * bsc#1217828 * bsc#1221677 * bsc#1227052 * bsc#1231208 * bsc#1231230 * bsc#1231499 * bsc#1231698 * bsc#1236270 * bsc#1236507 * bsc#1237641 Cross-References: * CVE-2023-45288 * CVE-2024-11218 * CVE-2024-1753 * CVE-2024-6104 * CVE-2024-9341 * CVE-2024-9407 * CVE-2024-9675 * CVE-2024-9676 * CVE-2025-27144 CVSS scores: * CVE-2023-45288 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-45288 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-11218 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-11218 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-11218 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-1753 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-9341 ( SUSE ): 5.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-9341 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9341 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9341 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N * CVE-2024-9407 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-9407 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9407 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N * CVE-2024-9675 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2024-9675 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-9675 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9676 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-9676 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-9676 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-9676 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves nine vulnerabilities and has four security fixes can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE (bsc#1237641) * CVE-2024-9676: github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) (bsc#1231698) * CVE-2024-9675: Fixed cache arbitrary directory mount in buildah (bsc#1231499) * CVE-2024-9407: Fixed Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction in buildah (bsc#1231208) * CVE-2024-9341: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library (bsc#1231230) * CVE-2024-1753: Fixed full container escape at build time in buildah (bsc#1221677) * CVE-2024-11218: Fixed a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. (bsc#1236270) * CVE-2024-6104: Fixed hashicorp/go-retryablehttp writing sensitive information to log files (bsc#1227052) * CVE-2023-45288: Fixed golang.org/x/net/http2 excessive resource consumption when receiving too many headers (bsc#1236507) * Load ip_tables and ip6_tables kernel module (bsc#1214612) * Required for rootless mode as a regular user has no permission to load kernel modules * Refactor network backend dependencies: * podman requires either netavark or cni-plugins. On ALP, require netavark, otherwise prefer netavark but don't force it. * This fixes missing cni-plugins in some scenarios * Default to netavark everywhere where it's available ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-775=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-775=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-775=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-775=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-775=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-775=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-775=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-775=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * podman-remote-debuginfo-4.9.5-150300.9.43.1 * podmansh-4.9.5-150300.9.43.1 * podman-remote-4.9.5-150300.9.43.1 * podman-4.9.5-150300.9.43.1 * podman-debuginfo-4.9.5-150300.9.43.1 * openSUSE Leap 15.3 (noarch) * podman-docker-4.9.5-150300.9.43.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * podman-remote-debuginfo-4.9.5-150300.9.43.1 * podman-remote-4.9.5-150300.9.43.1 * podman-4.9.5-150300.9.43.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * podman-remote-debuginfo-4.9.5-150300.9.43.1 * podman-remote-4.9.5-150300.9.43.1 * podman-4.9.5-150300.9.43.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * podman-remote-debuginfo-4.9.5-150300.9.43.1 * podman-remote-4.9.5-150300.9.43.1 * podman-4.9.5-150300.9.43.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * podman-remote-debuginfo-4.9.5-150300.9.43.1 * podman-remote-4.9.5-150300.9.43.1 * podman-4.9.5-150300.9.43.1 * podman-debuginfo-4.9.5-150300.9.43.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * podman-remote-debuginfo-4.9.5-150300.9.43.1 * podman-remote-4.9.5-150300.9.43.1 * podman-4.9.5-150300.9.43.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * podman-remote-debuginfo-4.9.5-150300.9.43.1 * podman-remote-4.9.5-150300.9.43.1 * podman-4.9.5-150300.9.43.1 * podman-debuginfo-4.9.5-150300.9.43.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * podman-remote-debuginfo-4.9.5-150300.9.43.1 * podman-remote-4.9.5-150300.9.43.1 * podman-4.9.5-150300.9.43.1 * podman-debuginfo-4.9.5-150300.9.43.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45288.html * https://www.suse.com/security/cve/CVE-2024-11218.html * https://www.suse.com/security/cve/CVE-2024-1753.html * https://www.suse.com/security/cve/CVE-2024-6104.html * https://www.suse.com/security/cve/CVE-2024-9341.html * https://www.suse.com/security/cve/CVE-2024-9407.html * https://www.suse.com/security/cve/CVE-2024-9675.html * https://www.suse.com/security/cve/CVE-2024-9676.html * https://www.suse.com/security/cve/CVE-2025-27144.html * https://bugzilla.suse.com/show_bug.cgi?id=1214612 * https://bugzilla.suse.com/show_bug.cgi?id=1215807 * https://bugzilla.suse.com/show_bug.cgi?id=1215926 * https://bugzilla.suse.com/show_bug.cgi?id=1217828 * https://bugzilla.suse.com/show_bug.cgi?id=1221677 * https://bugzilla.suse.com/show_bug.cgi?id=1227052 * https://bugzilla.suse.com/show_bug.cgi?id=1231208 * https://bugzilla.suse.com/show_bug.cgi?id=1231230 * https://bugzilla.suse.com/show_bug.cgi?id=1231499 * https://bugzilla.suse.com/show_bug.cgi?id=1231698 * https://bugzilla.suse.com/show_bug.cgi?id=1236270 * https://bugzilla.suse.com/show_bug.cgi?id=1236507 * https://bugzilla.suse.com/show_bug.cgi?id=1237641 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 5 12:30:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 05 Mar 2025 12:30:04 -0000 Subject: SUSE-SU-2025:0783-1: important: Security update for MozillaFirefox Message-ID: <174117780418.30142.3054863370688556167@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2025:0783-1 Release Date: 2025-03-05T10:59:45Z Rating: important References: * bsc#1237683 Cross-References: * CVE-2024-43097 * CVE-2025-1930 * CVE-2025-1931 * CVE-2025-1932 * CVE-2025-1933 * CVE-2025-1934 * CVE-2025-1935 * CVE-2025-1936 * CVE-2025-1937 * CVE-2025-1938 CVSS scores: * CVE-2024-43097 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43097 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-43097 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-1930 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1930 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H * CVE-2025-1931 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1931 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2025-1932 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1932 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H * CVE-2025-1932 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-1933 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1933 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2025-1933 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2025-1934 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-1934 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-1934 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-1935 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-1935 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2025-1935 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-1936 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-1936 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2025-1937 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-1937 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1938 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-1938 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1938 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Security Vulnerabilities fixed in Firefox ESR 128.8 (MFSA 2025-16) (bsc#1237683) \- CVE-2024-43097: Overflow when growing an SkRegion's RunArray \- CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process \- CVE-2025-1931: Use-after-free in WebTransportChild \- CVE-2025-1932: Inconsistent comparator in XSLT sorting led to out-of-bounds access \- CVE-2025-1933: JIT corruption of WASM i32 return values on 64-bit CPUs \- CVE-2025-1934: Unexpected GC during RegExp bailout processing \- CVE-2025-1935: Clickjacking the registerProtocolHandler info-bar \- CVE-2025-1936: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents \- CVE-2025-1937: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8 \- CVE-2025-1938: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-783=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-783=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.8.0-112.249.3 * MozillaFirefox-translations-common-128.8.0-112.249.3 * MozillaFirefox-128.8.0-112.249.3 * MozillaFirefox-debugsource-128.8.0-112.249.3 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * MozillaFirefox-devel-128.8.0-112.249.3 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * MozillaFirefox-debuginfo-128.8.0-112.249.3 * MozillaFirefox-translations-common-128.8.0-112.249.3 * MozillaFirefox-128.8.0-112.249.3 * MozillaFirefox-debugsource-128.8.0-112.249.3 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * MozillaFirefox-devel-128.8.0-112.249.3 ## References: * https://www.suse.com/security/cve/CVE-2024-43097.html * https://www.suse.com/security/cve/CVE-2025-1930.html * https://www.suse.com/security/cve/CVE-2025-1931.html * https://www.suse.com/security/cve/CVE-2025-1932.html * https://www.suse.com/security/cve/CVE-2025-1933.html * https://www.suse.com/security/cve/CVE-2025-1934.html * https://www.suse.com/security/cve/CVE-2025-1935.html * https://www.suse.com/security/cve/CVE-2025-1936.html * https://www.suse.com/security/cve/CVE-2025-1937.html * https://www.suse.com/security/cve/CVE-2025-1938.html * https://bugzilla.suse.com/show_bug.cgi?id=1237683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 5 16:30:06 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 05 Mar 2025 16:30:06 -0000 Subject: SUSE-SU-2025:0788-1: important: Security update for MozillaFirefox Message-ID: <174119220618.31417.18224802471599492773@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2025:0788-1 Release Date: 2025-03-05T15:31:12Z Rating: important References: * bsc#1237683 Cross-References: * CVE-2024-43097 * CVE-2025-1930 * CVE-2025-1931 * CVE-2025-1932 * CVE-2025-1933 * CVE-2025-1934 * CVE-2025-1935 * CVE-2025-1936 * CVE-2025-1937 * CVE-2025-1938 CVSS scores: * CVE-2024-43097 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43097 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-43097 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-1930 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1930 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H * CVE-2025-1931 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1931 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2025-1932 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1932 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H * CVE-2025-1932 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-1933 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1933 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2025-1933 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2025-1934 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-1934 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-1934 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-1935 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-1935 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2025-1935 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-1936 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-1936 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2025-1937 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-1937 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1938 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-1938 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1938 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Security Vulnerabilities fixed in Firefox ESR 128.8 (MFSA 2025-16) (bsc#1237683) \- CVE-2024-43097: Overflow when growing an SkRegion's RunArray \- CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process \- CVE-2025-1931: Use-after-free in WebTransportChild \- CVE-2025-1932: Inconsistent comparator in XSLT sorting led to out-of-bounds access \- CVE-2025-1933: JIT corruption of WASM i32 return values on 64-bit CPUs \- CVE-2025-1934: Unexpected GC during RegExp bailout processing \- CVE-2025-1935: Clickjacking the registerProtocolHandler info-bar \- CVE-2025-1936: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents \- CVE-2025-1937: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8 \- CVE-2025-1938: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-788=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-788=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-788=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-788=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-788=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-788=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-788=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-788=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-788=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-788=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-788=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-788=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-788=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-788=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * MozillaFirefox-branding-upstream-128.8.0-150200.152.173.1 * openSUSE Leap 15.6 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * Desktop Applications Module 15-SP6 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * MozillaFirefox-128.8.0-150200.152.173.1 * MozillaFirefox-translations-other-128.8.0-150200.152.173.1 * MozillaFirefox-debuginfo-128.8.0-150200.152.173.1 * MozillaFirefox-translations-common-128.8.0-150200.152.173.1 * MozillaFirefox-debugsource-128.8.0-150200.152.173.1 * SUSE Enterprise Storage 7.1 (noarch) * MozillaFirefox-devel-128.8.0-150200.152.173.1 ## References: * https://www.suse.com/security/cve/CVE-2024-43097.html * https://www.suse.com/security/cve/CVE-2025-1930.html * https://www.suse.com/security/cve/CVE-2025-1931.html * https://www.suse.com/security/cve/CVE-2025-1932.html * https://www.suse.com/security/cve/CVE-2025-1933.html * https://www.suse.com/security/cve/CVE-2025-1934.html * https://www.suse.com/security/cve/CVE-2025-1935.html * https://www.suse.com/security/cve/CVE-2025-1936.html * https://www.suse.com/security/cve/CVE-2025-1937.html * https://www.suse.com/security/cve/CVE-2025-1938.html * https://bugzilla.suse.com/show_bug.cgi?id=1237683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 5 16:30:10 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 05 Mar 2025 16:30:10 -0000 Subject: SUSE-SU-2025:0786-1: important: Security update for podman Message-ID: <174119221027.31417.12899821764453907586@smelt2.prg2.suse.org> # Security update for podman Announcement ID: SUSE-SU-2025:0786-1 Release Date: 2025-03-05T13:06:45Z Rating: important References: * bsc#1237641 Cross-References: * CVE-2025-27144 CVSS scores: * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE (bsc#1237641) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-786=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-786=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-786=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-786=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-786=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-786=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-786=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-786=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-786=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * podman-remote-4.9.5-150400.4.41.1 * podman-debuginfo-4.9.5-150400.4.41.1 * podmansh-4.9.5-150400.4.41.1 * podman-remote-debuginfo-4.9.5-150400.4.41.1 * podman-4.9.5-150400.4.41.1 * openSUSE Leap 15.4 (noarch) * podman-docker-4.9.5-150400.4.41.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.41.1 * podman-remote-4.9.5-150400.4.41.1 * podman-4.9.5-150400.4.41.1 * podman-remote-debuginfo-4.9.5-150400.4.41.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.41.1 * podman-remote-4.9.5-150400.4.41.1 * podman-4.9.5-150400.4.41.1 * podman-remote-debuginfo-4.9.5-150400.4.41.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.41.1 * podman-remote-4.9.5-150400.4.41.1 * podman-4.9.5-150400.4.41.1 * podman-remote-debuginfo-4.9.5-150400.4.41.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.41.1 * podman-remote-4.9.5-150400.4.41.1 * podman-4.9.5-150400.4.41.1 * podman-remote-debuginfo-4.9.5-150400.4.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * podman-debuginfo-4.9.5-150400.4.41.1 * podman-remote-4.9.5-150400.4.41.1 * podman-4.9.5-150400.4.41.1 * podman-remote-debuginfo-4.9.5-150400.4.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * podman-debuginfo-4.9.5-150400.4.41.1 * podman-remote-4.9.5-150400.4.41.1 * podman-4.9.5-150400.4.41.1 * podman-remote-debuginfo-4.9.5-150400.4.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.41.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * podman-debuginfo-4.9.5-150400.4.41.1 * podman-remote-4.9.5-150400.4.41.1 * podman-4.9.5-150400.4.41.1 * podman-remote-debuginfo-4.9.5-150400.4.41.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * podman-docker-4.9.5-150400.4.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * podman-debuginfo-4.9.5-150400.4.41.1 * podman-remote-4.9.5-150400.4.41.1 * podman-4.9.5-150400.4.41.1 * podman-remote-debuginfo-4.9.5-150400.4.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.41.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27144.html * https://bugzilla.suse.com/show_bug.cgi?id=1237641 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 5 16:30:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 05 Mar 2025 16:30:14 -0000 Subject: SUSE-SU-2025:0785-1: important: Security update for podman Message-ID: <174119221412.31417.6892003408830795389@smelt2.prg2.suse.org> # Security update for podman Announcement ID: SUSE-SU-2025:0785-1 Release Date: 2025-03-05T13:06:16Z Rating: important References: * bsc#1237641 Cross-References: * CVE-2025-27144 CVSS scores: * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE (bsc#1237641) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-785=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-785=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-785=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-785=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-785=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-785=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-785=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-785=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * podman-remote-4.9.5-150500.3.37.1 * podman-debuginfo-4.9.5-150500.3.37.1 * podman-4.9.5-150500.3.37.1 * podman-remote-debuginfo-4.9.5-150500.3.37.1 * podmansh-4.9.5-150500.3.37.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * podman-docker-4.9.5-150500.3.37.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * podman-remote-4.9.5-150500.3.37.1 * podman-debuginfo-4.9.5-150500.3.37.1 * podman-4.9.5-150500.3.37.1 * podman-remote-debuginfo-4.9.5-150500.3.37.1 * podmansh-4.9.5-150500.3.37.1 * Containers Module 15-SP6 (noarch) * podman-docker-4.9.5-150500.3.37.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * podman-remote-4.9.5-150500.3.37.1 * podman-debuginfo-4.9.5-150500.3.37.1 * podman-4.9.5-150500.3.37.1 * podman-remote-debuginfo-4.9.5-150500.3.37.1 * podmansh-4.9.5-150500.3.37.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * podman-docker-4.9.5-150500.3.37.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * podman-remote-4.9.5-150500.3.37.1 * podman-debuginfo-4.9.5-150500.3.37.1 * podman-4.9.5-150500.3.37.1 * podman-remote-debuginfo-4.9.5-150500.3.37.1 * podmansh-4.9.5-150500.3.37.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * podman-docker-4.9.5-150500.3.37.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * podman-remote-4.9.5-150500.3.37.1 * podman-debuginfo-4.9.5-150500.3.37.1 * podman-4.9.5-150500.3.37.1 * podman-remote-debuginfo-4.9.5-150500.3.37.1 * podmansh-4.9.5-150500.3.37.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * podman-docker-4.9.5-150500.3.37.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * podman-remote-4.9.5-150500.3.37.1 * podman-debuginfo-4.9.5-150500.3.37.1 * podman-4.9.5-150500.3.37.1 * podman-remote-debuginfo-4.9.5-150500.3.37.1 * podmansh-4.9.5-150500.3.37.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * podman-docker-4.9.5-150500.3.37.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * podman-remote-4.9.5-150500.3.37.1 * podman-debuginfo-4.9.5-150500.3.37.1 * podman-4.9.5-150500.3.37.1 * podman-remote-debuginfo-4.9.5-150500.3.37.1 * podmansh-4.9.5-150500.3.37.1 * openSUSE Leap 15.5 (noarch) * podman-docker-4.9.5-150500.3.37.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * podman-remote-4.9.5-150500.3.37.1 * podman-debuginfo-4.9.5-150500.3.37.1 * podman-4.9.5-150500.3.37.1 * podman-remote-debuginfo-4.9.5-150500.3.37.1 * podmansh-4.9.5-150500.3.37.1 * openSUSE Leap 15.6 (noarch) * podman-docker-4.9.5-150500.3.37.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27144.html * https://bugzilla.suse.com/show_bug.cgi?id=1237641 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 5 16:34:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 05 Mar 2025 16:34:21 -0000 Subject: SUSE-SU-2025:0784-1: important: Security update for the Linux Kernel Message-ID: <174119246135.31417.4126684906869316950@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0784-1 Release Date: Rating: important References: * bsc#1012628 * bsc#1215199 * bsc#1219367 * bsc#1222672 * bsc#1222803 * bsc#1225742 * bsc#1225981 * bsc#1228521 * bsc#1230235 * bsc#1230438 * bsc#1230439 * bsc#1231920 * bsc#1232159 * bsc#1232198 * bsc#1232201 * bsc#1232508 * bsc#1232520 * bsc#1232919 * bsc#1233109 * bsc#1234853 * bsc#1234857 * bsc#1234891 * bsc#1234963 * bsc#1235032 * bsc#1235054 * bsc#1235061 * bsc#1235073 * bsc#1235435 * bsc#1235592 * bsc#1235609 * bsc#1235932 * bsc#1235933 * bsc#1236113 * bsc#1236114 * bsc#1236115 * bsc#1236122 * bsc#1236123 * bsc#1236133 * bsc#1236138 * bsc#1236199 * bsc#1236200 * bsc#1236203 * bsc#1236205 * bsc#1236573 * bsc#1236575 * bsc#1236576 * bsc#1236591 * bsc#1236661 * bsc#1236677 * bsc#1236700 * bsc#1236752 * bsc#1236821 * bsc#1236822 * bsc#1236896 * bsc#1236897 * bsc#1236952 * bsc#1236967 * bsc#1236994 * bsc#1237007 * bsc#1237017 * bsc#1237025 * bsc#1237028 * bsc#1237045 * bsc#1237126 * bsc#1237132 * bsc#1237139 * bsc#1237155 * bsc#1237158 * bsc#1237159 * bsc#1237232 * bsc#1237234 * bsc#1237325 * bsc#1237415 * bsc#1237452 * bsc#1237558 * bsc#1237562 * bsc#1237563 * jsc#PED-10028 * jsc#PED-12094 * jsc#PED-348 * jsc#PED-6143 Cross-References: * CVE-2023-52924 * CVE-2023-52925 * CVE-2024-26708 * CVE-2024-26810 * CVE-2024-41055 * CVE-2024-44974 * CVE-2024-45009 * CVE-2024-45010 * CVE-2024-47701 * CVE-2024-49884 * CVE-2024-49950 * CVE-2024-50073 * CVE-2024-50085 * CVE-2024-50115 * CVE-2024-50185 * CVE-2024-53147 * CVE-2024-53173 * CVE-2024-53226 * CVE-2024-53239 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56568 * CVE-2024-56579 * CVE-2024-56605 * CVE-2024-56647 * CVE-2024-56720 * CVE-2024-57889 * CVE-2024-57948 * CVE-2025-21636 * CVE-2025-21637 * CVE-2025-21638 * CVE-2025-21639 * CVE-2025-21640 * CVE-2025-21647 * CVE-2025-21680 * CVE-2025-21684 * CVE-2025-21687 * CVE-2025-21688 * CVE-2025-21689 * CVE-2025-21690 * CVE-2025-21692 * CVE-2025-21697 * CVE-2025-21699 * CVE-2025-21700 CVSS scores: * CVE-2023-52924 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-52924 ( SUSE ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52925 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52925 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52925 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26708 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26708 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26810 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26810 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41055 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41055 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44974 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2024-44974 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-44974 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45009 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-45009 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45010 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-45010 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47701 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47701 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-47701 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49950 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50073 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50073 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-50073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50085 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50085 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53147 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53147 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53226 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53226 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53226 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56568 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56568 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56568 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56579 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56579 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56579 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56647 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56647 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56647 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56720 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56720 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57889 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57948 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57948 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21636 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21636 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21637 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21637 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21638 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21638 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21638 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21639 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21639 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21640 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21640 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21640 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21647 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21647 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21680 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21680 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21680 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21684 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21684 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21687 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21687 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21687 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21688 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21689 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21689 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21690 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21690 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21692 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21692 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21692 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21697 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-21697 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21699 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21699 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21699 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21700 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21700 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Confidential Computing Module 15-SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 44 vulnerabilities, contains four features and has 33 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-26708: mptcp: fastopen and PM-trigger subflow shutdown can race (bsc#1222672). * CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235). * CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438). * CVE-2024-45010: mptcp: pm: only mark 'subflow' endp as available (bsc#1230439). * CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508). * CVE-2024-50185: mptcp: handle consistently DSS corruption (bsc#1233109). * CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857). * CVE-2024-56568: iommu/arm-smmu: Defer probe of clients after smmu device bound (bsc#1235032). * CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435). * CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592). * CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (bsc#1236113). * CVE-2025-21637: sctp: sysctl: udp_port: avoid using current->nsproxy (bsc#1236114). * CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy (bsc#1236115). * CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy (bsc#1236122). * CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (bsc#1236123). * CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133). * CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700). * CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045). * CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028). * CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159). The following non-security bugs were fixed: * ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10 tablet 5V (stable-fixes). * ALSA: hda/cirrus: Correct the full scale volume set logic (git-fixes). * ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (stable-fixes). * ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes). * ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (git-fixes). * ALSA: seq: Drop UMP events when no UMP-conversion is set (git-fixes). * APEI: GHES: Have GHES honor the panic= setting (stable-fixes). * ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (stable-fixes). * ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (git-fixes). * ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (git- fixes). * ASoC: amd: Add ACPI dependency to fix build error (stable-fixes). * ASoC: fsl_micfil: Enable default case in micfil_set_quality() (git-fixes). * ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] (git- fixes). * Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (stable-fixes). * HID: Wacom: Add PCI Wacom device support (stable-fixes). * HID: hid-steam: Add Deck IMU support (stable-fixes). * HID: hid-steam: Add gamepad-only mode switched to by holding options (stable-fixes). * HID: hid-steam: Avoid overwriting smoothing parameter (stable-fixes). * HID: hid-steam: Clean up locking (stable-fixes). * HID: hid-steam: Disable watchdog instead of using a heartbeat (stable- fixes). * HID: hid-steam: Do not use cancel_delayed_work_sync in IRQ context (git- fixes). * HID: hid-steam: Fix cleanup in probe() (git-fixes). * HID: hid-steam: Make sure rumble work is canceled on removal (stable-fixes). * HID: hid-steam: Move hidraw input (un)registering to work (git-fixes). * HID: hid-steam: Update list of identifiers from SDL (stable-fixes). * HID: hid-steam: remove pointless error message (stable-fixes). * HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() (git-fixes). * HID: multitouch: Add NULL check in mt_input_configured (git-fixes). * Input: allocate keycode for phone linking (stable-fixes). * KVM: SVM: Propagate error from snp_guest_req_init() to userspace (jsc#PED-348). * KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable bit is cleared (git-fixes). * KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes). * KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes). * KVM: arm64: Do not eagerly teardown the vgic on init error (git-fixes). * KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (git- fixes). * KVM: arm64: Fix alignment of kvm_hyp_memcache allocations (git-fixes). * KVM: arm64: Flush hyp bss section after initialization of variables in bss (git-fixes). * KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes) * KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (git-fixes). * KVM: nSVM: Enter guest mode before initializing nested NPT MMU (git-fixes). * KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes). * KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (git-fixes bsc#1237155). * KVM: x86/mmu: Process atomically-zapped SPTEs after TLB flush (jsc#PED-6143). * KVM: x86/mmu: Skip the "try unsync" path iff the old SPTE was a leaf SPTE (git-fixes). * KVM: x86: AMD's IBPB is not equivalent to Intel's IBPB (git-fixes). * KVM: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX (git-fixes). * KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes). * KVM: x86: Avoid double RDPKRU when loading host/guest PKRU (git-fixes). * KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init (git- fixes). * KVM: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit() (git- fixes). * KVM: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348). * KVM: x86: Zero out PV features cache when the CPUID leaf is not present (git-fixes). * PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (stable-fixes). * PCI: Use downstream bridges for distributing resources (bsc#1237325). * PCI: hookup irq_get_affinity callback (bsc#1236896). * PCI: imx6: Simplify clock handling by using clk_bulk*() function (git- fixes). * PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes). * Pickup RXE code change introduced by upstream. * RDMA/efa: Reset device on probe failure (git-fixes) * RDMA/rxe: Improve newline in printing messages (git-fixes) * Revert "blk-throttle: Fix IO hang for a corner case" (git-fixes). * Revert "drm/amd/display: Use HW lock mgr for PSR1" (stable-fixes). * USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (stable- fixes). * USB: Fix the issue of task recovery failure caused by USB status when S4 wakes up (git-fixes). * USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (git-fixes). * USB: gadget: f_midi: f_midi_complete to call queue_work (git-fixes). * USB: hub: Ignore non-compliant devices with too many configs or interfaces (stable-fixes). * USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (stable-fixes). * USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (stable-fixes). * USB: serial: option: add MeiG Smart SLM828 (stable-fixes). * USB: serial: option: add Telit Cinterion FN990B compositions (stable-fixes). * USB: serial: option: drop MeiG Smart defines (stable-fixes). * USB: serial: option: fix Telit Cinterion FN990A name (stable-fixes). * Use gcc-13 for build on SLE16 (jsc#PED-10028). * acct: block access to kernel internal filesystems (git-fixes). * acct: perform last write from workqueue (git-fixes). * arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes) * arm64: Handle .ARM.attributes section in linker scripts (git-fixes) * arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes) * ata: libata-sff: Ensure that we cannot write outside the allocated buffer (stable-fixes). * batman-adv: Drop unmanaged ELP metric worker (git-fixes). * batman-adv: Ignore neighbor throughput metrics in error case (stable-fixes). * batman-adv: fix panic during interface removal (git-fixes). * bio-integrity: do not restrict the size of integrity metadata (git-fixes). * blk-cgroup: Fix class @block_class's subsystem refcount leakage (bsc#1237558). * blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (git- fixes). * blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex less long (git- fixes). * blk-mq: add number of queue calc helper (bsc#1236897). * blk-mq: create correct map for fallback case (bsc#1236896). * blk-mq: do not count completed flush data request as inflight in case of quiesce (git-fixes). * blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896). * blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1236897). * blk-mq: move cpuhp callback registering out of q->sysfs_lock (git-fixes). * blk-mq: register cpuhp callback after hctx is added to xarray table (git- fixes). * blk-mq: use hk cpus only when isolcpus=managed_irq is enabled (bsc#1236897). * blk_iocost: remove some duplicate irq disable/enables (git-fixes). * block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (git-fixes). * block: Clear zone limits for a non-zoned stacked queue (git-fixes). * block: Fix elevator_get_default() checking for NULL q->tag_set (git-fixes). * block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes). * block: Fix page refcounts for unaligned buffers in __bio_release_pages() (git-fixes). * block: Provide bdev_open_* functions (git-fixes). * block: Remove special-casing of compound pages (git-fixes). * block: Set memalloc_noio to false on device_add_disk() error path (git- fixes). * block: add a disk_has_partscan helper (git-fixes). * block: add a partscan sysfs attribute for disks (git-fixes). * block: add check of 'minors' and 'first_minor' in device_add_disk() (git- fixes). * block: avoid to reuse `hctx` not removed from cpuhp callback list (git- fixes). * block: change rq_integrity_vec to respect the iterator (git-fixes). * block: copy back bounce buffer to user-space correctly in case of split (git-fixes). * block: ensure we hold a queue reference when using queue limits (git-fixes). * block: fix and simplify blkdevparts= cmdline parsing (git-fixes). * block: fix bio_split_rw_at to take zone_write_granularity into account (git- fixes). * block: fix integer overflow in BLKSECDISCARD (git-fixes). * block: fix missing dispatching request when queue is started or unquiesced (git-fixes). * block: fix ordering between checking BLK_MQ_S_STOPPED request adding (git- fixes). * block: fix ordering between checking QUEUE_FLAG_QUIESCED request adding (git-fixes). * block: fix sanity checks in blk_rq_map_user_bvec (git-fixes). * block: propagate partition scanning errors to the BLKRRPART ioctl (git- fixes). * block: remove the blk_flush_integrity call in blk_integrity_unregister (git- fixes). * block: retry call probe after request_module in blk_request_module (git- fixes). * block: return unsigned int from bdev_io_min (git-fixes). * block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() (git-fixes). * block: support to account io_ticks precisely (git-fixes). * block: use the right type for stub rq_integrity_vec() (git-fixes). * bnxt_en: Fix possible memory leak when hwrm_req_replace fails (git-fixes). * bnxt_en: Refactor bnxt_ptp_init() (git-fixes). * bnxt_en: Unregister PTP during PCI shutdown and suspend (git-fixes). * btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1237232). * btrfs: fix extent map merging not happening for adjacent extents (bsc#1237232). * can: c_can: fix unbalanced runtime PM disable in error path (git-fixes). * can: ctucanfd: handle skb allocation failure (git-fixes). * can: etas_es58x: fix potential NULL pointer dereference on udev->serial (git-fixes). * can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (git-fixes). * chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes). * clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe (git- fixes). * clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes). * clk: mediatek: mt2701-img: add missing dummy clk (git-fixes). * clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes). * clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe (git- fixes). * clk: qcom: clk-alpha-pll: fix alpha mode configuration (git-fixes). * clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (git-fixes). * clk: qcom: dispcc-sm6350: Add missing parent_map for a clock (git-fixes). * clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (git-fixes). * clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (git-fixes). * clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() (git-fixes). * clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes). * cpu/hotplug: Do not offline the last non-isolated CPU (bsc#1237562). * cpu/hotplug: Prevent self deadlock on CPU hot-unplug (bsc#1237562). * cpufreq: s3c64xx: Fix compilation warning (stable-fixes). * cxgb4: Avoid removal of uninserted tid (git-fixes). * cxgb4: use port number to set mac addr (git-fixes). * devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1237234). * dlm: fix srcu_read_lock() return type to int (git-fixes). * doc: update managed_irq documentation (bsc#1236897). * driver core: bus: add irq_get_affinity callback to bus_type (bsc#1236896). * drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor (stable-fixes). * drm/amd/pm: Mark MM activity as unsupported (stable-fixes). * drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (stable- fixes). * drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() (git-fixes). * drm/amdkfd: only flush the validate MES contex (stable-fixes). * drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT (stable- fixes). * drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes). * drm/bridge: it6505: fix HDCP CTS KSV list wait timer (stable-fixes). * drm/bridge: it6505: fix HDCP CTS compare V matching (stable-fixes). * drm/bridge: it6505: fix HDCP encryption when R0 ready (stable-fixes). * drm/i915/selftests: avoid using uninitialized context (git-fixes). * drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (stable-fixes). * drm/i915: Fix page cleanup on DMA remap failure (git-fixes). * drm/modeset: Handle tiled displays in pan_display_atomic (stable-fixes). * drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes). * drm/msm/dpu: Do not leak bits_per_component into random DSC_ENC fields (git- fixes). * drm/msm: Avoid rounding up to one jiffy (git-fixes). * drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes). * drm/virtio: New fence for every plane update (stable-fixes). * efi: Avoid cold plugged memory for placing the kernel (stable-fixes). * efi: libstub: Use '-std=gnu11' to fix build with GCC 15 (stable-fixes). * eth: gve: use appropriate helper to set xdp_features (git-fixes). * exfat: convert to ctime accessor functions (git-fixes). * exfat: fix file being changed by unaligned direct write (git-fixes). * exfat: fix zero the unwritten part for dio read (git-fixes). * fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes). * gpio: bcm-kona: Add missing newline to dev_err format string (git-fixes). * gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (git-fixes). * gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (git- fixes). * gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (git-fixes). * gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes). * hfs: Sanity check the root record (git-fixes). * i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (stable-fixes). * iavf: allow changing VLAN state without calling PF (git-fixes). * ice: Skip PTP HW writes during PTP reset procedure (git-fixes). * ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1237415). * ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1237415). * ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset (git- fixes). * ice: fix incorrect PHY settings for 100 GB/s (git-fixes). * ice: fix max values for dpll pin phase adjust (git-fixes). * ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1237415). * ice: gather page_count()'s of each frag right before XDP prog call (git- fixes). * ice: put Rx buffers after being done with current frame (git-fixes). * ice: stop storing XDP verdict within ice_rx_buf (git-fixes). * ice: use internal pf id instead of function number (git-fixes). * idpf: add read memory barrier when checking descriptor done bit (git-fixes). * idpf: call set_real_num_queues in idpf_open (bsc#1236661). * idpf: convert workqueues to unbound (git-fixes). * idpf: fix VF dynamic interrupt ctl register initialization (git-fixes). * idpf: fix handling rsc packet with a single segment (git-fixes). * igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes). * igc: Set buffer type for empty frames in igc_init_empty_frame (git-fixes). * igc: return early when failing to read EECD register (git-fixes). * iommu/arm-smmu-v3: Clean up more on probe failure (stable-fixes). * kabi: fix bus type (bsc#1236896). * kabi: fix group_cpus_evenly (bsc#1236897). * kasan: do not call find_vm_area() in a PREEMPT_RT kernel (git-fixes). * kbuild: userprogs: fix bitsize and target detection on clang (git-fixes). * kvm: svm: Fix gctx page leak on invalid inputs (jsc#PED-348). * lib/group_cpus: honor housekeeping config when grouping CPUs (bsc#1236897). * lib/group_cpus: let group_cpu_evenly return number initialized masks (bsc#1236897). * lib/iov_iter: fix import_iovec_ubuf iovec management (git-fixes). * lib: stackinit: hide never-taken branch from compiler (stable-fixes). * lockdep: Fix upper limit for LOCKDEP_*_BITS configs (stable-fixes). * loop: do not set QUEUE_FLAG_NOMERGES (git-fixes). * media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes). * media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes). * media: uvcvideo: Add new quirk definition for the Sonix Technology Co. 292a camera (stable-fixes). * media: uvcvideo: Implement dual stream quirk to fix loss of usb packets (stable-fixes). * media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (stable-fixes). * mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (stable- fixes). * mmc: core: Respect quirk_max_rate for non-UHS SDIO card (stable-fixes). * mmc: mtk-sd: Fix register settings for hs400(es) mode (git-fixes). * mmc: sdhci-msm: Correctly set the load for the regulator (stable-fixes). * mptcp: export local_address (git-fixes) * mptcp: fix NL PM announced address accounting (git-fixes) * mptcp: fix data races on local_id (git-fixes) * mptcp: fix inconsistent state on fastopen race (bsc#1222672). * mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes) * mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes) * mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git- fixes) * mptcp: pm: deny endp with signal + subflow + port (git-fixes) * mptcp: pm: do not ignore 'subflow' if 'signal' flag is also set (git-fixes) * mptcp: pm: do not try to create sf if alloc failed (git-fixes) * mptcp: pm: fullmesh: select the right ID later (git-fixes) * mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes) * mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes) * mptcp: pm: re-using ID of unused flushed subflows (git-fixes) * mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes) * mptcp: pm: re-using ID of unused removed subflows (git-fixes) * mptcp: pm: reduce indentation blocks (git-fixes) * mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes) * mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes) * mptcp: unify pm get_local_id interfaces (git-fixes) * mptcp: unify pm set_flags interfaces (git-fixes) * mtd: rawnand: cadence: fix error code in cadence_nand_init() (git-fixes). * mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (git-fixes). * mtd: rawnand: cadence: fix unchecked dereference (git-fixes). * mtd: rawnand: cadence: use dma_map_resource for sdma address (git-fixes). * nbd: Fix signal handling (git-fixes). * nbd: Improve the documentation of the locking assumptions (git-fixes). * nbd: do not allow reconnect after disconnect (git-fixes). * net/mlx5: Correct TASR typo into TSAR (git-fixes). * net/mlx5: Fix RDMA TX steering prio (git-fixes). * net/mlx5: Fix msix vectors to respect platform limit (bsc#1225981). * net/mlx5: SF, Fix add port error handling (git-fixes). * net/mlx5: Verify support for scheduling element and TSAR type (git-fixes). * net/mlx5e: Always start IPsec sequence number from 1 (git-fixes). * net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes). * net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes). * net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (bsc#1236994). * net: rose: lock the socket in rose_bind() (git-fixes). * net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (git-fixes). * net: smc: fix spurious error message from __sock_release() (bsc#1237126). * net: wwan: iosm: Fix hibernation by re-binding the driver around it (stable- fixes). * nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() (git-fixes). * null_blk: Do not allow runt zone with zone capacity smaller then zone size (git-fixes). * null_blk: Fix missing mutex_destroy() at module removal (git-fixes). * null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (git- fixes). * null_blk: Print correct max open zones limit in null_init_zoned_dev() (git- fixes). * null_blk: Remove usage of the deprecated ida_simple_xx() API (git-fixes). * null_blk: do not cap max_hw_sectors to BLK_DEF_MAX_SECTORS (git-fixes). * null_blk: fix validation of block size (git-fixes). * nvme-pci: use block layer helpers to calculate num of queues (bsc#1236897). * nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896). * ocfs2: fix incorrect CPU endianness conversion causing mount failure (bsc#1236138). * padata: Clean up in padata_do_multithreaded() (bsc#1237563). * padata: Honor the caller's alignment in case of chunk_size 0 (bsc#1237563). * partitions: ldm: remove the initial kernel-doc notation (git-fixes). * pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware (git-fixes). * platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1237452). * platform/x86/intel-uncore-freq: Increase minor number support (bsc#1237452). * platform/x86/intel/tpmi: Add defines to get version information (bsc#1237452). * platform/x86: ISST: Ignore minor version change (bsc#1237452). * platform/x86: acer-wmi: Ignore AC events (stable-fixes). * platform/x86: int3472: Check for adev == NULL (stable-fixes). * power: supply: da9150-fg: fix potential overflow (git-fixes). * powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (bsc#1215199). * powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (bsc#1215199). * powerpc/code-patching: Disable KASAN report during patching via temporary mm (bsc#1215199). * powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (bsc#1215199). * powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid mode (bsc#1235933 bsc#1235932). * powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API (bsc#1236967). * rbd: do not assume RBD_LOCK_STATE_LOCKED for exclusive mappings (git-fixes). * rbd: do not assume rbd_is_lock_owner() for exclusive mappings (git-fixes). * rbd: do not move requests to the running list on errors (git-fixes). * rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (git-fixes). * regmap-irq: Add missing kfree() (git-fixes). * s390/cio: rename bitmap_size() -> idset_bitmap_size() (git-fixes bsc#1236205). * s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes bsc#1237158). * s390/iucv: fix receive buffer virtual vs physical address confusion (git- fixes bsc#1236200). * s390/pci: Fix SR-IOV for PFs initially in standby (git-fixes bsc#1236752). * s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (bsc#1236752). * s390/pci: Ignore RID for isolated VFs (bsc#1236752). * s390/pci: Sort PCI functions prior to creating virtual busses (bsc#1236752). * s390/pci: Use topology ID for multi-function devices (bsc#1236752). * s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199). * s390/topology: Improve topology detection (bsc#1236591). * s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops (git-fixes bsc#1236203). * scripts/gdb: fix aarch64 userspace detection in get_current_task (stable- fixes). * scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896). * scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes). * scsi: use block layer helpers to calculate num of queues (bsc#1236897). * selftest: hugetlb_dio: fix test naming (git-fixes). * selftest: mm: Test if hugepage does not get leaked during __bio_release_pages() (git-fixes). * selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (stable- fixes). * selftests: gpio: gpio-sim: Fix missing chip disablements (stable-fixes). * selftests: hugetlb_dio: check for initial conditions to skip in the start (git-fixes). * selftests: hugetlb_dio: fixup check for initial conditions to skip in the start (git-fixes). * selftests: mptcp: connect: -f: no reconnect (git-fixes). * selftests: rtnetlink: update netdevsim ipsec output format (stable-fixes). * serial: 8250: Fix fifo underflow on flush (git-fixes). * smb: client: fix corruption in cifs_extend_writeback (bsc#1235609). * soc/tegra: fuse: Update Tegra234 nvmem keepout list (stable-fixes). * spi: atmel-qspi: Memory barriers after memory-mapped I/O (git-fixes). * spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families (stable-fixes). * spi: sn-f-ospi: Fix division by zero (git-fixes). * tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367). * tomoyo: do not emit warning in tomoyo_write_control() (stable-fixes). * tools: fix annoying "mkdir -p ..." logs when building tools in parallel (git-fixes). * ublk: fix error code for unsupported command (git-fixes). * ublk: fix ublk_ch_mmap() for 64K page size (git-fixes). * ublk: move ublk_cancel_dev() out of ub->mutex (git-fixes). * ublk: move zone report data out of request pdu (git-fixes). * usb: cdc-acm: Check control transfer buffer size before access (git-fixes). * usb: cdc-acm: Fix handling of oversized fragments (git-fixes). * usb: core: fix pipe creation for get_bMaxPacketSize0 (git-fixes). * usb: dwc2: gadget: remove of_node reference upon udc_stop (git-fixes). * usb: dwc3: Fix timeout issue during controller enter/exit from halt state (git-fixes). * usb: dwc3: core: Defer the probe until USB power supply ready (git-fixes). * usb: gadget: core: flush gadget workqueue after device removal (git-fixes). * usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue during MIDI bind retries (git-fixes). * usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (git-fixes). * usb: gadget: udc: renesas_usb3: Fix compiler warning (git-fixes). * usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device (git-fixes). * usb: roles: set switch registered flag early on (git-fixes). * usb: xhci: Fix NULL pointer dereference on certain command aborts (git- fixes). * usbnet: ipheth: document scope of NCM implementation (stable-fixes). * util_macros.h: fix/rework find_closest() macros (git-fixes). * vhost/net: Set num_buffers for virtio 1.0 (git-fixes). * virtio: blk/scsi: replace blk_mq_virtio_map_queues with blk_mq_map_hw_queues (bsc#1236896). * virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1236897). * virtio: hookup irq_get_affinity callback (bsc#1236896). * virtio_blk: reverse request order in virtio_queue_rqs (git-fixes). * wifi: ath12k: fix handling of 6 GHz rules (git-fixes). * wifi: brcmfmac: Check the return value of of_property_read_string_index() (stable-fixes). * wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (stable- fixes). * wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (stable-fixes). * wifi: iwlwifi: avoid memory leak (stable-fixes). * wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH (stable-fixes). * wifi: rtw88: sdio: Fix disconnection after beacon loss (stable-fixes). * wifi: rtw89: add crystal_cap check to avoid setting as overflow value (stable-fixes). * x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes). * x86/asm: Make serialize() always_inline (git-fixes). * x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes). * x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes). * x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes). * x86/mm: Carve out INVLPG inline asm for use by others (git-fixes). * x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes). * x86/xen: allow larger contiguous memory regions in PV guests (git-fixes). * x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes). * x86/xen: Grab mm lock before grabbing pt lock (git-fixes). * xen/swiotlb: relax alignment requirements (git-fixes). * xhci: dbgtty: remove kfifo_out() wrapper (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Confidential Computing Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Confidential-Computing-15-SP6-2025-784=1 ## Package List: * Confidential Computing Module 15-SP6 (nosrc x86_64) * kernel-coco-6.4.0-15061.18.coco15sp6.1 * kernel-coco_debug-6.4.0-15061.18.coco15sp6.1 * Confidential Computing Module 15-SP6 (x86_64) * reiserfs-kmp-coco-debuginfo-6.4.0-15061.18.coco15sp6.1 * kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1 * kernel-syms-coco-6.4.0-15061.18.coco15sp6.1 * kernel-coco_debug-debuginfo-6.4.0-15061.18.coco15sp6.1 * kernel-coco-vdso-debuginfo-6.4.0-15061.18.coco15sp6.1 * kernel-coco-devel-6.4.0-15061.18.coco15sp6.1 * kernel-coco_debug-devel-debuginfo-6.4.0-15061.18.coco15sp6.1 * kernel-coco_debug-debugsource-6.4.0-15061.18.coco15sp6.1 * reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1 * kernel-coco-debugsource-6.4.0-15061.18.coco15sp6.1 * kernel-coco-debuginfo-6.4.0-15061.18.coco15sp6.1 * Confidential Computing Module 15-SP6 (noarch) * kernel-devel-coco-6.4.0-15061.18.coco15sp6.1 * kernel-source-coco-6.4.0-15061.18.coco15sp6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52924.html * https://www.suse.com/security/cve/CVE-2023-52925.html * https://www.suse.com/security/cve/CVE-2024-26708.html * https://www.suse.com/security/cve/CVE-2024-26810.html * https://www.suse.com/security/cve/CVE-2024-41055.html * https://www.suse.com/security/cve/CVE-2024-44974.html * https://www.suse.com/security/cve/CVE-2024-45009.html * https://www.suse.com/security/cve/CVE-2024-45010.html * https://www.suse.com/security/cve/CVE-2024-47701.html * https://www.suse.com/security/cve/CVE-2024-49884.html * https://www.suse.com/security/cve/CVE-2024-49950.html * https://www.suse.com/security/cve/CVE-2024-50073.html * https://www.suse.com/security/cve/CVE-2024-50085.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-50185.html * https://www.suse.com/security/cve/CVE-2024-53147.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53226.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56568.html * https://www.suse.com/security/cve/CVE-2024-56579.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56647.html * https://www.suse.com/security/cve/CVE-2024-56720.html * https://www.suse.com/security/cve/CVE-2024-57889.html * https://www.suse.com/security/cve/CVE-2024-57948.html * https://www.suse.com/security/cve/CVE-2025-21636.html * https://www.suse.com/security/cve/CVE-2025-21637.html * https://www.suse.com/security/cve/CVE-2025-21638.html * https://www.suse.com/security/cve/CVE-2025-21639.html * https://www.suse.com/security/cve/CVE-2025-21640.html * https://www.suse.com/security/cve/CVE-2025-21647.html * https://www.suse.com/security/cve/CVE-2025-21680.html * https://www.suse.com/security/cve/CVE-2025-21684.html * https://www.suse.com/security/cve/CVE-2025-21687.html * https://www.suse.com/security/cve/CVE-2025-21688.html * https://www.suse.com/security/cve/CVE-2025-21689.html * https://www.suse.com/security/cve/CVE-2025-21690.html * https://www.suse.com/security/cve/CVE-2025-21692.html * https://www.suse.com/security/cve/CVE-2025-21697.html * https://www.suse.com/security/cve/CVE-2025-21699.html * https://www.suse.com/security/cve/CVE-2025-21700.html * https://bugzilla.suse.com/show_bug.cgi?id=1012628 * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1219367 * https://bugzilla.suse.com/show_bug.cgi?id=1222672 * https://bugzilla.suse.com/show_bug.cgi?id=1222803 * https://bugzilla.suse.com/show_bug.cgi?id=1225742 * https://bugzilla.suse.com/show_bug.cgi?id=1225981 * https://bugzilla.suse.com/show_bug.cgi?id=1228521 * https://bugzilla.suse.com/show_bug.cgi?id=1230235 * https://bugzilla.suse.com/show_bug.cgi?id=1230438 * https://bugzilla.suse.com/show_bug.cgi?id=1230439 * https://bugzilla.suse.com/show_bug.cgi?id=1231920 * https://bugzilla.suse.com/show_bug.cgi?id=1232159 * https://bugzilla.suse.com/show_bug.cgi?id=1232198 * https://bugzilla.suse.com/show_bug.cgi?id=1232201 * https://bugzilla.suse.com/show_bug.cgi?id=1232508 * https://bugzilla.suse.com/show_bug.cgi?id=1232520 * https://bugzilla.suse.com/show_bug.cgi?id=1232919 * https://bugzilla.suse.com/show_bug.cgi?id=1233109 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234857 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1235032 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235435 * https://bugzilla.suse.com/show_bug.cgi?id=1235592 * https://bugzilla.suse.com/show_bug.cgi?id=1235609 * https://bugzilla.suse.com/show_bug.cgi?id=1235932 * https://bugzilla.suse.com/show_bug.cgi?id=1235933 * https://bugzilla.suse.com/show_bug.cgi?id=1236113 * https://bugzilla.suse.com/show_bug.cgi?id=1236114 * https://bugzilla.suse.com/show_bug.cgi?id=1236115 * https://bugzilla.suse.com/show_bug.cgi?id=1236122 * https://bugzilla.suse.com/show_bug.cgi?id=1236123 * https://bugzilla.suse.com/show_bug.cgi?id=1236133 * https://bugzilla.suse.com/show_bug.cgi?id=1236138 * https://bugzilla.suse.com/show_bug.cgi?id=1236199 * https://bugzilla.suse.com/show_bug.cgi?id=1236200 * https://bugzilla.suse.com/show_bug.cgi?id=1236203 * https://bugzilla.suse.com/show_bug.cgi?id=1236205 * https://bugzilla.suse.com/show_bug.cgi?id=1236573 * https://bugzilla.suse.com/show_bug.cgi?id=1236575 * https://bugzilla.suse.com/show_bug.cgi?id=1236576 * https://bugzilla.suse.com/show_bug.cgi?id=1236591 * https://bugzilla.suse.com/show_bug.cgi?id=1236661 * https://bugzilla.suse.com/show_bug.cgi?id=1236677 * https://bugzilla.suse.com/show_bug.cgi?id=1236700 * https://bugzilla.suse.com/show_bug.cgi?id=1236752 * https://bugzilla.suse.com/show_bug.cgi?id=1236821 * https://bugzilla.suse.com/show_bug.cgi?id=1236822 * https://bugzilla.suse.com/show_bug.cgi?id=1236896 * https://bugzilla.suse.com/show_bug.cgi?id=1236897 * https://bugzilla.suse.com/show_bug.cgi?id=1236952 * https://bugzilla.suse.com/show_bug.cgi?id=1236967 * https://bugzilla.suse.com/show_bug.cgi?id=1236994 * https://bugzilla.suse.com/show_bug.cgi?id=1237007 * https://bugzilla.suse.com/show_bug.cgi?id=1237017 * https://bugzilla.suse.com/show_bug.cgi?id=1237025 * https://bugzilla.suse.com/show_bug.cgi?id=1237028 * https://bugzilla.suse.com/show_bug.cgi?id=1237045 * https://bugzilla.suse.com/show_bug.cgi?id=1237126 * https://bugzilla.suse.com/show_bug.cgi?id=1237132 * https://bugzilla.suse.com/show_bug.cgi?id=1237139 * https://bugzilla.suse.com/show_bug.cgi?id=1237155 * https://bugzilla.suse.com/show_bug.cgi?id=1237158 * https://bugzilla.suse.com/show_bug.cgi?id=1237159 * https://bugzilla.suse.com/show_bug.cgi?id=1237232 * https://bugzilla.suse.com/show_bug.cgi?id=1237234 * https://bugzilla.suse.com/show_bug.cgi?id=1237325 * https://bugzilla.suse.com/show_bug.cgi?id=1237415 * https://bugzilla.suse.com/show_bug.cgi?id=1237452 * https://bugzilla.suse.com/show_bug.cgi?id=1237558 * https://bugzilla.suse.com/show_bug.cgi?id=1237562 * https://bugzilla.suse.com/show_bug.cgi?id=1237563 * https://jira.suse.com/browse/PED-10028 * https://jira.suse.com/browse/PED-12094 * https://jira.suse.com/browse/PED-348 * https://jira.suse.com/browse/PED-6143 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 6 16:30:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 06 Mar 2025 16:30:05 -0000 Subject: SUSE-SU-2025:0803-1: moderate: Security update for go1.23 Message-ID: <174127860550.21425.14643661961399567549@smelt2.prg2.suse.org> # Security update for go1.23 Announcement ID: SUSE-SU-2025:0803-1 Release Date: 2025-03-06T14:05:48Z Rating: moderate References: * bsc#1229122 * bsc#1238572 Cross-References: * CVE-2025-22870 CVSS scores: * CVE-2025-22870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22870 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for go1.23 fixes the following issues: * CVE-2025-22870: golang.org/x/net/proxy, golang.org/x/net/http/httpproxy: Fixed proxy bypass using IPv6 zone IDs (bsc#1238572) Other fixes: * Updated go version to go1.23.7 (bsc#1229122): * go#71985 go#71984 bsc#1238572 security: fix CVE-2025-22870 net/http, x/net/proxy, x/net/http/httpproxy: proxy bypass using IPv6 zone IDs * go#71727 runtime: usleep computes wrong tv_nsec on s390x * go#71839 runtime: recover added in range-over-func loop body doesn't stop panic propagation / segfaults printing error * go#71848 os: spurious SIGCHILD on running child process * go#71875 reflect: Value.Seq panicking on functional iterator methods * go#71915 reflect: Value.Seq iteration value types not matching the type of given int types * go#71962 runtime/cgo: does not build with -Wdeclaration-after-statement ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-803=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-803=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.23-doc-1.23.7-150000.1.24.1 * go1.23-1.23.7-150000.1.24.1 * go1.23-race-1.23.7-150000.1.24.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.23-doc-1.23.7-150000.1.24.1 * go1.23-1.23.7-150000.1.24.1 * go1.23-race-1.23.7-150000.1.24.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22870.html * https://bugzilla.suse.com/show_bug.cgi?id=1229122 * https://bugzilla.suse.com/show_bug.cgi?id=1238572 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 6 16:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 06 Mar 2025 16:30:08 -0000 Subject: SUSE-SU-2025:0802-1: moderate: Security update for go1.24 Message-ID: <174127860899.21425.13705311782386486099@smelt2.prg2.suse.org> # Security update for go1.24 Announcement ID: SUSE-SU-2025:0802-1 Release Date: 2025-03-06T14:05:35Z Rating: moderate References: * bsc#1236217 * bsc#1238572 Cross-References: * CVE-2025-22870 CVSS scores: * CVE-2025-22870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22870 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for go1.24 fixes the following issues: * CVE-2025-22870: golang.org/x/net/proxy, golang.org/x/net/http/httpproxy: Fixed proxy bypass using IPv6 zone IDs (bsc#1238572) Other fixes: * Updated go version to go1.24.1 (bsc#1236217): * go#71986 go#71984 bsc#1238572 security: fix CVE-2025-22870 net/http, x/net/proxy, x/net/http/httpproxy: proxy bypass using IPv6 zone IDs * go#71687 cmd/go: panics with GOAUTH='git dir' go get -x * go#71705 runtime: add linkname of runtime.lastmoduledatap for cloudwego/sonic * go#71728 runtime: usleep computes wrong tv_nsec on s390x * go#71745 crypto: add fips140 as an opaque GODEBUG setting and add documentation for it * go#71829 cmd/compile: fail to compile package in 1.24 * go#71836 os: possible regression from Go 1.23 to Go 1.24 when opening DevNull with O_TRUNC * go#71840 runtime: recover added in range-over-func loop body doesn't stop panic propagation / segfaults printing error * go#71849 os: spurious SIGCHILD on running child process * go#71855 cmd/compile: Pow10 freeze the compiler on certain condition on Go 1.24 * go#71858 debug/buildinfo: false positives with external scanners flag for go117 binary in testdata * go#71876 reflect: Value.Seq panicking on functional iterator methods * go#71904 cmd/compile: nil dereference when storing field of non-nil struct value * go#71916 reflect: Value.Seq iteration value types not matching the type of given int types * go#71938 cmd/compile: "fatal error: found pointer to free object" on arm64 * go#71955 proposal: runtime: allow cleanups to run concurrently * go#71963 runtime/cgo: does not build with -Wdeclaration-after-statement * go#71977 syscall: js/wasm file operations fail on windows / node.js ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-802=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-802=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.1-150000.1.12.1 * go1.24-1.24.1-150000.1.12.1 * go1.24-doc-1.24.1-150000.1.12.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.24-race-1.24.1-150000.1.12.1 * go1.24-1.24.1-150000.1.12.1 * go1.24-doc-1.24.1-150000.1.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22870.html * https://bugzilla.suse.com/show_bug.cgi?id=1236217 * https://bugzilla.suse.com/show_bug.cgi?id=1238572 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 6 16:30:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 06 Mar 2025 16:30:12 -0000 Subject: SUSE-SU-2025:0801-1: moderate: Security update for pcp Message-ID: <174127861258.21425.6100115632277310996@smelt2.prg2.suse.org> # Security update for pcp Announcement ID: SUSE-SU-2025:0801-1 Release Date: 2025-03-06T14:04:47Z Rating: moderate References: * bsc#1217826 * bsc#1222815 Cross-References: * CVE-2023-6917 CVSS scores: * CVE-2023-6917 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for pcp fixes the following issues: * Version upgrade 6.2.0 (bsc#1217826, PED#8192, CVE-2023-6917). * Performance CoPilot 6 is not starting due to missing pmlogger_daily.timer (bsc#1222815). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-801=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-801=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-801=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-801=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-801=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * perl-PCP-LogSummary-6.2.0-150400.5.12.3 * pcp-system-tools-6.2.0-150400.5.12.3 * perl-PCP-PMDA-debuginfo-6.2.0-150400.5.12.3 * pcp-devel-6.2.0-150400.5.12.3 * pcp-pmda-logger-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-cifs-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-sendmail-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-hacluster-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-shping-debuginfo-6.2.0-150400.5.12.3 * libpcp_mmv1-6.2.0-150400.5.12.3 * libpcp_trace2-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-cifs-6.2.0-150400.5.12.3 * pcp-pmda-cisco-debuginfo-6.2.0-150400.5.12.3 * pcp-gui-6.2.0-150400.5.12.3 * pcp-pmda-hacluster-6.2.0-150400.5.12.3 * pcp-pmda-mailq-debuginfo-6.2.0-150400.5.12.3 * pcp-debugsource-6.2.0-150400.5.12.3 * libpcp3-6.2.0-150400.5.12.3 * pcp-pmda-mounts-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-apache-6.2.0-150400.5.12.3 * pcp-pmda-summary-6.2.0-150400.5.12.3 * pcp-pmda-weblog-6.2.0-150400.5.12.3 * perl-PCP-PMDA-6.2.0-150400.5.12.3 * libpcp3-debuginfo-6.2.0-150400.5.12.3 * libpcp_import1-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-zimbra-6.2.0-150400.5.12.3 * libpcp_gui2-6.2.0-150400.5.12.3 * pcp-devel-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-systemd-6.2.0-150400.5.12.3 * pcp-pmda-weblog-debuginfo-6.2.0-150400.5.12.3 * perl-PCP-LogImport-debuginfo-6.2.0-150400.5.12.3 * libpcp_mmv1-debuginfo-6.2.0-150400.5.12.3 * libpcp-devel-6.2.0-150400.5.12.3 * pcp-import-collectl2pcp-6.2.0-150400.5.12.3 * pcp-pmda-summary-debuginfo-6.2.0-150400.5.12.3 * pcp-testsuite-debuginfo-6.2.0-150400.5.12.3 * pcp-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-mailq-6.2.0-150400.5.12.3 * pcp-pmda-gfs2-6.2.0-150400.5.12.3 * pcp-pmda-systemd-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-gfs2-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-shping-6.2.0-150400.5.12.3 * pcp-6.2.0-150400.5.12.3 * perl-PCP-LogImport-6.2.0-150400.5.12.3 * libpcp_gui2-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-bash-6.2.0-150400.5.12.3 * perl-PCP-MMV-6.2.0-150400.5.12.3 * pcp-pmda-smart-6.2.0-150400.5.12.3 * pcp-pmda-dm-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-sendmail-6.2.0-150400.5.12.3 * pcp-gui-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-bind2-6.2.0-150400.5.12.3 * pcp-pmda-dm-6.2.0-150400.5.12.3 * pcp-pmda-smart-debuginfo-6.2.0-150400.5.12.3 * perl-PCP-MMV-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-bash-debuginfo-6.2.0-150400.5.12.3 * libpcp_import1-6.2.0-150400.5.12.3 * pcp-pmda-nvidia-gpu-debuginfo-6.2.0-150400.5.12.3 * python3-pcp-6.2.0-150400.5.12.3 * pcp-pmda-lustrecomm-debuginfo-6.2.0-150400.5.12.3 * pcp-system-tools-debuginfo-6.2.0-150400.5.12.3 * python3-pcp-debuginfo-6.2.0-150400.5.12.3 * pcp-testsuite-6.2.0-150400.5.12.3 * pcp-import-collectl2pcp-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-apache-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-roomtemp-6.2.0-150400.5.12.3 * pcp-pmda-sockets-6.2.0-150400.5.12.3 * libpcp_trace2-6.2.0-150400.5.12.3 * pcp-pmda-logger-6.2.0-150400.5.12.3 * pcp-pmda-lustrecomm-6.2.0-150400.5.12.3 * libpcp_web1-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-trace-6.2.0-150400.5.12.3 * pcp-pmda-sockets-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-cisco-6.2.0-150400.5.12.3 * pcp-pmda-mounts-6.2.0-150400.5.12.3 * pcp-pmda-roomtemp-debuginfo-6.2.0-150400.5.12.3 * libpcp_web1-6.2.0-150400.5.12.3 * pcp-pmda-trace-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-nvidia-gpu-6.2.0-150400.5.12.3 * pcp-pmda-zimbra-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-docker-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-docker-6.2.0-150400.5.12.3 * openSUSE Leap 15.4 (noarch) * pcp-pmda-json-6.2.0-150400.5.12.3 * pcp-export-pcp2spark-6.2.0-150400.5.12.3 * pcp-conf-6.2.0-150400.5.12.3 * pcp-export-pcp2elasticsearch-6.2.0-150400.5.12.3 * pcp-pmda-haproxy-6.2.0-150400.5.12.3 * pcp-export-pcp2zabbix-6.2.0-150400.5.12.3 * pcp-export-pcp2graphite-6.2.0-150400.5.12.3 * pcp-pmda-slurm-6.2.0-150400.5.12.3 * pcp-pmda-netcheck-6.2.0-150400.5.12.3 * pcp-pmda-lmsensors-6.2.0-150400.5.12.3 * pcp-pmda-lustre-6.2.0-150400.5.12.3 * pcp-pmda-rabbitmq-6.2.0-150400.5.12.3 * pcp-pmda-memcache-6.2.0-150400.5.12.3 * pcp-pmda-oracle-6.2.0-150400.5.12.3 * pcp-pmda-ds389log-6.2.0-150400.5.12.3 * pcp-pmda-openmetrics-6.2.0-150400.5.12.3 * pcp-pmda-gpfs-6.2.0-150400.5.12.3 * pcp-export-pcp2influxdb-6.2.0-150400.5.12.3 * pcp-pmda-bonding-6.2.0-150400.5.12.3 * pcp-import-ganglia2pcp-6.2.0-150400.5.12.3 * pcp-pmda-mysql-6.2.0-150400.5.12.3 * pcp-pmda-ds389-6.2.0-150400.5.12.3 * pcp-pmda-unbound-6.2.0-150400.5.12.3 * pcp-export-pcp2xml-6.2.0-150400.5.12.3 * pcp-pmda-news-6.2.0-150400.5.12.3 * pcp-pmda-zswap-6.2.0-150400.5.12.3 * pcp-pmda-samba-6.2.0-150400.5.12.3 * pcp-pmda-rsyslog-6.2.0-150400.5.12.3 * pcp-import-mrtg2pcp-6.2.0-150400.5.12.3 * pcp-pmda-postfix-6.2.0-150400.5.12.3 * pcp-pmda-snmp-6.2.0-150400.5.12.3 * pcp-pmda-named-6.2.0-150400.5.12.3 * pcp-pmda-activemq-6.2.0-150400.5.12.3 * pcp-pmda-nutcracker-6.2.0-150400.5.12.3 * pcp-doc-6.2.0-150400.5.12.3 * pcp-pmda-nfsclient-6.2.0-150400.5.12.3 * pcp-pmda-openvswitch-6.2.0-150400.5.12.3 * pcp-import-sar2pcp-6.2.0-150400.5.12.3 * pcp-pmda-gpsd-6.2.0-150400.5.12.3 * pcp-pmda-netfilter-6.2.0-150400.5.12.3 * pcp-pmda-pdns-6.2.0-150400.5.12.3 * pcp-pmda-mic-6.2.0-150400.5.12.3 * pcp-zeroconf-6.2.0-150400.5.12.3 * pcp-pmda-dbping-6.2.0-150400.5.12.3 * pcp-import-iostat2pcp-6.2.0-150400.5.12.3 * pcp-pmda-gluster-6.2.0-150400.5.12.3 * pcp-pmda-redis-6.2.0-150400.5.12.3 * pcp-pmda-nginx-6.2.0-150400.5.12.3 * pcp-pmda-elasticsearch-6.2.0-150400.5.12.3 * pcp-export-pcp2json-6.2.0-150400.5.12.3 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64 i586) * pcp-pmda-infiniband-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-perfevent-6.2.0-150400.5.12.3 * pcp-pmda-perfevent-debuginfo-6.2.0-150400.5.12.3 * pcp-pmda-infiniband-6.2.0-150400.5.12.3 * openSUSE Leap 15.4 (x86_64) * pcp-pmda-resctrl-6.2.0-150400.5.12.3 * pcp-pmda-resctrl-debuginfo-6.2.0-150400.5.12.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * pcp-system-tools-6.2.0-150400.5.12.3 * perl-PCP-PMDA-debuginfo-6.2.0-150400.5.12.3 * pcp-devel-6.2.0-150400.5.12.3 * libpcp_mmv1-6.2.0-150400.5.12.3 * libpcp_trace2-debuginfo-6.2.0-150400.5.12.3 * pcp-debugsource-6.2.0-150400.5.12.3 * libpcp3-6.2.0-150400.5.12.3 * perl-PCP-PMDA-6.2.0-150400.5.12.3 * libpcp3-debuginfo-6.2.0-150400.5.12.3 * libpcp_import1-debuginfo-6.2.0-150400.5.12.3 * libpcp_gui2-6.2.0-150400.5.12.3 * pcp-devel-debuginfo-6.2.0-150400.5.12.3 * perl-PCP-LogImport-debuginfo-6.2.0-150400.5.12.3 * libpcp_mmv1-debuginfo-6.2.0-150400.5.12.3 * libpcp-devel-6.2.0-150400.5.12.3 * pcp-debuginfo-6.2.0-150400.5.12.3 * perl-PCP-LogImport-6.2.0-150400.5.12.3 * pcp-6.2.0-150400.5.12.3 * libpcp_gui2-debuginfo-6.2.0-150400.5.12.3 * perl-PCP-MMV-debuginfo-6.2.0-150400.5.12.3 * libpcp_import1-6.2.0-150400.5.12.3 * python3-pcp-6.2.0-150400.5.12.3 * pcp-system-tools-debuginfo-6.2.0-150400.5.12.3 * python3-pcp-debuginfo-6.2.0-150400.5.12.3 * libpcp_trace2-6.2.0-150400.5.12.3 * libpcp_web1-debuginfo-6.2.0-150400.5.12.3 * perl-PCP-LogSummary-6.2.0-150400.5.12.3 * libpcp_web1-6.2.0-150400.5.12.3 * perl-PCP-MMV-6.2.0-150400.5.12.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * pcp-import-mrtg2pcp-6.2.0-150400.5.12.3 * pcp-import-sar2pcp-6.2.0-150400.5.12.3 * pcp-conf-6.2.0-150400.5.12.3 * pcp-import-iostat2pcp-6.2.0-150400.5.12.3 * pcp-doc-6.2.0-150400.5.12.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * pcp-system-tools-6.2.0-150400.5.12.3 * perl-PCP-PMDA-debuginfo-6.2.0-150400.5.12.3 * pcp-devel-6.2.0-150400.5.12.3 * libpcp_mmv1-6.2.0-150400.5.12.3 * libpcp_trace2-debuginfo-6.2.0-150400.5.12.3 * pcp-debugsource-6.2.0-150400.5.12.3 * libpcp3-6.2.0-150400.5.12.3 * perl-PCP-PMDA-6.2.0-150400.5.12.3 * libpcp3-debuginfo-6.2.0-150400.5.12.3 * libpcp_import1-debuginfo-6.2.0-150400.5.12.3 * libpcp_gui2-6.2.0-150400.5.12.3 * pcp-devel-debuginfo-6.2.0-150400.5.12.3 * perl-PCP-LogImport-debuginfo-6.2.0-150400.5.12.3 * libpcp_mmv1-debuginfo-6.2.0-150400.5.12.3 * libpcp-devel-6.2.0-150400.5.12.3 * pcp-debuginfo-6.2.0-150400.5.12.3 * perl-PCP-LogImport-6.2.0-150400.5.12.3 * pcp-6.2.0-150400.5.12.3 * libpcp_gui2-debuginfo-6.2.0-150400.5.12.3 * perl-PCP-MMV-debuginfo-6.2.0-150400.5.12.3 * libpcp_import1-6.2.0-150400.5.12.3 * python3-pcp-6.2.0-150400.5.12.3 * pcp-system-tools-debuginfo-6.2.0-150400.5.12.3 * python3-pcp-debuginfo-6.2.0-150400.5.12.3 * libpcp_trace2-6.2.0-150400.5.12.3 * libpcp_web1-debuginfo-6.2.0-150400.5.12.3 * perl-PCP-LogSummary-6.2.0-150400.5.12.3 * libpcp_web1-6.2.0-150400.5.12.3 * perl-PCP-MMV-6.2.0-150400.5.12.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * pcp-import-mrtg2pcp-6.2.0-150400.5.12.3 * pcp-import-sar2pcp-6.2.0-150400.5.12.3 * pcp-conf-6.2.0-150400.5.12.3 * pcp-import-iostat2pcp-6.2.0-150400.5.12.3 * pcp-doc-6.2.0-150400.5.12.3 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * pcp-system-tools-6.2.0-150400.5.12.3 * perl-PCP-PMDA-debuginfo-6.2.0-150400.5.12.3 * pcp-devel-6.2.0-150400.5.12.3 * libpcp_mmv1-6.2.0-150400.5.12.3 * libpcp_trace2-debuginfo-6.2.0-150400.5.12.3 * pcp-debugsource-6.2.0-150400.5.12.3 * libpcp3-6.2.0-150400.5.12.3 * perl-PCP-PMDA-6.2.0-150400.5.12.3 * libpcp3-debuginfo-6.2.0-150400.5.12.3 * libpcp_import1-debuginfo-6.2.0-150400.5.12.3 * libpcp_gui2-6.2.0-150400.5.12.3 * pcp-devel-debuginfo-6.2.0-150400.5.12.3 * perl-PCP-LogImport-debuginfo-6.2.0-150400.5.12.3 * libpcp_mmv1-debuginfo-6.2.0-150400.5.12.3 * libpcp-devel-6.2.0-150400.5.12.3 * pcp-debuginfo-6.2.0-150400.5.12.3 * perl-PCP-LogImport-6.2.0-150400.5.12.3 * pcp-6.2.0-150400.5.12.3 * libpcp_gui2-debuginfo-6.2.0-150400.5.12.3 * perl-PCP-MMV-debuginfo-6.2.0-150400.5.12.3 * libpcp_import1-6.2.0-150400.5.12.3 * python3-pcp-6.2.0-150400.5.12.3 * pcp-system-tools-debuginfo-6.2.0-150400.5.12.3 * python3-pcp-debuginfo-6.2.0-150400.5.12.3 * libpcp_trace2-6.2.0-150400.5.12.3 * libpcp_web1-debuginfo-6.2.0-150400.5.12.3 * perl-PCP-LogSummary-6.2.0-150400.5.12.3 * libpcp_web1-6.2.0-150400.5.12.3 * perl-PCP-MMV-6.2.0-150400.5.12.3 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * pcp-import-mrtg2pcp-6.2.0-150400.5.12.3 * pcp-import-sar2pcp-6.2.0-150400.5.12.3 * pcp-conf-6.2.0-150400.5.12.3 * pcp-import-iostat2pcp-6.2.0-150400.5.12.3 * pcp-doc-6.2.0-150400.5.12.3 * SUSE Linux Enterprise Server 15 SP4 LTSS (ppc64le) * pcp-pmda-perfevent-6.2.0-150400.5.12.3 * pcp-pmda-perfevent-debuginfo-6.2.0-150400.5.12.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * pcp-system-tools-6.2.0-150400.5.12.3 * perl-PCP-PMDA-debuginfo-6.2.0-150400.5.12.3 * pcp-devel-6.2.0-150400.5.12.3 * libpcp_mmv1-6.2.0-150400.5.12.3 * libpcp_trace2-debuginfo-6.2.0-150400.5.12.3 * pcp-debugsource-6.2.0-150400.5.12.3 * libpcp3-6.2.0-150400.5.12.3 * perl-PCP-PMDA-6.2.0-150400.5.12.3 * libpcp3-debuginfo-6.2.0-150400.5.12.3 * libpcp_import1-debuginfo-6.2.0-150400.5.12.3 * libpcp_gui2-6.2.0-150400.5.12.3 * pcp-devel-debuginfo-6.2.0-150400.5.12.3 * perl-PCP-LogImport-debuginfo-6.2.0-150400.5.12.3 * libpcp_mmv1-debuginfo-6.2.0-150400.5.12.3 * libpcp-devel-6.2.0-150400.5.12.3 * pcp-debuginfo-6.2.0-150400.5.12.3 * perl-PCP-LogImport-6.2.0-150400.5.12.3 * pcp-6.2.0-150400.5.12.3 * libpcp_gui2-debuginfo-6.2.0-150400.5.12.3 * perl-PCP-MMV-debuginfo-6.2.0-150400.5.12.3 * libpcp_import1-6.2.0-150400.5.12.3 * python3-pcp-6.2.0-150400.5.12.3 * pcp-system-tools-debuginfo-6.2.0-150400.5.12.3 * python3-pcp-debuginfo-6.2.0-150400.5.12.3 * libpcp_trace2-6.2.0-150400.5.12.3 * libpcp_web1-debuginfo-6.2.0-150400.5.12.3 * perl-PCP-LogSummary-6.2.0-150400.5.12.3 * libpcp_web1-6.2.0-150400.5.12.3 * perl-PCP-MMV-6.2.0-150400.5.12.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * pcp-import-mrtg2pcp-6.2.0-150400.5.12.3 * pcp-import-sar2pcp-6.2.0-150400.5.12.3 * pcp-conf-6.2.0-150400.5.12.3 * pcp-import-iostat2pcp-6.2.0-150400.5.12.3 * pcp-doc-6.2.0-150400.5.12.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le) * pcp-pmda-perfevent-6.2.0-150400.5.12.3 * pcp-pmda-perfevent-debuginfo-6.2.0-150400.5.12.3 ## References: * https://www.suse.com/security/cve/CVE-2023-6917.html * https://bugzilla.suse.com/show_bug.cgi?id=1217826 * https://bugzilla.suse.com/show_bug.cgi?id=1222815 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 6 16:30:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 06 Mar 2025 16:30:21 -0000 Subject: SUSE-SU-2025:0798-1: important: Security update for emacs Message-ID: <174127862117.21425.12881073533077974902@smelt2.prg2.suse.org> # Security update for emacs Announcement ID: SUSE-SU-2025:0798-1 Release Date: 2025-03-06T13:05:05Z Rating: important References: * bsc#1233894 Cross-References: * CVE-2024-53920 CVSS scores: * CVE-2024-53920 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53920 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-53920 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for emacs fixes the following issues: * CVE-2024-53920: Fixed arbitrary code execution via Lisp macro expansion (bsc#1233894). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-798=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-798=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-798=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-798=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-798=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-798=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-798=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-798=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-798=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-798=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-798=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-798=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-798=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-798=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-798=1 ## Package List: * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * emacs-x11-27.2-150400.3.26.1 * emacs-nox-27.2-150400.3.26.1 * emacs-x11-debuginfo-27.2-150400.3.26.1 * emacs-nox-debuginfo-27.2-150400.3.26.1 * emacs-debuginfo-27.2-150400.3.26.1 * emacs-27.2-150400.3.26.1 * etags-debuginfo-27.2-150400.3.26.1 * emacs-debugsource-27.2-150400.3.26.1 * etags-27.2-150400.3.26.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * emacs-el-27.2-150400.3.26.1 * emacs-info-27.2-150400.3.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * emacs-x11-27.2-150400.3.26.1 * emacs-nox-27.2-150400.3.26.1 * emacs-x11-debuginfo-27.2-150400.3.26.1 * emacs-nox-debuginfo-27.2-150400.3.26.1 * emacs-debuginfo-27.2-150400.3.26.1 * emacs-27.2-150400.3.26.1 * etags-debuginfo-27.2-150400.3.26.1 * emacs-debugsource-27.2-150400.3.26.1 * etags-27.2-150400.3.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * emacs-el-27.2-150400.3.26.1 * emacs-info-27.2-150400.3.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * emacs-x11-27.2-150400.3.26.1 * emacs-nox-27.2-150400.3.26.1 * emacs-x11-debuginfo-27.2-150400.3.26.1 * emacs-nox-debuginfo-27.2-150400.3.26.1 * emacs-debuginfo-27.2-150400.3.26.1 * emacs-27.2-150400.3.26.1 * etags-debuginfo-27.2-150400.3.26.1 * emacs-debugsource-27.2-150400.3.26.1 * etags-27.2-150400.3.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * emacs-el-27.2-150400.3.26.1 * emacs-info-27.2-150400.3.26.1 * SUSE Manager Proxy 4.3 (x86_64) * emacs-nox-27.2-150400.3.26.1 * emacs-nox-debuginfo-27.2-150400.3.26.1 * emacs-debuginfo-27.2-150400.3.26.1 * emacs-27.2-150400.3.26.1 * etags-debuginfo-27.2-150400.3.26.1 * emacs-debugsource-27.2-150400.3.26.1 * etags-27.2-150400.3.26.1 * SUSE Manager Proxy 4.3 (noarch) * emacs-el-27.2-150400.3.26.1 * emacs-info-27.2-150400.3.26.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * emacs-nox-27.2-150400.3.26.1 * emacs-nox-debuginfo-27.2-150400.3.26.1 * emacs-debuginfo-27.2-150400.3.26.1 * emacs-27.2-150400.3.26.1 * etags-debuginfo-27.2-150400.3.26.1 * emacs-debugsource-27.2-150400.3.26.1 * etags-27.2-150400.3.26.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * emacs-el-27.2-150400.3.26.1 * emacs-info-27.2-150400.3.26.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * emacs-nox-27.2-150400.3.26.1 * emacs-nox-debuginfo-27.2-150400.3.26.1 * emacs-debuginfo-27.2-150400.3.26.1 * emacs-27.2-150400.3.26.1 * etags-debuginfo-27.2-150400.3.26.1 * emacs-debugsource-27.2-150400.3.26.1 * etags-27.2-150400.3.26.1 * SUSE Manager Server 4.3 (noarch) * emacs-el-27.2-150400.3.26.1 * emacs-info-27.2-150400.3.26.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * emacs-x11-27.2-150400.3.26.1 * emacs-nox-27.2-150400.3.26.1 * emacs-x11-debuginfo-27.2-150400.3.26.1 * emacs-nox-debuginfo-27.2-150400.3.26.1 * emacs-debuginfo-27.2-150400.3.26.1 * emacs-27.2-150400.3.26.1 * etags-debuginfo-27.2-150400.3.26.1 * emacs-debugsource-27.2-150400.3.26.1 * etags-27.2-150400.3.26.1 * openSUSE Leap 15.4 (noarch) * emacs-el-27.2-150400.3.26.1 * emacs-info-27.2-150400.3.26.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * emacs-x11-27.2-150400.3.26.1 * emacs-nox-27.2-150400.3.26.1 * emacs-x11-debuginfo-27.2-150400.3.26.1 * emacs-nox-debuginfo-27.2-150400.3.26.1 * emacs-debuginfo-27.2-150400.3.26.1 * emacs-27.2-150400.3.26.1 * etags-debuginfo-27.2-150400.3.26.1 * emacs-debugsource-27.2-150400.3.26.1 * etags-27.2-150400.3.26.1 * openSUSE Leap 15.6 (noarch) * emacs-el-27.2-150400.3.26.1 * emacs-info-27.2-150400.3.26.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * emacs-nox-27.2-150400.3.26.1 * emacs-nox-debuginfo-27.2-150400.3.26.1 * emacs-debuginfo-27.2-150400.3.26.1 * emacs-27.2-150400.3.26.1 * etags-debuginfo-27.2-150400.3.26.1 * emacs-debugsource-27.2-150400.3.26.1 * etags-27.2-150400.3.26.1 * Basesystem Module 15-SP6 (noarch) * emacs-el-27.2-150400.3.26.1 * emacs-info-27.2-150400.3.26.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * emacs-x11-27.2-150400.3.26.1 * emacs-x11-debuginfo-27.2-150400.3.26.1 * emacs-debuginfo-27.2-150400.3.26.1 * emacs-debugsource-27.2-150400.3.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * emacs-x11-27.2-150400.3.26.1 * emacs-nox-27.2-150400.3.26.1 * emacs-x11-debuginfo-27.2-150400.3.26.1 * emacs-nox-debuginfo-27.2-150400.3.26.1 * emacs-debuginfo-27.2-150400.3.26.1 * emacs-27.2-150400.3.26.1 * etags-debuginfo-27.2-150400.3.26.1 * emacs-debugsource-27.2-150400.3.26.1 * etags-27.2-150400.3.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * emacs-el-27.2-150400.3.26.1 * emacs-info-27.2-150400.3.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * emacs-x11-27.2-150400.3.26.1 * emacs-nox-27.2-150400.3.26.1 * emacs-x11-debuginfo-27.2-150400.3.26.1 * emacs-nox-debuginfo-27.2-150400.3.26.1 * emacs-debuginfo-27.2-150400.3.26.1 * emacs-27.2-150400.3.26.1 * etags-debuginfo-27.2-150400.3.26.1 * emacs-debugsource-27.2-150400.3.26.1 * etags-27.2-150400.3.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * emacs-el-27.2-150400.3.26.1 * emacs-info-27.2-150400.3.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * emacs-x11-27.2-150400.3.26.1 * emacs-nox-27.2-150400.3.26.1 * emacs-x11-debuginfo-27.2-150400.3.26.1 * emacs-nox-debuginfo-27.2-150400.3.26.1 * emacs-debuginfo-27.2-150400.3.26.1 * emacs-27.2-150400.3.26.1 * etags-debuginfo-27.2-150400.3.26.1 * emacs-debugsource-27.2-150400.3.26.1 * etags-27.2-150400.3.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * emacs-el-27.2-150400.3.26.1 * emacs-info-27.2-150400.3.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * emacs-x11-27.2-150400.3.26.1 * emacs-nox-27.2-150400.3.26.1 * emacs-x11-debuginfo-27.2-150400.3.26.1 * emacs-nox-debuginfo-27.2-150400.3.26.1 * emacs-debuginfo-27.2-150400.3.26.1 * emacs-27.2-150400.3.26.1 * etags-debuginfo-27.2-150400.3.26.1 * emacs-debugsource-27.2-150400.3.26.1 * etags-27.2-150400.3.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * emacs-el-27.2-150400.3.26.1 * emacs-info-27.2-150400.3.26.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * emacs-x11-27.2-150400.3.26.1 * emacs-nox-27.2-150400.3.26.1 * emacs-x11-debuginfo-27.2-150400.3.26.1 * emacs-nox-debuginfo-27.2-150400.3.26.1 * emacs-debuginfo-27.2-150400.3.26.1 * emacs-27.2-150400.3.26.1 * etags-debuginfo-27.2-150400.3.26.1 * emacs-debugsource-27.2-150400.3.26.1 * etags-27.2-150400.3.26.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * emacs-el-27.2-150400.3.26.1 * emacs-info-27.2-150400.3.26.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53920.html * https://bugzilla.suse.com/show_bug.cgi?id=1233894 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 10 12:30:15 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 10 Mar 2025 12:30:15 -0000 Subject: SUSE-SU-2025:0814-1: moderate: Security update for python Message-ID: <174160981533.2010.16239026886159367907@smelt2.prg2.suse.org> # Security update for python Announcement ID: SUSE-SU-2025:0814-1 Release Date: 2025-03-10T08:35:29Z Rating: moderate References: * bsc#1223694 * bsc#1236705 Cross-References: * CVE-2025-0938 CVSS scores: * CVE-2025-0938 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N * CVE-2025-0938 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-0938 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python fixes the following issues: * Reference to no longer used 'bracketed_host' variable in the fix for CVE-2025-0938 (bsc#1236705, bsc#1223694). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-814=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * python-devel-2.7.18-33.44.1 * python-base-debuginfo-2.7.18-33.44.1 * libpython2_7-1_0-debuginfo-32bit-2.7.18-33.44.1 * python-tk-debuginfo-2.7.18-33.44.1 * python-xml-2.7.18-33.44.1 * python-32bit-2.7.18-33.44.1 * python-debuginfo-2.7.18-33.44.1 * python-idle-2.7.18-33.44.1 * python-base-2.7.18-33.44.1 * python-base-32bit-2.7.18-33.44.1 * python-tk-2.7.18-33.44.1 * python-gdbm-debuginfo-2.7.18-33.44.1 * python-debuginfo-32bit-2.7.18-33.44.1 * python-gdbm-2.7.18-33.44.1 * libpython2_7-1_0-debuginfo-2.7.18-33.44.1 * python-demo-2.7.18-33.44.1 * python-curses-debuginfo-2.7.18-33.44.1 * libpython2_7-1_0-2.7.18-33.44.1 * python-curses-2.7.18-33.44.1 * python-debugsource-2.7.18-33.44.1 * libpython2_7-1_0-32bit-2.7.18-33.44.1 * python-base-debuginfo-32bit-2.7.18-33.44.1 * python-xml-debuginfo-2.7.18-33.44.1 * python-base-debugsource-2.7.18-33.44.1 * python-2.7.18-33.44.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * python-doc-pdf-2.7.18-33.44.1 * python-doc-2.7.18-33.44.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0938.html * https://bugzilla.suse.com/show_bug.cgi?id=1223694 * https://bugzilla.suse.com/show_bug.cgi?id=1236705 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 10 12:30:18 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 10 Mar 2025 12:30:18 -0000 Subject: SUSE-SU-2025:0813-1: important: Security update for buildah Message-ID: <174160981837.2010.11829894947108785611@smelt2.prg2.suse.org> # Security update for buildah Announcement ID: SUSE-SU-2025:0813-1 Release Date: 2025-03-10T08:35:15Z Rating: important References: * bsc#1236531 * bsc#1237681 Cross-References: * CVE-2023-45288 * CVE-2025-27144 CVSS scores: * CVE-2023-45288 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-45288 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for buildah fixes the following issues: * CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of CONTINUATION frames read for an HTTP/2 request in golang.org/x/net/http2. (bsc#1236531) * CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE (bsc#1237681) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-813=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-813=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-813=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-813=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-813=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * buildah-1.35.5-150300.8.36.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * buildah-1.35.5-150300.8.36.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * buildah-1.35.5-150300.8.36.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * buildah-1.35.5-150300.8.36.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * buildah-1.35.5-150300.8.36.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45288.html * https://www.suse.com/security/cve/CVE-2025-27144.html * https://bugzilla.suse.com/show_bug.cgi?id=1236531 * https://bugzilla.suse.com/show_bug.cgi?id=1237681 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 10 12:30:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 10 Mar 2025 12:30:21 -0000 Subject: SUSE-SU-2025:0812-1: important: Security update for buildah Message-ID: <174160982109.2010.14571387951580396602@smelt2.prg2.suse.org> # Security update for buildah Announcement ID: SUSE-SU-2025:0812-1 Release Date: 2025-03-10T08:34:53Z Rating: important References: * bsc#1237681 Cross-References: * CVE-2025-27144 CVSS scores: * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for buildah fixes the following issues: * CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE (bsc#1237681) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-812=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-812=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-812=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-812=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-812=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * buildah-1.35.5-150400.3.42.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * buildah-1.35.5-150400.3.42.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * buildah-1.35.5-150400.3.42.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * buildah-1.35.5-150400.3.42.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * buildah-1.35.5-150400.3.42.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27144.html * https://bugzilla.suse.com/show_bug.cgi?id=1237681 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 10 12:30:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 10 Mar 2025 12:30:25 -0000 Subject: SUSE-SU-2025:0811-1: important: Security update for buildah Message-ID: <174160982517.2010.9493740537046556418@smelt2.prg2.suse.org> # Security update for buildah Announcement ID: SUSE-SU-2025:0811-1 Release Date: 2025-03-10T08:34:33Z Rating: important References: * bsc#1237681 Cross-References: * CVE-2025-27144 CVSS scores: * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for buildah fixes the following issues: * CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE (bsc#1237681) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-811=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-811=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-811=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-811=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-811=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-811=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-811=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * buildah-1.35.5-150500.3.31.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * buildah-1.35.5-150500.3.31.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * buildah-1.35.5-150500.3.31.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * buildah-1.35.5-150500.3.31.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * buildah-1.35.5-150500.3.31.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * buildah-1.35.5-150500.3.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * buildah-1.35.5-150500.3.31.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27144.html * https://bugzilla.suse.com/show_bug.cgi?id=1237681 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 10 16:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 10 Mar 2025 16:30:07 -0000 Subject: SUSE-SU-2025:0822-1: moderate: Security update for krb5 Message-ID: <174162420746.2010.16573041523105480985@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2025:0822-1 Release Date: 2025-03-10T15:33:41Z Rating: moderate References: * bsc#1236619 Cross-References: * CVE-2025-24528 CVSS scores: * CVE-2025-24528 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-24528 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2025-24528: Fixed out-of-bounds write caused by overflow when calculating ulog block size can lead to process crash (bsc#1236619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-822=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-822=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-822=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-822=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * krb5-mini-debugsource-1.19.2-150300.22.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.22.1 * krb5-debuginfo-1.19.2-150300.22.1 * krb5-client-debuginfo-1.19.2-150300.22.1 * krb5-devel-1.19.2-150300.22.1 * krb5-mini-1.19.2-150300.22.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.22.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.22.1 * krb5-server-debuginfo-1.19.2-150300.22.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.22.1 * krb5-mini-debuginfo-1.19.2-150300.22.1 * krb5-plugin-kdb-ldap-1.19.2-150300.22.1 * krb5-plugin-preauth-spake-1.19.2-150300.22.1 * krb5-plugin-preauth-otp-1.19.2-150300.22.1 * krb5-mini-devel-1.19.2-150300.22.1 * krb5-debugsource-1.19.2-150300.22.1 * krb5-1.19.2-150300.22.1 * krb5-client-1.19.2-150300.22.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.22.1 * krb5-server-1.19.2-150300.22.1 * openSUSE Leap 15.3 (x86_64) * krb5-32bit-debuginfo-1.19.2-150300.22.1 * krb5-devel-32bit-1.19.2-150300.22.1 * krb5-32bit-1.19.2-150300.22.1 * openSUSE Leap 15.3 (aarch64_ilp32) * krb5-devel-64bit-1.19.2-150300.22.1 * krb5-64bit-debuginfo-1.19.2-150300.22.1 * krb5-64bit-1.19.2-150300.22.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * krb5-1.19.2-150300.22.1 * krb5-debugsource-1.19.2-150300.22.1 * krb5-debuginfo-1.19.2-150300.22.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * krb5-1.19.2-150300.22.1 * krb5-debugsource-1.19.2-150300.22.1 * krb5-debuginfo-1.19.2-150300.22.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * krb5-1.19.2-150300.22.1 * krb5-debugsource-1.19.2-150300.22.1 * krb5-debuginfo-1.19.2-150300.22.1 ## References: * https://www.suse.com/security/cve/CVE-2025-24528.html * https://bugzilla.suse.com/show_bug.cgi?id=1236619 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 10 16:30:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 10 Mar 2025 16:30:16 -0000 Subject: SUSE-SU-2025:0818-1: moderate: Security update for libxkbfile Message-ID: <174162421677.2010.9798483238901606256@smelt2.prg2.suse.org> # Security update for libxkbfile Announcement ID: SUSE-SU-2025:0818-1 Release Date: 2025-03-10T13:59:50Z Rating: moderate References: * bsc#1237429 Cross-References: * CVE-2025-26595 CVSS scores: * CVE-2025-26595 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-26595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-26595 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libxkbfile fixes the following issues: * CVE-2025-26595: Fixed buffer overflow in XkbVModMaskText() (bsc#1237429). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-818=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-818=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libxkbfile-devel-1.0.8-12.3.1 * libxkbfile1-debuginfo-1.0.8-12.3.1 * libxkbfile1-1.0.8-12.3.1 * libxkbfile-debugsource-1.0.8-12.3.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libxkbfile1-32bit-1.0.8-12.3.1 * libxkbfile1-debuginfo-32bit-1.0.8-12.3.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libxkbfile-devel-1.0.8-12.3.1 * libxkbfile1-1.0.8-12.3.1 * libxkbfile-debugsource-1.0.8-12.3.1 * libxkbfile1-debuginfo-1.0.8-12.3.1 * libxkbfile1-32bit-1.0.8-12.3.1 * libxkbfile1-debuginfo-32bit-1.0.8-12.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-26595.html * https://bugzilla.suse.com/show_bug.cgi?id=1237429 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 10 16:30:20 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 10 Mar 2025 16:30:20 -0000 Subject: SUSE-SU-2025:0817-1: moderate: Security update for u-boot Message-ID: <174162422001.2010.3433285305347464525@smelt2.prg2.suse.org> # Security update for u-boot Announcement ID: SUSE-SU-2025:0817-1 Release Date: 2025-03-10T13:59:32Z Rating: moderate References: * bsc#1237284 * bsc#1237287 Cross-References: * CVE-2024-57256 * CVE-2024-57258 CVSS scores: * CVE-2024-57256 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-57256 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2024-57256 ( NVD ): 7.1 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-57258 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-57258 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2024-57258 ( NVD ): 7.1 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for u-boot fixes the following issues: * CVE-2024-57256: integer overflow in U-Boot's ext4 symlink resolution function (bsc#1237284). * CVE-2024-57258: multiple integer overflows in U-Boot's memory allocator (bsc#1237287). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-817=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-817=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-817=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * u-boot-tools-2021.01-150300.7.24.1 * u-boot-tools-debuginfo-2021.01-150300.7.24.1 * openSUSE Leap 15.3 (aarch64) * u-boot-odroid-c2-2021.01-150300.7.24.1 * u-boot-mvebudbarmada8k-2021.01-150300.7.24.1 * u-boot-poplar-doc-2021.01-150300.7.24.1 * u-boot-rock960-rk3399-doc-2021.01-150300.7.24.1 * u-boot-rpiarm64-2021.01-150300.7.24.1 * u-boot-firefly-rk3399-2021.01-150300.7.24.1 * u-boot-rpi4-2021.01-150300.7.24.1 * u-boot-orangepipc2-2021.01-150300.7.24.1 * u-boot-pineh64-doc-2021.01-150300.7.24.1 * u-boot-rock64-rk3328-doc-2021.01-150300.7.24.1 * u-boot-p3450-0000-2021.01-150300.7.24.1 * u-boot-avnetultra96rev1-doc-2021.01-150300.7.24.1 * u-boot-rockpro64-rk3399-2021.01-150300.7.24.1 * u-boot-khadas-vim-doc-2021.01-150300.7.24.1 * u-boot-khadas-vim2-2021.01-150300.7.24.1 * u-boot-rpi3-doc-2021.01-150300.7.24.1 * u-boot-rpiarm64-doc-2021.01-150300.7.24.1 * u-boot-p2371-2180-2021.01-150300.7.24.1 * u-boot-hikey-doc-2021.01-150300.7.24.1 * u-boot-rock64-rk3328-2021.01-150300.7.24.1 * u-boot-rpi4-doc-2021.01-150300.7.24.1 * u-boot-nanopia64-2021.01-150300.7.24.1 * u-boot-libretech-ac-doc-2021.01-150300.7.24.1 * u-boot-xilinxzynqmpvirt-doc-2021.01-150300.7.24.1 * u-boot-geekbox-2021.01-150300.7.24.1 * u-boot-libretech-cc-2021.01-150300.7.24.1 * u-boot-khadas-vim2-doc-2021.01-150300.7.24.1 * u-boot-mvebudb-88f3720-doc-2021.01-150300.7.24.1 * u-boot-xilinxzynqmpvirt-2021.01-150300.7.24.1 * u-boot-poplar-2021.01-150300.7.24.1 * u-boot-ls1012afrdmqspi-doc-2021.01-150300.7.24.1 * u-boot-orangepipc2-doc-2021.01-150300.7.24.1 * u-boot-nanopia64-doc-2021.01-150300.7.24.1 * u-boot-firefly-rk3399-doc-2021.01-150300.7.24.1 * u-boot-pine64plus-doc-2021.01-150300.7.24.1 * u-boot-rock-pi-4-rk3399-2021.01-150300.7.24.1 * u-boot-rock-pi-4-rk3399-doc-2021.01-150300.7.24.1 * u-boot-hikey-2021.01-150300.7.24.1 * u-boot-rock960-rk3399-2021.01-150300.7.24.1 * u-boot-mvebumcbin-88f8040-doc-2021.01-150300.7.24.1 * u-boot-evb-rk3399-2021.01-150300.7.24.1 * u-boot-p2371-2180-doc-2021.01-150300.7.24.1 * u-boot-pinebook-pro-rk3399-2021.01-150300.7.24.1 * u-boot-pinephone-2021.01-150300.7.24.1 * u-boot-rpi3-2021.01-150300.7.24.1 * u-boot-pinebook-doc-2021.01-150300.7.24.1 * u-boot-xilinxzynqmpzcu102rev10-2021.01-150300.7.24.1 * u-boot-rockpro64-rk3399-doc-2021.01-150300.7.24.1 * u-boot-p2771-0000-500-doc-2021.01-150300.7.24.1 * u-boot-libretech-cc-doc-2021.01-150300.7.24.1 * u-boot-mvebumcbin-88f8040-2021.01-150300.7.24.1 * u-boot-mvebudbarmada8k-doc-2021.01-150300.7.24.1 * u-boot-pinephone-doc-2021.01-150300.7.24.1 * u-boot-bananapim64-2021.01-150300.7.24.1 * u-boot-odroid-c4-doc-2021.01-150300.7.24.1 * u-boot-mvebudb-88f3720-2021.01-150300.7.24.1 * u-boot-avnetultra96rev1-2021.01-150300.7.24.1 * u-boot-pine64plus-2021.01-150300.7.24.1 * u-boot-geekbox-doc-2021.01-150300.7.24.1 * u-boot-odroid-c2-doc-2021.01-150300.7.24.1 * u-boot-pineh64-2021.01-150300.7.24.1 * u-boot-odroid-n2-doc-2021.01-150300.7.24.1 * u-boot-ls1012afrdmqspi-2021.01-150300.7.24.1 * u-boot-dragonboard820c-2021.01-150300.7.24.1 * u-boot-evb-rk3399-doc-2021.01-150300.7.24.1 * u-boot-p3450-0000-doc-2021.01-150300.7.24.1 * u-boot-pinebook-2021.01-150300.7.24.1 * u-boot-odroid-c4-2021.01-150300.7.24.1 * u-boot-dragonboard410c-doc-2021.01-150300.7.24.1 * u-boot-dragonboard820c-doc-2021.01-150300.7.24.1 * u-boot-mvebuespressobin-88f3720-doc-2021.01-150300.7.24.1 * u-boot-p2771-0000-500-2021.01-150300.7.24.1 * u-boot-dragonboard410c-2021.01-150300.7.24.1 * u-boot-khadas-vim-2021.01-150300.7.24.1 * u-boot-odroid-n2-2021.01-150300.7.24.1 * u-boot-pinebook-pro-rk3399-doc-2021.01-150300.7.24.1 * u-boot-xilinxzynqmpzcu102rev10-doc-2021.01-150300.7.24.1 * u-boot-mvebuespressobin-88f3720-2021.01-150300.7.24.1 * u-boot-bananapim64-doc-2021.01-150300.7.24.1 * u-boot-libretech-ac-2021.01-150300.7.24.1 * SUSE Linux Enterprise Micro 5.2 (aarch64) * u-boot-rpiarm64-2021.01-150300.7.24.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64) * u-boot-rpiarm64-2021.01-150300.7.24.1 ## References: * https://www.suse.com/security/cve/CVE-2024-57256.html * https://www.suse.com/security/cve/CVE-2024-57258.html * https://bugzilla.suse.com/show_bug.cgi?id=1237284 * https://bugzilla.suse.com/show_bug.cgi?id=1237287 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 10 20:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 10 Mar 2025 20:30:09 -0000 Subject: SUSE-SU-2025:0821-1: moderate: Security update for iniparser Message-ID: <174163860900.12693.17483613906331151684@smelt2.prg2.suse.org> # Security update for iniparser Announcement ID: SUSE-SU-2025:0821-1 Release Date: 2025-03-10T15:03:27Z Rating: moderate References: * bsc#1237377 Cross-References: * CVE-2025-0633 CVSS scores: * CVE-2025-0633 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-0633 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-0633 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for iniparser fixes the following issues: * CVE-2025-0633: string copy into buffer without previous size validation leads to heap buffer overflow in iniparser_dumpsection_ini() of iniparser (bsc#1237377). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-821=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-821=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-821=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libiniparser-devel-4.1-150500.4.8.1 * iniparser-debugsource-4.1-150500.4.8.1 * libiniparser1-debuginfo-4.1-150500.4.8.1 * libiniparser1-4.1-150500.4.8.1 * openSUSE Leap 15.5 (x86_64) * libiniparser1-32bit-4.1-150500.4.8.1 * libiniparser1-32bit-debuginfo-4.1-150500.4.8.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libiniparser1-64bit-4.1-150500.4.8.1 * libiniparser1-64bit-debuginfo-4.1-150500.4.8.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libiniparser-devel-4.1-150500.4.8.1 * iniparser-debugsource-4.1-150500.4.8.1 * libiniparser1-debuginfo-4.1-150500.4.8.1 * libiniparser1-4.1-150500.4.8.1 * openSUSE Leap 15.6 (x86_64) * libiniparser1-32bit-4.1-150500.4.8.1 * libiniparser1-32bit-debuginfo-4.1-150500.4.8.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libiniparser1-debuginfo-4.1-150500.4.8.1 * iniparser-debugsource-4.1-150500.4.8.1 * libiniparser1-4.1-150500.4.8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0633.html * https://bugzilla.suse.com/show_bug.cgi?id=1237377 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 11 12:31:24 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 11 Mar 2025 12:31:24 -0000 Subject: SUSE-SU-2025:0834-1: important: Security update for the Linux Kernel Message-ID: <174169628425.2010.1491017134817263504@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0834-1 Release Date: 2025-03-11T10:55:30Z Rating: important References: * bsc#1050081 * bsc#1051510 * bsc#1065729 * bsc#1100823 * bsc#1101669 * bsc#1104731 * bsc#1112246 * bsc#1112894 * bsc#1112899 * bsc#1112902 * bsc#1112903 * bsc#1112905 * bsc#1112906 * bsc#1112907 * bsc#1113295 * bsc#1120902 * bsc#1141539 * bsc#1158082 * bsc#1174206 * bsc#1175165 * bsc#1179444 * bsc#1186482 * bsc#1188601 * bsc#1190358 * bsc#1190428 * bsc#1191881 * bsc#1201420 * bsc#1203410 * bsc#1203935 * bsc#1207168 * bsc#1212051 * bsc#1217947 * bsc#1219169 * bsc#1220946 * bsc#1221816 * bsc#1222803 * bsc#1223432 * bsc#1223509 * bsc#1223512 * bsc#1223524 * bsc#1223626 * bsc#1223627 * bsc#1223712 * bsc#1223715 * bsc#1223744 * bsc#1223819 * bsc#1224095 * bsc#1224988 * bsc#1225742 * bsc#1231885 * bsc#1231912 * bsc#1231920 * bsc#1231941 * bsc#1232104 * bsc#1232147 * bsc#1232159 * bsc#1232163 * bsc#1232198 * bsc#1232201 * bsc#1232262 * bsc#1232416 * bsc#1232520 * bsc#1232919 * bsc#1233248 * bsc#1233522 * bsc#1234853 * bsc#1234891 * bsc#1234963 * bsc#1234999 * bsc#1235054 * bsc#1235061 * bsc#1235073 * bsc#1235435 * bsc#1235441 * bsc#1235485 * bsc#1235538 * bsc#1235965 * bsc#1236115 * bsc#1236122 * bsc#1236123 * bsc#1236689 * bsc#1236757 * bsc#1236761 * bsc#1236821 * bsc#1237017 * bsc#1237025 * bsc#1237159 * bsc#1237738 * bsc#1237758 * bsc#1237766 * bsc#1237778 * bsc#1237783 * bsc#1237788 * bsc#1237875 * bsc#1237982 * bsc#1238006 * bsc#1238033 * bsc#1238041 * bsc#1238107 * bsc#1238148 * bsc#1238256 * bsc#1238260 * bsc#1238270 * bsc#1238275 Cross-References: * CVE-2021-22543 * CVE-2021-37159 * CVE-2021-47634 * CVE-2021-47644 * CVE-2022-2991 * CVE-2022-48636 * CVE-2022-48650 * CVE-2022-48664 * CVE-2022-48953 * CVE-2022-48975 * CVE-2022-49006 * CVE-2022-49076 * CVE-2022-49080 * CVE-2022-49089 * CVE-2022-49124 * CVE-2022-49134 * CVE-2022-49135 * CVE-2022-49151 * CVE-2022-49178 * CVE-2022-49182 * CVE-2022-49201 * CVE-2022-49247 * CVE-2022-49490 * CVE-2022-49626 * CVE-2022-49661 * CVE-2023-0394 * CVE-2023-52572 * CVE-2023-52646 * CVE-2023-52653 * CVE-2023-52853 * CVE-2023-52924 * CVE-2023-6606 * CVE-2024-23307 * CVE-2024-26810 * CVE-2024-26929 * CVE-2024-26930 * CVE-2024-26931 * CVE-2024-27054 * CVE-2024-27388 * CVE-2024-27397 * CVE-2024-47701 * CVE-2024-49867 * CVE-2024-49884 * CVE-2024-49950 * CVE-2024-49963 * CVE-2024-49975 * CVE-2024-50036 * CVE-2024-50067 * CVE-2024-50073 * CVE-2024-50115 * CVE-2024-50251 * CVE-2024-50304 * CVE-2024-53173 * CVE-2024-53217 * CVE-2024-53239 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56605 * CVE-2024-56633 * CVE-2024-56647 * CVE-2024-56658 * CVE-2024-56688 * CVE-2024-57896 * CVE-2025-21638 * CVE-2025-21639 * CVE-2025-21640 * CVE-2025-21673 * CVE-2025-21689 * CVE-2025-21690 * CVE-2025-21700 * CVE-2025-21753 CVSS scores: * CVE-2021-22543 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2021-22543 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-37159 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-37159 ( NVD ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47634 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2021-47634 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47634 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47644 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2021-47644 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-2991 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2022-2991 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48636 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48650 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48650 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48953 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48953 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48975 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48975 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49006 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49006 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49006 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49076 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49076 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49076 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49080 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49080 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49089 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49089 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-49124 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49124 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49134 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49134 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49135 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49135 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49178 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49178 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49182 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49247 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49490 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49626 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49661 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0394 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0394 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52572 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2023-52572 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52646 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52646 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52653 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52653 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52853 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52924 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-52924 ( SUSE ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2023-6606 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2023-6606 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-6606 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26810 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26810 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26929 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26929 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27054 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27054 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27388 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27388 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27397 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47701 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47701 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-47701 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49867 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49867 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49867 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49950 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49963 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49975 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49975 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50036 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50036 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50067 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50067 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50067 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50073 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50073 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-50073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50251 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50251 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50251 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50304 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53217 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53217 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56548 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56633 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56633 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56647 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56647 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56647 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56658 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56658 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56688 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56688 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57896 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57896 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57896 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21638 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21638 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21638 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21639 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21639 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21640 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21640 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21640 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21673 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21673 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-21673 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21689 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21689 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21690 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21690 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21700 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21700 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21753 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Availability Extension 12 SP5 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 71 vulnerabilities and has 33 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-22543: Fixed improper handling of VM_IO|VM_PFNMAP vmas in KVM (bsc#1186482). * CVE-2021-47634: ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl (bsc#1237758). * CVE-2021-47644: media: staging: media: zoran: move videodev alloc (bsc#1237766). * CVE-2022-48953: rtc: cmos: fix build on non-ACPI platforms (bsc#1231941). * CVE-2022-48975: gpiolib: fix memory leak in gpiochip_setup_dev() (bsc#1231885). * CVE-2022-49006: tracing: Free buffers when a used dynamic event is removed (bsc#1232163). * CVE-2022-49076: RDMA/hfi1: Fix use-after-free bug for mm struct (bsc#1237738). * CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033). * CVE-2022-49089: IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition (bsc#1238041). * CVE-2022-49124: x86/mce: Work around an erratum on fast string copy instructions (bsc#1238148). * CVE-2022-49134: mlxsw: spectrum: Guard against invalid local ports (bsc#1237982). * CVE-2022-49135: drm/amd/display: Fix memory leak (bsc#1238006). * CVE-2022-49151: can: mcba_usb: properly check endpoint type (bsc#1237778). * CVE-2022-49178: memstick/mspro_block: fix handling of read-only devices (bsc#1238107). * CVE-2022-49182: net: hns3: add vlan list lock to protect vlan list (bsc#1238260). * CVE-2022-49201: ibmvnic: fix race between xmit and reset (bsc#1238256). * CVE-2022-49247: media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED (bsc#1237783). * CVE-2022-49490: drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is (bsc#1238275). * CVE-2022-49626: sfc: fix use after free when disabling sriov (bsc#1238270). * CVE-2022-49661: can: gs_usb: gs_usb_open/close(): fix memory leak (bsc#1237788). * CVE-2023-52572: Fixed UAF in cifs_demultiplex_thread() in cifs (bsc#1220946). * CVE-2023-52853: hid: cp2112: Fix duplicate workqueue initialization (bsc#1224988). * CVE-2023-52924: netfilter: nf_tables: do not skip expired elements during walk (bsc#1236821). * CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server (bsc#1217947). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2024-27397: netfilter: nf_tables: use timestamp to check for set element timeout (bsc#1224095). * CVE-2024-49963: mailbox: bcm2835: Fix timeout during suspend mode (bsc#1232147). * CVE-2024-49975: uprobes: fix kernel info leak via "[uprobes]" vma (bsc#1232104). * CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912). * CVE-2024-50067: uprobe: avoid out-of-bounds memory access of fetching args (bsc#1232416). * CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (bsc#1233248). * CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (bsc#1233522). * CVE-2024-53217: nfsd: restore callback functionality for NFSv4.0 (bsc#1234999). * CVE-2024-56633: bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data (bsc#1235485). * CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435). * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441). * CVE-2024-56688: sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport (bsc#1235538). * CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy (bsc#1236115). * CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy (bsc#1236122). * CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (bsc#1236123). * CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689). * CVE-2025-21689: USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (bsc#1237017). * CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025). * CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159). * CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875). The following non-security bugs were fixed: * bpf: fix mixed signed/unsigned derived min/max value bounds (bsc#1050081). * btrfs: add a flag to iterate_inodes_from_logical to find all * btrfs: add a flag to iterate_inodes_from_logical to find all extent refs for uncompressed extents (bsc#1174206). * cifs: Fix use after free of a mid_q_entry (bsc#1112903). * cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902). * cifs: fix memory leak in SMB2_open() (bsc#1112894). * crypto: caam/qi - fix IV DMA mapping and updating (bsc#1051510). * drm/amd/powerplay: Fix missing break in switch (bsc#1120902) * drm/i915: Remove stale asserts from i915_gem_find_active_request() (bsc#1051510). * drm/i915: Restore planes after load detection (bsc#1051510). * drm/i915: always return something on DDI clock selection (bsc#1120902) * drm/msm/mdp5: Fix global state lock backoff (bsc#1238275) * fix SCTP regression (bsc#1158082) * fixup "rpm: support gz and zst compression methods" once more (bsc#1190428, bsc#1190358). * iio: trigger: stm32-timer: fix get/set down count direction (bsc#1051510). * kABI: Add clear_trace to trace_array (bsc#1232163). * kABI: Preserve TRACE_EVENT_FL values (bsc#1232163). * mm, numa: Migrate pages to local nodes quicker early in the lifetime of a task (bnc#1101669). * mm, numa: Remove rate-limiting of automatic numa balancing migration (bnc#1101669). * net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761). * net: netvsc: Update default VMBus channels (bsc#1236757). * powerpc/64/kdump: Limit kdump base to 512MB (bsc#1203410 ltc#199904). * powerpc/papr_scm: Fix DIMM device registration race (FATE#326628, bsc#1113295, git-fixes). * powerpc/papr_scm: Fix DIMM device registration race (bsc#1113295, git- fixes). * powerpc/papr_scm: Fix resource end address (FATE#326628, bsc#1113295, git- fixes). * powerpc/papr_scm: Fix resource end address (bsc#1113295, git-fixes). * powerpc/papr_scm: Remove endian conversions (FATE#326628, bsc#1113295, git- fixes). * powerpc/papr_scm: Remove endian conversions (bsc#1113295, git-fixes). * powerpc/papr_scm: Update DT properties (FATE#326628, bsc#1113295, git- fixes). * powerpc/papr_scm: Update DT properties (bsc#1113295, git-fixes). * powerpc/papr_scm: Use depend instead of select (FATE#326628, bsc#1113295, git-fixes). * powerpc/papr_scm: Use depend instead of select (bsc#1113295, git-fixes). * powerpc/papr_scm: Use ibm,unit-guid as the iset cookie (FATE#326628, bsc#1113295, git-fixes). * powerpc/papr_scm: Use ibm,unit-guid as the iset cookie (bsc#1113295, git- fixes). * powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729). * powerpc/tm: Fix more userspace r13 corruption (bsc#1065729). * rpm/kernel-binary.spec.in: Fix build regression The previous fix forgot to take over grep -c option that broke the conditional expression * rpm/kernel-source.spec.in: Add subpackage-names.conf as source. * s390/cpum_cf: rename IBM z13/z14 counter names (FATE#326341, LTC#169491, bsc#1100823). * s390/cpum_cf: rename IBM z13/z14 counter names (LTC#169491, bsc#1100823). * s390/dasd: fix hanging offline processing due to canceled worker (bsc#1175165). * sched/numa: Avoid task migration for small NUMA improvement (bnc#1101669). * sched/numa: Pass destination CPU as a parameter to migrate_task_rq (bnc#1101669). * sched/numa: Reset scan rate whenever task moves across nodes (bnc#1101669). * sched/numa: Stop multiple tasks from moving to the CPU at the same time (bnc#1101669). * scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246). * scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731). * scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731). * scsi: storvsc: Add validation for untrusted Hyper-V values (git-fixes). * scsi: storvsc: Correctly handle multiple flags in srb_status (git-fixes). * scsi: storvsc: Fix handling of srb_status and capacity change events (git- fixes). * scsi: storvsc: Fix spelling mistake (git-fixes). * scsi: storvsc: Handle SRB status value 0x30 (git-fixes). * scsi: storvsc: Log TEST_UNIT_READY errors as warnings (git-fixes). * scsi: storvsc: Miscellaneous code cleanups (git-fixes). * scsi: storvsc: Return DID_ERROR for invalid commands (git-fixes). * scsi: storvsc: Update error logging (git-fixes). * scsi: storvsc: Use scsi_cmd_to_rq() instead of scsi_cmnd.request (git- fixes). * smb2: fix missing files in root share directory listing (bsc#1112907). * smb3: fill in statfs fsid and correct namelen (bsc#1112905). * smb3: fix reset of bytes read and written stats (bsc#1112906). * smb3: on reconnect set PreviousSessionId field (bsc#1112899). * tracing: Only have rmmod clear buffers that its events were active in (bsc#1232163). * ubi: fastmap: Cancel work upon detach (bsc#1051510). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2025-834=1 * SUSE Linux Enterprise High Availability Extension 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2025-834=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-834=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-834=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-834=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc) * kernel-default-4.12.14-122.250.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * kernel-default-debugsource-4.12.14-122.250.1 * kernel-default-debuginfo-4.12.14-122.250.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (nosrc) * kernel-default-4.12.14-122.250.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (ppc64le s390x x86_64) * kernel-default-debugsource-4.12.14-122.250.1 * kernel-default-debuginfo-4.12.14-122.250.1 * SUSE Linux Enterprise Live Patching 12-SP5 (nosrc) * kernel-default-4.12.14-122.250.1 * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_250-default-1-8.3.1 * kernel-default-debugsource-4.12.14-122.250.1 * kernel-default-debuginfo-4.12.14-122.250.1 * kernel-default-kgraft-4.12.14-122.250.1 * kernel-default-kgraft-devel-4.12.14-122.250.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-base-4.12.14-122.250.1 * kernel-syms-4.12.14-122.250.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.250.1 * kernel-default-debugsource-4.12.14-122.250.1 * dlm-kmp-default-4.12.14-122.250.1 * kernel-default-debuginfo-4.12.14-122.250.1 * kernel-default-devel-4.12.14-122.250.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.250.1 * cluster-md-kmp-default-4.12.14-122.250.1 * gfs2-kmp-default-debuginfo-4.12.14-122.250.1 * gfs2-kmp-default-4.12.14-122.250.1 * ocfs2-kmp-default-4.12.14-122.250.1 * dlm-kmp-default-debuginfo-4.12.14-122.250.1 * kernel-default-base-debuginfo-4.12.14-122.250.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-4.12.14-122.250.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * kernel-source-4.12.14-122.250.1 * kernel-devel-4.12.14-122.250.1 * kernel-macros-4.12.14-122.250.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x) * kernel-default-man-4.12.14-122.250.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.250.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * kernel-default-base-4.12.14-122.250.1 * kernel-syms-4.12.14-122.250.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.250.1 * kernel-default-debugsource-4.12.14-122.250.1 * dlm-kmp-default-4.12.14-122.250.1 * kernel-default-debuginfo-4.12.14-122.250.1 * kernel-default-devel-4.12.14-122.250.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.250.1 * cluster-md-kmp-default-4.12.14-122.250.1 * kernel-default-devel-debuginfo-4.12.14-122.250.1 * gfs2-kmp-default-debuginfo-4.12.14-122.250.1 * gfs2-kmp-default-4.12.14-122.250.1 * ocfs2-kmp-default-4.12.14-122.250.1 * dlm-kmp-default-debuginfo-4.12.14-122.250.1 * kernel-default-base-debuginfo-4.12.14-122.250.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (nosrc x86_64) * kernel-default-4.12.14-122.250.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * kernel-source-4.12.14-122.250.1 * kernel-devel-4.12.14-122.250.1 * kernel-macros-4.12.14-122.250.1 ## References: * https://www.suse.com/security/cve/CVE-2021-22543.html * https://www.suse.com/security/cve/CVE-2021-37159.html * https://www.suse.com/security/cve/CVE-2021-47634.html * https://www.suse.com/security/cve/CVE-2021-47644.html * https://www.suse.com/security/cve/CVE-2022-2991.html * https://www.suse.com/security/cve/CVE-2022-48636.html * https://www.suse.com/security/cve/CVE-2022-48650.html * https://www.suse.com/security/cve/CVE-2022-48664.html * https://www.suse.com/security/cve/CVE-2022-48953.html * https://www.suse.com/security/cve/CVE-2022-48975.html * https://www.suse.com/security/cve/CVE-2022-49006.html * https://www.suse.com/security/cve/CVE-2022-49076.html * https://www.suse.com/security/cve/CVE-2022-49080.html * https://www.suse.com/security/cve/CVE-2022-49089.html * https://www.suse.com/security/cve/CVE-2022-49124.html * https://www.suse.com/security/cve/CVE-2022-49134.html * https://www.suse.com/security/cve/CVE-2022-49135.html * https://www.suse.com/security/cve/CVE-2022-49151.html * https://www.suse.com/security/cve/CVE-2022-49178.html * https://www.suse.com/security/cve/CVE-2022-49182.html * https://www.suse.com/security/cve/CVE-2022-49201.html * https://www.suse.com/security/cve/CVE-2022-49247.html * https://www.suse.com/security/cve/CVE-2022-49490.html * https://www.suse.com/security/cve/CVE-2022-49626.html * https://www.suse.com/security/cve/CVE-2022-49661.html * https://www.suse.com/security/cve/CVE-2023-0394.html * https://www.suse.com/security/cve/CVE-2023-52572.html * https://www.suse.com/security/cve/CVE-2023-52646.html * https://www.suse.com/security/cve/CVE-2023-52653.html * https://www.suse.com/security/cve/CVE-2023-52853.html * https://www.suse.com/security/cve/CVE-2023-52924.html * https://www.suse.com/security/cve/CVE-2023-6606.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26810.html * https://www.suse.com/security/cve/CVE-2024-26929.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-26931.html * https://www.suse.com/security/cve/CVE-2024-27054.html * https://www.suse.com/security/cve/CVE-2024-27388.html * https://www.suse.com/security/cve/CVE-2024-27397.html * https://www.suse.com/security/cve/CVE-2024-47701.html * https://www.suse.com/security/cve/CVE-2024-49867.html * https://www.suse.com/security/cve/CVE-2024-49884.html * https://www.suse.com/security/cve/CVE-2024-49950.html * https://www.suse.com/security/cve/CVE-2024-49963.html * https://www.suse.com/security/cve/CVE-2024-49975.html * https://www.suse.com/security/cve/CVE-2024-50036.html * https://www.suse.com/security/cve/CVE-2024-50067.html * https://www.suse.com/security/cve/CVE-2024-50073.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-50251.html * https://www.suse.com/security/cve/CVE-2024-50304.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53217.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56633.html * https://www.suse.com/security/cve/CVE-2024-56647.html * https://www.suse.com/security/cve/CVE-2024-56658.html * https://www.suse.com/security/cve/CVE-2024-56688.html * https://www.suse.com/security/cve/CVE-2024-57896.html * https://www.suse.com/security/cve/CVE-2025-21638.html * https://www.suse.com/security/cve/CVE-2025-21639.html * https://www.suse.com/security/cve/CVE-2025-21640.html * https://www.suse.com/security/cve/CVE-2025-21673.html * https://www.suse.com/security/cve/CVE-2025-21689.html * https://www.suse.com/security/cve/CVE-2025-21690.html * https://www.suse.com/security/cve/CVE-2025-21700.html * https://www.suse.com/security/cve/CVE-2025-21753.html * https://bugzilla.suse.com/show_bug.cgi?id=1050081 * https://bugzilla.suse.com/show_bug.cgi?id=1051510 * https://bugzilla.suse.com/show_bug.cgi?id=1065729 * https://bugzilla.suse.com/show_bug.cgi?id=1100823 * https://bugzilla.suse.com/show_bug.cgi?id=1101669 * https://bugzilla.suse.com/show_bug.cgi?id=1104731 * https://bugzilla.suse.com/show_bug.cgi?id=1112246 * https://bugzilla.suse.com/show_bug.cgi?id=1112894 * https://bugzilla.suse.com/show_bug.cgi?id=1112899 * https://bugzilla.suse.com/show_bug.cgi?id=1112902 * https://bugzilla.suse.com/show_bug.cgi?id=1112903 * https://bugzilla.suse.com/show_bug.cgi?id=1112905 * https://bugzilla.suse.com/show_bug.cgi?id=1112906 * https://bugzilla.suse.com/show_bug.cgi?id=1112907 * https://bugzilla.suse.com/show_bug.cgi?id=1113295 * https://bugzilla.suse.com/show_bug.cgi?id=1120902 * https://bugzilla.suse.com/show_bug.cgi?id=1141539 * https://bugzilla.suse.com/show_bug.cgi?id=1158082 * https://bugzilla.suse.com/show_bug.cgi?id=1174206 * https://bugzilla.suse.com/show_bug.cgi?id=1175165 * https://bugzilla.suse.com/show_bug.cgi?id=1179444 * https://bugzilla.suse.com/show_bug.cgi?id=1186482 * https://bugzilla.suse.com/show_bug.cgi?id=1188601 * https://bugzilla.suse.com/show_bug.cgi?id=1190358 * https://bugzilla.suse.com/show_bug.cgi?id=1190428 * https://bugzilla.suse.com/show_bug.cgi?id=1191881 * https://bugzilla.suse.com/show_bug.cgi?id=1201420 * https://bugzilla.suse.com/show_bug.cgi?id=1203410 * https://bugzilla.suse.com/show_bug.cgi?id=1203935 * https://bugzilla.suse.com/show_bug.cgi?id=1207168 * https://bugzilla.suse.com/show_bug.cgi?id=1212051 * https://bugzilla.suse.com/show_bug.cgi?id=1217947 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1220946 * https://bugzilla.suse.com/show_bug.cgi?id=1221816 * https://bugzilla.suse.com/show_bug.cgi?id=1222803 * https://bugzilla.suse.com/show_bug.cgi?id=1223432 * https://bugzilla.suse.com/show_bug.cgi?id=1223509 * https://bugzilla.suse.com/show_bug.cgi?id=1223512 * https://bugzilla.suse.com/show_bug.cgi?id=1223524 * https://bugzilla.suse.com/show_bug.cgi?id=1223626 * https://bugzilla.suse.com/show_bug.cgi?id=1223627 * https://bugzilla.suse.com/show_bug.cgi?id=1223712 * https://bugzilla.suse.com/show_bug.cgi?id=1223715 * https://bugzilla.suse.com/show_bug.cgi?id=1223744 * https://bugzilla.suse.com/show_bug.cgi?id=1223819 * https://bugzilla.suse.com/show_bug.cgi?id=1224095 * https://bugzilla.suse.com/show_bug.cgi?id=1224988 * https://bugzilla.suse.com/show_bug.cgi?id=1225742 * https://bugzilla.suse.com/show_bug.cgi?id=1231885 * https://bugzilla.suse.com/show_bug.cgi?id=1231912 * https://bugzilla.suse.com/show_bug.cgi?id=1231920 * https://bugzilla.suse.com/show_bug.cgi?id=1231941 * https://bugzilla.suse.com/show_bug.cgi?id=1232104 * https://bugzilla.suse.com/show_bug.cgi?id=1232147 * https://bugzilla.suse.com/show_bug.cgi?id=1232159 * https://bugzilla.suse.com/show_bug.cgi?id=1232163 * https://bugzilla.suse.com/show_bug.cgi?id=1232198 * https://bugzilla.suse.com/show_bug.cgi?id=1232201 * https://bugzilla.suse.com/show_bug.cgi?id=1232262 * https://bugzilla.suse.com/show_bug.cgi?id=1232416 * https://bugzilla.suse.com/show_bug.cgi?id=1232520 * https://bugzilla.suse.com/show_bug.cgi?id=1232919 * https://bugzilla.suse.com/show_bug.cgi?id=1233248 * https://bugzilla.suse.com/show_bug.cgi?id=1233522 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1234999 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235435 * https://bugzilla.suse.com/show_bug.cgi?id=1235441 * https://bugzilla.suse.com/show_bug.cgi?id=1235485 * https://bugzilla.suse.com/show_bug.cgi?id=1235538 * https://bugzilla.suse.com/show_bug.cgi?id=1235965 * https://bugzilla.suse.com/show_bug.cgi?id=1236115 * https://bugzilla.suse.com/show_bug.cgi?id=1236122 * https://bugzilla.suse.com/show_bug.cgi?id=1236123 * https://bugzilla.suse.com/show_bug.cgi?id=1236689 * https://bugzilla.suse.com/show_bug.cgi?id=1236757 * https://bugzilla.suse.com/show_bug.cgi?id=1236761 * https://bugzilla.suse.com/show_bug.cgi?id=1236821 * https://bugzilla.suse.com/show_bug.cgi?id=1237017 * https://bugzilla.suse.com/show_bug.cgi?id=1237025 * https://bugzilla.suse.com/show_bug.cgi?id=1237159 * https://bugzilla.suse.com/show_bug.cgi?id=1237738 * https://bugzilla.suse.com/show_bug.cgi?id=1237758 * https://bugzilla.suse.com/show_bug.cgi?id=1237766 * https://bugzilla.suse.com/show_bug.cgi?id=1237778 * https://bugzilla.suse.com/show_bug.cgi?id=1237783 * https://bugzilla.suse.com/show_bug.cgi?id=1237788 * https://bugzilla.suse.com/show_bug.cgi?id=1237875 * https://bugzilla.suse.com/show_bug.cgi?id=1237982 * https://bugzilla.suse.com/show_bug.cgi?id=1238006 * https://bugzilla.suse.com/show_bug.cgi?id=1238033 * https://bugzilla.suse.com/show_bug.cgi?id=1238041 * https://bugzilla.suse.com/show_bug.cgi?id=1238107 * https://bugzilla.suse.com/show_bug.cgi?id=1238148 * https://bugzilla.suse.com/show_bug.cgi?id=1238256 * https://bugzilla.suse.com/show_bug.cgi?id=1238260 * https://bugzilla.suse.com/show_bug.cgi?id=1238270 * https://bugzilla.suse.com/show_bug.cgi?id=1238275 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 11 12:31:49 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 11 Mar 2025 12:31:49 -0000 Subject: SUSE-SU-2025:0835-1: important: Security update for the Linux Kernel Message-ID: <174169630957.2010.9901517803625065128@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0835-1 Release Date: 2025-03-11T10:58:20Z Rating: important References: * bsc#1208995 * bsc#1220946 * bsc#1224700 * bsc#1225742 * bsc#1232905 * bsc#1232919 * bsc#1234154 * bsc#1234853 * bsc#1234891 * bsc#1234963 * bsc#1235054 * bsc#1235061 * bsc#1235073 * bsc#1236661 * bsc#1236675 * bsc#1236677 * bsc#1236757 * bsc#1236758 * bsc#1236760 * bsc#1236761 * bsc#1237025 * bsc#1237028 * bsc#1237139 * bsc#1237316 * bsc#1237693 * bsc#1238033 Cross-References: * CVE-2022-49080 * CVE-2023-1192 * CVE-2023-52572 * CVE-2024-35949 * CVE-2024-50115 * CVE-2024-50128 * CVE-2024-53135 * CVE-2024-53173 * CVE-2024-53239 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56605 * CVE-2024-57948 * CVE-2025-21690 * CVE-2025-21692 * CVE-2025-21699 CVSS scores: * CVE-2022-49080 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49080 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1192 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1192 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52572 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2023-52572 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50128 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50128 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2024-50128 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53135 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53135 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56548 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57948 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57948 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21690 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21690 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21692 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21692 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21692 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21699 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21699 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21699 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 16 vulnerabilities and has 10 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700). * CVE-2024-50128: net: wwan: fix global oob in wwan_rtnl_policy (bsc#1232905). * CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154). * CVE-2024-57948: mac802154: check local interfaces before deleting sdata list (bsc#1236677). * CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025). * CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028). * CVE-2025-21699: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (bsc#1237139). The following non-security bugs were fixed: * idpf: call set_real_num_queues in idpf_open (bsc#1236661 bsc#1237316). * ipv4/tcp: do not use per netns ctl sockets (bsc#1237693). * net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761). * net: mana: Cleanup "mana" debugfs dir after cleanup of all children (bsc#1236760). * net: mana: Enable debugfs files for MANA device (bsc#1236758). * net: netvsc: Update default VMBus channels (bsc#1236757). * scsi: storvsc: Use scsi_cmd_to_rq() instead of scsi_cmnd.request (git- fixes). * x86/kvm: fix is_stale_page_fault() (bsc#1236675). * x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes). * x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-835=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-835=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-835=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-835=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-835=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-835=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2025-835=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-835=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-835=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-835=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-835=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-835=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-835=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-835=1 ## Package List: * openSUSE Leap 15.4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.153.1 * openSUSE Leap 15.4 (noarch) * kernel-devel-5.14.21-150400.24.153.1 * kernel-source-5.14.21-150400.24.153.1 * kernel-docs-html-5.14.21-150400.24.153.1 * kernel-source-vanilla-5.14.21-150400.24.153.1 * kernel-macros-5.14.21-150400.24.153.1 * openSUSE Leap 15.4 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150400.24.153.1 * openSUSE Leap 15.4 (ppc64le x86_64) * kernel-debug-debuginfo-5.14.21-150400.24.153.1 * kernel-debug-devel-debuginfo-5.14.21-150400.24.153.1 * kernel-debug-debugsource-5.14.21-150400.24.153.1 * kernel-debug-devel-5.14.21-150400.24.153.1 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.153.1.150400.24.76.1 * kernel-kvmsmall-devel-5.14.21-150400.24.153.1 * kernel-kvmsmall-debugsource-5.14.21-150400.24.153.1 * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.153.1 * kernel-default-base-rebuild-5.14.21-150400.24.153.1.150400.24.76.1 * kernel-kvmsmall-debuginfo-5.14.21-150400.24.153.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.153.1 * kernel-obs-build-5.14.21-150400.24.153.1 * kselftests-kmp-default-debuginfo-5.14.21-150400.24.153.1 * kernel-syms-5.14.21-150400.24.153.1 * kernel-default-optional-debuginfo-5.14.21-150400.24.153.1 * kernel-obs-build-debugsource-5.14.21-150400.24.153.1 * kernel-default-extra-5.14.21-150400.24.153.1 * ocfs2-kmp-default-5.14.21-150400.24.153.1 * kernel-default-livepatch-5.14.21-150400.24.153.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.153.1 * kernel-default-optional-5.14.21-150400.24.153.1 * kernel-default-devel-5.14.21-150400.24.153.1 * cluster-md-kmp-default-5.14.21-150400.24.153.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.153.1 * kernel-default-debuginfo-5.14.21-150400.24.153.1 * reiserfs-kmp-default-5.14.21-150400.24.153.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.153.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.153.1 * kernel-default-debugsource-5.14.21-150400.24.153.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.153.1 * kselftests-kmp-default-5.14.21-150400.24.153.1 * dlm-kmp-default-5.14.21-150400.24.153.1 * gfs2-kmp-default-5.14.21-150400.24.153.1 * kernel-obs-qa-5.14.21-150400.24.153.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.153.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.153.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_153-default-debuginfo-1-150400.9.3.1 * kernel-livepatch-SLE15-SP4_Update_37-debugsource-1-150400.9.3.1 * kernel-default-livepatch-devel-5.14.21-150400.24.153.1 * kernel-livepatch-5_14_21-150400_24_153-default-1-150400.9.3.1 * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150400.24.153.1 * openSUSE Leap 15.4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.153.1 * openSUSE Leap 15.4 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.153.1 * kernel-zfcpdump-debugsource-5.14.21-150400.24.153.1 * openSUSE Leap 15.4 (nosrc) * dtb-aarch64-5.14.21-150400.24.153.1 * openSUSE Leap 15.4 (aarch64) * kselftests-kmp-64kb-5.14.21-150400.24.153.1 * kernel-64kb-extra-debuginfo-5.14.21-150400.24.153.1 * dtb-amlogic-5.14.21-150400.24.153.1 * dlm-kmp-64kb-5.14.21-150400.24.153.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.153.1 * dtb-broadcom-5.14.21-150400.24.153.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.153.1 * dtb-sprd-5.14.21-150400.24.153.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.153.1 * kernel-64kb-optional-debuginfo-5.14.21-150400.24.153.1 * ocfs2-kmp-64kb-5.14.21-150400.24.153.1 * cluster-md-kmp-64kb-5.14.21-150400.24.153.1 * dtb-nvidia-5.14.21-150400.24.153.1 * dtb-cavium-5.14.21-150400.24.153.1 * dtb-socionext-5.14.21-150400.24.153.1 * dtb-mediatek-5.14.21-150400.24.153.1 * kernel-64kb-devel-5.14.21-150400.24.153.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.153.1 * dtb-renesas-5.14.21-150400.24.153.1 * gfs2-kmp-64kb-5.14.21-150400.24.153.1 * dtb-rockchip-5.14.21-150400.24.153.1 * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.153.1 * dtb-allwinner-5.14.21-150400.24.153.1 * dtb-exynos-5.14.21-150400.24.153.1 * dtb-hisilicon-5.14.21-150400.24.153.1 * dtb-arm-5.14.21-150400.24.153.1 * dtb-xilinx-5.14.21-150400.24.153.1 * kernel-64kb-debugsource-5.14.21-150400.24.153.1 * kernel-64kb-debuginfo-5.14.21-150400.24.153.1 * dtb-apple-5.14.21-150400.24.153.1 * kernel-64kb-extra-5.14.21-150400.24.153.1 * dtb-amazon-5.14.21-150400.24.153.1 * dtb-qcom-5.14.21-150400.24.153.1 * dtb-marvell-5.14.21-150400.24.153.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.153.1 * reiserfs-kmp-64kb-5.14.21-150400.24.153.1 * dtb-lg-5.14.21-150400.24.153.1 * dtb-amd-5.14.21-150400.24.153.1 * kernel-64kb-optional-5.14.21-150400.24.153.1 * dtb-altera-5.14.21-150400.24.153.1 * dtb-freescale-5.14.21-150400.24.153.1 * dtb-apm-5.14.21-150400.24.153.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.153.1 * openSUSE Leap 15.4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.153.1.150400.24.76.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.153.1 * kernel-default-debugsource-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.153.1.150400.24.76.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.153.1 * kernel-default-debugsource-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.153.1.150400.24.76.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.153.1 * kernel-default-debugsource-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.153.1.150400.24.76.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.153.1 * kernel-default-debugsource-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-default-livepatch-5.14.21-150400.24.153.1 * kernel-default-livepatch-devel-5.14.21-150400.24.153.1 * kernel-default-debuginfo-5.14.21-150400.24.153.1 * kernel-livepatch-5_14_21-150400_24_153-default-1-150400.9.3.1 * kernel-livepatch-SLE15-SP4_Update_37-debugsource-1-150400.9.3.1 * kernel-default-debugsource-5.14.21-150400.24.153.1 * kernel-livepatch-5_14_21-150400_24_153-default-debuginfo-1-150400.9.3.1 * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc) * kernel-default-5.14.21-150400.24.153.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.153.1 * dlm-kmp-default-5.14.21-150400.24.153.1 * gfs2-kmp-default-5.14.21-150400.24.153.1 * kernel-default-debuginfo-5.14.21-150400.24.153.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.153.1 * ocfs2-kmp-default-5.14.21-150400.24.153.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.153.1 * kernel-default-debugsource-5.14.21-150400.24.153.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.153.1 * cluster-md-kmp-default-5.14.21-150400.24.153.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc) * kernel-default-5.14.21-150400.24.153.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.153.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.153.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.153.1 * kernel-64kb-devel-5.14.21-150400.24.153.1 * kernel-64kb-debugsource-5.14.21-150400.24.153.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.153.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.153.1 * kernel-obs-build-5.14.21-150400.24.153.1 * kernel-syms-5.14.21-150400.24.153.1 * kernel-default-base-5.14.21-150400.24.153.1.150400.24.76.1 * kernel-default-debuginfo-5.14.21-150400.24.153.1 * reiserfs-kmp-default-5.14.21-150400.24.153.1 * kernel-obs-build-debugsource-5.14.21-150400.24.153.1 * kernel-default-debugsource-5.14.21-150400.24.153.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.153.1 * kernel-default-devel-5.14.21-150400.24.153.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * kernel-source-5.14.21-150400.24.153.1 * kernel-devel-5.14.21-150400.24.153.1 * kernel-macros-5.14.21-150400.24.153.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.153.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.153.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.153.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.153.1 * kernel-64kb-devel-5.14.21-150400.24.153.1 * kernel-64kb-debugsource-5.14.21-150400.24.153.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.153.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.153.1 * kernel-obs-build-5.14.21-150400.24.153.1 * kernel-syms-5.14.21-150400.24.153.1 * kernel-default-base-5.14.21-150400.24.153.1.150400.24.76.1 * kernel-default-debuginfo-5.14.21-150400.24.153.1 * reiserfs-kmp-default-5.14.21-150400.24.153.1 * kernel-obs-build-debugsource-5.14.21-150400.24.153.1 * kernel-default-debugsource-5.14.21-150400.24.153.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.153.1 * kernel-default-devel-5.14.21-150400.24.153.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * kernel-source-5.14.21-150400.24.153.1 * kernel-devel-5.14.21-150400.24.153.1 * kernel-macros-5.14.21-150400.24.153.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.153.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.153.1 * kernel-64kb-devel-5.14.21-150400.24.153.1 * kernel-64kb-debugsource-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.153.1.150400.24.76.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.153.1 * kernel-obs-build-5.14.21-150400.24.153.1 * kernel-syms-5.14.21-150400.24.153.1 * kernel-default-debuginfo-5.14.21-150400.24.153.1 * reiserfs-kmp-default-5.14.21-150400.24.153.1 * kernel-obs-build-debugsource-5.14.21-150400.24.153.1 * kernel-default-debugsource-5.14.21-150400.24.153.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.153.1 * kernel-default-devel-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * kernel-source-5.14.21-150400.24.153.1 * kernel-devel-5.14.21-150400.24.153.1 * kernel-macros-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch nosrc) * kernel-docs-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.153.1 * kernel-zfcpdump-debugsource-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.153.1 * kernel-obs-build-5.14.21-150400.24.153.1 * kernel-syms-5.14.21-150400.24.153.1 * kernel-default-base-5.14.21-150400.24.153.1.150400.24.76.1 * kernel-default-debuginfo-5.14.21-150400.24.153.1 * reiserfs-kmp-default-5.14.21-150400.24.153.1 * kernel-obs-build-debugsource-5.14.21-150400.24.153.1 * kernel-default-debugsource-5.14.21-150400.24.153.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.153.1 * kernel-default-devel-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * kernel-source-5.14.21-150400.24.153.1 * kernel-devel-5.14.21-150400.24.153.1 * kernel-macros-5.14.21-150400.24.153.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.153.1 * SUSE Manager Proxy 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.153.1 * SUSE Manager Proxy 4.3 (x86_64) * kernel-syms-5.14.21-150400.24.153.1 * kernel-default-base-5.14.21-150400.24.153.1.150400.24.76.1 * kernel-default-debuginfo-5.14.21-150400.24.153.1 * kernel-default-debugsource-5.14.21-150400.24.153.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.153.1 * kernel-default-devel-5.14.21-150400.24.153.1 * SUSE Manager Proxy 4.3 (noarch) * kernel-source-5.14.21-150400.24.153.1 * kernel-devel-5.14.21-150400.24.153.1 * kernel-macros-5.14.21-150400.24.153.1 * SUSE Manager Retail Branch Server 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.153.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * kernel-default-base-5.14.21-150400.24.153.1.150400.24.76.1 * kernel-default-debuginfo-5.14.21-150400.24.153.1 * kernel-default-debugsource-5.14.21-150400.24.153.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.153.1 * kernel-default-devel-5.14.21-150400.24.153.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * kernel-devel-5.14.21-150400.24.153.1 * kernel-macros-5.14.21-150400.24.153.1 * SUSE Manager Server 4.3 (nosrc ppc64le s390x x86_64) * kernel-default-5.14.21-150400.24.153.1 * SUSE Manager Server 4.3 (ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.153.1.150400.24.76.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * kernel-syms-5.14.21-150400.24.153.1 * kernel-default-debuginfo-5.14.21-150400.24.153.1 * kernel-default-debugsource-5.14.21-150400.24.153.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.153.1 * kernel-default-devel-5.14.21-150400.24.153.1 * SUSE Manager Server 4.3 (noarch) * kernel-source-5.14.21-150400.24.153.1 * kernel-devel-5.14.21-150400.24.153.1 * kernel-macros-5.14.21-150400.24.153.1 * SUSE Manager Server 4.3 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.153.1 * SUSE Manager Server 4.3 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.153.1 * kernel-zfcpdump-debugsource-5.14.21-150400.24.153.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49080.html * https://www.suse.com/security/cve/CVE-2023-1192.html * https://www.suse.com/security/cve/CVE-2023-52572.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-50128.html * https://www.suse.com/security/cve/CVE-2024-53135.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-57948.html * https://www.suse.com/security/cve/CVE-2025-21690.html * https://www.suse.com/security/cve/CVE-2025-21692.html * https://www.suse.com/security/cve/CVE-2025-21699.html * https://bugzilla.suse.com/show_bug.cgi?id=1208995 * https://bugzilla.suse.com/show_bug.cgi?id=1220946 * https://bugzilla.suse.com/show_bug.cgi?id=1224700 * https://bugzilla.suse.com/show_bug.cgi?id=1225742 * https://bugzilla.suse.com/show_bug.cgi?id=1232905 * https://bugzilla.suse.com/show_bug.cgi?id=1232919 * https://bugzilla.suse.com/show_bug.cgi?id=1234154 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1236661 * https://bugzilla.suse.com/show_bug.cgi?id=1236675 * https://bugzilla.suse.com/show_bug.cgi?id=1236677 * https://bugzilla.suse.com/show_bug.cgi?id=1236757 * https://bugzilla.suse.com/show_bug.cgi?id=1236758 * https://bugzilla.suse.com/show_bug.cgi?id=1236760 * https://bugzilla.suse.com/show_bug.cgi?id=1236761 * https://bugzilla.suse.com/show_bug.cgi?id=1237025 * https://bugzilla.suse.com/show_bug.cgi?id=1237028 * https://bugzilla.suse.com/show_bug.cgi?id=1237139 * https://bugzilla.suse.com/show_bug.cgi?id=1237316 * https://bugzilla.suse.com/show_bug.cgi?id=1237693 * https://bugzilla.suse.com/show_bug.cgi?id=1238033 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 11 12:32:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 11 Mar 2025 12:32:21 -0000 Subject: SUSE-SU-2025:0833-1: important: Security update for the Linux Kernel Message-ID: <174169634116.2010.8249497290536640488@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0833-1 Release Date: 2025-03-11T10:54:14Z Rating: important References: * bsc#1208995 * bsc#1220946 * bsc#1225742 * bsc#1232472 * bsc#1232919 * bsc#1233701 * bsc#1233749 * bsc#1234154 * bsc#1234650 * bsc#1234853 * bsc#1234891 * bsc#1234963 * bsc#1235054 * bsc#1235061 * bsc#1235073 * bsc#1235111 * bsc#1236133 * bsc#1236289 * bsc#1236576 * bsc#1236661 * bsc#1236677 * bsc#1236757 * bsc#1236758 * bsc#1236760 * bsc#1236761 * bsc#1236777 * bsc#1236951 * bsc#1237025 * bsc#1237028 * bsc#1237139 * bsc#1237316 * bsc#1237693 * bsc#1238033 Cross-References: * CVE-2022-49080 * CVE-2023-1192 * CVE-2023-52572 * CVE-2024-50115 * CVE-2024-53135 * CVE-2024-53173 * CVE-2024-53226 * CVE-2024-53239 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56605 * CVE-2024-57948 * CVE-2025-21647 * CVE-2025-21690 * CVE-2025-21692 * CVE-2025-21699 CVSS scores: * CVE-2022-49080 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49080 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1192 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1192 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52572 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2023-52572 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53135 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53135 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53226 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53226 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53226 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56548 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57948 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57948 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21647 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21647 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21690 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21690 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21692 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21692 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21692 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21699 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21699 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21699 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 16 vulnerabilities and has 17 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033). * CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154). * CVE-2024-53226: RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (bsc#1236576) * CVE-2024-57948: mac802154: check local interfaces before deleting sdata list (bsc#1236677). * CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133). * CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025). * CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028). * CVE-2025-21699: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (bsc#1237139). The following non-security bugs were fixed: * cpufreq/amd-pstate: Only print supported EPP values for performance governor (bsc#1236777). * iavf: fix the waiting time for initial reset (bsc#1235111). * ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1235111). * ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1235111). * ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1235111). * idpf: call set_real_num_queues in idpf_open (bsc#1236661 bsc#1237316). * ipv4/tcp: do not use per netns ctl sockets (bsc#1237693). * kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749). * net: Fix undefined behavior in netdev name allocation (bsc#1233749). * net: avoid UAF on deleted altname (bsc#1233749). * net: check for altname conflicts when changing netdev's netns (bsc#1233749). * net: core: Use the bitmap API to allocate bitmaps (bsc#1233749). * net: do not send a MOVE event when netdev changes netns (bsc#1233749). * net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749). * net: fix ifname in netlink ntf during netns move (bsc#1233749). * net: fix removing a namespace with conflicting altnames (bsc#1233749). * net: free altname using an RCU callback (bsc#1233749). * net: introduce a function to check if a netdev name is in use (bsc#1233749). * net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749). * net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761). * net: mana: Cleanup "mana" debugfs dir after cleanup of all children (bsc#1236760). * net: mana: Enable debugfs files for MANA device (bsc#1236758). * net: minor __dev_alloc_name() optimization (bsc#1233749). * net: move altnames together with the netdevice (bsc#1233749). * net: netvsc: Update default VMBus channels (bsc#1236757). * net: reduce indentation of __dev_alloc_name() (bsc#1233749). * net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749). * net: remove else after return in dev_prep_valid_name() (bsc#1233749). * net: trust the bitmap in __dev_alloc_name() (bsc#1233749). * nfsd: use explicit lock/unlock for directory ops (bsc#1234650 bsc#1233701 bsc#1232472). * rcu: Remove rcu_is_idle_cpu() (bsc#1236289). * scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes). * x86/aperfmperf: Dont wake idle CPUs in arch_freq_get_on_cpu() (bsc#1236289). * x86/aperfmperf: Integrate the fallback code from show_cpuinfo() (bsc#1236289). * x86/aperfmperf: Make parts of the frequency invariance code unconditional (bsc#1236289). * x86/aperfmperf: Put frequency invariance aperf/mperf data into a struct (bsc#1236289). * x86/aperfmperf: Replace aperfmperf_get_khz() (bsc#1236289). * x86/aperfmperf: Replace arch_freq_get_on_cpu() (bsc#1236289). * x86/aperfmperf: Restructure arch_scale_freq_tick() (bsc#1236289). * x86/aperfmperf: Separate AP/BP frequency invariance init (bsc#1236289). * x86/aperfmperf: Store aperf/mperf data for cpu frequency reads (bsc#1236289). * x86/aperfmperf: Untangle Intel and AMD frequency invariance init (bsc#1236289). * x86/aperfperf: Make it correct on 32bit and UP kernels (bsc#1236289). * x86/smp: Move APERF/MPERF code where it belongs (bsc#1236289). * x86/smp: Remove unnecessary assignment to local var freq_scale (bsc#1236289). * x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes). * x86/xen: allow larger contiguous memory regions in PV guests (bsc#1236951). * x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes). * xen/swiotlb: relax alignment requirements (bsc#1236951). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-833=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-833=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-833=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2025-833=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-833=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-833=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-833=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-833=1 ## Package List: * openSUSE Leap 15.5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.97.1 * openSUSE Leap 15.5 (noarch) * kernel-source-vanilla-5.14.21-150500.55.97.1 * kernel-macros-5.14.21-150500.55.97.1 * kernel-source-5.14.21-150500.55.97.1 * kernel-docs-html-5.14.21-150500.55.97.1 * kernel-devel-5.14.21-150500.55.97.1 * openSUSE Leap 15.5 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150500.55.97.1 * openSUSE Leap 15.5 (ppc64le x86_64) * kernel-debug-devel-debuginfo-5.14.21-150500.55.97.1 * kernel-debug-debugsource-5.14.21-150500.55.97.1 * kernel-debug-devel-5.14.21-150500.55.97.1 * kernel-debug-debuginfo-5.14.21-150500.55.97.1 * openSUSE Leap 15.5 (x86_64) * kernel-debug-vdso-debuginfo-5.14.21-150500.55.97.1 * kernel-default-vdso-debuginfo-5.14.21-150500.55.97.1 * kernel-debug-vdso-5.14.21-150500.55.97.1 * kernel-kvmsmall-vdso-5.14.21-150500.55.97.1 * kernel-default-vdso-5.14.21-150500.55.97.1 * kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.97.1 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.97.1 * kernel-default-base-rebuild-5.14.21-150500.55.97.1.150500.6.45.1 * kernel-default-base-5.14.21-150500.55.97.1.150500.6.45.1 * kernel-kvmsmall-debugsource-5.14.21-150500.55.97.1 * kernel-kvmsmall-debuginfo-5.14.21-150500.55.97.1 * kernel-kvmsmall-devel-5.14.21-150500.55.97.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.97.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-debugsource-5.14.21-150500.55.97.1 * cluster-md-kmp-default-5.14.21-150500.55.97.1 * reiserfs-kmp-default-5.14.21-150500.55.97.1 * dlm-kmp-default-5.14.21-150500.55.97.1 * kselftests-kmp-default-debuginfo-5.14.21-150500.55.97.1 * ocfs2-kmp-default-5.14.21-150500.55.97.1 * kernel-syms-5.14.21-150500.55.97.1 * kernel-obs-build-5.14.21-150500.55.97.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-devel-5.14.21-150500.55.97.1 * kernel-default-livepatch-5.14.21-150500.55.97.1 * kernel-default-optional-debuginfo-5.14.21-150500.55.97.1 * kernel-default-extra-debuginfo-5.14.21-150500.55.97.1 * kernel-obs-build-debugsource-5.14.21-150500.55.97.1 * kernel-default-debuginfo-5.14.21-150500.55.97.1 * kernel-obs-qa-5.14.21-150500.55.97.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.97.1 * gfs2-kmp-default-5.14.21-150500.55.97.1 * kselftests-kmp-default-5.14.21-150500.55.97.1 * kernel-default-optional-5.14.21-150500.55.97.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-extra-5.14.21-150500.55.97.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.97.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_97-default-1-150500.11.3.1 * kernel-default-livepatch-devel-5.14.21-150500.55.97.1 * kernel-livepatch-5_14_21-150500_55_97-default-debuginfo-1-150500.11.3.1 * kernel-livepatch-SLE15-SP5_Update_24-debugsource-1-150500.11.3.1 * openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150500.55.97.1 * openSUSE Leap 15.5 (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.97.1 * openSUSE Leap 15.5 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150500.55.97.1 * kernel-zfcpdump-debugsource-5.14.21-150500.55.97.1 * openSUSE Leap 15.5 (nosrc) * dtb-aarch64-5.14.21-150500.55.97.1 * openSUSE Leap 15.5 (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150500.55.97.1 * dtb-broadcom-5.14.21-150500.55.97.1 * dtb-exynos-5.14.21-150500.55.97.1 * dtb-lg-5.14.21-150500.55.97.1 * kernel-64kb-optional-debuginfo-5.14.21-150500.55.97.1 * kernel-64kb-extra-5.14.21-150500.55.97.1 * dtb-xilinx-5.14.21-150500.55.97.1 * dtb-nvidia-5.14.21-150500.55.97.1 * dtb-cavium-5.14.21-150500.55.97.1 * kernel-64kb-optional-5.14.21-150500.55.97.1 * dtb-apm-5.14.21-150500.55.97.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.97.1 * dtb-qcom-5.14.21-150500.55.97.1 * ocfs2-kmp-64kb-5.14.21-150500.55.97.1 * dlm-kmp-64kb-debuginfo-5.14.21-150500.55.97.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.97.1 * kernel-64kb-debugsource-5.14.21-150500.55.97.1 * dtb-allwinner-5.14.21-150500.55.97.1 * dtb-socionext-5.14.21-150500.55.97.1 * dlm-kmp-64kb-5.14.21-150500.55.97.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.97.1 * gfs2-kmp-64kb-5.14.21-150500.55.97.1 * dtb-altera-5.14.21-150500.55.97.1 * dtb-sprd-5.14.21-150500.55.97.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.97.1 * dtb-rockchip-5.14.21-150500.55.97.1 * dtb-marvell-5.14.21-150500.55.97.1 * dtb-amazon-5.14.21-150500.55.97.1 * kernel-64kb-devel-5.14.21-150500.55.97.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.97.1 * dtb-apple-5.14.21-150500.55.97.1 * dtb-amd-5.14.21-150500.55.97.1 * dtb-arm-5.14.21-150500.55.97.1 * dtb-hisilicon-5.14.21-150500.55.97.1 * cluster-md-kmp-64kb-5.14.21-150500.55.97.1 * dtb-amlogic-5.14.21-150500.55.97.1 * kernel-64kb-debuginfo-5.14.21-150500.55.97.1 * kernel-64kb-extra-debuginfo-5.14.21-150500.55.97.1 * dtb-renesas-5.14.21-150500.55.97.1 * reiserfs-kmp-64kb-5.14.21-150500.55.97.1 * dtb-mediatek-5.14.21-150500.55.97.1 * kselftests-kmp-64kb-5.14.21-150500.55.97.1 * dtb-freescale-5.14.21-150500.55.97.1 * openSUSE Leap 15.5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * kernel-default-base-5.14.21-150500.55.97.1.150500.6.45.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-debugsource-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Live Patching 15-SP5 (nosrc) * kernel-default-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-livepatch-5.14.21-150500.55.97.1 * kernel-default-debugsource-5.14.21-150500.55.97.1 * kernel-livepatch-5_14_21-150500_55_97-default-1-150500.11.3.1 * kernel-default-livepatch-devel-5.14.21-150500.55.97.1 * kernel-livepatch-5_14_21-150500_55_97-default-debuginfo-1-150500.11.3.1 * kernel-livepatch-SLE15-SP5_Update_24-debugsource-1-150500.11.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.97.1 * cluster-md-kmp-default-5.14.21-150500.55.97.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-debugsource-5.14.21-150500.55.97.1 * gfs2-kmp-default-5.14.21-150500.55.97.1 * dlm-kmp-default-5.14.21-150500.55.97.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.97.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * ocfs2-kmp-default-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (nosrc) * kernel-default-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-obs-build-debugsource-5.14.21-150500.55.97.1 * cluster-md-kmp-default-5.14.21-150500.55.97.1 * kernel-obs-build-5.14.21-150500.55.97.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-base-5.14.21-150500.55.97.1.150500.6.45.1 * kernel-default-devel-5.14.21-150500.55.97.1 * kernel-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-debugsource-5.14.21-150500.55.97.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.97.1 * gfs2-kmp-default-5.14.21-150500.55.97.1 * dlm-kmp-default-5.14.21-150500.55.97.1 * ocfs2-kmp-default-5.14.21-150500.55.97.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.97.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-syms-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64) * kernel-64kb-debugsource-5.14.21-150500.55.97.1 * kernel-64kb-debuginfo-5.14.21-150500.55.97.1 * kernel-64kb-devel-5.14.21-150500.55.97.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * kernel-macros-5.14.21-150500.55.97.1 * kernel-devel-5.14.21-150500.55.97.1 * kernel-source-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-obs-build-debugsource-5.14.21-150500.55.97.1 * cluster-md-kmp-default-5.14.21-150500.55.97.1 * kernel-obs-build-5.14.21-150500.55.97.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-base-5.14.21-150500.55.97.1.150500.6.45.1 * kernel-default-devel-5.14.21-150500.55.97.1 * kernel-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-debugsource-5.14.21-150500.55.97.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.97.1 * gfs2-kmp-default-5.14.21-150500.55.97.1 * dlm-kmp-default-5.14.21-150500.55.97.1 * ocfs2-kmp-default-5.14.21-150500.55.97.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.97.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-syms-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64) * kernel-64kb-debugsource-5.14.21-150500.55.97.1 * kernel-64kb-debuginfo-5.14.21-150500.55.97.1 * kernel-64kb-devel-5.14.21-150500.55.97.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * kernel-macros-5.14.21-150500.55.97.1 * kernel-devel-5.14.21-150500.55.97.1 * kernel-source-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-obs-build-debugsource-5.14.21-150500.55.97.1 * cluster-md-kmp-default-5.14.21-150500.55.97.1 * reiserfs-kmp-default-5.14.21-150500.55.97.1 * kernel-obs-build-5.14.21-150500.55.97.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-devel-5.14.21-150500.55.97.1 * kernel-default-debuginfo-5.14.21-150500.55.97.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-debugsource-5.14.21-150500.55.97.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.97.1 * gfs2-kmp-default-5.14.21-150500.55.97.1 * dlm-kmp-default-5.14.21-150500.55.97.1 * ocfs2-kmp-default-5.14.21-150500.55.97.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.97.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-syms-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64) * kernel-64kb-debugsource-5.14.21-150500.55.97.1 * kernel-64kb-debuginfo-5.14.21-150500.55.97.1 * kernel-64kb-devel-5.14.21-150500.55.97.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.97.1.150500.6.45.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * kernel-macros-5.14.21-150500.55.97.1 * kernel-devel-5.14.21-150500.55.97.1 * kernel-source-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch nosrc) * kernel-docs-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150500.55.97.1 * kernel-zfcpdump-debugsource-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-obs-build-debugsource-5.14.21-150500.55.97.1 * cluster-md-kmp-default-5.14.21-150500.55.97.1 * reiserfs-kmp-default-5.14.21-150500.55.97.1 * kernel-obs-build-5.14.21-150500.55.97.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-base-5.14.21-150500.55.97.1.150500.6.45.1 * kernel-default-devel-5.14.21-150500.55.97.1 * kernel-default-debuginfo-5.14.21-150500.55.97.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-debugsource-5.14.21-150500.55.97.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.97.1 * gfs2-kmp-default-5.14.21-150500.55.97.1 * dlm-kmp-default-5.14.21-150500.55.97.1 * ocfs2-kmp-default-5.14.21-150500.55.97.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.97.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-syms-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * kernel-macros-5.14.21-150500.55.97.1 * kernel-devel-5.14.21-150500.55.97.1 * kernel-source-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.97.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49080.html * https://www.suse.com/security/cve/CVE-2023-1192.html * https://www.suse.com/security/cve/CVE-2023-52572.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53135.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53226.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-57948.html * https://www.suse.com/security/cve/CVE-2025-21647.html * https://www.suse.com/security/cve/CVE-2025-21690.html * https://www.suse.com/security/cve/CVE-2025-21692.html * https://www.suse.com/security/cve/CVE-2025-21699.html * https://bugzilla.suse.com/show_bug.cgi?id=1208995 * https://bugzilla.suse.com/show_bug.cgi?id=1220946 * https://bugzilla.suse.com/show_bug.cgi?id=1225742 * https://bugzilla.suse.com/show_bug.cgi?id=1232472 * https://bugzilla.suse.com/show_bug.cgi?id=1232919 * https://bugzilla.suse.com/show_bug.cgi?id=1233701 * https://bugzilla.suse.com/show_bug.cgi?id=1233749 * https://bugzilla.suse.com/show_bug.cgi?id=1234154 * https://bugzilla.suse.com/show_bug.cgi?id=1234650 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235111 * https://bugzilla.suse.com/show_bug.cgi?id=1236133 * https://bugzilla.suse.com/show_bug.cgi?id=1236289 * https://bugzilla.suse.com/show_bug.cgi?id=1236576 * https://bugzilla.suse.com/show_bug.cgi?id=1236661 * https://bugzilla.suse.com/show_bug.cgi?id=1236677 * https://bugzilla.suse.com/show_bug.cgi?id=1236757 * https://bugzilla.suse.com/show_bug.cgi?id=1236758 * https://bugzilla.suse.com/show_bug.cgi?id=1236760 * https://bugzilla.suse.com/show_bug.cgi?id=1236761 * https://bugzilla.suse.com/show_bug.cgi?id=1236777 * https://bugzilla.suse.com/show_bug.cgi?id=1236951 * https://bugzilla.suse.com/show_bug.cgi?id=1237025 * https://bugzilla.suse.com/show_bug.cgi?id=1237028 * https://bugzilla.suse.com/show_bug.cgi?id=1237139 * https://bugzilla.suse.com/show_bug.cgi?id=1237316 * https://bugzilla.suse.com/show_bug.cgi?id=1237693 * https://bugzilla.suse.com/show_bug.cgi?id=1238033 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 11 16:31:38 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 11 Mar 2025 16:31:38 -0000 Subject: SUSE-SU-2025:0577-2: important: Security update for the Linux Kernel Message-ID: <174171069852.2308.7835517095410979946@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0577-2 Release Date: 2025-03-11T15:28:06Z Rating: important References: * bsc#1194869 * bsc#1216813 * bsc#1223384 * bsc#1225736 * bsc#1226848 * bsc#1226980 * bsc#1228537 * bsc#1228592 * bsc#1230341 * bsc#1230432 * bsc#1230527 * bsc#1230697 * bsc#1231088 * bsc#1231847 * bsc#1232914 * bsc#1233028 * bsc#1233055 * bsc#1233097 * bsc#1233103 * bsc#1233112 * bsc#1233464 * bsc#1233488 * bsc#1233642 * bsc#1233778 * bsc#1234024 * bsc#1234025 * bsc#1234078 * bsc#1234087 * bsc#1234153 * bsc#1234155 * bsc#1234223 * bsc#1234381 * bsc#1234683 * bsc#1234690 * bsc#1234825 * bsc#1234829 * bsc#1234832 * bsc#1234884 * bsc#1234889 * bsc#1234896 * bsc#1234899 * bsc#1234900 * bsc#1234905 * bsc#1234909 * bsc#1234916 * bsc#1234918 * bsc#1234922 * bsc#1234930 * bsc#1234931 * bsc#1234934 * bsc#1234962 * bsc#1234999 * bsc#1235002 * bsc#1235009 * bsc#1235011 * bsc#1235053 * bsc#1235057 * bsc#1235059 * bsc#1235100 * bsc#1235122 * bsc#1235123 * bsc#1235133 * bsc#1235134 * bsc#1235217 * bsc#1235222 * bsc#1235230 * bsc#1235249 * bsc#1235410 * bsc#1235430 * bsc#1235433 * bsc#1235441 * bsc#1235451 * bsc#1235458 * bsc#1235466 * bsc#1235473 * bsc#1235480 * bsc#1235491 * bsc#1235495 * bsc#1235496 * bsc#1235521 * bsc#1235557 * bsc#1235563 * bsc#1235570 * bsc#1235584 * bsc#1235611 * bsc#1235635 * bsc#1235641 * bsc#1235643 * bsc#1235645 * bsc#1235647 * bsc#1235723 * bsc#1235739 * bsc#1235747 * bsc#1235759 * bsc#1235764 * bsc#1235768 * bsc#1235806 * bsc#1235812 * bsc#1235814 * bsc#1235818 * bsc#1235842 * bsc#1235920 * bsc#1235969 * bsc#1236628 Cross-References: * CVE-2024-26758 * CVE-2024-26943 * CVE-2024-36898 * CVE-2024-38599 * CVE-2024-41047 * CVE-2024-45019 * CVE-2024-46858 * CVE-2024-50051 * CVE-2024-50136 * CVE-2024-50142 * CVE-2024-50151 * CVE-2024-50195 * CVE-2024-50199 * CVE-2024-50210 * CVE-2024-50275 * CVE-2024-50299 * CVE-2024-53095 * CVE-2024-53103 * CVE-2024-53104 * CVE-2024-53112 * CVE-2024-53121 * CVE-2024-53127 * CVE-2024-53129 * CVE-2024-53138 * CVE-2024-53141 * CVE-2024-53144 * CVE-2024-53148 * CVE-2024-53151 * CVE-2024-53166 * CVE-2024-53169 * CVE-2024-53171 * CVE-2024-53174 * CVE-2024-53177 * CVE-2024-53208 * CVE-2024-53209 * CVE-2024-53215 * CVE-2024-53217 * CVE-2024-53224 * CVE-2024-53227 * CVE-2024-53229 * CVE-2024-53690 * CVE-2024-54680 * CVE-2024-55916 * CVE-2024-56531 * CVE-2024-56532 * CVE-2024-56533 * CVE-2024-56557 * CVE-2024-56558 * CVE-2024-56562 * CVE-2024-56567 * CVE-2024-56588 * CVE-2024-56595 * CVE-2024-56596 * CVE-2024-56597 * CVE-2024-56600 * CVE-2024-56601 * CVE-2024-56602 * CVE-2024-56623 * CVE-2024-56629 * CVE-2024-56631 * CVE-2024-56642 * CVE-2024-56644 * CVE-2024-56645 * CVE-2024-56648 * CVE-2024-56650 * CVE-2024-56658 * CVE-2024-56661 * CVE-2024-56664 * CVE-2024-56678 * CVE-2024-56681 * CVE-2024-56698 * CVE-2024-56701 * CVE-2024-56704 * CVE-2024-56722 * CVE-2024-56739 * CVE-2024-56745 * CVE-2024-56747 * CVE-2024-56754 * CVE-2024-56756 * CVE-2024-56759 * CVE-2024-56765 * CVE-2024-56776 * CVE-2024-56777 * CVE-2024-56778 * CVE-2024-57791 * CVE-2024-57792 * CVE-2024-57793 * CVE-2024-57798 * CVE-2024-57849 * CVE-2024-57850 * CVE-2024-57876 * CVE-2024-57893 * CVE-2024-57897 * CVE-2024-8805 CVSS scores: * CVE-2024-26758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26758 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26943 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36898 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2024-38599 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-41047 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-45019 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45019 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46858 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46858 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50051 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50051 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50051 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50051 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50136 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-50136 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N * CVE-2024-50136 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50142 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50142 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50142 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50151 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-50151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-50151 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50195 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50195 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50199 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50210 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50275 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50275 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50299 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50299 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53095 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53103 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53103 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53104 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53104 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53104 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53112 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53112 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53112 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53121 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53121 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53127 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53129 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53129 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53138 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-53138 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53141 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53141 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53141 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53148 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53148 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53151 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53151 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53151 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53166 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53166 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53166 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53169 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53169 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53171 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53171 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53171 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53171 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53174 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53174 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53174 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53177 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53208 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53208 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53208 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53208 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53209 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53209 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53209 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53215 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53215 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53215 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53217 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53217 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53224 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53224 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53224 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53227 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53227 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53227 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53227 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53229 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53229 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53690 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54680 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54680 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54680 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54680 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-55916 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-55916 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-55916 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56531 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56531 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56532 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56532 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56533 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56533 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56557 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56557 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56557 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56558 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56558 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56558 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56562 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56562 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56567 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56567 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56567 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56588 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56588 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56588 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56595 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56595 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56596 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56596 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56596 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56597 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-56597 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-56600 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56600 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56601 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56601 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56601 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56601 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56602 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56602 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56602 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56602 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56623 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56623 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56623 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56623 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56629 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56629 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56629 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56631 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56631 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56631 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56631 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56642 ( SUSE ): 7.5 CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56642 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56642 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56642 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56644 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56644 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56645 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56645 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56650 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56650 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-56658 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56658 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56661 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56661 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56661 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56678 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56678 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56678 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56681 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-56681 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-56698 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56698 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56698 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56701 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56701 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56704 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56704 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56722 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56722 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56722 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56739 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56745 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56745 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56745 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56747 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56747 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56747 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56754 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-56754 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-56754 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56756 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-56756 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-56756 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56759 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56759 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56765 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56765 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56765 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56765 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56776 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56776 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56776 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56777 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56777 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56778 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56778 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56778 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57791 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57791 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57792 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57792 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57793 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-57793 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H * CVE-2024-57798 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57798 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57849 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57849 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57850 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57850 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57850 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57876 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57876 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57893 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57893 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57897 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 94 vulnerabilities and has 10 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-36898: gpiolib: cdev: fix uninitialised kfifo (bsc#1225736). * CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088). * CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028). * CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request (bsc#1233055). * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112). * CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb() (bsc#1233488). * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025). * CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381). * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234884). * CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896). * CVE-2024-53209: bnxt_en: Fix receive ring space parameters when XDP is active (bsc#1235002). * CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit() (bsc#1235011). * CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs initialization (bsc#1235123). * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217). * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230). * CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (bsc#1235521). * CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466). * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release() (bsc#1235480). * CVE-2024-56642: tipc: Fix use-after-free of kernel socket in cleanup_bearer() (bsc#1235433). * CVE-2024-56645: can: j1939: j1939_session_new(): fix skb reference counting (bsc#1235134). * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235451). * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235430). * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441). * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249). * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584). * CVE-2024-56747: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() (bsc#1234934). * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645). * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759). * CVE-2024-57792: power: supply: gpio-charger: Fix set charge current limits (bsc#1235764). * CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors (bsc#1235768). * CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (bsc#1235818). * CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling (bsc#1235814). * CVE-2024-57876: drm/dp_mst: Fix resetting msg rx state after topology removal (bsc#1235806). * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages (bsc#1235920). * CVE-2024-57897: drm/amdkfd: Correct the migration DMA map direction (bsc#1235969). The following non-security bugs were fixed: * NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847). * NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847). * NFS: Improve heuristic for readdirplus (bsc#1231847). * NFS: Trigger the "ls -l" readdir heuristic sooner (bsc#1231847). * VFS: use system_unbound_wq for delayed_mntput (bsc#1234683). * ceph: improve error handling and short/overflow-read logic in __ceph_sync_read() (bsc#1228592). * ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980). * netfilter: nf_tables: validate family when identifying table via handle (bsc#1233778). * powerpc/pseries/vas: Add close() callback in vas_vm_ops struct (bsc#1234825). * tipc: fix NULL deref in cleanup_bearer() (bsc#1235433). * x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-577=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-577=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-577=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-577=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-577=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.94.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * kernel-default-base-5.14.21-150500.55.94.1.150500.6.43.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-5.14.21-150500.55.94.1 * kernel-default-debugsource-5.14.21-150500.55.94.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-macros-5.14.21-150500.55.94.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kernel-default-devel-5.14.21-150500.55.94.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.94.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.94.1 * kernel-obs-build-5.14.21-150500.55.94.1 * dlm-kmp-default-5.14.21-150500.55.94.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.94.1 * gfs2-kmp-default-5.14.21-150500.55.94.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.94.1 * kernel-default-debugsource-5.14.21-150500.55.94.1 * kernel-obs-build-debugsource-5.14.21-150500.55.94.1 * cluster-md-kmp-default-5.14.21-150500.55.94.1 * kernel-syms-5.14.21-150500.55.94.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.94.1 * kernel-default-debuginfo-5.14.21-150500.55.94.1 * kernel-default-base-5.14.21-150500.55.94.1.150500.6.43.1 * ocfs2-kmp-default-5.14.21-150500.55.94.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.94.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64) * kernel-64kb-debuginfo-5.14.21-150500.55.94.1 * kernel-64kb-debugsource-5.14.21-150500.55.94.1 * kernel-64kb-devel-5.14.21-150500.55.94.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.94.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.94.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * kernel-macros-5.14.21-150500.55.94.1 * kernel-source-5.14.21-150500.55.94.1 * kernel-devel-5.14.21-150500.55.94.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.94.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kernel-default-devel-5.14.21-150500.55.94.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.94.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.94.1 * kernel-obs-build-5.14.21-150500.55.94.1 * dlm-kmp-default-5.14.21-150500.55.94.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.94.1 * gfs2-kmp-default-5.14.21-150500.55.94.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.94.1 * kernel-default-debugsource-5.14.21-150500.55.94.1 * kernel-obs-build-debugsource-5.14.21-150500.55.94.1 * cluster-md-kmp-default-5.14.21-150500.55.94.1 * kernel-syms-5.14.21-150500.55.94.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.94.1 * kernel-default-debuginfo-5.14.21-150500.55.94.1 * kernel-default-base-5.14.21-150500.55.94.1.150500.6.43.1 * ocfs2-kmp-default-5.14.21-150500.55.94.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.94.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64) * kernel-64kb-debuginfo-5.14.21-150500.55.94.1 * kernel-64kb-debugsource-5.14.21-150500.55.94.1 * kernel-64kb-devel-5.14.21-150500.55.94.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.94.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.94.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * kernel-macros-5.14.21-150500.55.94.1 * kernel-source-5.14.21-150500.55.94.1 * kernel-devel-5.14.21-150500.55.94.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.94.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-devel-5.14.21-150500.55.94.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.94.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.94.1 * kernel-obs-build-5.14.21-150500.55.94.1 * dlm-kmp-default-5.14.21-150500.55.94.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.94.1 * gfs2-kmp-default-5.14.21-150500.55.94.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.94.1 * kernel-default-debugsource-5.14.21-150500.55.94.1 * kernel-obs-build-debugsource-5.14.21-150500.55.94.1 * cluster-md-kmp-default-5.14.21-150500.55.94.1 * kernel-syms-5.14.21-150500.55.94.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.94.1 * reiserfs-kmp-default-5.14.21-150500.55.94.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.94.1 * kernel-default-debuginfo-5.14.21-150500.55.94.1 * ocfs2-kmp-default-5.14.21-150500.55.94.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.94.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64) * kernel-64kb-debuginfo-5.14.21-150500.55.94.1 * kernel-64kb-debugsource-5.14.21-150500.55.94.1 * kernel-64kb-devel-5.14.21-150500.55.94.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.94.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.94.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.94.1.150500.6.43.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * kernel-macros-5.14.21-150500.55.94.1 * kernel-source-5.14.21-150500.55.94.1 * kernel-devel-5.14.21-150500.55.94.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch nosrc) * kernel-docs-5.14.21-150500.55.94.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.94.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150500.55.94.1 * kernel-zfcpdump-debugsource-5.14.21-150500.55.94.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * kernel-default-devel-5.14.21-150500.55.94.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.94.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.94.1 * kernel-obs-build-5.14.21-150500.55.94.1 * dlm-kmp-default-5.14.21-150500.55.94.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.94.1 * gfs2-kmp-default-5.14.21-150500.55.94.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.94.1 * kernel-default-debugsource-5.14.21-150500.55.94.1 * kernel-obs-build-debugsource-5.14.21-150500.55.94.1 * cluster-md-kmp-default-5.14.21-150500.55.94.1 * kernel-syms-5.14.21-150500.55.94.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.94.1 * reiserfs-kmp-default-5.14.21-150500.55.94.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.94.1 * kernel-default-debuginfo-5.14.21-150500.55.94.1 * kernel-default-base-5.14.21-150500.55.94.1.150500.6.43.1 * ocfs2-kmp-default-5.14.21-150500.55.94.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150500.55.94.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * kernel-macros-5.14.21-150500.55.94.1 * kernel-source-5.14.21-150500.55.94.1 * kernel-devel-5.14.21-150500.55.94.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.94.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26758.html * https://www.suse.com/security/cve/CVE-2024-26943.html * https://www.suse.com/security/cve/CVE-2024-36898.html * https://www.suse.com/security/cve/CVE-2024-38599.html * https://www.suse.com/security/cve/CVE-2024-41047.html * https://www.suse.com/security/cve/CVE-2024-45019.html * https://www.suse.com/security/cve/CVE-2024-46858.html * https://www.suse.com/security/cve/CVE-2024-50051.html * https://www.suse.com/security/cve/CVE-2024-50136.html * https://www.suse.com/security/cve/CVE-2024-50142.html * https://www.suse.com/security/cve/CVE-2024-50151.html * https://www.suse.com/security/cve/CVE-2024-50195.html * https://www.suse.com/security/cve/CVE-2024-50199.html * https://www.suse.com/security/cve/CVE-2024-50210.html * https://www.suse.com/security/cve/CVE-2024-50275.html * https://www.suse.com/security/cve/CVE-2024-50299.html * https://www.suse.com/security/cve/CVE-2024-53095.html * https://www.suse.com/security/cve/CVE-2024-53103.html * https://www.suse.com/security/cve/CVE-2024-53104.html * https://www.suse.com/security/cve/CVE-2024-53112.html * https://www.suse.com/security/cve/CVE-2024-53121.html * https://www.suse.com/security/cve/CVE-2024-53127.html * https://www.suse.com/security/cve/CVE-2024-53129.html * https://www.suse.com/security/cve/CVE-2024-53138.html * https://www.suse.com/security/cve/CVE-2024-53141.html * https://www.suse.com/security/cve/CVE-2024-53144.html * https://www.suse.com/security/cve/CVE-2024-53148.html * https://www.suse.com/security/cve/CVE-2024-53151.html * https://www.suse.com/security/cve/CVE-2024-53166.html * https://www.suse.com/security/cve/CVE-2024-53169.html * https://www.suse.com/security/cve/CVE-2024-53171.html * https://www.suse.com/security/cve/CVE-2024-53174.html * https://www.suse.com/security/cve/CVE-2024-53177.html * https://www.suse.com/security/cve/CVE-2024-53208.html * https://www.suse.com/security/cve/CVE-2024-53209.html * https://www.suse.com/security/cve/CVE-2024-53215.html * https://www.suse.com/security/cve/CVE-2024-53217.html * https://www.suse.com/security/cve/CVE-2024-53224.html * https://www.suse.com/security/cve/CVE-2024-53227.html * https://www.suse.com/security/cve/CVE-2024-53229.html * https://www.suse.com/security/cve/CVE-2024-53690.html * https://www.suse.com/security/cve/CVE-2024-54680.html * https://www.suse.com/security/cve/CVE-2024-55916.html * https://www.suse.com/security/cve/CVE-2024-56531.html * https://www.suse.com/security/cve/CVE-2024-56532.html * https://www.suse.com/security/cve/CVE-2024-56533.html * https://www.suse.com/security/cve/CVE-2024-56557.html * https://www.suse.com/security/cve/CVE-2024-56558.html * https://www.suse.com/security/cve/CVE-2024-56562.html * https://www.suse.com/security/cve/CVE-2024-56567.html * https://www.suse.com/security/cve/CVE-2024-56588.html * https://www.suse.com/security/cve/CVE-2024-56595.html * https://www.suse.com/security/cve/CVE-2024-56596.html * https://www.suse.com/security/cve/CVE-2024-56597.html * https://www.suse.com/security/cve/CVE-2024-56600.html * https://www.suse.com/security/cve/CVE-2024-56601.html * https://www.suse.com/security/cve/CVE-2024-56602.html * https://www.suse.com/security/cve/CVE-2024-56623.html * https://www.suse.com/security/cve/CVE-2024-56629.html * https://www.suse.com/security/cve/CVE-2024-56631.html * https://www.suse.com/security/cve/CVE-2024-56642.html * https://www.suse.com/security/cve/CVE-2024-56644.html * https://www.suse.com/security/cve/CVE-2024-56645.html * https://www.suse.com/security/cve/CVE-2024-56648.html * https://www.suse.com/security/cve/CVE-2024-56650.html * https://www.suse.com/security/cve/CVE-2024-56658.html * https://www.suse.com/security/cve/CVE-2024-56661.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2024-56678.html * https://www.suse.com/security/cve/CVE-2024-56681.html * https://www.suse.com/security/cve/CVE-2024-56698.html * https://www.suse.com/security/cve/CVE-2024-56701.html * https://www.suse.com/security/cve/CVE-2024-56704.html * https://www.suse.com/security/cve/CVE-2024-56722.html * https://www.suse.com/security/cve/CVE-2024-56739.html * https://www.suse.com/security/cve/CVE-2024-56745.html * https://www.suse.com/security/cve/CVE-2024-56747.html * https://www.suse.com/security/cve/CVE-2024-56754.html * https://www.suse.com/security/cve/CVE-2024-56756.html * https://www.suse.com/security/cve/CVE-2024-56759.html * https://www.suse.com/security/cve/CVE-2024-56765.html * https://www.suse.com/security/cve/CVE-2024-56776.html * https://www.suse.com/security/cve/CVE-2024-56777.html * https://www.suse.com/security/cve/CVE-2024-56778.html * https://www.suse.com/security/cve/CVE-2024-57791.html * https://www.suse.com/security/cve/CVE-2024-57792.html * https://www.suse.com/security/cve/CVE-2024-57793.html * https://www.suse.com/security/cve/CVE-2024-57798.html * https://www.suse.com/security/cve/CVE-2024-57849.html * https://www.suse.com/security/cve/CVE-2024-57850.html * https://www.suse.com/security/cve/CVE-2024-57876.html * https://www.suse.com/security/cve/CVE-2024-57893.html * https://www.suse.com/security/cve/CVE-2024-57897.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1216813 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1225736 * https://bugzilla.suse.com/show_bug.cgi?id=1226848 * https://bugzilla.suse.com/show_bug.cgi?id=1226980 * https://bugzilla.suse.com/show_bug.cgi?id=1228537 * https://bugzilla.suse.com/show_bug.cgi?id=1228592 * https://bugzilla.suse.com/show_bug.cgi?id=1230341 * https://bugzilla.suse.com/show_bug.cgi?id=1230432 * https://bugzilla.suse.com/show_bug.cgi?id=1230527 * https://bugzilla.suse.com/show_bug.cgi?id=1230697 * https://bugzilla.suse.com/show_bug.cgi?id=1231088 * https://bugzilla.suse.com/show_bug.cgi?id=1231847 * https://bugzilla.suse.com/show_bug.cgi?id=1232914 * https://bugzilla.suse.com/show_bug.cgi?id=1233028 * https://bugzilla.suse.com/show_bug.cgi?id=1233055 * https://bugzilla.suse.com/show_bug.cgi?id=1233097 * https://bugzilla.suse.com/show_bug.cgi?id=1233103 * https://bugzilla.suse.com/show_bug.cgi?id=1233112 * https://bugzilla.suse.com/show_bug.cgi?id=1233464 * https://bugzilla.suse.com/show_bug.cgi?id=1233488 * https://bugzilla.suse.com/show_bug.cgi?id=1233642 * https://bugzilla.suse.com/show_bug.cgi?id=1233778 * https://bugzilla.suse.com/show_bug.cgi?id=1234024 * https://bugzilla.suse.com/show_bug.cgi?id=1234025 * https://bugzilla.suse.com/show_bug.cgi?id=1234078 * https://bugzilla.suse.com/show_bug.cgi?id=1234087 * https://bugzilla.suse.com/show_bug.cgi?id=1234153 * https://bugzilla.suse.com/show_bug.cgi?id=1234155 * https://bugzilla.suse.com/show_bug.cgi?id=1234223 * https://bugzilla.suse.com/show_bug.cgi?id=1234381 * https://bugzilla.suse.com/show_bug.cgi?id=1234683 * https://bugzilla.suse.com/show_bug.cgi?id=1234690 * https://bugzilla.suse.com/show_bug.cgi?id=1234825 * https://bugzilla.suse.com/show_bug.cgi?id=1234829 * https://bugzilla.suse.com/show_bug.cgi?id=1234832 * https://bugzilla.suse.com/show_bug.cgi?id=1234884 * https://bugzilla.suse.com/show_bug.cgi?id=1234889 * https://bugzilla.suse.com/show_bug.cgi?id=1234896 * https://bugzilla.suse.com/show_bug.cgi?id=1234899 * https://bugzilla.suse.com/show_bug.cgi?id=1234900 * https://bugzilla.suse.com/show_bug.cgi?id=1234905 * https://bugzilla.suse.com/show_bug.cgi?id=1234909 * https://bugzilla.suse.com/show_bug.cgi?id=1234916 * https://bugzilla.suse.com/show_bug.cgi?id=1234918 * https://bugzilla.suse.com/show_bug.cgi?id=1234922 * https://bugzilla.suse.com/show_bug.cgi?id=1234930 * https://bugzilla.suse.com/show_bug.cgi?id=1234931 * https://bugzilla.suse.com/show_bug.cgi?id=1234934 * https://bugzilla.suse.com/show_bug.cgi?id=1234962 * https://bugzilla.suse.com/show_bug.cgi?id=1234999 * https://bugzilla.suse.com/show_bug.cgi?id=1235002 * https://bugzilla.suse.com/show_bug.cgi?id=1235009 * https://bugzilla.suse.com/show_bug.cgi?id=1235011 * https://bugzilla.suse.com/show_bug.cgi?id=1235053 * https://bugzilla.suse.com/show_bug.cgi?id=1235057 * https://bugzilla.suse.com/show_bug.cgi?id=1235059 * https://bugzilla.suse.com/show_bug.cgi?id=1235100 * https://bugzilla.suse.com/show_bug.cgi?id=1235122 * https://bugzilla.suse.com/show_bug.cgi?id=1235123 * https://bugzilla.suse.com/show_bug.cgi?id=1235133 * https://bugzilla.suse.com/show_bug.cgi?id=1235134 * https://bugzilla.suse.com/show_bug.cgi?id=1235217 * https://bugzilla.suse.com/show_bug.cgi?id=1235222 * https://bugzilla.suse.com/show_bug.cgi?id=1235230 * https://bugzilla.suse.com/show_bug.cgi?id=1235249 * https://bugzilla.suse.com/show_bug.cgi?id=1235410 * https://bugzilla.suse.com/show_bug.cgi?id=1235430 * https://bugzilla.suse.com/show_bug.cgi?id=1235433 * https://bugzilla.suse.com/show_bug.cgi?id=1235441 * https://bugzilla.suse.com/show_bug.cgi?id=1235451 * https://bugzilla.suse.com/show_bug.cgi?id=1235458 * https://bugzilla.suse.com/show_bug.cgi?id=1235466 * https://bugzilla.suse.com/show_bug.cgi?id=1235473 * https://bugzilla.suse.com/show_bug.cgi?id=1235480 * https://bugzilla.suse.com/show_bug.cgi?id=1235491 * https://bugzilla.suse.com/show_bug.cgi?id=1235495 * https://bugzilla.suse.com/show_bug.cgi?id=1235496 * https://bugzilla.suse.com/show_bug.cgi?id=1235521 * https://bugzilla.suse.com/show_bug.cgi?id=1235557 * https://bugzilla.suse.com/show_bug.cgi?id=1235563 * https://bugzilla.suse.com/show_bug.cgi?id=1235570 * https://bugzilla.suse.com/show_bug.cgi?id=1235584 * https://bugzilla.suse.com/show_bug.cgi?id=1235611 * https://bugzilla.suse.com/show_bug.cgi?id=1235635 * https://bugzilla.suse.com/show_bug.cgi?id=1235641 * https://bugzilla.suse.com/show_bug.cgi?id=1235643 * https://bugzilla.suse.com/show_bug.cgi?id=1235645 * https://bugzilla.suse.com/show_bug.cgi?id=1235647 * https://bugzilla.suse.com/show_bug.cgi?id=1235723 * https://bugzilla.suse.com/show_bug.cgi?id=1235739 * https://bugzilla.suse.com/show_bug.cgi?id=1235747 * https://bugzilla.suse.com/show_bug.cgi?id=1235759 * https://bugzilla.suse.com/show_bug.cgi?id=1235764 * https://bugzilla.suse.com/show_bug.cgi?id=1235768 * https://bugzilla.suse.com/show_bug.cgi?id=1235806 * https://bugzilla.suse.com/show_bug.cgi?id=1235812 * https://bugzilla.suse.com/show_bug.cgi?id=1235814 * https://bugzilla.suse.com/show_bug.cgi?id=1235818 * https://bugzilla.suse.com/show_bug.cgi?id=1235842 * https://bugzilla.suse.com/show_bug.cgi?id=1235920 * https://bugzilla.suse.com/show_bug.cgi?id=1235969 * https://bugzilla.suse.com/show_bug.cgi?id=1236628 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 11 16:33:10 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 11 Mar 2025 16:33:10 -0000 Subject: SUSE-SU-2025:0201-2: important: Security update for the Linux Kernel Message-ID: <174171079062.2308.4608792230419103471@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0201-2 Release Date: 2025-03-11T13:41:35Z Rating: important References: * bsc#1170891 * bsc#1173139 * bsc#1185010 * bsc#1190358 * bsc#1190428 * bsc#1203332 * bsc#1205521 * bsc#1209288 * bsc#1209798 * bsc#1211593 * bsc#1211595 * bsc#1214635 * bsc#1215304 * bsc#1215523 * bsc#1216813 * bsc#1216909 * bsc#1219608 * bsc#1222878 * bsc#1223044 * bsc#1225758 * bsc#1225820 * bsc#1226694 * bsc#1228190 * bsc#1229809 * bsc#1230422 * bsc#1230697 * bsc#1231388 * bsc#1231453 * bsc#1231854 * bsc#1232045 * bsc#1232157 * bsc#1232166 * bsc#1232419 * bsc#1232436 * bsc#1232472 * bsc#1232823 * bsc#1233038 * bsc#1233050 * bsc#1233070 * bsc#1233096 * bsc#1233127 * bsc#1233200 * bsc#1233239 * bsc#1233324 * bsc#1233467 * bsc#1233468 * bsc#1233469 * bsc#1233485 * bsc#1233547 * bsc#1233550 * bsc#1233558 * bsc#1233564 * bsc#1233568 * bsc#1233637 * bsc#1233642 * bsc#1233701 * bsc#1233769 * bsc#1233837 * bsc#1234072 * bsc#1234073 * bsc#1234075 * bsc#1234076 * bsc#1234077 * bsc#1234087 * bsc#1234120 * bsc#1234156 * bsc#1234219 * bsc#1234220 * bsc#1234240 * bsc#1234241 * bsc#1234281 * bsc#1234282 * bsc#1234294 * bsc#1234338 * bsc#1234357 * bsc#1234437 * bsc#1234464 * bsc#1234605 * bsc#1234639 * bsc#1234650 * bsc#1234727 * bsc#1234811 * bsc#1234827 * bsc#1234834 * bsc#1234843 * bsc#1234846 * bsc#1234853 * bsc#1234856 * bsc#1234891 * bsc#1234912 * bsc#1234920 * bsc#1234921 * bsc#1234960 * bsc#1234963 * bsc#1234971 * bsc#1234973 * bsc#1235004 * bsc#1235035 * bsc#1235037 * bsc#1235039 * bsc#1235054 * bsc#1235056 * bsc#1235061 * bsc#1235073 * bsc#1235220 * bsc#1235224 * bsc#1235246 * bsc#1235507 Cross-References: * CVE-2021-47202 * CVE-2022-36280 * CVE-2022-48742 * CVE-2022-49033 * CVE-2022-49035 * CVE-2023-1382 * CVE-2023-33951 * CVE-2023-33952 * CVE-2023-52920 * CVE-2024-24860 * CVE-2024-26886 * CVE-2024-26924 * CVE-2024-36915 * CVE-2024-42232 * CVE-2024-44934 * CVE-2024-47666 * CVE-2024-47678 * CVE-2024-49944 * CVE-2024-49952 * CVE-2024-50018 * CVE-2024-50143 * CVE-2024-50154 * CVE-2024-50166 * CVE-2024-50181 * CVE-2024-50202 * CVE-2024-50211 * CVE-2024-50256 * CVE-2024-50262 * CVE-2024-50278 * CVE-2024-50279 * CVE-2024-50280 * CVE-2024-50296 * CVE-2024-53051 * CVE-2024-53055 * CVE-2024-53056 * CVE-2024-53064 * CVE-2024-53072 * CVE-2024-53090 * CVE-2024-53095 * CVE-2024-53101 * CVE-2024-53113 * CVE-2024-53114 * CVE-2024-53119 * CVE-2024-53120 * CVE-2024-53122 * CVE-2024-53125 * CVE-2024-53130 * CVE-2024-53131 * CVE-2024-53142 * CVE-2024-53146 * CVE-2024-53150 * CVE-2024-53156 * CVE-2024-53157 * CVE-2024-53158 * CVE-2024-53161 * CVE-2024-53162 * CVE-2024-53173 * CVE-2024-53179 * CVE-2024-53206 * CVE-2024-53210 * CVE-2024-53213 * CVE-2024-53214 * CVE-2024-53239 * CVE-2024-53240 * CVE-2024-53241 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56549 * CVE-2024-56570 * CVE-2024-56571 * CVE-2024-56575 * CVE-2024-56598 * CVE-2024-56604 * CVE-2024-56605 * CVE-2024-56619 * CVE-2024-56755 * CVE-2024-8805 CVSS scores: * CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-36280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-36280 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H * CVE-2022-48742 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48742 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49033 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49033 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49033 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49035 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49035 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49035 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1382 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1382 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-33951 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L * CVE-2023-33951 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2023-33952 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-33952 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52920 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24860 ( NVD ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24860 ( NVD ): 4.6 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N * CVE-2024-26886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26886 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26924 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36915 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44934 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47666 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47666 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47666 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47678 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-47678 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47678 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-49944 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49944 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49952 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49952 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50018 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50018 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50143 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50143 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50143 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50154 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50166 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50166 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50181 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50181 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50202 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50211 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50211 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50256 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50256 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50256 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50262 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50262 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50262 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50262 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50278 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H * CVE-2024-50278 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50279 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50279 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50280 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50296 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50296 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53051 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53051 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53055 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53055 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53056 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53064 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53072 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53072 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53095 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53101 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53101 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53101 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53113 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53114 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53119 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53120 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53122 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53125 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53130 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53130 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53131 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53142 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-53142 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53150 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53150 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53150 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53157 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53157 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53158 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53158 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-53161 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53161 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53161 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53162 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53162 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53162 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53179 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53206 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53206 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53210 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53210 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53213 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53213 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-53213 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53241 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53241 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56548 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56549 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56549 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56549 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56570 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56570 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56571 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-56571 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-56575 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56575 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56598 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56598 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56604 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56619 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56619 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56619 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56755 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56755 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56755 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 77 vulnerabilities and has 31 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332). * CVE-2022-48742: rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() (bsc#1226694). * CVE-2022-49033: btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() (bsc#1232045). * CVE-2023-1382: Fixed denial of service in tipc_conn_close (bsc#1209288). * CVE-2023-33951: Fixed a race condition that could have led to an information disclosure inside the vmwgfx driver (bsc#1211593). * CVE-2023-33952: Fixed a double free that could have led to a local privilege escalation inside the vmwgfx driver (bsc#1211595). * CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking (bsc#1232823). * CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044). * CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820). * CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). * CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809). * CVE-2024-47666: scsi: pm80xx: Set phy->enable_completion only when we wait for it (bsc#1231453). * CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854). * CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1232166). * CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157). * CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419). * CVE-2024-50143: udf: fix uninit-value use in udf_get_fileshortad (bsc#1233038). * CVE-2024-50166: fsl/fman: Fix refcount handling of fman-related devices (bsc#1233050). * CVE-2024-50181: clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (bsc#1233127). * CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324). * CVE-2024-50211: udf: refactor inode_bmap() to handle error (bsc#1233096). * CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200). * CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239). * CVE-2024-50278, CVE-2024-50280: dm cache: fix flushing uninitialized delayed_work on cache_ctr error (bsc#1233467 bsc#1233469). * CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467). * CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468). * CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485). * CVE-2024-53051: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (bsc#1233547). * CVE-2024-53055: wifi: iwlwifi: mvm: fix 6 GHz scan construction (bsc#1233550). * CVE-2024-53056: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (bsc#1233568). * CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558 bsc#1234464). * CVE-2024-53072: platform/x86/amd/pmc: Detect when STB is not available (bsc#1233564). * CVE-2024-53090: afs: Fix lock recursion (bsc#1233637). * CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642). * CVE-2024-53101: fs: Fix uninitialized value issue in from_kuid and from_kgid (bsc#1233769). * CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077). * CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072). * CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073). * CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076). * CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156). * CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219). * CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220). * CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). * CVE-2024-53150: ALSA: usb-audio: Fix out of bounds reads when finding clock sources (bsc#1234834). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). * CVE-2024-53157: firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (bsc#1234827). * CVE-2024-53158: soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (bsc#1234811). * CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856). * CVE-2024-53162: crypto: qat/qat_4xxx - fix off by one in uof_get_name() (bsc#1234843). * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). * CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). * CVE-2024-53210: s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (bsc#1234971). * CVE-2024-53213: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (bsc#1234973). * CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). * CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054). * CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281). * CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282). * CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963). * CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073). * CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912). * CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035). * CVE-2024-56571: media: uvcvideo: Require entities to have a non-zero unique ID (bsc#1235037). * CVE-2024-56575: media: imx-jpeg: Ensure power suppliers be suspended before detach them (bsc#1235039). * CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220). * CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). * CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). * CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224). * CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920). The following non-security bugs were fixed: * ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294) * Documentation: Add x86/amd_hsmp driver (jsc#PED-1295). * Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git- fixes). * Drop a couple of block layer git-fixes (bsc#1170891 bsc#1173139) * KVM: x86: fix sending PV IPI (git-fixes). * NFS/pnfs: Fix a live lock between recalled layouts and layoutget (git- fixes). * NFSD: Fix nfsd4_shutdown_copy() (git-fixes). * NFSD: Move fill_pre_wcc() and fill_post_wcc() (bsc#1234650 bsc#1233701 bsc#1232472). * NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (git-fixes). * NFSD: Prevent a potential integer overflow (git-fixes). * NFSD: reduce locking in nfsd_lookup() (bsc#1234650 bsc#1233701 bsc#1232472). * NFSv4.0: Fix a use-after-free problem in the asynchronous open() (git- fixes). * PCI: vmd: Fix secondary bus reset for Intel bridges (git-fixes). * RDMA/hns: Disassociate mmap pages for all uctx when HW is being reset (git- fixes) * README: Clean-up trailing whitespace * SUNRPC: make sure cache entry active before cache_show (git-fixes). * amd_hsmp: Add HSMP protocol version 5 messages (jsc#PED-1295). * arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605) * arm64: dts: allwinner: pinephone: Add mount matrix to accelerometer (git- fixes). * arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc (git-fixes). * arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (git- fixes). * arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire- excavator (git-fixes). * arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion (git- fixes). * arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (git-fixes). * autofs: fix memory leak of waitqueues in autofs_catatonic_mode (git-fixes). * autofs: use flexible array in ioctl structure (git-fixes). * devlink: allow registering parameters after the instance (bsc#1231388 bsc#1230422). * devlink: do not require setting features before registration (bsc#1231388 bsc#1230422). * dma-fence: Fix reference leak on fence merge failure path (git-fixes). * dmaengine: idxd: Check for driver name match before sva user feature (bsc#1234357). * dmaengine: idxd: add wq driver name support for accel-config user tool (bsc#1234357). * drm/sti: Add __iomem for mixer_dbg_mxn's parameter (git-fixes). * drm/v3d: Enable Performance Counters before clearing them (git-fixes). * exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes). * fixup "rpm: support gz and zst compression methods" once more (bsc#1190428, bsc#1190358) Fixes: 3b8c4d9bcc24 ("rpm: support gz and zst compression methods") Fixes: 23510fce36ec ("fixup "rpm: support gz and zst compression methods"") * hfsplus: do not query the device logical block size multiple times (git- fixes). * idpf: add support for SW triggered interrupts (bsc#1235507). * idpf: enable WB_ON_ITR (bsc#1235507). * idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507). * ipc/sem: Fix dangling sem_array access in semtimedop race (bsc#1234727). * jffs2: Fix rtime decompressor (git-fixes). * jffs2: Prevent rtime decompress memory corruption (git-fixes). * jffs2: fix use of uninitialized variable (git-fixes). * jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (git- fixes). * jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes). * jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes). * jfs: fix shift-out-of-bounds in dbSplit (git-fixes). * jfs: xattr: check invalid xattr size more strictly (git-fixes). * kabi/severities: ignore intermodule symbols between fsl_fman and fsl_dpaa_eth * kernel-binary: do not BuildIgnore m4. It is actually needed for regenerating zconf when it is not up-to-date due to merge. * kobject: Add sanity check for kset->kobj.ktype in kset_register() (bsc#1234639). * memory: tegra: Add API for retrieving carveout bounds (jsc#PED-1763). * mm/kfence: reset PG_slab and memcg_data before freeing __kfence_pool (bsc#1234120). * mmc: core: Further prevent card detect during shutdown (git-fixes). * net/ipv6: release expired exception dst cached in socket (bsc#1216813). * net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246). * nfsd: make sure exp active before svc_export_show (git-fixes). * nfsd: remove unsafe BUG_ON from set_change_info (bsc#1234650 bsc#1233701 bsc#1232472). * nfsd: restore callback functionality for NFSv4.0 (git-fixes). * nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (git-fixes). * nilfs2: prevent use of deleted inode (git-fixes). * ocfs2: uncache inode which has failed entering the group (bsc#1234087). * phy: tegra: p2u: Set ENABLE_L2_EXIT_RATE_CHANGE in calibration (jsc#PED-1763). * platform/x86: Add AMD system management interface (jsc#PED-1295). * proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (git- fixes). * pwm: tegra: Improve required rate calculation (jsc#PED-1763). * regmap: detach regmap from dev on regmap_exit (git-fixes). * rpm/kernel-binary.spec.in: Fix build regression The previous fix forgot to take over grep -c option that broke the conditional expression * scatterlist: fix incorrect func name in kernel-doc (git-fixes). * scripts/git_sort/git_sort.py: add tegra DRM and linux-pwm repo * scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes). * serial: tegra: Read DMA status before terminating (jsc#PED-1763). * smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: this fixes issue discussed in bsc#1233642]. * spi: mpc52xx: Add cancel_work_sync before module remove (git-fixes). * sunrpc: simplify two-level sysctl registration for svcrdma_parm_table (git- fixes). * supported.conf: add bsc1185010 dependency * supported.conf: hyperv_drm (jsc#sle-19733) * svcrdma: Address an integer overflow (git-fixes). * svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() (git- fixes). * tpm_tis_spi: Release chip select when flow control fails (bsc#1234338) * ubifs: Correct the total block count by deducting journal reservation (git- fixes). * ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (git- fixes). * udf: Handle error when adding extent to a file (bsc#1234437). * udf: refactor udf_current_aext() to handle error (bsc#1234240). * udf: refactor udf_next_aext() to handle error (bsc#1234241). * usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode() (git-fixes). * usb: typec: tps6598x: Fix return value check in tps6598x_probe() (git- fixes). * x86/bug: Merge annotate_reachable() into _BUG_FLAGS() asm (git-fixes). * x86/fpu/xsave: Handle compacted offsets correctly with supervisor states (git-fixes). * x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes). * x86/fpu: Remove unused supervisor only offsets (git-fixes). * x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes). * x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes). * x86/mce: Allow instrumentation during task work queueing (git-fixes). * x86/mce: Mark mce_end() noinstr (git-fixes). * x86/mce: Mark mce_panic() noinstr (git-fixes). * x86/mce: Mark mce_read_aux() noinstr (git-fixes). * x86/mm: Flush global TLB when switching to trampoline page-table (git- fixes). * x86/sev: Make enc_dec_hypercall() accept a size instead of npages (bsc#1214635). * x86/sgx: Free backing memory after faulting the enclave page (git-fixes). * x86/sgx: Silence softlockup detection when releasing large enclaves (git- fixes). * x86/uaccess: Move variable into switch case statement (git-fixes). * x86: Annotate call_on_stack() (git-fixes). * xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909). * zonefs: fix zone report size in __zonefs_io_error() (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-201=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-201=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-201=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-201=1 ## Package List: * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-5.14.21-150500.55.91.1 * kernel-syms-5.14.21-150500.55.91.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.91.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.91.1 * kernel-obs-build-5.14.21-150500.55.91.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.91.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.91.1 * kernel-default-devel-5.14.21-150500.55.91.1 * kernel-default-debugsource-5.14.21-150500.55.91.1 * gfs2-kmp-default-5.14.21-150500.55.91.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.91.1 * kernel-default-debuginfo-5.14.21-150500.55.91.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.91.1 * dlm-kmp-default-5.14.21-150500.55.91.1 * reiserfs-kmp-default-5.14.21-150500.55.91.1 * ocfs2-kmp-default-5.14.21-150500.55.91.1 * cluster-md-kmp-default-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64) * kernel-64kb-debuginfo-5.14.21-150500.55.91.1 * kernel-64kb-debugsource-5.14.21-150500.55.91.1 * kernel-64kb-devel-5.14.21-150500.55.91.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.91.1.150500.6.41.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * kernel-devel-5.14.21-150500.55.91.1 * kernel-source-5.14.21-150500.55.91.1 * kernel-macros-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch nosrc) * kernel-docs-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (s390x) * kernel-zfcpdump-debugsource-5.14.21-150500.55.91.1 * kernel-zfcpdump-debuginfo-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * kernel-obs-build-debugsource-5.14.21-150500.55.91.1 * kernel-syms-5.14.21-150500.55.91.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.91.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.91.1 * kernel-obs-build-5.14.21-150500.55.91.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.91.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.91.1 * kernel-default-devel-5.14.21-150500.55.91.1 * kernel-default-debugsource-5.14.21-150500.55.91.1 * gfs2-kmp-default-5.14.21-150500.55.91.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.91.1 * kernel-default-base-5.14.21-150500.55.91.1.150500.6.41.1 * kernel-default-debuginfo-5.14.21-150500.55.91.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.91.1 * dlm-kmp-default-5.14.21-150500.55.91.1 * reiserfs-kmp-default-5.14.21-150500.55.91.1 * ocfs2-kmp-default-5.14.21-150500.55.91.1 * cluster-md-kmp-default-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * kernel-devel-5.14.21-150500.55.91.1 * kernel-source-5.14.21-150500.55.91.1 * kernel-macros-5.14.21-150500.55.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kernel-obs-build-debugsource-5.14.21-150500.55.91.1 * kernel-syms-5.14.21-150500.55.91.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.91.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.91.1 * kernel-obs-build-5.14.21-150500.55.91.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.91.1 * kernel-default-devel-5.14.21-150500.55.91.1 * kernel-default-debugsource-5.14.21-150500.55.91.1 * gfs2-kmp-default-5.14.21-150500.55.91.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.91.1 * kernel-default-base-5.14.21-150500.55.91.1.150500.6.41.1 * kernel-default-debuginfo-5.14.21-150500.55.91.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.91.1 * dlm-kmp-default-5.14.21-150500.55.91.1 * ocfs2-kmp-default-5.14.21-150500.55.91.1 * cluster-md-kmp-default-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64) * kernel-64kb-debuginfo-5.14.21-150500.55.91.1 * kernel-64kb-debugsource-5.14.21-150500.55.91.1 * kernel-64kb-devel-5.14.21-150500.55.91.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * kernel-devel-5.14.21-150500.55.91.1 * kernel-source-5.14.21-150500.55.91.1 * kernel-macros-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kernel-obs-build-debugsource-5.14.21-150500.55.91.1 * kernel-syms-5.14.21-150500.55.91.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.91.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.91.1 * kernel-obs-build-5.14.21-150500.55.91.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.91.1 * kernel-default-devel-5.14.21-150500.55.91.1 * kernel-default-debugsource-5.14.21-150500.55.91.1 * gfs2-kmp-default-5.14.21-150500.55.91.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.91.1 * kernel-default-base-5.14.21-150500.55.91.1.150500.6.41.1 * kernel-default-debuginfo-5.14.21-150500.55.91.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.91.1 * dlm-kmp-default-5.14.21-150500.55.91.1 * ocfs2-kmp-default-5.14.21-150500.55.91.1 * cluster-md-kmp-default-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64) * kernel-64kb-debuginfo-5.14.21-150500.55.91.1 * kernel-64kb-debugsource-5.14.21-150500.55.91.1 * kernel-64kb-devel-5.14.21-150500.55.91.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * kernel-devel-5.14.21-150500.55.91.1 * kernel-source-5.14.21-150500.55.91.1 * kernel-macros-5.14.21-150500.55.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.91.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47202.html * https://www.suse.com/security/cve/CVE-2022-36280.html * https://www.suse.com/security/cve/CVE-2022-48742.html * https://www.suse.com/security/cve/CVE-2022-49033.html * https://www.suse.com/security/cve/CVE-2022-49035.html * https://www.suse.com/security/cve/CVE-2023-1382.html * https://www.suse.com/security/cve/CVE-2023-33951.html * https://www.suse.com/security/cve/CVE-2023-33952.html * https://www.suse.com/security/cve/CVE-2023-52920.html * https://www.suse.com/security/cve/CVE-2024-24860.html * https://www.suse.com/security/cve/CVE-2024-26886.html * https://www.suse.com/security/cve/CVE-2024-26924.html * https://www.suse.com/security/cve/CVE-2024-36915.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-44934.html * https://www.suse.com/security/cve/CVE-2024-47666.html * https://www.suse.com/security/cve/CVE-2024-47678.html * https://www.suse.com/security/cve/CVE-2024-49944.html * https://www.suse.com/security/cve/CVE-2024-49952.html * https://www.suse.com/security/cve/CVE-2024-50018.html * https://www.suse.com/security/cve/CVE-2024-50143.html * https://www.suse.com/security/cve/CVE-2024-50154.html * https://www.suse.com/security/cve/CVE-2024-50166.html * https://www.suse.com/security/cve/CVE-2024-50181.html * https://www.suse.com/security/cve/CVE-2024-50202.html * https://www.suse.com/security/cve/CVE-2024-50211.html * https://www.suse.com/security/cve/CVE-2024-50256.html * https://www.suse.com/security/cve/CVE-2024-50262.html * https://www.suse.com/security/cve/CVE-2024-50278.html * https://www.suse.com/security/cve/CVE-2024-50279.html * https://www.suse.com/security/cve/CVE-2024-50280.html * https://www.suse.com/security/cve/CVE-2024-50296.html * https://www.suse.com/security/cve/CVE-2024-53051.html * https://www.suse.com/security/cve/CVE-2024-53055.html * https://www.suse.com/security/cve/CVE-2024-53056.html * https://www.suse.com/security/cve/CVE-2024-53064.html * https://www.suse.com/security/cve/CVE-2024-53072.html * https://www.suse.com/security/cve/CVE-2024-53090.html * https://www.suse.com/security/cve/CVE-2024-53095.html * https://www.suse.com/security/cve/CVE-2024-53101.html * https://www.suse.com/security/cve/CVE-2024-53113.html * https://www.suse.com/security/cve/CVE-2024-53114.html * https://www.suse.com/security/cve/CVE-2024-53119.html * https://www.suse.com/security/cve/CVE-2024-53120.html * https://www.suse.com/security/cve/CVE-2024-53122.html * https://www.suse.com/security/cve/CVE-2024-53125.html * https://www.suse.com/security/cve/CVE-2024-53130.html * https://www.suse.com/security/cve/CVE-2024-53131.html * https://www.suse.com/security/cve/CVE-2024-53142.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53150.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://www.suse.com/security/cve/CVE-2024-53157.html * https://www.suse.com/security/cve/CVE-2024-53158.html * https://www.suse.com/security/cve/CVE-2024-53161.html * https://www.suse.com/security/cve/CVE-2024-53162.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53179.html * https://www.suse.com/security/cve/CVE-2024-53206.html * https://www.suse.com/security/cve/CVE-2024-53210.html * https://www.suse.com/security/cve/CVE-2024-53213.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-53240.html * https://www.suse.com/security/cve/CVE-2024-53241.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56549.html * https://www.suse.com/security/cve/CVE-2024-56570.html * https://www.suse.com/security/cve/CVE-2024-56571.html * https://www.suse.com/security/cve/CVE-2024-56575.html * https://www.suse.com/security/cve/CVE-2024-56598.html * https://www.suse.com/security/cve/CVE-2024-56604.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56619.html * https://www.suse.com/security/cve/CVE-2024-56755.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1170891 * https://bugzilla.suse.com/show_bug.cgi?id=1173139 * https://bugzilla.suse.com/show_bug.cgi?id=1185010 * https://bugzilla.suse.com/show_bug.cgi?id=1190358 * https://bugzilla.suse.com/show_bug.cgi?id=1190428 * https://bugzilla.suse.com/show_bug.cgi?id=1203332 * https://bugzilla.suse.com/show_bug.cgi?id=1205521 * https://bugzilla.suse.com/show_bug.cgi?id=1209288 * https://bugzilla.suse.com/show_bug.cgi?id=1209798 * https://bugzilla.suse.com/show_bug.cgi?id=1211593 * https://bugzilla.suse.com/show_bug.cgi?id=1211595 * https://bugzilla.suse.com/show_bug.cgi?id=1214635 * https://bugzilla.suse.com/show_bug.cgi?id=1215304 * https://bugzilla.suse.com/show_bug.cgi?id=1215523 * https://bugzilla.suse.com/show_bug.cgi?id=1216813 * https://bugzilla.suse.com/show_bug.cgi?id=1216909 * https://bugzilla.suse.com/show_bug.cgi?id=1219608 * https://bugzilla.suse.com/show_bug.cgi?id=1222878 * https://bugzilla.suse.com/show_bug.cgi?id=1223044 * https://bugzilla.suse.com/show_bug.cgi?id=1225758 * https://bugzilla.suse.com/show_bug.cgi?id=1225820 * https://bugzilla.suse.com/show_bug.cgi?id=1226694 * https://bugzilla.suse.com/show_bug.cgi?id=1228190 * https://bugzilla.suse.com/show_bug.cgi?id=1229809 * https://bugzilla.suse.com/show_bug.cgi?id=1230422 * https://bugzilla.suse.com/show_bug.cgi?id=1230697 * https://bugzilla.suse.com/show_bug.cgi?id=1231388 * https://bugzilla.suse.com/show_bug.cgi?id=1231453 * https://bugzilla.suse.com/show_bug.cgi?id=1231854 * https://bugzilla.suse.com/show_bug.cgi?id=1232045 * https://bugzilla.suse.com/show_bug.cgi?id=1232157 * https://bugzilla.suse.com/show_bug.cgi?id=1232166 * https://bugzilla.suse.com/show_bug.cgi?id=1232419 * https://bugzilla.suse.com/show_bug.cgi?id=1232436 * https://bugzilla.suse.com/show_bug.cgi?id=1232472 * https://bugzilla.suse.com/show_bug.cgi?id=1232823 * https://bugzilla.suse.com/show_bug.cgi?id=1233038 * https://bugzilla.suse.com/show_bug.cgi?id=1233050 * https://bugzilla.suse.com/show_bug.cgi?id=1233070 * https://bugzilla.suse.com/show_bug.cgi?id=1233096 * https://bugzilla.suse.com/show_bug.cgi?id=1233127 * https://bugzilla.suse.com/show_bug.cgi?id=1233200 * https://bugzilla.suse.com/show_bug.cgi?id=1233239 * https://bugzilla.suse.com/show_bug.cgi?id=1233324 * https://bugzilla.suse.com/show_bug.cgi?id=1233467 * https://bugzilla.suse.com/show_bug.cgi?id=1233468 * https://bugzilla.suse.com/show_bug.cgi?id=1233469 * https://bugzilla.suse.com/show_bug.cgi?id=1233485 * https://bugzilla.suse.com/show_bug.cgi?id=1233547 * https://bugzilla.suse.com/show_bug.cgi?id=1233550 * https://bugzilla.suse.com/show_bug.cgi?id=1233558 * https://bugzilla.suse.com/show_bug.cgi?id=1233564 * https://bugzilla.suse.com/show_bug.cgi?id=1233568 * https://bugzilla.suse.com/show_bug.cgi?id=1233637 * https://bugzilla.suse.com/show_bug.cgi?id=1233642 * https://bugzilla.suse.com/show_bug.cgi?id=1233701 * https://bugzilla.suse.com/show_bug.cgi?id=1233769 * https://bugzilla.suse.com/show_bug.cgi?id=1233837 * https://bugzilla.suse.com/show_bug.cgi?id=1234072 * https://bugzilla.suse.com/show_bug.cgi?id=1234073 * https://bugzilla.suse.com/show_bug.cgi?id=1234075 * https://bugzilla.suse.com/show_bug.cgi?id=1234076 * https://bugzilla.suse.com/show_bug.cgi?id=1234077 * https://bugzilla.suse.com/show_bug.cgi?id=1234087 * https://bugzilla.suse.com/show_bug.cgi?id=1234120 * https://bugzilla.suse.com/show_bug.cgi?id=1234156 * https://bugzilla.suse.com/show_bug.cgi?id=1234219 * https://bugzilla.suse.com/show_bug.cgi?id=1234220 * https://bugzilla.suse.com/show_bug.cgi?id=1234240 * https://bugzilla.suse.com/show_bug.cgi?id=1234241 * https://bugzilla.suse.com/show_bug.cgi?id=1234281 * https://bugzilla.suse.com/show_bug.cgi?id=1234282 * https://bugzilla.suse.com/show_bug.cgi?id=1234294 * https://bugzilla.suse.com/show_bug.cgi?id=1234338 * https://bugzilla.suse.com/show_bug.cgi?id=1234357 * https://bugzilla.suse.com/show_bug.cgi?id=1234437 * https://bugzilla.suse.com/show_bug.cgi?id=1234464 * https://bugzilla.suse.com/show_bug.cgi?id=1234605 * https://bugzilla.suse.com/show_bug.cgi?id=1234639 * https://bugzilla.suse.com/show_bug.cgi?id=1234650 * https://bugzilla.suse.com/show_bug.cgi?id=1234727 * https://bugzilla.suse.com/show_bug.cgi?id=1234811 * https://bugzilla.suse.com/show_bug.cgi?id=1234827 * https://bugzilla.suse.com/show_bug.cgi?id=1234834 * https://bugzilla.suse.com/show_bug.cgi?id=1234843 * https://bugzilla.suse.com/show_bug.cgi?id=1234846 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234856 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234912 * https://bugzilla.suse.com/show_bug.cgi?id=1234920 * https://bugzilla.suse.com/show_bug.cgi?id=1234921 * https://bugzilla.suse.com/show_bug.cgi?id=1234960 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1234971 * https://bugzilla.suse.com/show_bug.cgi?id=1234973 * https://bugzilla.suse.com/show_bug.cgi?id=1235004 * https://bugzilla.suse.com/show_bug.cgi?id=1235035 * https://bugzilla.suse.com/show_bug.cgi?id=1235037 * https://bugzilla.suse.com/show_bug.cgi?id=1235039 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235056 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235220 * https://bugzilla.suse.com/show_bug.cgi?id=1235224 * https://bugzilla.suse.com/show_bug.cgi?id=1235246 * https://bugzilla.suse.com/show_bug.cgi?id=1235507 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 11 16:33:39 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 11 Mar 2025 16:33:39 -0000 Subject: SUSE-SU-2025:0833-2: important: Security update for the Linux Kernel Message-ID: <174171081963.2308.1821631623121341912@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0833-2 Release Date: 2025-03-11T15:28:58Z Rating: important References: * bsc#1208995 * bsc#1220946 * bsc#1225742 * bsc#1232472 * bsc#1232919 * bsc#1233701 * bsc#1233749 * bsc#1234154 * bsc#1234650 * bsc#1234853 * bsc#1234891 * bsc#1234963 * bsc#1235054 * bsc#1235061 * bsc#1235073 * bsc#1235111 * bsc#1236133 * bsc#1236289 * bsc#1236576 * bsc#1236661 * bsc#1236677 * bsc#1236757 * bsc#1236758 * bsc#1236760 * bsc#1236761 * bsc#1236777 * bsc#1236951 * bsc#1237025 * bsc#1237028 * bsc#1237139 * bsc#1237316 * bsc#1237693 * bsc#1238033 Cross-References: * CVE-2022-49080 * CVE-2023-1192 * CVE-2023-52572 * CVE-2024-50115 * CVE-2024-53135 * CVE-2024-53173 * CVE-2024-53226 * CVE-2024-53239 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56605 * CVE-2024-57948 * CVE-2025-21647 * CVE-2025-21690 * CVE-2025-21692 * CVE-2025-21699 CVSS scores: * CVE-2022-49080 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49080 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1192 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1192 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52572 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2023-52572 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53135 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53135 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53226 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53226 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53226 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56548 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57948 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57948 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21647 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21647 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21690 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21690 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21692 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21692 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21692 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21699 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21699 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21699 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 16 vulnerabilities and has 17 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033). * CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154). * CVE-2024-53226: RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (bsc#1236576) * CVE-2024-57948: mac802154: check local interfaces before deleting sdata list (bsc#1236677). * CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133). * CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025). * CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028). * CVE-2025-21699: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (bsc#1237139). The following non-security bugs were fixed: * cpufreq/amd-pstate: Only print supported EPP values for performance governor (bsc#1236777). * iavf: fix the waiting time for initial reset (bsc#1235111). * ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1235111). * ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1235111). * ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1235111). * idpf: call set_real_num_queues in idpf_open (bsc#1236661 bsc#1237316). * ipv4/tcp: do not use per netns ctl sockets (bsc#1237693). * kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749). * net: Fix undefined behavior in netdev name allocation (bsc#1233749). * net: avoid UAF on deleted altname (bsc#1233749). * net: check for altname conflicts when changing netdev's netns (bsc#1233749). * net: core: Use the bitmap API to allocate bitmaps (bsc#1233749). * net: do not send a MOVE event when netdev changes netns (bsc#1233749). * net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749). * net: fix ifname in netlink ntf during netns move (bsc#1233749). * net: fix removing a namespace with conflicting altnames (bsc#1233749). * net: free altname using an RCU callback (bsc#1233749). * net: introduce a function to check if a netdev name is in use (bsc#1233749). * net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749). * net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761). * net: mana: Cleanup "mana" debugfs dir after cleanup of all children (bsc#1236760). * net: mana: Enable debugfs files for MANA device (bsc#1236758). * net: minor __dev_alloc_name() optimization (bsc#1233749). * net: move altnames together with the netdevice (bsc#1233749). * net: netvsc: Update default VMBus channels (bsc#1236757). * net: reduce indentation of __dev_alloc_name() (bsc#1233749). * net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749). * net: remove else after return in dev_prep_valid_name() (bsc#1233749). * net: trust the bitmap in __dev_alloc_name() (bsc#1233749). * nfsd: use explicit lock/unlock for directory ops (bsc#1234650 bsc#1233701 bsc#1232472). * rcu: Remove rcu_is_idle_cpu() (bsc#1236289). * scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes). * x86/aperfmperf: Dont wake idle CPUs in arch_freq_get_on_cpu() (bsc#1236289). * x86/aperfmperf: Integrate the fallback code from show_cpuinfo() (bsc#1236289). * x86/aperfmperf: Make parts of the frequency invariance code unconditional (bsc#1236289). * x86/aperfmperf: Put frequency invariance aperf/mperf data into a struct (bsc#1236289). * x86/aperfmperf: Replace aperfmperf_get_khz() (bsc#1236289). * x86/aperfmperf: Replace arch_freq_get_on_cpu() (bsc#1236289). * x86/aperfmperf: Restructure arch_scale_freq_tick() (bsc#1236289). * x86/aperfmperf: Separate AP/BP frequency invariance init (bsc#1236289). * x86/aperfmperf: Store aperf/mperf data for cpu frequency reads (bsc#1236289). * x86/aperfmperf: Untangle Intel and AMD frequency invariance init (bsc#1236289). * x86/aperfperf: Make it correct on 32bit and UP kernels (bsc#1236289). * x86/smp: Move APERF/MPERF code where it belongs (bsc#1236289). * x86/smp: Remove unnecessary assignment to local var freq_scale (bsc#1236289). * x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes). * x86/xen: allow larger contiguous memory regions in PV guests (bsc#1236951). * x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes). * xen/swiotlb: relax alignment requirements (bsc#1236951). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-833=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-833=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-833=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-833=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-833=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * kernel-default-base-5.14.21-150500.55.97.1.150500.6.45.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150500.55.97.1 * kernel-default-debuginfo-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-macros-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * ocfs2-kmp-default-5.14.21-150500.55.97.1 * kernel-default-debuginfo-5.14.21-150500.55.97.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-devel-5.14.21-150500.55.97.1 * kernel-syms-5.14.21-150500.55.97.1 * kernel-default-debugsource-5.14.21-150500.55.97.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.97.1 * dlm-kmp-default-5.14.21-150500.55.97.1 * kernel-obs-build-debugsource-5.14.21-150500.55.97.1 * kernel-default-base-5.14.21-150500.55.97.1.150500.6.45.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.97.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-obs-build-5.14.21-150500.55.97.1 * cluster-md-kmp-default-5.14.21-150500.55.97.1 * gfs2-kmp-default-5.14.21-150500.55.97.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64) * kernel-64kb-debugsource-5.14.21-150500.55.97.1 * kernel-64kb-devel-5.14.21-150500.55.97.1 * kernel-64kb-debuginfo-5.14.21-150500.55.97.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * kernel-macros-5.14.21-150500.55.97.1 * kernel-devel-5.14.21-150500.55.97.1 * kernel-source-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * ocfs2-kmp-default-5.14.21-150500.55.97.1 * kernel-default-debuginfo-5.14.21-150500.55.97.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-devel-5.14.21-150500.55.97.1 * kernel-syms-5.14.21-150500.55.97.1 * kernel-default-debugsource-5.14.21-150500.55.97.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.97.1 * dlm-kmp-default-5.14.21-150500.55.97.1 * kernel-obs-build-debugsource-5.14.21-150500.55.97.1 * kernel-default-base-5.14.21-150500.55.97.1.150500.6.45.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.97.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-obs-build-5.14.21-150500.55.97.1 * cluster-md-kmp-default-5.14.21-150500.55.97.1 * gfs2-kmp-default-5.14.21-150500.55.97.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64) * kernel-64kb-debugsource-5.14.21-150500.55.97.1 * kernel-64kb-devel-5.14.21-150500.55.97.1 * kernel-64kb-debuginfo-5.14.21-150500.55.97.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * kernel-macros-5.14.21-150500.55.97.1 * kernel-devel-5.14.21-150500.55.97.1 * kernel-source-5.14.21-150500.55.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * ocfs2-kmp-default-5.14.21-150500.55.97.1 * kernel-default-debuginfo-5.14.21-150500.55.97.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-devel-5.14.21-150500.55.97.1 * kernel-syms-5.14.21-150500.55.97.1 * kernel-default-debugsource-5.14.21-150500.55.97.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.97.1 * dlm-kmp-default-5.14.21-150500.55.97.1 * kernel-obs-build-debugsource-5.14.21-150500.55.97.1 * reiserfs-kmp-default-5.14.21-150500.55.97.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.97.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-obs-build-5.14.21-150500.55.97.1 * cluster-md-kmp-default-5.14.21-150500.55.97.1 * gfs2-kmp-default-5.14.21-150500.55.97.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64) * kernel-64kb-debugsource-5.14.21-150500.55.97.1 * kernel-64kb-devel-5.14.21-150500.55.97.1 * kernel-64kb-debuginfo-5.14.21-150500.55.97.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.97.1.150500.6.45.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * kernel-macros-5.14.21-150500.55.97.1 * kernel-devel-5.14.21-150500.55.97.1 * kernel-source-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch nosrc) * kernel-docs-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150500.55.97.1 * kernel-zfcpdump-debugsource-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * ocfs2-kmp-default-5.14.21-150500.55.97.1 * kernel-default-debuginfo-5.14.21-150500.55.97.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-default-devel-5.14.21-150500.55.97.1 * kernel-syms-5.14.21-150500.55.97.1 * kernel-default-debugsource-5.14.21-150500.55.97.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.97.1 * dlm-kmp-default-5.14.21-150500.55.97.1 * kernel-obs-build-debugsource-5.14.21-150500.55.97.1 * kernel-default-base-5.14.21-150500.55.97.1.150500.6.45.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.97.1 * reiserfs-kmp-default-5.14.21-150500.55.97.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.97.1 * kernel-obs-build-5.14.21-150500.55.97.1 * cluster-md-kmp-default-5.14.21-150500.55.97.1 * gfs2-kmp-default-5.14.21-150500.55.97.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * kernel-macros-5.14.21-150500.55.97.1 * kernel-devel-5.14.21-150500.55.97.1 * kernel-source-5.14.21-150500.55.97.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.97.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49080.html * https://www.suse.com/security/cve/CVE-2023-1192.html * https://www.suse.com/security/cve/CVE-2023-52572.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53135.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53226.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-57948.html * https://www.suse.com/security/cve/CVE-2025-21647.html * https://www.suse.com/security/cve/CVE-2025-21690.html * https://www.suse.com/security/cve/CVE-2025-21692.html * https://www.suse.com/security/cve/CVE-2025-21699.html * https://bugzilla.suse.com/show_bug.cgi?id=1208995 * https://bugzilla.suse.com/show_bug.cgi?id=1220946 * https://bugzilla.suse.com/show_bug.cgi?id=1225742 * https://bugzilla.suse.com/show_bug.cgi?id=1232472 * https://bugzilla.suse.com/show_bug.cgi?id=1232919 * https://bugzilla.suse.com/show_bug.cgi?id=1233701 * https://bugzilla.suse.com/show_bug.cgi?id=1233749 * https://bugzilla.suse.com/show_bug.cgi?id=1234154 * https://bugzilla.suse.com/show_bug.cgi?id=1234650 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235111 * https://bugzilla.suse.com/show_bug.cgi?id=1236133 * https://bugzilla.suse.com/show_bug.cgi?id=1236289 * https://bugzilla.suse.com/show_bug.cgi?id=1236576 * https://bugzilla.suse.com/show_bug.cgi?id=1236661 * https://bugzilla.suse.com/show_bug.cgi?id=1236677 * https://bugzilla.suse.com/show_bug.cgi?id=1236757 * https://bugzilla.suse.com/show_bug.cgi?id=1236758 * https://bugzilla.suse.com/show_bug.cgi?id=1236760 * https://bugzilla.suse.com/show_bug.cgi?id=1236761 * https://bugzilla.suse.com/show_bug.cgi?id=1236777 * https://bugzilla.suse.com/show_bug.cgi?id=1236951 * https://bugzilla.suse.com/show_bug.cgi?id=1237025 * https://bugzilla.suse.com/show_bug.cgi?id=1237028 * https://bugzilla.suse.com/show_bug.cgi?id=1237139 * https://bugzilla.suse.com/show_bug.cgi?id=1237316 * https://bugzilla.suse.com/show_bug.cgi?id=1237693 * https://bugzilla.suse.com/show_bug.cgi?id=1238033 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 12 12:30:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 12 Mar 2025 12:30:04 -0000 Subject: SUSE-SU-2025:0845-1: moderate: Security update for iniparser Message-ID: <174178260478.20655.8589997816303753822@smelt2.prg2.suse.org> # Security update for iniparser Announcement ID: SUSE-SU-2025:0845-1 Release Date: 2025-03-12T09:33:00Z Rating: moderate References: * bsc#1237377 Cross-References: * CVE-2025-0633 CVSS scores: * CVE-2025-0633 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-0633 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2025-0633 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for iniparser fixes the following issues: * CVE-2025-0633: string copy into buffer without previous size validation leads to heap buffer overflow in iniparser_dumpsection_ini() of iniparser (bsc#1237377). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-845=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libiniparser0-debuginfo-32bit-3.1.0.git20140619_c5beb80a-3.6.1 * libiniparser0-3.1.0.git20140619_c5beb80a-3.6.1 * iniparser-debugsource-3.1.0.git20140619_c5beb80a-3.6.1 * libiniparser0-32bit-3.1.0.git20140619_c5beb80a-3.6.1 * libiniparser-devel-3.1.0.git20140619_c5beb80a-3.6.1 * libiniparser0-debuginfo-3.1.0.git20140619_c5beb80a-3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0633.html * https://bugzilla.suse.com/show_bug.cgi?id=1237377 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 12 16:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 12 Mar 2025 16:30:07 -0000 Subject: SUSE-SU-2025:0849-1: important: Security update for MozillaThunderbird Message-ID: <174179700710.2052.15790656031550113152@smelt2.prg2.suse.org> # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2025:0849-1 Release Date: 2025-03-12T15:12:49Z Rating: important References: * bsc#1237683 Cross-References: * CVE-2024-43097 * CVE-2025-1930 * CVE-2025-1931 * CVE-2025-1932 * CVE-2025-1933 * CVE-2025-1934 * CVE-2025-1935 * CVE-2025-1936 * CVE-2025-1937 * CVE-2025-1938 * CVE-2025-26695 * CVE-2025-26696 CVSS scores: * CVE-2024-43097 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43097 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-43097 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-1930 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1930 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H * CVE-2025-1930 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1931 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1931 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2025-1932 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1932 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H * CVE-2025-1932 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-1933 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-1933 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2025-1933 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2025-1934 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-1934 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-1934 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-1935 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-1935 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2025-1935 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-1936 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-1936 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2025-1937 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-1937 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1938 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-1938 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1938 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-26695 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-26695 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-26696 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-26696 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-26696 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves 12 vulnerabilities can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues: Updated to Mozilla Thunderbird 128.8 MFSA 2025-18 (bsc#1237683): * CVE-2024-43097: Overflow when growing an SkRegion's RunArray * CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process * CVE-2025-1931: Use-after-free in WebTransportChild * CVE-2025-1932: Inconsistent comparator in XSLT sorting led to out-of-bounds access * CVE-2025-1933: JIT corruption of WASM i32 return values on 64-bit CPUs * CVE-2025-1934: Unexpected GC during RegExp bailout processing * CVE-2025-1935: Clickjacking the registerProtocolHandler info-bar * CVE-2025-1936: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents * CVE-2025-1937: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8 * CVE-2025-1938: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8 * CVE-2025-26695: Downloading of OpenPGP keys from WKD used incorrect padding * CVE-2025-26696: Crafted email message incorrectly shown as being encrypted Other fixes: * Opening an .EML file in profiles with many folders could take a long time. * Users with many folders experienced poor performance when resizing message panes. *"Replace" button in compose window was overwritten when the window was narrow. * Export to mobile did not work when "Use default server" was selected. * "Save Link As" was not working in feed web content. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-849=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-849=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-849=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaThunderbird-debugsource-128.8.0-150200.8.203.1 * MozillaThunderbird-translations-common-128.8.0-150200.8.203.1 * MozillaThunderbird-translations-other-128.8.0-150200.8.203.1 * MozillaThunderbird-debuginfo-128.8.0-150200.8.203.1 * MozillaThunderbird-128.8.0-150200.8.203.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x) * MozillaThunderbird-debugsource-128.8.0-150200.8.203.1 * MozillaThunderbird-translations-common-128.8.0-150200.8.203.1 * MozillaThunderbird-translations-other-128.8.0-150200.8.203.1 * MozillaThunderbird-debuginfo-128.8.0-150200.8.203.1 * MozillaThunderbird-128.8.0-150200.8.203.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * MozillaThunderbird-debugsource-128.8.0-150200.8.203.1 * MozillaThunderbird-translations-common-128.8.0-150200.8.203.1 * MozillaThunderbird-translations-other-128.8.0-150200.8.203.1 * MozillaThunderbird-debuginfo-128.8.0-150200.8.203.1 * MozillaThunderbird-128.8.0-150200.8.203.1 ## References: * https://www.suse.com/security/cve/CVE-2024-43097.html * https://www.suse.com/security/cve/CVE-2025-1930.html * https://www.suse.com/security/cve/CVE-2025-1931.html * https://www.suse.com/security/cve/CVE-2025-1932.html * https://www.suse.com/security/cve/CVE-2025-1933.html * https://www.suse.com/security/cve/CVE-2025-1934.html * https://www.suse.com/security/cve/CVE-2025-1935.html * https://www.suse.com/security/cve/CVE-2025-1936.html * https://www.suse.com/security/cve/CVE-2025-1937.html * https://www.suse.com/security/cve/CVE-2025-1938.html * https://www.suse.com/security/cve/CVE-2025-26695.html * https://www.suse.com/security/cve/CVE-2025-26696.html * https://bugzilla.suse.com/show_bug.cgi?id=1237683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 12 16:35:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 12 Mar 2025 16:35:11 -0000 Subject: SUSE-SU-2025:0847-1: important: Security update for the Linux Kernel Message-ID: <174179731160.2010.17708364537204524788@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0847-1 Release Date: Rating: important References: * bsc#1012628 * bsc#1215199 * bsc#1219367 * bsc#1222672 * bsc#1222803 * bsc#1225606 * bsc#1225742 * bsc#1225981 * bsc#1227937 * bsc#1228521 * bsc#1230235 * bsc#1230438 * bsc#1230439 * bsc#1230497 * bsc#1231088 * bsc#1231432 * bsc#1231912 * bsc#1231920 * bsc#1231949 * bsc#1232159 * bsc#1232198 * bsc#1232201 * bsc#1232299 * bsc#1232508 * bsc#1232520 * bsc#1232919 * bsc#1233028 * bsc#1233109 * bsc#1233483 * bsc#1233749 * bsc#1234070 * bsc#1234853 * bsc#1234857 * bsc#1234891 * bsc#1234894 * bsc#1234895 * bsc#1234896 * bsc#1234963 * bsc#1235032 * bsc#1235054 * bsc#1235061 * bsc#1235073 * bsc#1235244 * bsc#1235435 * bsc#1235441 * bsc#1235485 * bsc#1235592 * bsc#1235599 * bsc#1235609 * bsc#1235914 * bsc#1235932 * bsc#1235933 * bsc#1236113 * bsc#1236114 * bsc#1236115 * bsc#1236122 * bsc#1236123 * bsc#1236133 * bsc#1236138 * bsc#1236199 * bsc#1236200 * bsc#1236203 * bsc#1236205 * bsc#1236573 * bsc#1236575 * bsc#1236576 * bsc#1236591 * bsc#1236661 * bsc#1236677 * bsc#1236680 * bsc#1236681 * bsc#1236682 * bsc#1236683 * bsc#1236684 * bsc#1236685 * bsc#1236689 * bsc#1236694 * bsc#1236700 * bsc#1236702 * bsc#1236752 * bsc#1236759 * bsc#1236761 * bsc#1236821 * bsc#1236822 * bsc#1236896 * bsc#1236897 * bsc#1236952 * bsc#1236967 * bsc#1236994 * bsc#1237007 * bsc#1237017 * bsc#1237025 * bsc#1237028 * bsc#1237045 * bsc#1237126 * bsc#1237132 * bsc#1237139 * bsc#1237155 * bsc#1237158 * bsc#1237159 * bsc#1237232 * bsc#1237234 * bsc#1237325 * bsc#1237356 * bsc#1237415 * bsc#1237452 * bsc#1237504 * bsc#1237521 * bsc#1237558 * bsc#1237562 * bsc#1237563 * bsc#1237848 * bsc#1237849 * bsc#1237879 * bsc#1237889 * bsc#1237891 * bsc#1237901 * bsc#1237950 * bsc#1238214 * bsc#1238303 * bsc#1238347 * bsc#1238368 * bsc#1238494 * bsc#1238496 * bsc#1238509 * bsc#1238521 * bsc#1238525 * bsc#1238570 * bsc#1238739 * bsc#1238751 * bsc#1238753 * bsc#1238759 * bsc#1238860 * bsc#1238863 * bsc#1238877 * jsc#PED-10028 * jsc#PED-11253 * jsc#PED-12094 * jsc#PED-348 Cross-References: * CVE-2023-52924 * CVE-2023-52925 * CVE-2024-26708 * CVE-2024-26810 * CVE-2024-40980 * CVE-2024-41055 * CVE-2024-44974 * CVE-2024-45009 * CVE-2024-45010 * CVE-2024-46858 * CVE-2024-47701 * CVE-2024-49884 * CVE-2024-49950 * CVE-2024-50029 * CVE-2024-50036 * CVE-2024-50073 * CVE-2024-50085 * CVE-2024-50115 * CVE-2024-50142 * CVE-2024-50185 * CVE-2024-50294 * CVE-2024-53123 * CVE-2024-53147 * CVE-2024-53173 * CVE-2024-53176 * CVE-2024-53177 * CVE-2024-53178 * CVE-2024-53226 * CVE-2024-53239 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56568 * CVE-2024-56579 * CVE-2024-56592 * CVE-2024-56605 * CVE-2024-56633 * CVE-2024-56647 * CVE-2024-56658 * CVE-2024-56720 * CVE-2024-57882 * CVE-2024-57889 * CVE-2024-57948 * CVE-2024-57979 * CVE-2024-57994 * CVE-2025-21636 * CVE-2025-21637 * CVE-2025-21638 * CVE-2025-21639 * CVE-2025-21640 * CVE-2025-21647 * CVE-2025-21665 * CVE-2025-21666 * CVE-2025-21667 * CVE-2025-21668 * CVE-2025-21669 * CVE-2025-21670 * CVE-2025-21673 * CVE-2025-21675 * CVE-2025-21680 * CVE-2025-21681 * CVE-2025-21684 * CVE-2025-21687 * CVE-2025-21688 * CVE-2025-21689 * CVE-2025-21690 * CVE-2025-21692 * CVE-2025-21697 * CVE-2025-21699 * CVE-2025-21700 * CVE-2025-21705 * CVE-2025-21715 * CVE-2025-21716 * CVE-2025-21719 * CVE-2025-21724 * CVE-2025-21725 * CVE-2025-21728 * CVE-2025-21733 * CVE-2025-21754 * CVE-2025-21767 * CVE-2025-21790 * CVE-2025-21795 * CVE-2025-21799 * CVE-2025-21802 CVSS scores: * CVE-2023-52924 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-52924 ( SUSE ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52925 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52925 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52925 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26708 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26708 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26810 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26810 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40980 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40980 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41055 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41055 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44974 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2024-44974 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-44974 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45009 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-45009 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45010 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-45010 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46858 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46858 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47701 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47701 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-47701 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49950 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50029 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50029 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50036 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50036 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50073 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50073 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-50073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50085 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50085 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50142 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50142 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50142 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50294 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53123 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53147 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53147 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53176 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53176 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53177 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53178 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53178 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53226 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53226 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53226 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56548 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56568 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56568 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56568 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56579 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56579 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56579 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56592 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56592 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56633 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56633 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56647 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56647 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56647 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56658 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56658 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56720 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56720 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57882 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57882 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-57882 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57889 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57948 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57948 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57979 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57979 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57994 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21636 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21636 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21637 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21637 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21638 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21638 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21638 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21639 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21639 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21640 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21640 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21640 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21647 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21647 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21665 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21665 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21665 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21666 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21666 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21666 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21667 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21667 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21668 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-21668 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-21669 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21669 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21669 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21670 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21670 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21673 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21673 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-21673 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21675 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21675 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21680 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21680 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21680 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21681 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2025-21681 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2025-21681 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21684 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21684 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21687 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21687 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21687 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21688 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21689 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21689 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21690 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21690 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21692 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21692 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21692 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21697 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-21697 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21699 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21699 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21699 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21700 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21700 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21705 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21715 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21715 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21716 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21716 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21719 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21724 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21725 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21790 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21795 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21799 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21802 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 83 vulnerabilities, contains four features and has 52 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-26708: mptcp: fix inconsistent state on fastopen race (bsc#1222672). * CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock (bsc#1227937). * CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235). * CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438). * CVE-2024-45010: mptcp: pm: only mark 'subflow' endp as available (bsc#1230439). * CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088). * CVE-2024-50029: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync (bsc#1231949). * CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912). * CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508). * CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028). * CVE-2024-50185: kABI fix for mptcp: handle consistently DSS corruption (bsc#1233109). * CVE-2024-50294: rxrpc: Fix missing locking causing hanging calls (bsc#1233483). * CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070). * CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857). * CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894). * CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896). * CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895). * CVE-2024-56568: iommu/arm-smmu: Defer probe of clients after smmu device bound (bsc#1235032). * CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket() (bsc#1235244). * CVE-2024-56633: selftests/bpf: Add apply_bytes test to test_txmsg_redir_wait_sndmem in test_sockmap (bsc#1235485). * CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435). * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441). * CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592). * CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914). * CVE-2024-57994: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() (bsc#1237901). * CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (bsc#1236113). * CVE-2025-21637: sctp: sysctl: udp_port: avoid using current->nsproxy (bsc#1236114). * CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy (bsc#1236115). * CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy (bsc#1236122). * CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (bsc#1236123). * CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133). * CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits (bsc#1236684). * CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (bsc#1236680). * CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits (bsc#1236681). * CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition (bsc#1236682). * CVE-2025-21669: vsock/virtio: discard packets if the transport changes (bsc#1236683). * CVE-2025-21670: vsock/bpf: return early if transport is not assigned (bsc#1236685). * CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689). * CVE-2025-21675: net/mlx5: Clear port select structure when fail to create (bsc#1236694). * CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700). * CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1236702). * CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045). * CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028). * CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159). * CVE-2025-21728: bpf: Send signals asynchronously if !preemptible (bsc#1237879). * CVE-2024-57979: kABI workaround for pps changes (bsc#1238521). * CVE-2025-21705: mptcp: handle fastopen disconnect correctly (bsc#1238525). * CVE-2025-21715: net: davicom: fix UAF in dm9000_drv_remove (bsc#1237889). * CVE-2025-21716: vxlan: Fix uninit-value in vxlan_vnifilter_dump() (bsc#1237891). * CVE-2025-21719: ipmr: do not call mr_mfc_uses_dev() for unres entries (bsc#1238860). * CVE-2025-21724: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() (bsc#1238863). * CVE-2025-21725: smb: client: fix oops due to unset link speed (bsc#1238877). * CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494). * CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496). * CVE-2025-21767: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (bsc#1238509). * CVE-2025-21790: vxlan: check vxlan_vnigroup_init() return value (bsc#1238753). * CVE-2025-21795: NFSD: fix hang in nfsd4_shutdown_callback (bsc#1238759). * CVE-2025-21799: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (bsc#1238739). * CVE-2025-21802: net: hns3: fix oops when unload drivers paralleling (bsc#1238751). The following non-security bugs were fixed: * ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes). * ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read() (git-fixes). * ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10 tablet 5V (stable-fixes). * ALSA: hda/cirrus: Correct the full scale volume set logic (git-fixes). * ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (stable-fixes). * ALSA: hda/realtek: Fix microphone regression on ASUS N705UD (git-fixes). * ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15 (git-fixes). * ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes). * ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (git-fixes). * ALSA: seq: Drop UMP events when no UMP-conversion is set (git-fixes). * ALSA: seq: Make dependency on UMP clearer (git-fixes). * ALSA: seq: remove redundant 'tristate' for SND_SEQ_UMP_CLIENT (stable- fixes). * ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (git- fixes). * ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (stable- fixes). * APEI: GHES: Have GHES honor the panic= setting (stable-fixes). * ASoC: Intel: avs: Abstract IPC handling (stable-fixes). * ASoC: Intel: avs: Do not readq() u32 registers (git-fixes). * ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes). * ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (stable-fixes). * ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (git-fixes). * ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (git- fixes). * ASoC: amd: Add ACPI dependency to fix build error (stable-fixes). * ASoC: es8328: fix route from DAC to output (git-fixes). * ASoC: fsl_micfil: Enable default case in micfil_set_quality() (git-fixes). * ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] (git- fixes). * Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes). * Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (stable-fixes). * Fix memory-hotplug regression (bsc#1237504). * Grab mm lock before grabbing pt lock (git-fixes). * HID: Wacom: Add PCI Wacom device support (stable-fixes). * HID: hid-steam: Add Deck IMU support (stable-fixes). * HID: hid-steam: Add gamepad-only mode switched to by holding options (stable-fixes). * HID: hid-steam: Avoid overwriting smoothing parameter (stable-fixes). * HID: hid-steam: Clean up locking (stable-fixes). * HID: hid-steam: Disable watchdog instead of using a heartbeat (stable- fixes). * HID: hid-steam: Do not use cancel_delayed_work_sync in IRQ context (git- fixes). * HID: hid-steam: Fix cleanup in probe() (git-fixes). * HID: hid-steam: Make sure rumble work is canceled on removal (stable-fixes). * HID: hid-steam: Move hidraw input (un)registering to work (git-fixes). * HID: hid-steam: Update list of identifiers from SDL (stable-fixes). * HID: hid-steam: remove pointless error message (stable-fixes). * HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() (git-fixes). * HID: multitouch: Add NULL check in mt_input_configured (git-fixes). * IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes) * Input: allocate keycode for phone linking (stable-fixes). * KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable bit is cleared (git-fixes). * KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes). * KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes). * KVM: arm64: Do not eagerly teardown the vgic on init error (git-fixes). * KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (git- fixes). * KVM: arm64: Fix alignment of kvm_hyp_memcache allocations (git-fixes). * KVM: arm64: Flush hyp bss section after initialization of variables in bss (git-fixes). * KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes) * KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (git-fixes). * KVM: nSVM: Enter guest mode before initializing nested NPT MMU (git-fixes). * KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes). * KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (git-fixes bsc#1237155). * KVM: x86/mmu: Skip the "try unsync" path iff the old SPTE was a leaf SPTE (git-fixes). * KVM: x86: AMD's IBPB is not equivalent to Intel's IBPB (git-fixes). * KVM: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX (git-fixes). * KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes). * KVM: x86: Avoid double RDPKRU when loading host/guest PKRU (git-fixes). * KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init (git- fixes). * KVM: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit() (git- fixes). * KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (git-fixes). * KVM: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348). * KVM: x86: Zero out PV features cache when the CPUID leaf is not present (git-fixes). * PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (stable-fixes). * PCI: Use downstream bridges for distributing resources (bsc#1237325). * PCI: hookup irq_get_affinity callback (bsc#1236896). * PCI: imx6: Simplify clock handling by using clk_bulk*() function (git- fixes). * PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes). * RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes) * RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes) * RDMA/efa: Reset device on probe failure (git-fixes) * RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes) * RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes). * RDMA/mlx5: Fix AH static rate parsing (git-fixes) * RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes) * RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git- fixes) * RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes) * RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes) * RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes) * RDMA/rxe: Improve newline in printing messages (git-fixes) * Revert "blk-throttle: Fix IO hang for a corner case" (git-fixes). * Revert "drm/amd/display: Use HW lock mgr for PSR1" (stable-fixes). * USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (stable- fixes). * USB: Fix the issue of task recovery failure caused by USB status when S4 wakes up (git-fixes). * USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (git-fixes). * USB: gadget: f_midi: f_midi_complete to call queue_work (git-fixes). * USB: hub: Ignore non-compliant devices with too many configs or interfaces (stable-fixes). * USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (stable-fixes). * USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (stable-fixes). * USB: serial: option: add MeiG Smart SLM828 (stable-fixes). * USB: serial: option: add Telit Cinterion FN990B compositions (stable-fixes). * USB: serial: option: drop MeiG Smart defines (stable-fixes). * USB: serial: option: fix Telit Cinterion FN990A name (stable-fixes). * Update "drm/mgag200: Added support for the new device G200eH5" (jsc#PED-12094). * Use gcc-13 for build on SLE16 (jsc#PED-10028). * acct: block access to kernel internal filesystems (git-fixes). * acct: perform last write from workqueue (git-fixes). * add nf_tables for iptables non-legacy network handling This is needed for example by docker on the Alpine Linux distribution, but can also be used on openSUSE. * af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (bsc#1237849). * amdgpu/pm/legacy: fix suspend/resume issues (git-fixes). * arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes) * arm64: Handle .ARM.attributes section in linker scripts (git-fixes) * arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes) * ata: libata-sff: Ensure that we cannot write outside the allocated buffer (stable-fixes). * batman-adv: Drop unmanaged ELP metric worker (git-fixes). * batman-adv: Ignore neighbor throughput metrics in error case (stable-fixes). * batman-adv: fix panic during interface removal (git-fixes). * bio-integrity: do not restrict the size of integrity metadata (git-fixes). * blk-cgroup: Fix class @block_class's subsystem refcount leakage (bsc#1237558). * blk-cgroup: Properly propagate the iostat update up the hierarchy (bsc#1225606). * blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (git- fixes). * blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex less long (git- fixes). * blk-mq: add number of queue calc helper (bsc#1236897). * blk-mq: create correct map for fallback case (bsc#1236896). * blk-mq: do not count completed flush data request as inflight in case of quiesce (git-fixes). * blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896). * blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1236897). * blk-mq: move cpuhp callback registering out of q->sysfs_lock (git-fixes). * blk-mq: register cpuhp callback after hctx is added to xarray table (git- fixes). * blk-mq: use hk cpus only when isolcpus=managed_irq is enabled (bsc#1236897). * blk_iocost: remove some duplicate irq disable/enables (git-fixes). * block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (git-fixes). * block: Clear zone limits for a non-zoned stacked queue (git-fixes). * block: Fix elevator_get_default() checking for NULL q->tag_set (git-fixes). * block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes). * block: Fix page refcounts for unaligned buffers in __bio_release_pages() (git-fixes). * block: Provide bdev_open_* functions (git-fixes). * block: Remove special-casing of compound pages (git-fixes). * block: Set memalloc_noio to false on device_add_disk() error path (git- fixes). * block: add a disk_has_partscan helper (git-fixes). * block: add a partscan sysfs attribute for disks (git-fixes). * block: add check of 'minors' and 'first_minor' in device_add_disk() (git- fixes). * block: avoid to reuse `hctx` not removed from cpuhp callback list (git- fixes). * block: change rq_integrity_vec to respect the iterator (git-fixes). * block: copy back bounce buffer to user-space correctly in case of split (git-fixes). * block: ensure we hold a queue reference when using queue limits (git-fixes). * block: fix and simplify blkdevparts= cmdline parsing (git-fixes). * block: fix bio_split_rw_at to take zone_write_granularity into account (git- fixes). * block: fix integer overflow in BLKSECDISCARD (git-fixes). * block: fix missing dispatching request when queue is started or unquiesced (git-fixes). * block: fix ordering between checking BLK_MQ_S_STOPPED request adding (git- fixes). * block: fix ordering between checking QUEUE_FLAG_QUIESCED request adding (git-fixes). * block: fix sanity checks in blk_rq_map_user_bvec (git-fixes). * block: propagate partition scanning errors to the BLKRRPART ioctl (git- fixes). * block: remove the blk_flush_integrity call in blk_integrity_unregister (git- fixes). * block: retry call probe after request_module in blk_request_module (git- fixes). * block: return unsigned int from bdev_io_min (git-fixes). * block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() (git-fixes). * block: support to account io_ticks precisely (git-fixes). * block: use the right type for stub rq_integrity_vec() (git-fixes). * bnxt_en: Fix possible memory leak when hwrm_req_replace fails (git-fixes). * bnxt_en: Refactor bnxt_ptp_init() (git-fixes). * bnxt_en: Unregister PTP during PCI shutdown and suspend (git-fixes). * btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1237232). * btrfs: fix extent map merging not happening for adjacent extents (bsc#1237232). * can: c_can: fix unbalanced runtime PM disable in error path (git-fixes). * can: ctucanfd: handle skb allocation failure (git-fixes). * can: etas_es58x: fix potential NULL pointer dereference on udev->serial (git-fixes). * can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (git-fixes). * chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes). * cifs: Fix parsing reparse point with native symlink in SMB1 non-UNICODE session (git-fixes). * cifs: Remove intermediate object of failed create reparse call (git-fixes). * cifs: commands that are retried should have replay flag set (bsc#1231432). * cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (bsc#1231432). * cifs: helper function to check replayable error codes (bsc#1231432). * cifs: new mount option called retrans (bsc#1231432). * cifs: open_cached_dir should not rely on primary channel (bsc#1231432). * cifs: open_cached_dir(): add FILE_READ_EA to desired access (git-fixes). * cifs: update desired access while requesting for directory lease (git- fixes). * cifs: update the same create_guid on replay (git-fixes). * clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe (git- fixes). * clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes). * clk: mediatek: mt2701-img: add missing dummy clk (git-fixes). * clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes). * clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe (git- fixes). * clk: qcom: clk-alpha-pll: fix alpha mode configuration (git-fixes). * clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (git-fixes). * clk: qcom: dispcc-sm6350: Add missing parent_map for a clock (git-fixes). * clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (git-fixes). * clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (git-fixes). * clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() (git-fixes). * clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes). * cpu/hotplug: Do not offline the last non-isolated CPU (bsc#1237562). * cpu/hotplug: Prevent self deadlock on CPU hot-unplug (bsc#1237562). * cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes). * cpufreq: imx6q: do not warn for disabling a non-existing frequency (git- fixes). * cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes). * cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes). * cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes). * cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes). * cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes). * cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes). * cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes). * cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes). * cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes). * cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is not available (git-fixes). * cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks (git-fixes). * cpufreq: s3c64xx: Fix compilation warning (stable-fixes). * crypto: hisilicon/sec2 - fix for aead icv error (git-fixes). * crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes). * crypto: hisilicon/sec2 - optimize the error return process (stable-fixes). * cxgb4: Avoid removal of uninserted tid (git-fixes). * cxgb4: use port number to set mac addr (git-fixes). * devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1237234). * dlm: fix srcu_read_lock() return type to int (git-fixes). * doc/README.SUSE: Point to the updated version of LKMPG * doc: update managed_irq documentation (bsc#1236897). * driver core: bus: add irq_get_affinity callback to bus_type (bsc#1236896). * drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor (stable-fixes). * drm/amd/pm: Mark MM activity as unsupported (stable-fixes). * drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (stable- fixes). * drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() (git-fixes). * drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes). * drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759). * drm/amdkfd: only flush the validate MES contex (stable-fixes). * drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT (stable- fixes). * drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes). * drm/bridge: it6505: fix HDCP CTS KSV list wait timer (stable-fixes). * drm/bridge: it6505: fix HDCP CTS compare V matching (stable-fixes). * drm/bridge: it6505: fix HDCP encryption when R0 ready (stable-fixes). * drm/i915/dp: Fix error handling during 128b/132b link training (stable- fixes). * drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes). * drm/i915/guc: Debug print LRC state entries only if the context is pinned (git-fixes). * drm/i915/pmu: Fix zero delta busyness issue (git-fixes). * drm/i915/selftests: avoid using uninitialized context (git-fixes). * drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (stable-fixes). * drm/i915: Fix page cleanup on DMA remap failure (git-fixes). * drm/i915: Make sure all planes in use by the joiner have their crtc included (stable-fixes). * drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes). * drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094) * drm/modeset: Handle tiled displays in pan_display_atomic (stable-fixes). * drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes). * drm/msm/dpu: Do not leak bits_per_component into random DSC_ENC fields (git- fixes). * drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER (stable-fixes). * drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (git-fixes). * drm/msm: Avoid rounding up to one jiffy (git-fixes). * drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes). * drm/rockchip: move output interface related definition to rockchip_drm_drv.h (stable-fixes). * drm/rockchip: vop2: Fix the windows switch between different layers (git- fixes). * drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes). * drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes). * drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable- fixes). * drm/virtio: New fence for every plane update (stable-fixes). * efi: Avoid cold plugged memory for placing the kernel (stable-fixes). * efi: libstub: Use '-std=gnu11' to fix build with GCC 15 (stable-fixes). * eth: gve: use appropriate helper to set xdp_features (git-fixes). * exfat: convert to ctime accessor functions (git-fixes). * exfat: fix file being changed by unaligned direct write (git-fixes). * exfat: fix zero the unwritten part for dio read (git-fixes). * fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes). * firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes). * futex: Do not include process MM in futex key on no-MMU (git-fixes). * gpio: bcm-kona: Add missing newline to dev_err format string (git-fixes). * gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (git-fixes). * gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (git- fixes). * gpio: pca953x: Improve interrupt support (git-fixes). * gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (git-fixes). * gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes). * gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes). * gup: make the stack expansion warning a bit more targeted (bsc#1238214). * hfs: Sanity check the root record (git-fixes). * i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (stable-fixes). * i2c: ls2x: Fix frequency division register access (git-fixes). * i2c: npcm: disable interrupt enable bit before devm_request_irq (git-fixes). * iavf: allow changing VLAN state without calling PF (git-fixes). * ice: Skip PTP HW writes during PTP reset procedure (git-fixes). * ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1237415). * ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1237415). * ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset (git- fixes). * ice: fix incorrect PHY settings for 100 GB/s (git-fixes). * ice: fix max values for dpll pin phase adjust (git-fixes). * ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1237415). * ice: gather page_count()'s of each frag right before XDP prog call (git- fixes). * ice: put Rx buffers after being done with current frame (git-fixes). * ice: stop storing XDP verdict within ice_rx_buf (git-fixes). * ice: use internal pf id instead of function number (git-fixes). * idpf: add read memory barrier when checking descriptor done bit (git-fixes). * idpf: call set_real_num_queues in idpf_open (bsc#1236661). * idpf: convert workqueues to unbound (git-fixes). * idpf: fix VF dynamic interrupt ctl register initialization (git-fixes). * idpf: fix handling rsc packet with a single segment (git-fixes). * igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes). * igc: Set buffer type for empty frames in igc_init_empty_frame (git-fixes). * igc: return early when failing to read EECD register (git-fixes). * iommu/arm-smmu-v3: Clean up more on probe failure (stable-fixes). * kabi: fix bus type (bsc#1236896). * kabi: fix group_cpus_evenly (bsc#1236897). * kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749). * kasan: do not call find_vm_area() in a PREEMPT_RT kernel (git-fixes). * kbuild: userprogs: fix bitsize and target detection on clang (git-fixes). * kernel-source: Also replace bin/env * lib/group_cpus: honor housekeeping config when grouping CPUs (bsc#1236897). * lib/group_cpus: let group_cpu_evenly return number initialized masks (bsc#1236897). * lib/iov_iter: fix import_iovec_ubuf iovec management (git-fixes). * lib: stackinit: hide never-taken branch from compiler (stable-fixes). * lockdep: Fix upper limit for LOCKDEP_*_BITS configs (stable-fixes). * lockdep: fix deadlock issue between lockdep and rcu (git-fixes). * locking/lockdep: Avoid creating new name string literals in lockdep_set_subclass() (git-fixes). * locking/rwsem: Add __always_inline annotation to __down_write_common() and inlined callers (git-fixes). * loop: do not set QUEUE_FLAG_NOMERGES (git-fixes). * md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes). * md/md-bitmap: add 'sync_size' into struct md_bitmap_stats (git-fixes). * md/md-bitmap: replace md_bitmap_status() with a new helper md_bitmap_get_stats() (git-fixes). * md/md-cluster: fix spares warnings for __le64 (git-fixes). * md/raid0: do not free conf on raid0_run failure (git-fixes). * md/raid1: do not free conf on raid0_run failure (git-fixes). * md/raid5: Wait sync io to finish before changing group cnt (git-fixes). * md: Do not flush sync_work in md_write_start() (git-fixes). * md: convert comma to semicolon (git-fixes). * media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes). * media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes). * media: firewire: firedtv-avc.c: replace BUG with proper, error return (git- fixes). * media: ov08x40: Fix hblank out of range issue (git-fixes). * media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes). * media: uvcvideo: Add new quirk definition for the Sonix Technology Co. 292a camera (stable-fixes). * media: uvcvideo: Implement dual stream quirk to fix loss of usb packets (stable-fixes). * media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (stable-fixes). * mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (stable- fixes). * mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes (mm/compaction)). * mmc: core: Respect quirk_max_rate for non-UHS SDIO card (stable-fixes). * mmc: mtk-sd: Fix register settings for hs400(es) mode (git-fixes). * mmc: sdhci-msm: Correctly set the load for the regulator (stable-fixes). * mptcp: export local_address (git-fixes) * mptcp: fix NL PM announced address accounting (git-fixes) * mptcp: fix data races on local_id (git-fixes) * mptcp: fix inconsistent state on fastopen race (bsc#1222672). * mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes) * mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes) * mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes) * mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git- fixes) * mptcp: pm: deny endp with signal + subflow + port (git-fixes) * mptcp: pm: do not ignore 'subflow' if 'signal' flag is also set (git-fixes) * mptcp: pm: do not try to create sf if alloc failed (git-fixes) * mptcp: pm: fullmesh: select the right ID later (git-fixes) * mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes) * mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes) * mptcp: pm: re-using ID of unused flushed subflows (git-fixes) * mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes) * mptcp: pm: re-using ID of unused removed subflows (git-fixes) * mptcp: pm: reduce indentation blocks (git-fixes) * mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes) * mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes) * mptcp: unify pm get_local_id interfaces (git-fixes) * mptcp: unify pm set_flags interfaces (git-fixes) * mtd: rawnand: cadence: fix error code in cadence_nand_init() (git-fixes). * mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (git-fixes). * mtd: rawnand: cadence: fix unchecked dereference (git-fixes). * mtd: rawnand: cadence: use dma_map_resource for sdma address (git-fixes). * nbd: Fix signal handling (git-fixes). * nbd: Improve the documentation of the locking assumptions (git-fixes). * nbd: do not allow reconnect after disconnect (git-fixes). * net/mlx5: Correct TASR typo into TSAR (git-fixes). * net/mlx5: Fix RDMA TX steering prio (git-fixes). * net/mlx5: Fix msix vectors to respect platform limit (bsc#1225981). * net/mlx5: SF, Fix add port error handling (git-fixes). * net/mlx5: Verify support for scheduling element and TSAR type (git-fixes). * net/mlx5e: Always start IPsec sequence number from 1 (git-fixes). * net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes). * net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes). * net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (bsc#1236994). * net: Fix undefined behavior in netdev name allocation (bsc#1233749). * net: avoid UAF on deleted altname (bsc#1233749). * net: check for altname conflicts when changing netdev's netns (bsc#1233749). * net: core: Use the bitmap API to allocate bitmaps (bsc#1233749). * net: do not send a MOVE event when netdev changes netns (bsc#1233749). * net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749). * net: fix ifname in netlink ntf during netns move (bsc#1233749). * net: fix removing a namespace with conflicting altnames (bsc#1233749). * net: free altname using an RCU callback (bsc#1233749). * net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749). * net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761). * net: move altnames together with the netdevice (bsc#1233749). * net: reduce indentation of __dev_alloc_name() (bsc#1233749). * net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749). * net: remove else after return in dev_prep_valid_name() (bsc#1233749). * net: rose: lock the socket in rose_bind() (git-fixes). * net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (git-fixes). * net: smc: fix spurious error message from __sock_release() (bsc#1237126). * net: trust the bitmap in __dev_alloc_name() (bsc#1233749). * net: wwan: iosm: Fix hibernation by re-binding the driver around it (stable- fixes). * nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() (git-fixes). * null_blk: Do not allow runt zone with zone capacity smaller then zone size (git-fixes). * null_blk: Fix missing mutex_destroy() at module removal (git-fixes). * null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (git- fixes). * null_blk: Print correct max open zones limit in null_init_zoned_dev() (git- fixes). * null_blk: Remove usage of the deprecated ida_simple_xx() API (git-fixes). * null_blk: do not cap max_hw_sectors to BLK_DEF_MAX_SECTORS (git-fixes). * null_blk: fix validation of block size (git-fixes). * nvme-fc: use ctrl state getter (git-fixes). * nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (git-fixes). * nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (git-fixes). * nvme-pci: use block layer helpers to calculate num of queues (bsc#1236897). * nvme-tcp: fix connect failure on receiving partial ICResp PDU (git-fixes). * nvme/ioctl: add missing space in err message (git-fixes). * nvme: handle connectivity loss in nvme_set_queue_count (git-fixes). * nvme: make nvme_tls_attrs_group static (git-fixes). * nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896). * nvme: tcp: Fix compilation warning with W=1 (git-fixes). * nvmet: Fix crash when a namespace is disabled (git-fixes). * ocfs2: fix incorrect CPU endianness conversion causing mount failure (bsc#1236138). * padata: Clean up in padata_do_multithreaded() (bsc#1237563). * padata: Honor the caller's alignment in case of chunk_size 0 (bsc#1237563). * partitions: ldm: remove the initial kernel-doc notation (git-fixes). * phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (git-fixes). * phy: rockchip: naneng-combphy: compatible reset with old DT (git-fixes). * phy: tegra: xusb: reset VBUS & ID OVERRIDE (git-fixes). * pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware (git-fixes). * platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1237452). * platform/x86/intel-uncore-freq: Increase minor number support (bsc#1237452). * platform/x86/intel/tpmi: Add defines to get version information (bsc#1237452). * platform/x86: ISST: Ignore minor version change (bsc#1237452). * platform/x86: acer-wmi: Ignore AC events (stable-fixes). * platform/x86: int3472: Check for adev == NULL (stable-fixes). * power: supply: da9150-fg: fix potential overflow (git-fixes). * powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (bsc#1215199). * powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (bsc#1215199). * powerpc/code-patching: Disable KASAN report during patching via temporary mm (bsc#1215199). * powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (bsc#1215199). * powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid mode (ltc#210895 bsc#1235933 ltc#210896 bsc#1235932). * powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API (bsc#1236967 ltc#210988). * printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950). * rbd: do not assume RBD_LOCK_STATE_LOCKED for exclusive mappings (git-fixes). * rbd: do not assume rbd_is_lock_owner() for exclusive mappings (git-fixes). * rbd: do not move requests to the running list on errors (git-fixes). * rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (git-fixes). * regmap-irq: Add missing kfree() (git-fixes). * rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303) * s390/cio: rename bitmap_size() -> idset_bitmap_size() (git-fixes bsc#1236205). * s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes bsc#1237158). * s390/iucv: fix receive buffer virtual vs physical address confusion (git- fixes bsc#1236200). * s390/pci: Fix SR-IOV for PFs initially in standby (git-fixes bsc#1236752). * s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368). * s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (bsc#1236752). * s390/pci: Ignore RID for isolated VFs (bsc#1236752). * s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (git- fixes bsc#1238368). * s390/pci: Sort PCI functions prior to creating virtual busses (bsc#1236752). * s390/pci: Use topology ID for multi-function devices (bsc#1236752). * s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199). * s390/topology: Improve topology detection (bsc#1236591). * s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops (git-fixes bsc#1236203). * scripts/gdb: fix aarch64 userspace detection in get_current_task (stable- fixes). * scsi: core: Clear driver private data when retrying request (git-fixes). * scsi: core: Handle depopulation and restoration in progress (git-fixes). * scsi: lpfc: Copyright updates for 14.4.0.8 patches (bsc#1238347). * scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when pci_irq_vector() fails (bsc#1238347). * scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (bsc#1238347). * scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (bsc#1238347). * scsi: lpfc: Reduce log message generation during ELS ring clean up (bsc#1238347). * scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347). * scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896). * scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes). * scsi: use block layer helpers to calculate num of queues (bsc#1236897). * selftest: hugetlb_dio: fix test naming (git-fixes). * selftest: mm: Test if hugepage does not get leaked during __bio_release_pages() (git-fixes). * selftests/futex: pass _GNU_SOURCE without a value to the compiler (git- fixes). * selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (stable- fixes). * selftests: gpio: gpio-sim: Fix missing chip disablements (stable-fixes). * selftests: hugetlb_dio: check for initial conditions to skip in the start (git-fixes). * selftests: hugetlb_dio: fixup check for initial conditions to skip in the start (git-fixes). * selftests: mptcp: connect: -f: no reconnect (git-fixes). * selftests: rtnetlink: update netdevsim ipsec output format (stable-fixes). * serial: 8250: Fix fifo underflow on flush (git-fixes). * serial: sc16is7xx: use device_property APIs when configuring irda mode (stable-fixes). * smb3: fix creating FIFOs when mounting with "sfu" mount option (git-fixes). * smb3: request handle caching when caching directories (bsc#1231432). * smb3: retrying on failed server close (bsc#1231432). * smb: cached directories can be more than root file handle (bsc#1231432). * smb: cilent: set reparse mount points as automounts (git-fixes). * smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs() (git-fixes). * smb: client: Fix minor whitespace errors and warnings (git-fixes). * smb: client: Fix netns refcount imbalance causing leaks and use-after-free (git-fixes). * smb: client: add support for WSL reparse points (git-fixes). * smb: client: allow creating special files via reparse points (git-fixes). * smb: client: allow creating symlinks via reparse points (git-fixes). * smb: client: cleanup smb2_query_reparse_point() (git-fixes). * smb: client: do not query reparse points twice on symlinks (git-fixes). * smb: client: extend smb2_compound_op() to accept more commands (bsc#1231432). * smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432). * smb: client: fix OOB in smb2_query_reparse_point() (git-fixes). * smb: client: fix corruption in cifs_extend_writeback (bsc#1235609). * smb: client: fix double put of @cfile in smb2_rename_path() (git-fixes). * smb: client: fix double put of @cfile in smb2_set_path_size() (git-fixes). * smb: client: fix hardlinking of reparse points (git-fixes). * smb: client: fix missing mode bits for SMB symlinks (git-fixes). * smb: client: fix possible double free in smb2_set_ea() (git-fixes). * smb: client: fix potential broken compound request (git-fixes). * smb: client: fix renaming of reparse points (git-fixes). * smb: client: get rid of smb311_posix_query_path_info() (git-fixes). * smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED (git-fixes). * smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (git-fixes). * smb: client: handle path separator of created SMB symlinks (git-fixes). * smb: client: handle special files and symlinks in SMB3 POSIX (git-fixes). * smb: client: ignore unhandled reparse tags (git-fixes). * smb: client: implement ->query_reparse_point() for SMB1 (git-fixes). * smb: client: instantiate when creating SFU files (git-fixes). * smb: client: introduce ->parse_reparse_point() (git-fixes). * smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes). * smb: client: introduce cifs_sfu_make_node() (git-fixes). * smb: client: introduce reparse mount option (git-fixes). * smb: client: make smb2_compound_op() return resp buffer on success (bsc#1231432). * smb: client: move most of reparse point handling code to common file (git- fixes). * smb: client: move some params to cifs_open_info_data (bsc#1231432). * smb: client: optimise reparse point querying (git-fixes). * smb: client: parse owner/group when creating reparse points (git-fixes). * smb: client: parse reparse point flag in create response (bsc#1231432). * smb: client: parse uid, gid, mode and dev from WSL reparse points (git- fixes). * smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896). * smb: client: reduce number of parameters in smb2_compound_op() (git-fixes). * smb: client: reduce stack usage in smb2_query_info_compound() (bsc#1231432). * smb: client: reduce stack usage in smb2_query_reparse_point() (git-fixes). * smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432). * smb: client: retry compound request without reusing lease (git-fixes). * smb: client: return reparse type in /proc/mounts (git-fixes). * smb: client: reuse file lease key in compound operations (git-fixes). * smb: client: set correct d_type for reparse DFS/DFSR and mount point (git- fixes). * smb: client: set correct file type from NFS reparse points (git-fixes). * smb: client: stop revalidating reparse points unnecessarily (git-fixes). * smb: use kernel_connect() and kernel_bind() (git-fixes). * soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (stable-fixes). * soc/tegra: fuse: Update Tegra234 nvmem keepout list (stable-fixes). * soc: loongson: loongson2_guts: Add check for devm_kstrdup() (git-fixes). * soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (git-fixes). * soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes). * soc: qcom: socinfo: move SMEM item struct and defines to a header (git- fixes). * spi: atmel-qspi: Memory barriers after memory-mapped I/O (git-fixes). * spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families (stable-fixes). * spi: sn-f-ospi: Fix division by zero (git-fixes). * tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367). * tomoyo: do not emit warning in tomoyo_write_control() (stable-fixes). * tools: fix annoying "mkdir -p ..." logs when building tools in parallel (git-fixes). * tty: xilinx_uartps: split sysrq handling (git-fixes). * ublk: fix error code for unsupported command (git-fixes). * ublk: fix ublk_ch_mmap() for 64K page size (git-fixes). * ublk: move ublk_cancel_dev() out of ub->mutex (git-fixes). * ublk: move zone report data out of request pdu (git-fixes). * usb: cdc-acm: Check control transfer buffer size before access (git-fixes). * usb: cdc-acm: Fix handling of oversized fragments (git-fixes). * usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes). * usb: core: fix pipe creation for get_bMaxPacketSize0 (git-fixes). * usb: dwc2: gadget: remove of_node reference upon udc_stop (git-fixes). * usb: dwc3: Fix timeout issue during controller enter/exit from halt state (git-fixes). * usb: dwc3: core: Defer the probe until USB power supply ready (git-fixes). * usb: gadget: core: flush gadget workqueue after device removal (git-fixes). * usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue during MIDI bind retries (git-fixes). * usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (git-fixes). * usb: gadget: udc: renesas_usb3: Fix compiler warning (git-fixes). * usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device (git-fixes). * usb: roles: set switch registered flag early on (git-fixes). * usb: xhci: Fix NULL pointer dereference on certain command aborts (git- fixes). * usbnet: gl620a: fix endpoint checking in genelink_bind() (git-fixes). * usbnet: ipheth: document scope of NCM implementation (stable-fixes). * util_macros.h: fix/rework find_closest() macros (git-fixes). * vhost/net: Set num_buffers for virtio 1.0 (git-fixes). * virtio-mem: check if the config changed before fake offlining memory (git- fixes). * virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git- fixes). * virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block Mode (SBM) (git-fixes). * virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes). * virtio: blk/scsi: replace blk_mq_virtio_map_queues with blk_mq_map_hw_queues (bsc#1236896). * virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1236897). * virtio: hookup irq_get_affinity callback (bsc#1236896). * virtio_blk: reverse request order in virtio_queue_rqs (git-fixes). * vsock/virtio: cancel close work in the destructor (git-fixes) * vsock: Keep the binding until socket destruction (git-fixes) * vsock: reset socket state when de-assigning the transport (git-fixes) * wifi: ath12k: fix handling of 6 GHz rules (git-fixes). * wifi: brcmfmac: Check the return value of of_property_read_string_index() (stable-fixes). * wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (stable- fixes). * wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (stable-fixes). * wifi: iwlwifi: avoid memory leak (stable-fixes). * wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes). * wifi: mt76: mt7915: fix omac index assignment after hardware reset (git- fixes). * wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes). * wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH (stable-fixes). * wifi: rtw88: sdio: Fix disconnection after beacon loss (stable-fixes). * wifi: rtw89: add crystal_cap check to avoid setting as overflow value (stable-fixes). * x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes). * x86/asm: Make serialize() always_inline (git-fixes). * x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes). * x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes). * x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes). * x86/mm: Carve out INVLPG inline asm for use by others (git-fixes). * x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes). * x86/xen: allow larger contiguous memory regions in PV guests (git-fixes). * x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes). * xen/swiotlb: relax alignment requirements (git-fixes). * xhci: dbgtty: remove kfifo_out() wrapper (git-fixes). * zram: clear IDLE flag after recompression (git-fixes). * zram: clear IDLE flag in mark_idle() (git-fixes). * zram: do not mark idle slots that cannot be idle (git-fixes). * zram: fix potential UAF of zram table (git-fixes). * zram: fix uninitialized ZRAM not releasing backing device (git-fixes). * zram: refuse to use zero sized block device as backing device (git-fixes). * zram: split memory-tracking and ac-time tracking (git-fixes). * Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() (git- fixes). * Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() (git-fixes). * arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes) * arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git- fixes) * arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes) * bluetooth: btusb: Initialize .owner field of force_poll_sync_fops (git- fixes). * drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params (git-fixes). * drm/sched: Fix preprocessor guard (git-fixes). * exfat: do not zero the extended part (bsc#1237356). * exfat: fix appending discontinuous clusters to empty file (bsc#1237356). * exfat: fix timing of synchronizing bitmap and inode (bsc#1237356). * ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848 bsc#1230497). * initcall_blacklist: Does not allow kernel_lockdown be blacklisted (bsc#1237521). * mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git- fixes) * rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570) * scsi: core: Do not retry I/Os during depopulation (git-fixes). * scsi: hisi_sas: Allocate DFX memory during dump trigger (git-fixes). * scsi: hisi_sas: Directly call register snapshot instead of using workqueue (git-fixes). * scsi: hisi_sas: Enable all PHYs that are not disabled by user during controller reset (git-fixes). * scsi: hisi_sas: Fix a deadlock issue related to automatic dump (git-fixes). * scsi: hisi_sas: Remove redundant checks for automatic debugfs dump (git- fixes). * scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (git-fixes). * scsi: megaraid_sas: Fix for a potential deadlock (git-fixes). * scsi: mpi3mr: Fix possible crash when setting up bsg fails (git-fixes). * scsi: mpi3mr: Start controller indexing from 0 (git-fixes). * scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes). * scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (jsc#PED-11253). * scsi: myrb: Remove dead code (git-fixes). * scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes). * scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (git-fixes). * scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes). * scsi: sg: Enable runtime power management (git-fixes). * scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (git- fixes). * scsi: st: Do not modify unknown block number in MTIOCGET (git-fixes). * wifi: cfg80211: regulatory: improve invalid hints checking (git-fixes). * wifi: iwlwifi: limit printed string from FW file (git-fixes). * wifi: iwlwifi: mvm: do not try to talk to a dead firmware (git-fixes). * wifi: nl80211: reject cooked mode if it is set along with other flags (git- fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-847=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-847=1 openSUSE-SLE-15.6-2025-847=1 ## Package List: * Public Cloud Module 15-SP6 (aarch64 nosrc x86_64) * kernel-azure-6.4.0-150600.8.31.1 * Public Cloud Module 15-SP6 (aarch64 x86_64) * kernel-azure-debugsource-6.4.0-150600.8.31.1 * kernel-azure-devel-debuginfo-6.4.0-150600.8.31.1 * kernel-azure-debuginfo-6.4.0-150600.8.31.1 * kernel-syms-azure-6.4.0-150600.8.31.1 * kernel-azure-devel-6.4.0-150600.8.31.1 * Public Cloud Module 15-SP6 (noarch) * kernel-source-azure-6.4.0-150600.8.31.1 * kernel-devel-azure-6.4.0-150600.8.31.1 * openSUSE Leap 15.6 (aarch64 x86_64) * reiserfs-kmp-azure-debuginfo-6.4.0-150600.8.31.1 * gfs2-kmp-azure-6.4.0-150600.8.31.1 * kernel-azure-optional-6.4.0-150600.8.31.1 * kernel-azure-devel-debuginfo-6.4.0-150600.8.31.1 * kernel-azure-debuginfo-6.4.0-150600.8.31.1 * cluster-md-kmp-azure-6.4.0-150600.8.31.1 * kselftests-kmp-azure-debuginfo-6.4.0-150600.8.31.1 * gfs2-kmp-azure-debuginfo-6.4.0-150600.8.31.1 * kernel-azure-extra-6.4.0-150600.8.31.1 * ocfs2-kmp-azure-debuginfo-6.4.0-150600.8.31.1 * kselftests-kmp-azure-6.4.0-150600.8.31.1 * kernel-syms-azure-6.4.0-150600.8.31.1 * reiserfs-kmp-azure-6.4.0-150600.8.31.1 * kernel-azure-devel-6.4.0-150600.8.31.1 * kernel-azure-optional-debuginfo-6.4.0-150600.8.31.1 * cluster-md-kmp-azure-debuginfo-6.4.0-150600.8.31.1 * dlm-kmp-azure-debuginfo-6.4.0-150600.8.31.1 * kernel-azure-extra-debuginfo-6.4.0-150600.8.31.1 * dlm-kmp-azure-6.4.0-150600.8.31.1 * kernel-azure-debugsource-6.4.0-150600.8.31.1 * ocfs2-kmp-azure-6.4.0-150600.8.31.1 * openSUSE Leap 15.6 (aarch64 nosrc x86_64) * kernel-azure-6.4.0-150600.8.31.1 * openSUSE Leap 15.6 (x86_64) * kernel-azure-vdso-6.4.0-150600.8.31.1 * kernel-azure-vdso-debuginfo-6.4.0-150600.8.31.1 * openSUSE Leap 15.6 (noarch) * kernel-source-azure-6.4.0-150600.8.31.1 * kernel-devel-azure-6.4.0-150600.8.31.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52924.html * https://www.suse.com/security/cve/CVE-2023-52925.html * https://www.suse.com/security/cve/CVE-2024-26708.html * https://www.suse.com/security/cve/CVE-2024-26810.html * https://www.suse.com/security/cve/CVE-2024-40980.html * https://www.suse.com/security/cve/CVE-2024-41055.html * https://www.suse.com/security/cve/CVE-2024-44974.html * https://www.suse.com/security/cve/CVE-2024-45009.html * https://www.suse.com/security/cve/CVE-2024-45010.html * https://www.suse.com/security/cve/CVE-2024-46858.html * https://www.suse.com/security/cve/CVE-2024-47701.html * https://www.suse.com/security/cve/CVE-2024-49884.html * https://www.suse.com/security/cve/CVE-2024-49950.html * https://www.suse.com/security/cve/CVE-2024-50029.html * https://www.suse.com/security/cve/CVE-2024-50036.html * https://www.suse.com/security/cve/CVE-2024-50073.html * https://www.suse.com/security/cve/CVE-2024-50085.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-50142.html * https://www.suse.com/security/cve/CVE-2024-50185.html * https://www.suse.com/security/cve/CVE-2024-50294.html * https://www.suse.com/security/cve/CVE-2024-53123.html * https://www.suse.com/security/cve/CVE-2024-53147.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53176.html * https://www.suse.com/security/cve/CVE-2024-53177.html * https://www.suse.com/security/cve/CVE-2024-53178.html * https://www.suse.com/security/cve/CVE-2024-53226.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56568.html * https://www.suse.com/security/cve/CVE-2024-56579.html * https://www.suse.com/security/cve/CVE-2024-56592.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56633.html * https://www.suse.com/security/cve/CVE-2024-56647.html * https://www.suse.com/security/cve/CVE-2024-56658.html * https://www.suse.com/security/cve/CVE-2024-56720.html * https://www.suse.com/security/cve/CVE-2024-57882.html * https://www.suse.com/security/cve/CVE-2024-57889.html * https://www.suse.com/security/cve/CVE-2024-57948.html * https://www.suse.com/security/cve/CVE-2024-57979.html * https://www.suse.com/security/cve/CVE-2024-57994.html * https://www.suse.com/security/cve/CVE-2025-21636.html * https://www.suse.com/security/cve/CVE-2025-21637.html * https://www.suse.com/security/cve/CVE-2025-21638.html * https://www.suse.com/security/cve/CVE-2025-21639.html * https://www.suse.com/security/cve/CVE-2025-21640.html * https://www.suse.com/security/cve/CVE-2025-21647.html * https://www.suse.com/security/cve/CVE-2025-21665.html * https://www.suse.com/security/cve/CVE-2025-21666.html * https://www.suse.com/security/cve/CVE-2025-21667.html * https://www.suse.com/security/cve/CVE-2025-21668.html * https://www.suse.com/security/cve/CVE-2025-21669.html * https://www.suse.com/security/cve/CVE-2025-21670.html * https://www.suse.com/security/cve/CVE-2025-21673.html * https://www.suse.com/security/cve/CVE-2025-21675.html * https://www.suse.com/security/cve/CVE-2025-21680.html * https://www.suse.com/security/cve/CVE-2025-21681.html * https://www.suse.com/security/cve/CVE-2025-21684.html * https://www.suse.com/security/cve/CVE-2025-21687.html * https://www.suse.com/security/cve/CVE-2025-21688.html * https://www.suse.com/security/cve/CVE-2025-21689.html * https://www.suse.com/security/cve/CVE-2025-21690.html * https://www.suse.com/security/cve/CVE-2025-21692.html * https://www.suse.com/security/cve/CVE-2025-21697.html * https://www.suse.com/security/cve/CVE-2025-21699.html * https://www.suse.com/security/cve/CVE-2025-21700.html * https://www.suse.com/security/cve/CVE-2025-21705.html * https://www.suse.com/security/cve/CVE-2025-21715.html * https://www.suse.com/security/cve/CVE-2025-21716.html * https://www.suse.com/security/cve/CVE-2025-21719.html * https://www.suse.com/security/cve/CVE-2025-21724.html * https://www.suse.com/security/cve/CVE-2025-21725.html * https://www.suse.com/security/cve/CVE-2025-21728.html * https://www.suse.com/security/cve/CVE-2025-21733.html * https://www.suse.com/security/cve/CVE-2025-21754.html * https://www.suse.com/security/cve/CVE-2025-21767.html * https://www.suse.com/security/cve/CVE-2025-21790.html * https://www.suse.com/security/cve/CVE-2025-21795.html * https://www.suse.com/security/cve/CVE-2025-21799.html * https://www.suse.com/security/cve/CVE-2025-21802.html * https://bugzilla.suse.com/show_bug.cgi?id=1012628 * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1219367 * https://bugzilla.suse.com/show_bug.cgi?id=1222672 * https://bugzilla.suse.com/show_bug.cgi?id=1222803 * https://bugzilla.suse.com/show_bug.cgi?id=1225606 * https://bugzilla.suse.com/show_bug.cgi?id=1225742 * https://bugzilla.suse.com/show_bug.cgi?id=1225981 * https://bugzilla.suse.com/show_bug.cgi?id=1227937 * https://bugzilla.suse.com/show_bug.cgi?id=1228521 * https://bugzilla.suse.com/show_bug.cgi?id=1230235 * https://bugzilla.suse.com/show_bug.cgi?id=1230438 * https://bugzilla.suse.com/show_bug.cgi?id=1230439 * https://bugzilla.suse.com/show_bug.cgi?id=1230497 * https://bugzilla.suse.com/show_bug.cgi?id=1231088 * https://bugzilla.suse.com/show_bug.cgi?id=1231432 * https://bugzilla.suse.com/show_bug.cgi?id=1231912 * https://bugzilla.suse.com/show_bug.cgi?id=1231920 * https://bugzilla.suse.com/show_bug.cgi?id=1231949 * https://bugzilla.suse.com/show_bug.cgi?id=1232159 * https://bugzilla.suse.com/show_bug.cgi?id=1232198 * https://bugzilla.suse.com/show_bug.cgi?id=1232201 * https://bugzilla.suse.com/show_bug.cgi?id=1232299 * https://bugzilla.suse.com/show_bug.cgi?id=1232508 * https://bugzilla.suse.com/show_bug.cgi?id=1232520 * https://bugzilla.suse.com/show_bug.cgi?id=1232919 * https://bugzilla.suse.com/show_bug.cgi?id=1233028 * https://bugzilla.suse.com/show_bug.cgi?id=1233109 * https://bugzilla.suse.com/show_bug.cgi?id=1233483 * https://bugzilla.suse.com/show_bug.cgi?id=1233749 * https://bugzilla.suse.com/show_bug.cgi?id=1234070 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234857 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234894 * https://bugzilla.suse.com/show_bug.cgi?id=1234895 * https://bugzilla.suse.com/show_bug.cgi?id=1234896 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1235032 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235244 * https://bugzilla.suse.com/show_bug.cgi?id=1235435 * https://bugzilla.suse.com/show_bug.cgi?id=1235441 * https://bugzilla.suse.com/show_bug.cgi?id=1235485 * https://bugzilla.suse.com/show_bug.cgi?id=1235592 * https://bugzilla.suse.com/show_bug.cgi?id=1235599 * https://bugzilla.suse.com/show_bug.cgi?id=1235609 * https://bugzilla.suse.com/show_bug.cgi?id=1235914 * https://bugzilla.suse.com/show_bug.cgi?id=1235932 * https://bugzilla.suse.com/show_bug.cgi?id=1235933 * https://bugzilla.suse.com/show_bug.cgi?id=1236113 * https://bugzilla.suse.com/show_bug.cgi?id=1236114 * https://bugzilla.suse.com/show_bug.cgi?id=1236115 * https://bugzilla.suse.com/show_bug.cgi?id=1236122 * https://bugzilla.suse.com/show_bug.cgi?id=1236123 * https://bugzilla.suse.com/show_bug.cgi?id=1236133 * https://bugzilla.suse.com/show_bug.cgi?id=1236138 * https://bugzilla.suse.com/show_bug.cgi?id=1236199 * https://bugzilla.suse.com/show_bug.cgi?id=1236200 * https://bugzilla.suse.com/show_bug.cgi?id=1236203 * https://bugzilla.suse.com/show_bug.cgi?id=1236205 * https://bugzilla.suse.com/show_bug.cgi?id=1236573 * https://bugzilla.suse.com/show_bug.cgi?id=1236575 * https://bugzilla.suse.com/show_bug.cgi?id=1236576 * https://bugzilla.suse.com/show_bug.cgi?id=1236591 * https://bugzilla.suse.com/show_bug.cgi?id=1236661 * https://bugzilla.suse.com/show_bug.cgi?id=1236677 * https://bugzilla.suse.com/show_bug.cgi?id=1236680 * https://bugzilla.suse.com/show_bug.cgi?id=1236681 * https://bugzilla.suse.com/show_bug.cgi?id=1236682 * https://bugzilla.suse.com/show_bug.cgi?id=1236683 * https://bugzilla.suse.com/show_bug.cgi?id=1236684 * https://bugzilla.suse.com/show_bug.cgi?id=1236685 * https://bugzilla.suse.com/show_bug.cgi?id=1236689 * https://bugzilla.suse.com/show_bug.cgi?id=1236694 * https://bugzilla.suse.com/show_bug.cgi?id=1236700 * https://bugzilla.suse.com/show_bug.cgi?id=1236702 * https://bugzilla.suse.com/show_bug.cgi?id=1236752 * https://bugzilla.suse.com/show_bug.cgi?id=1236759 * https://bugzilla.suse.com/show_bug.cgi?id=1236761 * https://bugzilla.suse.com/show_bug.cgi?id=1236821 * https://bugzilla.suse.com/show_bug.cgi?id=1236822 * https://bugzilla.suse.com/show_bug.cgi?id=1236896 * https://bugzilla.suse.com/show_bug.cgi?id=1236897 * https://bugzilla.suse.com/show_bug.cgi?id=1236952 * https://bugzilla.suse.com/show_bug.cgi?id=1236967 * https://bugzilla.suse.com/show_bug.cgi?id=1236994 * https://bugzilla.suse.com/show_bug.cgi?id=1237007 * https://bugzilla.suse.com/show_bug.cgi?id=1237017 * https://bugzilla.suse.com/show_bug.cgi?id=1237025 * https://bugzilla.suse.com/show_bug.cgi?id=1237028 * https://bugzilla.suse.com/show_bug.cgi?id=1237045 * https://bugzilla.suse.com/show_bug.cgi?id=1237126 * https://bugzilla.suse.com/show_bug.cgi?id=1237132 * https://bugzilla.suse.com/show_bug.cgi?id=1237139 * https://bugzilla.suse.com/show_bug.cgi?id=1237155 * https://bugzilla.suse.com/show_bug.cgi?id=1237158 * https://bugzilla.suse.com/show_bug.cgi?id=1237159 * https://bugzilla.suse.com/show_bug.cgi?id=1237232 * https://bugzilla.suse.com/show_bug.cgi?id=1237234 * https://bugzilla.suse.com/show_bug.cgi?id=1237325 * https://bugzilla.suse.com/show_bug.cgi?id=1237356 * https://bugzilla.suse.com/show_bug.cgi?id=1237415 * https://bugzilla.suse.com/show_bug.cgi?id=1237452 * https://bugzilla.suse.com/show_bug.cgi?id=1237504 * https://bugzilla.suse.com/show_bug.cgi?id=1237521 * https://bugzilla.suse.com/show_bug.cgi?id=1237558 * https://bugzilla.suse.com/show_bug.cgi?id=1237562 * https://bugzilla.suse.com/show_bug.cgi?id=1237563 * https://bugzilla.suse.com/show_bug.cgi?id=1237848 * https://bugzilla.suse.com/show_bug.cgi?id=1237849 * https://bugzilla.suse.com/show_bug.cgi?id=1237879 * https://bugzilla.suse.com/show_bug.cgi?id=1237889 * https://bugzilla.suse.com/show_bug.cgi?id=1237891 * https://bugzilla.suse.com/show_bug.cgi?id=1237901 * https://bugzilla.suse.com/show_bug.cgi?id=1237950 * https://bugzilla.suse.com/show_bug.cgi?id=1238214 * https://bugzilla.suse.com/show_bug.cgi?id=1238303 * https://bugzilla.suse.com/show_bug.cgi?id=1238347 * https://bugzilla.suse.com/show_bug.cgi?id=1238368 * https://bugzilla.suse.com/show_bug.cgi?id=1238494 * https://bugzilla.suse.com/show_bug.cgi?id=1238496 * https://bugzilla.suse.com/show_bug.cgi?id=1238509 * https://bugzilla.suse.com/show_bug.cgi?id=1238521 * https://bugzilla.suse.com/show_bug.cgi?id=1238525 * https://bugzilla.suse.com/show_bug.cgi?id=1238570 * https://bugzilla.suse.com/show_bug.cgi?id=1238739 * https://bugzilla.suse.com/show_bug.cgi?id=1238751 * https://bugzilla.suse.com/show_bug.cgi?id=1238753 * https://bugzilla.suse.com/show_bug.cgi?id=1238759 * https://bugzilla.suse.com/show_bug.cgi?id=1238860 * https://bugzilla.suse.com/show_bug.cgi?id=1238863 * https://bugzilla.suse.com/show_bug.cgi?id=1238877 * https://jira.suse.com/browse/PED-10028 * https://jira.suse.com/browse/PED-11253 * https://jira.suse.com/browse/PED-12094 * https://jira.suse.com/browse/PED-348 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 13 12:30:41 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 13 Mar 2025 12:30:41 -0000 Subject: SUSE-SU-2025:0853-1: important: Security update for the Linux Kernel Message-ID: <174186904169.32485.11610478961964629021@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0853-1 Release Date: 2025-03-13T10:40:03Z Rating: important References: * bsc#1208995 * bsc#1220946 * bsc#1225742 * bsc#1232472 * bsc#1232919 * bsc#1233701 * bsc#1233749 * bsc#1234154 * bsc#1234650 * bsc#1234853 * bsc#1234891 * bsc#1234963 * bsc#1235054 * bsc#1235061 * bsc#1235073 * bsc#1235111 * bsc#1236133 * bsc#1236289 * bsc#1236576 * bsc#1236661 * bsc#1236677 * bsc#1236757 * bsc#1236758 * bsc#1236760 * bsc#1236761 * bsc#1236777 * bsc#1236951 * bsc#1237025 * bsc#1237028 * bsc#1237139 * bsc#1237316 * bsc#1237693 * bsc#1238033 Cross-References: * CVE-2022-49080 * CVE-2023-1192 * CVE-2023-52572 * CVE-2024-50115 * CVE-2024-53135 * CVE-2024-53173 * CVE-2024-53226 * CVE-2024-53239 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56605 * CVE-2024-57948 * CVE-2025-21647 * CVE-2025-21690 * CVE-2025-21692 * CVE-2025-21699 CVSS scores: * CVE-2022-49080 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49080 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1192 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1192 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52572 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2023-52572 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53135 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53135 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53226 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53226 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53226 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56548 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57948 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57948 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21647 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21647 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21690 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21690 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21692 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21692 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21692 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21699 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21699 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21699 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves 16 vulnerabilities and has 17 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033). * CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154). * CVE-2024-53226: RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (bsc#1236576) * CVE-2024-57948: mac802154: check local interfaces before deleting sdata list (bsc#1236677). * CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133). * CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025). * CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028). * CVE-2025-21699: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (bsc#1237139). The following non-security bugs were fixed: * NFSD: use explicit lock/unlock for directory ops (bsc#1234650 bsc#1233701 bsc#1232472). * cpufreq/amd-pstate: Only print supported EPP values for performance governor (bsc#1236777). * iavf: fix the waiting time for initial reset (bsc#1235111). * ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1235111). * ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1235111). * ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1235111). * idpf: call set_real_num_queues in idpf_open (bsc#1236661 bsc#1237316). * ipv4/tcp: do not use per netns ctl sockets (bsc#1237693). * kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749). * net: Fix undefined behavior in netdev name allocation (bsc#1233749). * net: avoid UAF on deleted altname (bsc#1233749). * net: check for altname conflicts when changing netdev's netns (bsc#1233749). * net: core: Use the bitmap API to allocate bitmaps (bsc#1233749). * net: do not send a MOVE event when netdev changes netns (bsc#1233749). * net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749). * net: fix ifname in netlink ntf during netns move (bsc#1233749). * net: fix removing a namespace with conflicting altnames (bsc#1233749). * net: free altname using an RCU callback (bsc#1233749). * net: introduce a function to check if a netdev name is in use (bsc#1233749). * net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749). * net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761). * net: mana: Cleanup "mana" debugfs dir after cleanup of all children (bsc#1236760). * net: mana: Enable debugfs files for MANA device (bsc#1236758). * net: minor __dev_alloc_name() optimization (bsc#1233749). * net: move altnames together with the netdevice (bsc#1233749). * net: netvsc: Update default VMBus channels (bsc#1236757). * net: reduce indentation of __dev_alloc_name() (bsc#1233749). * net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749). * net: remove else after return in dev_prep_valid_name() (bsc#1233749). * net: trust the bitmap in __dev_alloc_name() (bsc#1233749). * rcu: Remove rcu_is_idle_cpu() (bsc#1236289). * scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes). * x86/aperfmperf: Dont wake idle CPUs in arch_freq_get_on_cpu() (bsc#1236289). * x86/aperfmperf: Integrate the fallback code from show_cpuinfo() (bsc#1236289). * x86/aperfmperf: Make parts of the frequency invariance code unconditional (bsc#1236289). * x86/aperfmperf: Put frequency invariance aperf/mperf data into a struct (bsc#1236289). * x86/aperfmperf: Replace aperfmperf_get_khz() (bsc#1236289). * x86/aperfmperf: Replace arch_freq_get_on_cpu() (bsc#1236289). * x86/aperfmperf: Restructure arch_scale_freq_tick() (bsc#1236289). * x86/aperfmperf: Separate AP/BP frequency invariance init (bsc#1236289). * x86/aperfmperf: Store aperf/mperf data for cpu frequency reads (bsc#1236289). * x86/aperfmperf: Untangle Intel and AMD frequency invariance init (bsc#1236289). * x86/aperfperf: Make it correct on 32bit and UP kernels (bsc#1236289). * x86/smp: Move APERF/MPERF code where it belongs (bsc#1236289). * x86/smp: Remove unnecessary assignment to local var freq_scale (bsc#1236289). * x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes). * x86/xen: allow larger contiguous memory regions in PV guests (bsc#1236951). * x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes). * xen/swiotlb: relax alignment requirements (bsc#1236951). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-853=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-853=1 ## Package List: * openSUSE Leap 15.5 (noarch) * kernel-devel-rt-5.14.21-150500.13.88.1 * kernel-source-rt-5.14.21-150500.13.88.1 * openSUSE Leap 15.5 (x86_64) * kernel-rt-optional-5.14.21-150500.13.88.1 * gfs2-kmp-rt-5.14.21-150500.13.88.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.88.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.88.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.88.1 * kernel-rt_debug-vdso-5.14.21-150500.13.88.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.88.1 * reiserfs-kmp-rt-5.14.21-150500.13.88.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.88.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.88.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.88.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.88.1 * ocfs2-kmp-rt-5.14.21-150500.13.88.1 * kernel-rt_debug-devel-5.14.21-150500.13.88.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.88.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.88.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.88.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.88.1 * kernel-rt-extra-5.14.21-150500.13.88.1 * kernel-rt-vdso-5.14.21-150500.13.88.1 * cluster-md-kmp-rt-5.14.21-150500.13.88.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.88.1 * kselftests-kmp-rt-5.14.21-150500.13.88.1 * kernel-syms-rt-5.14.21-150500.13.88.1 * kernel-rt-devel-5.14.21-150500.13.88.1 * kernel-rt-livepatch-5.14.21-150500.13.88.1 * kernel-rt-debugsource-5.14.21-150500.13.88.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.88.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.88.1 * kernel-rt-debuginfo-5.14.21-150500.13.88.1 * dlm-kmp-rt-5.14.21-150500.13.88.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.88.1 * kernel-rt_debug-5.14.21-150500.13.88.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-devel-rt-5.14.21-150500.13.88.1 * kernel-source-rt-5.14.21-150500.13.88.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.88.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debugsource-5.14.21-150500.13.88.1 * kernel-rt-debuginfo-5.14.21-150500.13.88.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49080.html * https://www.suse.com/security/cve/CVE-2023-1192.html * https://www.suse.com/security/cve/CVE-2023-52572.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53135.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53226.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-57948.html * https://www.suse.com/security/cve/CVE-2025-21647.html * https://www.suse.com/security/cve/CVE-2025-21690.html * https://www.suse.com/security/cve/CVE-2025-21692.html * https://www.suse.com/security/cve/CVE-2025-21699.html * https://bugzilla.suse.com/show_bug.cgi?id=1208995 * https://bugzilla.suse.com/show_bug.cgi?id=1220946 * https://bugzilla.suse.com/show_bug.cgi?id=1225742 * https://bugzilla.suse.com/show_bug.cgi?id=1232472 * https://bugzilla.suse.com/show_bug.cgi?id=1232919 * https://bugzilla.suse.com/show_bug.cgi?id=1233701 * https://bugzilla.suse.com/show_bug.cgi?id=1233749 * https://bugzilla.suse.com/show_bug.cgi?id=1234154 * https://bugzilla.suse.com/show_bug.cgi?id=1234650 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235111 * https://bugzilla.suse.com/show_bug.cgi?id=1236133 * https://bugzilla.suse.com/show_bug.cgi?id=1236289 * https://bugzilla.suse.com/show_bug.cgi?id=1236576 * https://bugzilla.suse.com/show_bug.cgi?id=1236661 * https://bugzilla.suse.com/show_bug.cgi?id=1236677 * https://bugzilla.suse.com/show_bug.cgi?id=1236757 * https://bugzilla.suse.com/show_bug.cgi?id=1236758 * https://bugzilla.suse.com/show_bug.cgi?id=1236760 * https://bugzilla.suse.com/show_bug.cgi?id=1236761 * https://bugzilla.suse.com/show_bug.cgi?id=1236777 * https://bugzilla.suse.com/show_bug.cgi?id=1236951 * https://bugzilla.suse.com/show_bug.cgi?id=1237025 * https://bugzilla.suse.com/show_bug.cgi?id=1237028 * https://bugzilla.suse.com/show_bug.cgi?id=1237139 * https://bugzilla.suse.com/show_bug.cgi?id=1237316 * https://bugzilla.suse.com/show_bug.cgi?id=1237693 * https://bugzilla.suse.com/show_bug.cgi?id=1238033 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 13 12:30:45 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 13 Mar 2025 12:30:45 -0000 Subject: SUSE-SU-2025:0852-1: important: Security update for google-osconfig-agent Message-ID: <174186904552.32485.9751519244283286561@smelt2.prg2.suse.org> # Security update for google-osconfig-agent Announcement ID: SUSE-SU-2025:0852-1 Release Date: 2025-03-13T10:29:33Z Rating: important References: * bsc#1239197 Cross-References: * CVE-2025-22868 CVSS scores: * CVE-2025-22868 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for google-osconfig-agent fixes the following issues: * CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-852=1 ## Package List: * Public Cloud Module 12 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20250115.01-1.38.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22868.html * https://bugzilla.suse.com/show_bug.cgi?id=1239197 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 13 16:31:46 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 13 Mar 2025 16:31:46 -0000 Subject: SUSE-SU-2025:0856-1: important: Security update for the Linux Kernel Message-ID: <174188350690.2010.11300567791384096390@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0856-1 Release Date: 2025-03-13T15:46:58Z Rating: important References: * bsc#1012628 * bsc#1215199 * bsc#1219367 * bsc#1222672 * bsc#1222803 * bsc#1225606 * bsc#1225742 * bsc#1225981 * bsc#1227937 * bsc#1228521 * bsc#1230235 * bsc#1230438 * bsc#1230439 * bsc#1230497 * bsc#1231432 * bsc#1231912 * bsc#1231920 * bsc#1231949 * bsc#1232159 * bsc#1232198 * bsc#1232201 * bsc#1232299 * bsc#1232508 * bsc#1232520 * bsc#1232919 * bsc#1233028 * bsc#1233109 * bsc#1233483 * bsc#1233749 * bsc#1234070 * bsc#1234853 * bsc#1234857 * bsc#1234891 * bsc#1234894 * bsc#1234895 * bsc#1234896 * bsc#1234963 * bsc#1235032 * bsc#1235054 * bsc#1235061 * bsc#1235073 * bsc#1235435 * bsc#1235485 * bsc#1235592 * bsc#1235599 * bsc#1235609 * bsc#1235932 * bsc#1235933 * bsc#1236113 * bsc#1236114 * bsc#1236115 * bsc#1236122 * bsc#1236123 * bsc#1236133 * bsc#1236138 * bsc#1236199 * bsc#1236200 * bsc#1236203 * bsc#1236205 * bsc#1236573 * bsc#1236575 * bsc#1236576 * bsc#1236591 * bsc#1236661 * bsc#1236677 * bsc#1236681 * bsc#1236682 * bsc#1236684 * bsc#1236689 * bsc#1236700 * bsc#1236702 * bsc#1236752 * bsc#1236759 * bsc#1236821 * bsc#1236822 * bsc#1236896 * bsc#1236897 * bsc#1236952 * bsc#1236967 * bsc#1236994 * bsc#1237007 * bsc#1237017 * bsc#1237025 * bsc#1237028 * bsc#1237045 * bsc#1237126 * bsc#1237132 * bsc#1237139 * bsc#1237155 * bsc#1237158 * bsc#1237159 * bsc#1237232 * bsc#1237234 * bsc#1237325 * bsc#1237356 * bsc#1237415 * bsc#1237452 * bsc#1237504 * bsc#1237521 * bsc#1237558 * bsc#1237562 * bsc#1237563 * bsc#1237848 * bsc#1237849 * bsc#1237879 * bsc#1237889 * bsc#1237891 * bsc#1237901 * bsc#1237950 * bsc#1238214 * bsc#1238303 * bsc#1238347 * bsc#1238368 * bsc#1238509 * bsc#1238525 * bsc#1238570 * bsc#1238739 * bsc#1238751 * bsc#1238753 * bsc#1238759 * bsc#1238860 * bsc#1238863 * bsc#1238877 * jsc#PED-10028 * jsc#PED-11253 * jsc#PED-12094 * jsc#PED-348 Cross-References: * CVE-2023-52924 * CVE-2023-52925 * CVE-2024-26708 * CVE-2024-26810 * CVE-2024-40980 * CVE-2024-41055 * CVE-2024-44974 * CVE-2024-45009 * CVE-2024-45010 * CVE-2024-47701 * CVE-2024-49884 * CVE-2024-49950 * CVE-2024-50029 * CVE-2024-50036 * CVE-2024-50073 * CVE-2024-50085 * CVE-2024-50115 * CVE-2024-50142 * CVE-2024-50185 * CVE-2024-50294 * CVE-2024-53123 * CVE-2024-53147 * CVE-2024-53173 * CVE-2024-53176 * CVE-2024-53177 * CVE-2024-53178 * CVE-2024-53226 * CVE-2024-53239 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56568 * CVE-2024-56579 * CVE-2024-56605 * CVE-2024-56633 * CVE-2024-56647 * CVE-2024-56720 * CVE-2024-57889 * CVE-2024-57948 * CVE-2024-57994 * CVE-2025-21636 * CVE-2025-21637 * CVE-2025-21638 * CVE-2025-21639 * CVE-2025-21640 * CVE-2025-21647 * CVE-2025-21665 * CVE-2025-21667 * CVE-2025-21668 * CVE-2025-21673 * CVE-2025-21680 * CVE-2025-21681 * CVE-2025-21684 * CVE-2025-21687 * CVE-2025-21688 * CVE-2025-21689 * CVE-2025-21690 * CVE-2025-21692 * CVE-2025-21697 * CVE-2025-21699 * CVE-2025-21700 * CVE-2025-21705 * CVE-2025-21715 * CVE-2025-21716 * CVE-2025-21719 * CVE-2025-21724 * CVE-2025-21725 * CVE-2025-21728 * CVE-2025-21767 * CVE-2025-21790 * CVE-2025-21795 * CVE-2025-21799 * CVE-2025-21802 CVSS scores: * CVE-2023-52924 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-52924 ( SUSE ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52925 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52925 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52925 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26708 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26708 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26810 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26810 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40980 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40980 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41055 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41055 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44974 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2024-44974 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-44974 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45009 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-45009 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45010 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-45010 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47701 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47701 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-47701 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49950 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50029 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50029 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50036 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50036 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50073 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50073 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-50073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50085 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50085 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50142 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50142 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50142 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50294 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53123 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53147 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53147 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53176 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53176 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53177 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53178 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53178 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53226 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53226 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53226 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56548 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56568 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56568 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56568 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56579 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56579 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56579 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56633 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56633 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56647 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56647 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56647 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56720 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56720 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57889 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57948 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57948 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57994 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21636 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21636 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21637 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21637 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21638 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21638 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21638 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21639 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21639 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21640 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21640 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21640 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21647 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21647 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21665 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21665 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21665 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21667 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21667 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21668 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-21668 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-21673 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21673 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-21673 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21680 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21680 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21680 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21681 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2025-21681 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2025-21681 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21684 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21684 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21687 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21687 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21687 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21688 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21689 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21689 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21690 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21690 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21692 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21692 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21692 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21697 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-21697 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21699 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21699 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21699 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21700 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21700 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21705 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21715 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21715 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21716 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21716 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21719 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21724 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21725 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21790 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21795 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21799 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21802 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 An update that solves 72 vulnerabilities, contains four features and has 51 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-26708: mptcp: fix inconsistent state on fastopen race (bsc#1222672). * CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock (bsc#1227937). * CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235). * CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438). * CVE-2024-45010: mptcp: pm: only mark 'subflow' endp as available (bsc#1230439). * CVE-2024-50029: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync (bsc#1231949). * CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912). * CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508). * CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028). * CVE-2024-50185: kABI fix for mptcp: handle consistently DSS corruption (bsc#1233109). * CVE-2024-50294: rxrpc: Fix missing locking causing hanging calls (bsc#1233483). * CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070). * CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857). * CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894). * CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896). * CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895). * CVE-2024-56568: iommu/arm-smmu: Defer probe of clients after smmu device bound (bsc#1235032). * CVE-2024-56633: selftests/bpf: Add apply_bytes test to test_txmsg_redir_wait_sndmem in test_sockmap (bsc#1235485). * CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435). * CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592). * CVE-2024-57994: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() (bsc#1237901). * CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (bsc#1236113). * CVE-2025-21637: sctp: sysctl: udp_port: avoid using current->nsproxy (bsc#1236114). * CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy (bsc#1236115). * CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy (bsc#1236122). * CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (bsc#1236123). * CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133). * CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits (bsc#1236684). * CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits (bsc#1236681). * CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition (bsc#1236682). * CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689). * CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700). * CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1236702). * CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045). * CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028). * CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159). * CVE-2025-21728: bpf: Send signals asynchronously if !preemptible (bsc#1237879). * CVE-2025-21705: mptcp: handle fastopen disconnect correctly (bsc#1238525). * CVE-2025-21715: net: davicom: fix UAF in dm9000_drv_remove (bsc#1237889). * CVE-2025-21716: vxlan: Fix uninit-value in vxlan_vnifilter_dump() (bsc#1237891). * CVE-2025-21719: ipmr: do not call mr_mfc_uses_dev() for unres entries (bsc#1238860). * CVE-2025-21724: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() (bsc#1238863). * CVE-2025-21725: smb: client: fix oops due to unset link speed (bsc#1238877). * CVE-2025-21767: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (bsc#1238509). * CVE-2025-21790: vxlan: check vxlan_vnigroup_init() return value (bsc#1238753). * CVE-2025-21795: NFSD: fix hang in nfsd4_shutdown_callback (bsc#1238759). * CVE-2025-21799: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (bsc#1238739). * CVE-2025-21802: net: hns3: fix oops when unload drivers paralleling (bsc#1238751). The following non-security bugs were fixed: * ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes). * ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read() (git-fixes). * ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10 tablet 5V (stable-fixes). * ALSA: hda/cirrus: Correct the full scale volume set logic (git-fixes). * ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (stable-fixes). * ALSA: hda/realtek: Fix microphone regression on ASUS N705UD (git-fixes). * ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15 (git-fixes). * ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes). * ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (git-fixes). * ALSA: seq: Drop UMP events when no UMP-conversion is set (git-fixes). * ALSA: seq: Make dependency on UMP clearer (git-fixes). * ALSA: seq: remove redundant 'tristate' for SND_SEQ_UMP_CLIENT (stable- fixes). * ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (git- fixes). * ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (stable- fixes). * APEI: GHES: Have GHES honor the panic= setting (stable-fixes). * ASoC: Intel: avs: Abstract IPC handling (stable-fixes). * ASoC: Intel: avs: Do not readq() u32 registers (git-fixes). * ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes). * ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (stable-fixes). * ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (git-fixes). * ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (git- fixes). * ASoC: amd: Add ACPI dependency to fix build error (stable-fixes). * ASoC: es8328: fix route from DAC to output (git-fixes). * ASoC: fsl_micfil: Enable default case in micfil_set_quality() (git-fixes). * ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] (git- fixes). * Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes). * Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (stable-fixes). * Fix memory-hotplug regression (bsc#1237504). * Grab mm lock before grabbing pt lock (git-fixes). * HID: Wacom: Add PCI Wacom device support (stable-fixes). * HID: hid-steam: Add Deck IMU support (stable-fixes). * HID: hid-steam: Add gamepad-only mode switched to by holding options (stable-fixes). * HID: hid-steam: Avoid overwriting smoothing parameter (stable-fixes). * HID: hid-steam: Clean up locking (stable-fixes). * HID: hid-steam: Disable watchdog instead of using a heartbeat (stable- fixes). * HID: hid-steam: Do not use cancel_delayed_work_sync in IRQ context (git- fixes). * HID: hid-steam: Fix cleanup in probe() (git-fixes). * HID: hid-steam: Make sure rumble work is canceled on removal (stable-fixes). * HID: hid-steam: Move hidraw input (un)registering to work (git-fixes). * HID: hid-steam: Update list of identifiers from SDL (stable-fixes). * HID: hid-steam: remove pointless error message (stable-fixes). * HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() (git-fixes). * HID: multitouch: Add NULL check in mt_input_configured (git-fixes). * IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes) * Input: allocate keycode for phone linking (stable-fixes). * KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable bit is cleared (git-fixes). * KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes). * KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes). * KVM: arm64: Do not eagerly teardown the vgic on init error (git-fixes). * KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (git- fixes). * KVM: arm64: Fix alignment of kvm_hyp_memcache allocations (git-fixes). * KVM: arm64: Flush hyp bss section after initialization of variables in bss (git-fixes). * KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes) * KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (git-fixes). * KVM: nSVM: Enter guest mode before initializing nested NPT MMU (git-fixes). * KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes). * KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (git-fixes bsc#1237155). * KVM: x86/mmu: Skip the "try unsync" path iff the old SPTE was a leaf SPTE (git-fixes). * KVM: x86: AMD's IBPB is not equivalent to Intel's IBPB (git-fixes). * KVM: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX (git-fixes). * KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes). * KVM: x86: Avoid double RDPKRU when loading host/guest PKRU (git-fixes). * KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init (git- fixes). * KVM: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit() (git- fixes). * KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (git-fixes). * KVM: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348). * KVM: x86: Zero out PV features cache when the CPUID leaf is not present (git-fixes). * PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (stable-fixes). * PCI: Use downstream bridges for distributing resources (bsc#1237325). * PCI: hookup irq_get_affinity callback (bsc#1236896). * PCI: imx6: Simplify clock handling by using clk_bulk*() function (git- fixes). * PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes). * RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes) * RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes) * RDMA/efa: Reset device on probe failure (git-fixes) * RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes) * RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes). * RDMA/mlx5: Fix AH static rate parsing (git-fixes) * RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes) * RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git- fixes) * RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes) * RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes) * RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes) * RDMA/rxe: Improve newline in printing messages (git-fixes) * Revert "blk-throttle: Fix IO hang for a corner case" (git-fixes). * Revert "drm/amd/display: Use HW lock mgr for PSR1" (stable-fixes). * USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (stable- fixes). * USB: Fix the issue of task recovery failure caused by USB status when S4 wakes up (git-fixes). * USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (git-fixes). * USB: gadget: f_midi: f_midi_complete to call queue_work (git-fixes). * USB: hub: Ignore non-compliant devices with too many configs or interfaces (stable-fixes). * USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (stable-fixes). * USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (stable-fixes). * USB: serial: option: add MeiG Smart SLM828 (stable-fixes). * USB: serial: option: add Telit Cinterion FN990B compositions (stable-fixes). * USB: serial: option: drop MeiG Smart defines (stable-fixes). * USB: serial: option: fix Telit Cinterion FN990A name (stable-fixes). * Update "drm/mgag200: Added support for the new device G200eH5" (jsc#PED-12094). * Use gcc-13 for build on SLE16 (jsc#PED-10028). * acct: block access to kernel internal filesystems (git-fixes). * acct: perform last write from workqueue (git-fixes). * add nf_tables for iptables non-legacy network handling This is needed for example by docker on the Alpine Linux distribution, but can also be used on openSUSE. * af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (bsc#1237849). * amdgpu/pm/legacy: fix suspend/resume issues (git-fixes). * arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes) * arm64: Handle .ARM.attributes section in linker scripts (git-fixes) * arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes) * ata: libata-sff: Ensure that we cannot write outside the allocated buffer (stable-fixes). * batman-adv: Drop unmanaged ELP metric worker (git-fixes). * batman-adv: Ignore neighbor throughput metrics in error case (stable-fixes). * batman-adv: fix panic during interface removal (git-fixes). * bio-integrity: do not restrict the size of integrity metadata (git-fixes). * blk-cgroup: Fix class @block_class's subsystem refcount leakage (bsc#1237558). * blk-cgroup: Properly propagate the iostat update up the hierarchy (bsc#1225606). * blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (git- fixes). * blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex less long (git- fixes). * blk-mq: add number of queue calc helper (bsc#1236897). * blk-mq: create correct map for fallback case (bsc#1236896). * blk-mq: do not count completed flush data request as inflight in case of quiesce (git-fixes). * blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896). * blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1236897). * blk-mq: move cpuhp callback registering out of q->sysfs_lock (git-fixes). * blk-mq: register cpuhp callback after hctx is added to xarray table (git- fixes). * blk-mq: use hk cpus only when isolcpus=managed_irq is enabled (bsc#1236897). * blk_iocost: remove some duplicate irq disable/enables (git-fixes). * block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (git-fixes). * block: Clear zone limits for a non-zoned stacked queue (git-fixes). * block: Fix elevator_get_default() checking for NULL q->tag_set (git-fixes). * block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes). * block: Fix page refcounts for unaligned buffers in __bio_release_pages() (git-fixes). * block: Provide bdev_open_* functions (git-fixes). * block: Remove special-casing of compound pages (git-fixes). * block: Set memalloc_noio to false on device_add_disk() error path (git- fixes). * block: add a disk_has_partscan helper (git-fixes). * block: add a partscan sysfs attribute for disks (git-fixes). * block: add check of 'minors' and 'first_minor' in device_add_disk() (git- fixes). * block: avoid to reuse `hctx` not removed from cpuhp callback list (git- fixes). * block: change rq_integrity_vec to respect the iterator (git-fixes). * block: copy back bounce buffer to user-space correctly in case of split (git-fixes). * block: ensure we hold a queue reference when using queue limits (git-fixes). * block: fix and simplify blkdevparts= cmdline parsing (git-fixes). * block: fix bio_split_rw_at to take zone_write_granularity into account (git- fixes). * block: fix integer overflow in BLKSECDISCARD (git-fixes). * block: fix missing dispatching request when queue is started or unquiesced (git-fixes). * block: fix ordering between checking BLK_MQ_S_STOPPED request adding (git- fixes). * block: fix ordering between checking QUEUE_FLAG_QUIESCED request adding (git-fixes). * block: fix sanity checks in blk_rq_map_user_bvec (git-fixes). * block: propagate partition scanning errors to the BLKRRPART ioctl (git- fixes). * block: remove the blk_flush_integrity call in blk_integrity_unregister (git- fixes). * block: retry call probe after request_module in blk_request_module (git- fixes). * block: return unsigned int from bdev_io_min (git-fixes). * block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() (git-fixes). * block: support to account io_ticks precisely (git-fixes). * block: use the right type for stub rq_integrity_vec() (git-fixes). * bnxt_en: Fix possible memory leak when hwrm_req_replace fails (git-fixes). * bnxt_en: Refactor bnxt_ptp_init() (git-fixes). * bnxt_en: Unregister PTP during PCI shutdown and suspend (git-fixes). * btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1237232). * btrfs: fix extent map merging not happening for adjacent extents (bsc#1237232). * can: c_can: fix unbalanced runtime PM disable in error path (git-fixes). * can: ctucanfd: handle skb allocation failure (git-fixes). * can: etas_es58x: fix potential NULL pointer dereference on udev->serial (git-fixes). * can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (git-fixes). * chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes). * cifs: Fix parsing reparse point with native symlink in SMB1 non-UNICODE session (git-fixes). * cifs: Remove intermediate object of failed create reparse call (git-fixes). * cifs: commands that are retried should have replay flag set (bsc#1231432). * cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (bsc#1231432). * cifs: helper function to check replayable error codes (bsc#1231432). * cifs: new mount option called retrans (bsc#1231432). * cifs: open_cached_dir should not rely on primary channel (bsc#1231432). * cifs: open_cached_dir(): add FILE_READ_EA to desired access (git-fixes). * cifs: update desired access while requesting for directory lease (git- fixes). * cifs: update the same create_guid on replay (git-fixes). * clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe (git- fixes). * clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes). * clk: mediatek: mt2701-img: add missing dummy clk (git-fixes). * clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes). * clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe (git- fixes). * clk: qcom: clk-alpha-pll: fix alpha mode configuration (git-fixes). * clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (git-fixes). * clk: qcom: dispcc-sm6350: Add missing parent_map for a clock (git-fixes). * clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (git-fixes). * clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (git-fixes). * clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() (git-fixes). * clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes). * cpu/hotplug: Do not offline the last non-isolated CPU (bsc#1237562). * cpu/hotplug: Prevent self deadlock on CPU hot-unplug (bsc#1237562). * cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes). * cpufreq: imx6q: do not warn for disabling a non-existing frequency (git- fixes). * cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes). * cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes). * cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes). * cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes). * cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes). * cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes). * cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes). * cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes). * cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes). * cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is not available (git-fixes). * cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks (git-fixes). * cpufreq: s3c64xx: Fix compilation warning (stable-fixes). * crypto: hisilicon/sec2 - fix for aead icv error (git-fixes). * crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes). * crypto: hisilicon/sec2 - optimize the error return process (stable-fixes). * cxgb4: Avoid removal of uninserted tid (git-fixes). * cxgb4: use port number to set mac addr (git-fixes). * devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1237234). * dlm: fix srcu_read_lock() return type to int (git-fixes). * doc: update managed_irq documentation (bsc#1236897). * driver core: bus: add irq_get_affinity callback to bus_type (bsc#1236896). * drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor (stable-fixes). * drm/amd/pm: Mark MM activity as unsupported (stable-fixes). * drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (stable- fixes). * drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() (git-fixes). * drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes). * drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759). * drm/amdkfd: only flush the validate MES contex (stable-fixes). * drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT (stable- fixes). * drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes). * drm/bridge: it6505: fix HDCP CTS KSV list wait timer (stable-fixes). * drm/bridge: it6505: fix HDCP CTS compare V matching (stable-fixes). * drm/bridge: it6505: fix HDCP encryption when R0 ready (stable-fixes). * drm/i915/dp: Fix error handling during 128b/132b link training (stable- fixes). * drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes). * drm/i915/guc: Debug print LRC state entries only if the context is pinned (git-fixes). * drm/i915/pmu: Fix zero delta busyness issue (git-fixes). * drm/i915/selftests: avoid using uninitialized context (git-fixes). * drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (stable-fixes). * drm/i915: Fix page cleanup on DMA remap failure (git-fixes). * drm/i915: Make sure all planes in use by the joiner have their crtc included (stable-fixes). * drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes). * drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094) * drm/modeset: Handle tiled displays in pan_display_atomic (stable-fixes). * drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes). * drm/msm/dpu: Do not leak bits_per_component into random DSC_ENC fields (git- fixes). * drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER (stable-fixes). * drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (git-fixes). * drm/msm: Avoid rounding up to one jiffy (git-fixes). * drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes). * drm/rockchip: move output interface related definition to rockchip_drm_drv.h (stable-fixes). * drm/rockchip: vop2: Fix the windows switch between different layers (git- fixes). * drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes). * drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes). * drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable- fixes). * drm/virtio: New fence for every plane update (stable-fixes). * efi: Avoid cold plugged memory for placing the kernel (stable-fixes). * efi: libstub: Use '-std=gnu11' to fix build with GCC 15 (stable-fixes). * eth: gve: use appropriate helper to set xdp_features (git-fixes). * exfat: convert to ctime accessor functions (git-fixes). * exfat: fix file being changed by unaligned direct write (git-fixes). * exfat: fix zero the unwritten part for dio read (git-fixes). * fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes). * firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes). * futex: Do not include process MM in futex key on no-MMU (git-fixes). * gpio: bcm-kona: Add missing newline to dev_err format string (git-fixes). * gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (git-fixes). * gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (git- fixes). * gpio: pca953x: Improve interrupt support (git-fixes). * gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (git-fixes). * gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes). * gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes). * gup: make the stack expansion warning a bit more targeted (bsc#1238214). * hfs: Sanity check the root record (git-fixes). * i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (stable-fixes). * i2c: ls2x: Fix frequency division register access (git-fixes). * i2c: npcm: disable interrupt enable bit before devm_request_irq (git-fixes). * iavf: allow changing VLAN state without calling PF (git-fixes). * ice: Skip PTP HW writes during PTP reset procedure (git-fixes). * ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1237415). * ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1237415). * ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset (git- fixes). * ice: fix incorrect PHY settings for 100 GB/s (git-fixes). * ice: fix max values for dpll pin phase adjust (git-fixes). * ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1237415). * ice: gather page_count()'s of each frag right before XDP prog call (git- fixes). * ice: put Rx buffers after being done with current frame (git-fixes). * ice: stop storing XDP verdict within ice_rx_buf (git-fixes). * ice: use internal pf id instead of function number (git-fixes). * idpf: add read memory barrier when checking descriptor done bit (git-fixes). * idpf: call set_real_num_queues in idpf_open (bsc#1236661). * idpf: convert workqueues to unbound (git-fixes). * idpf: fix VF dynamic interrupt ctl register initialization (git-fixes). * idpf: fix handling rsc packet with a single segment (git-fixes). * igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes). * igc: Set buffer type for empty frames in igc_init_empty_frame (git-fixes). * igc: return early when failing to read EECD register (git-fixes). * iommu/arm-smmu-v3: Clean up more on probe failure (stable-fixes). * kabi: fix bus type (bsc#1236896). * kabi: fix group_cpus_evenly (bsc#1236897). * kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749). * kasan: do not call find_vm_area() in a PREEMPT_RT kernel (git-fixes). * kbuild: userprogs: fix bitsize and target detection on clang (git-fixes). * kernel-source: Also replace bin/env * lib/group_cpus: honor housekeeping config when grouping CPUs (bsc#1236897). * lib/group_cpus: let group_cpu_evenly return number initialized masks (bsc#1236897). * lib/iov_iter: fix import_iovec_ubuf iovec management (git-fixes). * lib: stackinit: hide never-taken branch from compiler (stable-fixes). * lockdep: Fix upper limit for LOCKDEP_*_BITS configs (stable-fixes). * lockdep: fix deadlock issue between lockdep and rcu (git-fixes). * locking/lockdep: Avoid creating new name string literals in lockdep_set_subclass() (git-fixes). * locking/rwsem: Add __always_inline annotation to __down_write_common() and inlined callers (git-fixes). * loop: do not set QUEUE_FLAG_NOMERGES (git-fixes). * md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes). * md/md-bitmap: add 'sync_size' into struct md_bitmap_stats (git-fixes). * md/md-bitmap: replace md_bitmap_status() with a new helper md_bitmap_get_stats() (git-fixes). * md/md-cluster: fix spares warnings for __le64 (git-fixes). * md/raid0: do not free conf on raid0_run failure (git-fixes). * md/raid1: do not free conf on raid0_run failure (git-fixes). * md/raid5: Wait sync io to finish before changing group cnt (git-fixes). * md: Do not flush sync_work in md_write_start() (git-fixes). * md: convert comma to semicolon (git-fixes). * media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes). * media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes). * media: uvcvideo: Add new quirk definition for the Sonix Technology Co. 292a camera (stable-fixes). * media: uvcvideo: Implement dual stream quirk to fix loss of usb packets (stable-fixes). * media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (stable-fixes). * mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (stable- fixes). * mmc: core: Respect quirk_max_rate for non-UHS SDIO card (stable-fixes). * mmc: mtk-sd: Fix register settings for hs400(es) mode (git-fixes). * mmc: sdhci-msm: Correctly set the load for the regulator (stable-fixes). * mptcp: export local_address (git-fixes) * mptcp: fix NL PM announced address accounting (git-fixes) * mptcp: fix data races on local_id (git-fixes) * mptcp: fix inconsistent state on fastopen race (bsc#1222672). * mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes) * mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes) * mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes) * mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git- fixes) * mptcp: pm: deny endp with signal + subflow + port (git-fixes) * mptcp: pm: do not ignore 'subflow' if 'signal' flag is also set (git-fixes) * mptcp: pm: do not try to create sf if alloc failed (git-fixes) * mptcp: pm: fullmesh: select the right ID later (git-fixes) * mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes) * mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes) * mptcp: pm: re-using ID of unused flushed subflows (git-fixes) * mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes) * mptcp: pm: re-using ID of unused removed subflows (git-fixes) * mptcp: pm: reduce indentation blocks (git-fixes) * mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes) * mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes) * mptcp: unify pm get_local_id interfaces (git-fixes) * mptcp: unify pm set_flags interfaces (git-fixes) * mtd: rawnand: cadence: fix error code in cadence_nand_init() (git-fixes). * mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (git-fixes). * mtd: rawnand: cadence: fix unchecked dereference (git-fixes). * mtd: rawnand: cadence: use dma_map_resource for sdma address (git-fixes). * nbd: Fix signal handling (git-fixes). * nbd: Improve the documentation of the locking assumptions (git-fixes). * nbd: do not allow reconnect after disconnect (git-fixes). * net/mlx5: Correct TASR typo into TSAR (git-fixes). * net/mlx5: Fix RDMA TX steering prio (git-fixes). * net/mlx5: Fix msix vectors to respect platform limit (bsc#1225981). * net/mlx5: SF, Fix add port error handling (git-fixes). * net/mlx5: Verify support for scheduling element and TSAR type (git-fixes). * net/mlx5e: Always start IPsec sequence number from 1 (git-fixes). * net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes). * net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes). * net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (bsc#1236994). * net: Fix undefined behavior in netdev name allocation (bsc#1233749). * net: avoid UAF on deleted altname (bsc#1233749). * net: check for altname conflicts when changing netdev's netns (bsc#1233749). * net: core: Use the bitmap API to allocate bitmaps (bsc#1233749). * net: do not send a MOVE event when netdev changes netns (bsc#1233749). * net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749). * net: fix ifname in netlink ntf during netns move (bsc#1233749). * net: fix removing a namespace with conflicting altnames (bsc#1233749). * net: free altname using an RCU callback (bsc#1233749). * net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749). * net: move altnames together with the netdevice (bsc#1233749). * net: reduce indentation of __dev_alloc_name() (bsc#1233749). * net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749). * net: remove else after return in dev_prep_valid_name() (bsc#1233749). * net: rose: lock the socket in rose_bind() (git-fixes). * net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (git-fixes). * net: smc: fix spurious error message from __sock_release() (bsc#1237126). * net: trust the bitmap in __dev_alloc_name() (bsc#1233749). * net: wwan: iosm: Fix hibernation by re-binding the driver around it (stable- fixes). * nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() (git-fixes). * null_blk: Do not allow runt zone with zone capacity smaller then zone size (git-fixes). * null_blk: Fix missing mutex_destroy() at module removal (git-fixes). * null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (git- fixes). * null_blk: Print correct max open zones limit in null_init_zoned_dev() (git- fixes). * null_blk: Remove usage of the deprecated ida_simple_xx() API (git-fixes). * null_blk: do not cap max_hw_sectors to BLK_DEF_MAX_SECTORS (git-fixes). * null_blk: fix validation of block size (git-fixes). * nvme-fc: use ctrl state getter (git-fixes). * nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (git-fixes). * nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (git-fixes). * nvme-pci: use block layer helpers to calculate num of queues (bsc#1236897). * nvme-tcp: fix connect failure on receiving partial ICResp PDU (git-fixes). * nvme/ioctl: add missing space in err message (git-fixes). * nvme: handle connectivity loss in nvme_set_queue_count (git-fixes). * nvme: make nvme_tls_attrs_group static (git-fixes). * nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896). * nvme: tcp: Fix compilation warning with W=1 (git-fixes). * nvmet: Fix crash when a namespace is disabled (git-fixes). * ocfs2: fix incorrect CPU endianness conversion causing mount failure (bsc#1236138). * padata: Clean up in padata_do_multithreaded() (bsc#1237563). * padata: Honor the caller's alignment in case of chunk_size 0 (bsc#1237563). * partitions: ldm: remove the initial kernel-doc notation (git-fixes). * phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (git-fixes). * phy: rockchip: naneng-combphy: compatible reset with old DT (git-fixes). * phy: tegra: xusb: reset VBUS & ID OVERRIDE (git-fixes). * pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware (git-fixes). * platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1237452). * platform/x86/intel-uncore-freq: Increase minor number support (bsc#1237452). * platform/x86/intel/tpmi: Add defines to get version information (bsc#1237452). * platform/x86: ISST: Ignore minor version change (bsc#1237452). * platform/x86: acer-wmi: Ignore AC events (stable-fixes). * platform/x86: int3472: Check for adev == NULL (stable-fixes). * power: supply: da9150-fg: fix potential overflow (git-fixes). * powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (bsc#1215199). * powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (bsc#1215199). * powerpc/code-patching: Disable KASAN report during patching via temporary mm (bsc#1215199). * powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (bsc#1215199). * powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid mode (ltc#210895 bsc#1235933 ltc#210896 bsc#1235932). * powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API (bsc#1236967 ltc#210988). * printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950). * rbd: do not assume RBD_LOCK_STATE_LOCKED for exclusive mappings (git-fixes). * rbd: do not assume rbd_is_lock_owner() for exclusive mappings (git-fixes). * rbd: do not move requests to the running list on errors (git-fixes). * rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (git-fixes). * regmap-irq: Add missing kfree() (git-fixes). * rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303) * s390/cio: rename bitmap_size() -> idset_bitmap_size() (git-fixes bsc#1236205). * s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes bsc#1237158). * s390/iucv: fix receive buffer virtual vs physical address confusion (git- fixes bsc#1236200). * s390/pci: Fix SR-IOV for PFs initially in standby (git-fixes bsc#1236752). * s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368). * s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (bsc#1236752). * s390/pci: Ignore RID for isolated VFs (bsc#1236752). * s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (git- fixes bsc#1238368). * s390/pci: Sort PCI functions prior to creating virtual busses (bsc#1236752). * s390/pci: Use topology ID for multi-function devices (bsc#1236752). * s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199). * s390/topology: Improve topology detection (bsc#1236591). * s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops (git-fixes bsc#1236203). * scripts/gdb: fix aarch64 userspace detection in get_current_task (stable- fixes). * scsi: core: Clear driver private data when retrying request (git-fixes). * scsi: core: Handle depopulation and restoration in progress (git-fixes). * scsi: lpfc: Copyright updates for 14.4.0.8 patches (bsc#1238347). * scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when pci_irq_vector() fails (bsc#1238347). * scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (bsc#1238347). * scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (bsc#1238347). * scsi: lpfc: Reduce log message generation during ELS ring clean up (bsc#1238347). * scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347). * scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896). * scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes). * scsi: use block layer helpers to calculate num of queues (bsc#1236897). * selftest: hugetlb_dio: fix test naming (git-fixes). * selftest: mm: Test if hugepage does not get leaked during __bio_release_pages() (git-fixes). * selftests/futex: pass _GNU_SOURCE without a value to the compiler (git- fixes). * selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (stable- fixes). * selftests: gpio: gpio-sim: Fix missing chip disablements (stable-fixes). * selftests: hugetlb_dio: check for initial conditions to skip in the start (git-fixes). * selftests: hugetlb_dio: fixup check for initial conditions to skip in the start (git-fixes). * selftests: mptcp: connect: -f: no reconnect (git-fixes). * selftests: rtnetlink: update netdevsim ipsec output format (stable-fixes). * serial: 8250: Fix fifo underflow on flush (git-fixes). * serial: sc16is7xx: use device_property APIs when configuring irda mode (stable-fixes). * smb3: fix creating FIFOs when mounting with "sfu" mount option (git-fixes). * smb3: request handle caching when caching directories (bsc#1231432). * smb3: retrying on failed server close (bsc#1231432). * smb: cached directories can be more than root file handle (bsc#1231432). * smb: cilent: set reparse mount points as automounts (git-fixes). * smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs() (git-fixes). * smb: client: Fix minor whitespace errors and warnings (git-fixes). * smb: client: Fix netns refcount imbalance causing leaks and use-after-free (git-fixes). * smb: client: add support for WSL reparse points (git-fixes). * smb: client: allow creating special files via reparse points (git-fixes). * smb: client: allow creating symlinks via reparse points (git-fixes). * smb: client: cleanup smb2_query_reparse_point() (git-fixes). * smb: client: do not query reparse points twice on symlinks (git-fixes). * smb: client: extend smb2_compound_op() to accept more commands (bsc#1231432). * smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432). * smb: client: fix OOB in smb2_query_reparse_point() (git-fixes). * smb: client: fix corruption in cifs_extend_writeback (bsc#1235609). * smb: client: fix double put of @cfile in smb2_rename_path() (git-fixes). * smb: client: fix double put of @cfile in smb2_set_path_size() (git-fixes). * smb: client: fix hardlinking of reparse points (git-fixes). * smb: client: fix missing mode bits for SMB symlinks (git-fixes). * smb: client: fix possible double free in smb2_set_ea() (git-fixes). * smb: client: fix potential broken compound request (git-fixes). * smb: client: fix renaming of reparse points (git-fixes). * smb: client: get rid of smb311_posix_query_path_info() (git-fixes). * smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED (git-fixes). * smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (git-fixes). * smb: client: handle path separator of created SMB symlinks (git-fixes). * smb: client: handle special files and symlinks in SMB3 POSIX (git-fixes). * smb: client: ignore unhandled reparse tags (git-fixes). * smb: client: implement ->query_reparse_point() for SMB1 (git-fixes). * smb: client: instantiate when creating SFU files (git-fixes). * smb: client: introduce ->parse_reparse_point() (git-fixes). * smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes). * smb: client: introduce cifs_sfu_make_node() (git-fixes). * smb: client: introduce reparse mount option (git-fixes). * smb: client: make smb2_compound_op() return resp buffer on success (bsc#1231432). * smb: client: move most of reparse point handling code to common file (git- fixes). * smb: client: move some params to cifs_open_info_data (bsc#1231432). * smb: client: optimise reparse point querying (git-fixes). * smb: client: parse owner/group when creating reparse points (git-fixes). * smb: client: parse reparse point flag in create response (bsc#1231432). * smb: client: parse uid, gid, mode and dev from WSL reparse points (git- fixes). * smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896). * smb: client: reduce number of parameters in smb2_compound_op() (git-fixes). * smb: client: reduce stack usage in smb2_query_info_compound() (bsc#1231432). * smb: client: reduce stack usage in smb2_query_reparse_point() (git-fixes). * smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432). * smb: client: retry compound request without reusing lease (git-fixes). * smb: client: return reparse type in /proc/mounts (git-fixes). * smb: client: reuse file lease key in compound operations (git-fixes). * smb: client: set correct d_type for reparse DFS/DFSR and mount point (git- fixes). * smb: client: set correct file type from NFS reparse points (git-fixes). * smb: client: stop revalidating reparse points unnecessarily (git-fixes). * smb: use kernel_connect() and kernel_bind() (git-fixes). * soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (stable-fixes). * soc/tegra: fuse: Update Tegra234 nvmem keepout list (stable-fixes). * soc: loongson: loongson2_guts: Add check for devm_kstrdup() (git-fixes). * soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (git-fixes). * soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes). * soc: qcom: socinfo: move SMEM item struct and defines to a header (git- fixes). * spi: atmel-qspi: Memory barriers after memory-mapped I/O (git-fixes). * spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families (stable-fixes). * spi: sn-f-ospi: Fix division by zero (git-fixes). * tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367). * tomoyo: do not emit warning in tomoyo_write_control() (stable-fixes). * tools: fix annoying "mkdir -p ..." logs when building tools in parallel (git-fixes). * ublk: fix error code for unsupported command (git-fixes). * ublk: fix ublk_ch_mmap() for 64K page size (git-fixes). * ublk: move ublk_cancel_dev() out of ub->mutex (git-fixes). * ublk: move zone report data out of request pdu (git-fixes). * usb: cdc-acm: Check control transfer buffer size before access (git-fixes). * usb: cdc-acm: Fix handling of oversized fragments (git-fixes). * usb: core: fix pipe creation for get_bMaxPacketSize0 (git-fixes). * usb: dwc2: gadget: remove of_node reference upon udc_stop (git-fixes). * usb: dwc3: Fix timeout issue during controller enter/exit from halt state (git-fixes). * usb: dwc3: core: Defer the probe until USB power supply ready (git-fixes). * usb: gadget: core: flush gadget workqueue after device removal (git-fixes). * usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue during MIDI bind retries (git-fixes). * usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (git-fixes). * usb: gadget: udc: renesas_usb3: Fix compiler warning (git-fixes). * usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device (git-fixes). * usb: roles: set switch registered flag early on (git-fixes). * usb: xhci: Fix NULL pointer dereference on certain command aborts (git- fixes). * usbnet: gl620a: fix endpoint checking in genelink_bind() (git-fixes). * usbnet: ipheth: document scope of NCM implementation (stable-fixes). * util_macros.h: fix/rework find_closest() macros (git-fixes). * vhost/net: Set num_buffers for virtio 1.0 (git-fixes). * virtio: blk/scsi: replace blk_mq_virtio_map_queues with blk_mq_map_hw_queues (bsc#1236896). * virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1236897). * virtio: hookup irq_get_affinity callback (bsc#1236896). * virtio_blk: reverse request order in virtio_queue_rqs (git-fixes). * wifi: ath12k: fix handling of 6 GHz rules (git-fixes). * wifi: brcmfmac: Check the return value of of_property_read_string_index() (stable-fixes). * wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (stable- fixes). * wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (stable-fixes). * wifi: iwlwifi: avoid memory leak (stable-fixes). * wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes). * wifi: mt76: mt7915: fix omac index assignment after hardware reset (git- fixes). * wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes). * wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH (stable-fixes). * wifi: rtw88: sdio: Fix disconnection after beacon loss (stable-fixes). * wifi: rtw89: add crystal_cap check to avoid setting as overflow value (stable-fixes). * x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes). * x86/asm: Make serialize() always_inline (git-fixes). * x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes). * x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes). * x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes). * x86/mm: Carve out INVLPG inline asm for use by others (git-fixes). * x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes). * x86/xen: allow larger contiguous memory regions in PV guests (git-fixes). * x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes). * xen/swiotlb: relax alignment requirements (git-fixes). * xhci: dbgtty: remove kfifo_out() wrapper (git-fixes). * zram: clear IDLE flag after recompression (git-fixes). * zram: clear IDLE flag in mark_idle() (git-fixes). * zram: do not mark idle slots that cannot be idle (git-fixes). * zram: fix potential UAF of zram table (git-fixes). * zram: fix uninitialized ZRAM not releasing backing device (git-fixes). * zram: refuse to use zero sized block device as backing device (git-fixes). * zram: split memory-tracking and ac-time tracking (git-fixes). * Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() (git- fixes). * Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() (git-fixes). * arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes) * arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git- fixes) * arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes) * bluetooth: btusb: Initialize .owner field of force_poll_sync_fops (git- fixes). * drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params (git-fixes). * drm/sched: Fix preprocessor guard (git-fixes). * exfat: do not zero the extended part (bsc#1237356). * exfat: fix appending discontinuous clusters to empty file (bsc#1237356). * exfat: fix timing of synchronizing bitmap and inode (bsc#1237356). * ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848 bsc#1230497). * initcall_blacklist: Does not allow kernel_lockdown be blacklisted (bsc#1237521). * mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git- fixes) * packaging: Turn gcc version into config.sh variable. * rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570) * scsi: core: Do not retry I/Os during depopulation (git-fixes). * scsi: hisi_sas: Allocate DFX memory during dump trigger (git-fixes). * scsi: hisi_sas: Directly call register snapshot instead of using workqueue (git-fixes). * scsi: hisi_sas: Enable all PHYs that are not disabled by user during controller reset (git-fixes). * scsi: hisi_sas: Fix a deadlock issue related to automatic dump (git-fixes). * scsi: hisi_sas: Remove redundant checks for automatic debugfs dump (git- fixes). * scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (git-fixes). * scsi: megaraid_sas: Fix for a potential deadlock (git-fixes). * scsi: mpi3mr: Fix possible crash when setting up bsg fails (git-fixes). * scsi: mpi3mr: Start controller indexing from 0 (git-fixes). * scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes). * scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (jsc#PED-11253). * scsi: myrb: Remove dead code (git-fixes). * scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes). * scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (git-fixes). * scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes). * scsi: sg: Enable runtime power management (git-fixes). * scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (git- fixes). * scsi: st: Do not modify unknown block number in MTIOCGET (git-fixes). * wifi: cfg80211: regulatory: improve invalid hints checking (git-fixes). * wifi: iwlwifi: limit printed string from FW file (git-fixes). * wifi: iwlwifi: mvm: do not try to talk to a dead firmware (git-fixes). * wifi: nl80211: reject cooked mode if it is set along with other flags (git- fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-856=1 openSUSE-SLE-15.6-2025-856=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-856=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-856=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-856=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-856=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2025-856=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-856=1 ## Package List: * openSUSE Leap 15.6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.42.1 * openSUSE Leap 15.6 (noarch) * kernel-macros-6.4.0-150600.23.42.1 * kernel-docs-html-6.4.0-150600.23.42.1 * kernel-source-6.4.0-150600.23.42.1 * kernel-devel-6.4.0-150600.23.42.1 * kernel-source-vanilla-6.4.0-150600.23.42.1 * openSUSE Leap 15.6 (nosrc ppc64le x86_64) * kernel-debug-6.4.0-150600.23.42.2 * openSUSE Leap 15.6 (ppc64le x86_64) * kernel-debug-debuginfo-6.4.0-150600.23.42.2 * kernel-debug-devel-debuginfo-6.4.0-150600.23.42.2 * kernel-debug-debugsource-6.4.0-150600.23.42.2 * kernel-debug-devel-6.4.0-150600.23.42.2 * openSUSE Leap 15.6 (x86_64) * kernel-kvmsmall-vdso-debuginfo-6.4.0-150600.23.42.2 * kernel-kvmsmall-vdso-6.4.0-150600.23.42.2 * kernel-debug-vdso-6.4.0-150600.23.42.2 * kernel-default-vdso-6.4.0-150600.23.42.2 * kernel-default-vdso-debuginfo-6.4.0-150600.23.42.2 * kernel-debug-vdso-debuginfo-6.4.0-150600.23.42.2 * openSUSE Leap 15.6 (aarch64 ppc64le x86_64) * kernel-default-base-rebuild-6.4.0-150600.23.42.2.150600.12.18.4 * kernel-kvmsmall-devel-6.4.0-150600.23.42.2 * kernel-kvmsmall-debugsource-6.4.0-150600.23.42.2 * kernel-kvmsmall-debuginfo-6.4.0-150600.23.42.2 * kernel-default-base-6.4.0-150600.23.42.2.150600.12.18.4 * kernel-kvmsmall-devel-debuginfo-6.4.0-150600.23.42.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kernel-default-extra-debuginfo-6.4.0-150600.23.42.2 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.42.2 * kernel-default-debugsource-6.4.0-150600.23.42.2 * cluster-md-kmp-default-6.4.0-150600.23.42.2 * kernel-default-optional-debuginfo-6.4.0-150600.23.42.2 * kernel-obs-build-6.4.0-150600.23.42.2 * dlm-kmp-default-debuginfo-6.4.0-150600.23.42.2 * reiserfs-kmp-default-6.4.0-150600.23.42.2 * kernel-obs-build-debugsource-6.4.0-150600.23.42.2 * dlm-kmp-default-6.4.0-150600.23.42.2 * kernel-default-devel-6.4.0-150600.23.42.2 * kselftests-kmp-default-6.4.0-150600.23.42.2 * kernel-default-optional-6.4.0-150600.23.42.2 * kernel-syms-6.4.0-150600.23.42.1 * kernel-default-debuginfo-6.4.0-150600.23.42.2 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.42.2 * kernel-obs-qa-6.4.0-150600.23.42.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.42.2 * kernel-default-livepatch-6.4.0-150600.23.42.2 * kernel-default-devel-debuginfo-6.4.0-150600.23.42.2 * kselftests-kmp-default-debuginfo-6.4.0-150600.23.42.2 * gfs2-kmp-default-6.4.0-150600.23.42.2 * kernel-default-extra-6.4.0-150600.23.42.2 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.42.2 * ocfs2-kmp-default-6.4.0-150600.23.42.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.42.2 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-6.4.0-150600.23.42.2 * kernel-livepatch-6_4_0-150600_23_42-default-debuginfo-1-150600.13.3.4 * kernel-livepatch-SLE15-SP6_Update_9-debugsource-1-150600.13.3.4 * kernel-livepatch-6_4_0-150600_23_42-default-1-150600.13.3.4 * openSUSE Leap 15.6 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-6.4.0-150600.23.42.2 * openSUSE Leap 15.6 (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.42.2 * openSUSE Leap 15.6 (s390x) * kernel-zfcpdump-debuginfo-6.4.0-150600.23.42.2 * kernel-zfcpdump-debugsource-6.4.0-150600.23.42.2 * openSUSE Leap 15.6 (nosrc) * dtb-aarch64-6.4.0-150600.23.42.1 * openSUSE Leap 15.6 (aarch64) * dtb-altera-6.4.0-150600.23.42.1 * dtb-sprd-6.4.0-150600.23.42.1 * dlm-kmp-64kb-debuginfo-6.4.0-150600.23.42.2 * dtb-hisilicon-6.4.0-150600.23.42.1 * dtb-apple-6.4.0-150600.23.42.1 * dtb-rockchip-6.4.0-150600.23.42.1 * dtb-arm-6.4.0-150600.23.42.1 * dtb-marvell-6.4.0-150600.23.42.1 * gfs2-kmp-64kb-6.4.0-150600.23.42.2 * kernel-64kb-debuginfo-6.4.0-150600.23.42.2 * kernel-64kb-extra-debuginfo-6.4.0-150600.23.42.2 * cluster-md-kmp-64kb-6.4.0-150600.23.42.2 * dtb-allwinner-6.4.0-150600.23.42.1 * dtb-broadcom-6.4.0-150600.23.42.1 * ocfs2-kmp-64kb-debuginfo-6.4.0-150600.23.42.2 * cluster-md-kmp-64kb-debuginfo-6.4.0-150600.23.42.2 * reiserfs-kmp-64kb-6.4.0-150600.23.42.2 * dtb-lg-6.4.0-150600.23.42.1 * ocfs2-kmp-64kb-6.4.0-150600.23.42.2 * kernel-64kb-optional-6.4.0-150600.23.42.2 * kselftests-kmp-64kb-debuginfo-6.4.0-150600.23.42.2 * dtb-qcom-6.4.0-150600.23.42.1 * gfs2-kmp-64kb-debuginfo-6.4.0-150600.23.42.2 * kernel-64kb-optional-debuginfo-6.4.0-150600.23.42.2 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.42.2 * dtb-xilinx-6.4.0-150600.23.42.1 * dtb-amazon-6.4.0-150600.23.42.1 * dtb-freescale-6.4.0-150600.23.42.1 * dtb-apm-6.4.0-150600.23.42.1 * kernel-64kb-debugsource-6.4.0-150600.23.42.2 * kernel-64kb-extra-6.4.0-150600.23.42.2 * dtb-cavium-6.4.0-150600.23.42.1 * dtb-amd-6.4.0-150600.23.42.1 * dlm-kmp-64kb-6.4.0-150600.23.42.2 * dtb-mediatek-6.4.0-150600.23.42.1 * dtb-nvidia-6.4.0-150600.23.42.1 * dtb-socionext-6.4.0-150600.23.42.1 * dtb-renesas-6.4.0-150600.23.42.1 * kselftests-kmp-64kb-6.4.0-150600.23.42.2 * dtb-amlogic-6.4.0-150600.23.42.1 * kernel-64kb-devel-6.4.0-150600.23.42.2 * dtb-exynos-6.4.0-150600.23.42.1 * reiserfs-kmp-64kb-debuginfo-6.4.0-150600.23.42.2 * openSUSE Leap 15.6 (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.42.2 * Basesystem Module 15-SP6 (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.42.2 * Basesystem Module 15-SP6 (aarch64) * kernel-64kb-debugsource-6.4.0-150600.23.42.2 * kernel-64kb-devel-6.4.0-150600.23.42.2 * kernel-64kb-debuginfo-6.4.0-150600.23.42.2 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.42.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.42.2 * Basesystem Module 15-SP6 (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-150600.23.42.2.150600.12.18.4 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-6.4.0-150600.23.42.2 * kernel-default-debugsource-6.4.0-150600.23.42.2 * kernel-default-debuginfo-6.4.0-150600.23.42.2 * kernel-default-devel-debuginfo-6.4.0-150600.23.42.2 * Basesystem Module 15-SP6 (noarch) * kernel-devel-6.4.0-150600.23.42.1 * kernel-macros-6.4.0-150600.23.42.1 * Basesystem Module 15-SP6 (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.42.2 * Basesystem Module 15-SP6 (s390x) * kernel-zfcpdump-debuginfo-6.4.0-150600.23.42.2 * kernel-zfcpdump-debugsource-6.4.0-150600.23.42.2 * Development Tools Module 15-SP6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.42.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-6.4.0-150600.23.42.2 * kernel-syms-6.4.0-150600.23.42.1 * kernel-obs-build-6.4.0-150600.23.42.2 * Development Tools Module 15-SP6 (noarch) * kernel-source-6.4.0-150600.23.42.1 * Legacy Module 15-SP6 (nosrc) * kernel-default-6.4.0-150600.23.42.2 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.42.2 * kernel-default-debugsource-6.4.0-150600.23.42.2 * reiserfs-kmp-default-6.4.0-150600.23.42.2 * kernel-default-debuginfo-6.4.0-150600.23.42.2 * SUSE Linux Enterprise Live Patching 15-SP6 (nosrc) * kernel-default-6.4.0-150600.23.42.2 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_9-debugsource-1-150600.13.3.4 * kernel-default-debugsource-6.4.0-150600.23.42.2 * kernel-default-livepatch-devel-6.4.0-150600.23.42.2 * kernel-default-livepatch-6.4.0-150600.23.42.2 * kernel-livepatch-6_4_0-150600_23_42-default-1-150600.13.3.4 * kernel-livepatch-6_4_0-150600_23_42-default-debuginfo-1-150600.13.3.4 * kernel-default-debuginfo-6.4.0-150600.23.42.2 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.42.2 * dlm-kmp-default-debuginfo-6.4.0-150600.23.42.2 * kernel-default-debugsource-6.4.0-150600.23.42.2 * cluster-md-kmp-default-6.4.0-150600.23.42.2 * gfs2-kmp-default-6.4.0-150600.23.42.2 * dlm-kmp-default-6.4.0-150600.23.42.2 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.42.2 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.42.2 * ocfs2-kmp-default-6.4.0-150600.23.42.2 * kernel-default-debuginfo-6.4.0-150600.23.42.2 * SUSE Linux Enterprise High Availability Extension 15 SP6 (nosrc) * kernel-default-6.4.0-150600.23.42.2 * SUSE Linux Enterprise Workstation Extension 15 SP6 (nosrc) * kernel-default-6.4.0-150600.23.42.2 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * kernel-default-extra-debuginfo-6.4.0-150600.23.42.2 * kernel-default-debugsource-6.4.0-150600.23.42.2 * kernel-default-debuginfo-6.4.0-150600.23.42.2 * kernel-default-extra-6.4.0-150600.23.42.2 ## References: * https://www.suse.com/security/cve/CVE-2023-52924.html * https://www.suse.com/security/cve/CVE-2023-52925.html * https://www.suse.com/security/cve/CVE-2024-26708.html * https://www.suse.com/security/cve/CVE-2024-26810.html * https://www.suse.com/security/cve/CVE-2024-40980.html * https://www.suse.com/security/cve/CVE-2024-41055.html * https://www.suse.com/security/cve/CVE-2024-44974.html * https://www.suse.com/security/cve/CVE-2024-45009.html * https://www.suse.com/security/cve/CVE-2024-45010.html * https://www.suse.com/security/cve/CVE-2024-47701.html * https://www.suse.com/security/cve/CVE-2024-49884.html * https://www.suse.com/security/cve/CVE-2024-49950.html * https://www.suse.com/security/cve/CVE-2024-50029.html * https://www.suse.com/security/cve/CVE-2024-50036.html * https://www.suse.com/security/cve/CVE-2024-50073.html * https://www.suse.com/security/cve/CVE-2024-50085.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-50142.html * https://www.suse.com/security/cve/CVE-2024-50185.html * https://www.suse.com/security/cve/CVE-2024-50294.html * https://www.suse.com/security/cve/CVE-2024-53123.html * https://www.suse.com/security/cve/CVE-2024-53147.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53176.html * https://www.suse.com/security/cve/CVE-2024-53177.html * https://www.suse.com/security/cve/CVE-2024-53178.html * https://www.suse.com/security/cve/CVE-2024-53226.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56568.html * https://www.suse.com/security/cve/CVE-2024-56579.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56633.html * https://www.suse.com/security/cve/CVE-2024-56647.html * https://www.suse.com/security/cve/CVE-2024-56720.html * https://www.suse.com/security/cve/CVE-2024-57889.html * https://www.suse.com/security/cve/CVE-2024-57948.html * https://www.suse.com/security/cve/CVE-2024-57994.html * https://www.suse.com/security/cve/CVE-2025-21636.html * https://www.suse.com/security/cve/CVE-2025-21637.html * https://www.suse.com/security/cve/CVE-2025-21638.html * https://www.suse.com/security/cve/CVE-2025-21639.html * https://www.suse.com/security/cve/CVE-2025-21640.html * https://www.suse.com/security/cve/CVE-2025-21647.html * https://www.suse.com/security/cve/CVE-2025-21665.html * https://www.suse.com/security/cve/CVE-2025-21667.html * https://www.suse.com/security/cve/CVE-2025-21668.html * https://www.suse.com/security/cve/CVE-2025-21673.html * https://www.suse.com/security/cve/CVE-2025-21680.html * https://www.suse.com/security/cve/CVE-2025-21681.html * https://www.suse.com/security/cve/CVE-2025-21684.html * https://www.suse.com/security/cve/CVE-2025-21687.html * https://www.suse.com/security/cve/CVE-2025-21688.html * https://www.suse.com/security/cve/CVE-2025-21689.html * https://www.suse.com/security/cve/CVE-2025-21690.html * https://www.suse.com/security/cve/CVE-2025-21692.html * https://www.suse.com/security/cve/CVE-2025-21697.html * https://www.suse.com/security/cve/CVE-2025-21699.html * https://www.suse.com/security/cve/CVE-2025-21700.html * https://www.suse.com/security/cve/CVE-2025-21705.html * https://www.suse.com/security/cve/CVE-2025-21715.html * https://www.suse.com/security/cve/CVE-2025-21716.html * https://www.suse.com/security/cve/CVE-2025-21719.html * https://www.suse.com/security/cve/CVE-2025-21724.html * https://www.suse.com/security/cve/CVE-2025-21725.html * https://www.suse.com/security/cve/CVE-2025-21728.html * https://www.suse.com/security/cve/CVE-2025-21767.html * https://www.suse.com/security/cve/CVE-2025-21790.html * https://www.suse.com/security/cve/CVE-2025-21795.html * https://www.suse.com/security/cve/CVE-2025-21799.html * https://www.suse.com/security/cve/CVE-2025-21802.html * https://bugzilla.suse.com/show_bug.cgi?id=1012628 * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1219367 * https://bugzilla.suse.com/show_bug.cgi?id=1222672 * https://bugzilla.suse.com/show_bug.cgi?id=1222803 * https://bugzilla.suse.com/show_bug.cgi?id=1225606 * https://bugzilla.suse.com/show_bug.cgi?id=1225742 * https://bugzilla.suse.com/show_bug.cgi?id=1225981 * https://bugzilla.suse.com/show_bug.cgi?id=1227937 * https://bugzilla.suse.com/show_bug.cgi?id=1228521 * https://bugzilla.suse.com/show_bug.cgi?id=1230235 * https://bugzilla.suse.com/show_bug.cgi?id=1230438 * https://bugzilla.suse.com/show_bug.cgi?id=1230439 * https://bugzilla.suse.com/show_bug.cgi?id=1230497 * https://bugzilla.suse.com/show_bug.cgi?id=1231432 * https://bugzilla.suse.com/show_bug.cgi?id=1231912 * https://bugzilla.suse.com/show_bug.cgi?id=1231920 * https://bugzilla.suse.com/show_bug.cgi?id=1231949 * https://bugzilla.suse.com/show_bug.cgi?id=1232159 * https://bugzilla.suse.com/show_bug.cgi?id=1232198 * https://bugzilla.suse.com/show_bug.cgi?id=1232201 * https://bugzilla.suse.com/show_bug.cgi?id=1232299 * https://bugzilla.suse.com/show_bug.cgi?id=1232508 * https://bugzilla.suse.com/show_bug.cgi?id=1232520 * https://bugzilla.suse.com/show_bug.cgi?id=1232919 * https://bugzilla.suse.com/show_bug.cgi?id=1233028 * https://bugzilla.suse.com/show_bug.cgi?id=1233109 * https://bugzilla.suse.com/show_bug.cgi?id=1233483 * https://bugzilla.suse.com/show_bug.cgi?id=1233749 * https://bugzilla.suse.com/show_bug.cgi?id=1234070 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234857 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234894 * https://bugzilla.suse.com/show_bug.cgi?id=1234895 * https://bugzilla.suse.com/show_bug.cgi?id=1234896 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1235032 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235435 * https://bugzilla.suse.com/show_bug.cgi?id=1235485 * https://bugzilla.suse.com/show_bug.cgi?id=1235592 * https://bugzilla.suse.com/show_bug.cgi?id=1235599 * https://bugzilla.suse.com/show_bug.cgi?id=1235609 * https://bugzilla.suse.com/show_bug.cgi?id=1235932 * https://bugzilla.suse.com/show_bug.cgi?id=1235933 * https://bugzilla.suse.com/show_bug.cgi?id=1236113 * https://bugzilla.suse.com/show_bug.cgi?id=1236114 * https://bugzilla.suse.com/show_bug.cgi?id=1236115 * https://bugzilla.suse.com/show_bug.cgi?id=1236122 * https://bugzilla.suse.com/show_bug.cgi?id=1236123 * https://bugzilla.suse.com/show_bug.cgi?id=1236133 * https://bugzilla.suse.com/show_bug.cgi?id=1236138 * https://bugzilla.suse.com/show_bug.cgi?id=1236199 * https://bugzilla.suse.com/show_bug.cgi?id=1236200 * https://bugzilla.suse.com/show_bug.cgi?id=1236203 * https://bugzilla.suse.com/show_bug.cgi?id=1236205 * https://bugzilla.suse.com/show_bug.cgi?id=1236573 * https://bugzilla.suse.com/show_bug.cgi?id=1236575 * https://bugzilla.suse.com/show_bug.cgi?id=1236576 * https://bugzilla.suse.com/show_bug.cgi?id=1236591 * https://bugzilla.suse.com/show_bug.cgi?id=1236661 * https://bugzilla.suse.com/show_bug.cgi?id=1236677 * https://bugzilla.suse.com/show_bug.cgi?id=1236681 * https://bugzilla.suse.com/show_bug.cgi?id=1236682 * https://bugzilla.suse.com/show_bug.cgi?id=1236684 * https://bugzilla.suse.com/show_bug.cgi?id=1236689 * https://bugzilla.suse.com/show_bug.cgi?id=1236700 * https://bugzilla.suse.com/show_bug.cgi?id=1236702 * https://bugzilla.suse.com/show_bug.cgi?id=1236752 * https://bugzilla.suse.com/show_bug.cgi?id=1236759 * https://bugzilla.suse.com/show_bug.cgi?id=1236821 * https://bugzilla.suse.com/show_bug.cgi?id=1236822 * https://bugzilla.suse.com/show_bug.cgi?id=1236896 * https://bugzilla.suse.com/show_bug.cgi?id=1236897 * https://bugzilla.suse.com/show_bug.cgi?id=1236952 * https://bugzilla.suse.com/show_bug.cgi?id=1236967 * https://bugzilla.suse.com/show_bug.cgi?id=1236994 * https://bugzilla.suse.com/show_bug.cgi?id=1237007 * https://bugzilla.suse.com/show_bug.cgi?id=1237017 * https://bugzilla.suse.com/show_bug.cgi?id=1237025 * https://bugzilla.suse.com/show_bug.cgi?id=1237028 * https://bugzilla.suse.com/show_bug.cgi?id=1237045 * https://bugzilla.suse.com/show_bug.cgi?id=1237126 * https://bugzilla.suse.com/show_bug.cgi?id=1237132 * https://bugzilla.suse.com/show_bug.cgi?id=1237139 * https://bugzilla.suse.com/show_bug.cgi?id=1237155 * https://bugzilla.suse.com/show_bug.cgi?id=1237158 * https://bugzilla.suse.com/show_bug.cgi?id=1237159 * https://bugzilla.suse.com/show_bug.cgi?id=1237232 * https://bugzilla.suse.com/show_bug.cgi?id=1237234 * https://bugzilla.suse.com/show_bug.cgi?id=1237325 * https://bugzilla.suse.com/show_bug.cgi?id=1237356 * https://bugzilla.suse.com/show_bug.cgi?id=1237415 * https://bugzilla.suse.com/show_bug.cgi?id=1237452 * https://bugzilla.suse.com/show_bug.cgi?id=1237504 * https://bugzilla.suse.com/show_bug.cgi?id=1237521 * https://bugzilla.suse.com/show_bug.cgi?id=1237558 * https://bugzilla.suse.com/show_bug.cgi?id=1237562 * https://bugzilla.suse.com/show_bug.cgi?id=1237563 * https://bugzilla.suse.com/show_bug.cgi?id=1237848 * https://bugzilla.suse.com/show_bug.cgi?id=1237849 * https://bugzilla.suse.com/show_bug.cgi?id=1237879 * https://bugzilla.suse.com/show_bug.cgi?id=1237889 * https://bugzilla.suse.com/show_bug.cgi?id=1237891 * https://bugzilla.suse.com/show_bug.cgi?id=1237901 * https://bugzilla.suse.com/show_bug.cgi?id=1237950 * https://bugzilla.suse.com/show_bug.cgi?id=1238214 * https://bugzilla.suse.com/show_bug.cgi?id=1238303 * https://bugzilla.suse.com/show_bug.cgi?id=1238347 * https://bugzilla.suse.com/show_bug.cgi?id=1238368 * https://bugzilla.suse.com/show_bug.cgi?id=1238509 * https://bugzilla.suse.com/show_bug.cgi?id=1238525 * https://bugzilla.suse.com/show_bug.cgi?id=1238570 * https://bugzilla.suse.com/show_bug.cgi?id=1238739 * https://bugzilla.suse.com/show_bug.cgi?id=1238751 * https://bugzilla.suse.com/show_bug.cgi?id=1238753 * https://bugzilla.suse.com/show_bug.cgi?id=1238759 * https://bugzilla.suse.com/show_bug.cgi?id=1238860 * https://bugzilla.suse.com/show_bug.cgi?id=1238863 * https://bugzilla.suse.com/show_bug.cgi?id=1238877 * https://jira.suse.com/browse/PED-10028 * https://jira.suse.com/browse/PED-11253 * https://jira.suse.com/browse/PED-12094 * https://jira.suse.com/browse/PED-348 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 13 16:32:03 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 13 Mar 2025 16:32:03 -0000 Subject: SUSE-SU-2025:0855-1: important: Security update for the Linux Kernel Message-ID: <174188352348.2010.15573639352941381570@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0855-1 Release Date: 2025-03-13T12:44:07Z Rating: important References: * bsc#1215420 * bsc#1224700 * bsc#1225742 * bsc#1232919 * bsc#1234853 * bsc#1234891 * bsc#1234963 * bsc#1235054 * bsc#1235061 * bsc#1235073 * bsc#1236757 * bsc#1236761 * bsc#1236821 * bsc#1237025 * bsc#1237028 * bsc#1237139 * bsc#1237768 * bsc#1238033 Cross-References: * CVE-2021-47633 * CVE-2022-49080 * CVE-2023-4244 * CVE-2023-52924 * CVE-2024-35949 * CVE-2024-50115 * CVE-2024-53173 * CVE-2024-53239 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56605 * CVE-2025-21690 * CVE-2025-21692 * CVE-2025-21699 CVSS scores: * CVE-2021-47633 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2021-47633 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-49080 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49080 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4244 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4244 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4244 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52924 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-52924 ( SUSE ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56548 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21690 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21690 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21692 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21692 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21692 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21699 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21699 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21699 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Manager Proxy 4.2 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Server 4.2 An update that solves 14 vulnerabilities and has four security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47633: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 (bsc#1237768). * CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700). * CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025). * CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028). * CVE-2025-21699: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (bsc#1237139). The following non-security bugs were fixed: * net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761). * net: netvsc: Update default VMBus channels (bsc#1236757). * scsi: storvsc: Handle SRB status value 0x30 (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-855=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-855=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2025-855=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-855=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-855=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-855=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-855=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-855=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-855=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-855=1 ## Package List: * openSUSE Leap 15.3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.198.1 * openSUSE Leap 15.3 (noarch) * kernel-source-5.3.18-150300.59.198.1 * kernel-macros-5.3.18-150300.59.198.1 * kernel-devel-5.3.18-150300.59.198.1 * kernel-source-vanilla-5.3.18-150300.59.198.1 * kernel-docs-html-5.3.18-150300.59.198.1 * openSUSE Leap 15.3 (nosrc ppc64le x86_64) * kernel-kvmsmall-5.3.18-150300.59.198.1 * kernel-debug-5.3.18-150300.59.198.1 * openSUSE Leap 15.3 (ppc64le x86_64) * kernel-kvmsmall-debugsource-5.3.18-150300.59.198.1 * kernel-debug-debugsource-5.3.18-150300.59.198.1 * kernel-kvmsmall-devel-5.3.18-150300.59.198.1 * kernel-debug-debuginfo-5.3.18-150300.59.198.1 * kernel-debug-devel-5.3.18-150300.59.198.1 * kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.198.1 * kernel-debug-devel-debuginfo-5.3.18-150300.59.198.1 * kernel-kvmsmall-debuginfo-5.3.18-150300.59.198.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.198.1 * kernel-default-optional-5.3.18-150300.59.198.1 * cluster-md-kmp-default-5.3.18-150300.59.198.1 * dlm-kmp-default-5.3.18-150300.59.198.1 * kernel-default-livepatch-5.3.18-150300.59.198.1 * ocfs2-kmp-default-5.3.18-150300.59.198.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.198.1 * kernel-default-extra-5.3.18-150300.59.198.1 * kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 * kernel-default-extra-debuginfo-5.3.18-150300.59.198.1 * kernel-default-optional-debuginfo-5.3.18-150300.59.198.1 * kernel-obs-build-5.3.18-150300.59.198.1 * kernel-default-debuginfo-5.3.18-150300.59.198.1 * kselftests-kmp-default-5.3.18-150300.59.198.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.198.1 * kernel-syms-5.3.18-150300.59.198.1 * kernel-default-base-rebuild-5.3.18-150300.59.198.1.150300.18.118.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.198.1 * kernel-default-debugsource-5.3.18-150300.59.198.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.198.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.198.1 * kernel-default-devel-5.3.18-150300.59.198.1 * gfs2-kmp-default-5.3.18-150300.59.198.1 * reiserfs-kmp-default-5.3.18-150300.59.198.1 * kernel-obs-build-debugsource-5.3.18-150300.59.198.1 * kselftests-kmp-default-debuginfo-5.3.18-150300.59.198.1 * kernel-obs-qa-5.3.18-150300.59.198.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.198.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.3.18-150300.59.198.1 * kernel-livepatch-5_3_18-150300_59_198-default-debuginfo-1-150300.7.3.1 * kernel-livepatch-SLE15-SP3_Update_55-debugsource-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_198-default-1-150300.7.3.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_198-preempt-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_198-preempt-debuginfo-1-150300.7.3.1 * openSUSE Leap 15.3 (aarch64 x86_64) * kernel-preempt-optional-debuginfo-5.3.18-150300.59.198.1 * dlm-kmp-preempt-5.3.18-150300.59.198.1 * dlm-kmp-preempt-debuginfo-5.3.18-150300.59.198.1 * kernel-preempt-debuginfo-5.3.18-150300.59.198.1 * kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.198.1 * reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.198.1 * kernel-preempt-devel-5.3.18-150300.59.198.1 * ocfs2-kmp-preempt-5.3.18-150300.59.198.1 * reiserfs-kmp-preempt-5.3.18-150300.59.198.1 * gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.198.1 * cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.198.1 * kernel-preempt-debugsource-5.3.18-150300.59.198.1 * kernel-preempt-extra-debuginfo-5.3.18-150300.59.198.1 * kselftests-kmp-preempt-5.3.18-150300.59.198.1 * ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.198.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.198.1 * kernel-preempt-optional-5.3.18-150300.59.198.1 * cluster-md-kmp-preempt-5.3.18-150300.59.198.1 * gfs2-kmp-preempt-5.3.18-150300.59.198.1 * kernel-preempt-extra-5.3.18-150300.59.198.1 * openSUSE Leap 15.3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.198.1 * openSUSE Leap 15.3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.198.1 * openSUSE Leap 15.3 (s390x) * kernel-zfcpdump-debuginfo-5.3.18-150300.59.198.1 * kernel-zfcpdump-debugsource-5.3.18-150300.59.198.1 * openSUSE Leap 15.3 (nosrc) * dtb-aarch64-5.3.18-150300.59.198.1 * openSUSE Leap 15.3 (aarch64) * dtb-arm-5.3.18-150300.59.198.1 * ocfs2-kmp-64kb-5.3.18-150300.59.198.1 * kernel-64kb-optional-debuginfo-5.3.18-150300.59.198.1 * dtb-freescale-5.3.18-150300.59.198.1 * dlm-kmp-64kb-debuginfo-5.3.18-150300.59.198.1 * dtb-al-5.3.18-150300.59.198.1 * dlm-kmp-64kb-5.3.18-150300.59.198.1 * dtb-exynos-5.3.18-150300.59.198.1 * dtb-hisilicon-5.3.18-150300.59.198.1 * cluster-md-kmp-64kb-5.3.18-150300.59.198.1 * cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.198.1 * gfs2-kmp-64kb-5.3.18-150300.59.198.1 * dtb-marvell-5.3.18-150300.59.198.1 * kselftests-kmp-64kb-5.3.18-150300.59.198.1 * kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.198.1 * kernel-64kb-debugsource-5.3.18-150300.59.198.1 * kernel-64kb-extra-debuginfo-5.3.18-150300.59.198.1 * kernel-64kb-optional-5.3.18-150300.59.198.1 * dtb-nvidia-5.3.18-150300.59.198.1 * kernel-64kb-devel-5.3.18-150300.59.198.1 * dtb-renesas-5.3.18-150300.59.198.1 * dtb-altera-5.3.18-150300.59.198.1 * dtb-lg-5.3.18-150300.59.198.1 * dtb-qcom-5.3.18-150300.59.198.1 * reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.198.1 * dtb-allwinner-5.3.18-150300.59.198.1 * dtb-zte-5.3.18-150300.59.198.1 * dtb-amlogic-5.3.18-150300.59.198.1 * dtb-xilinx-5.3.18-150300.59.198.1 * kernel-64kb-debuginfo-5.3.18-150300.59.198.1 * dtb-apm-5.3.18-150300.59.198.1 * ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.198.1 * dtb-broadcom-5.3.18-150300.59.198.1 * dtb-amd-5.3.18-150300.59.198.1 * kernel-64kb-extra-5.3.18-150300.59.198.1 * gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.198.1 * dtb-cavium-5.3.18-150300.59.198.1 * dtb-mediatek-5.3.18-150300.59.198.1 * reiserfs-kmp-64kb-5.3.18-150300.59.198.1 * dtb-socionext-5.3.18-150300.59.198.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.198.1 * dtb-sprd-5.3.18-150300.59.198.1 * dtb-rockchip-5.3.18-150300.59.198.1 * openSUSE Leap 15.3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Live Patching 15-SP3 (nosrc) * kernel-default-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_198-default-1-150300.7.3.1 * kernel-default-debugsource-5.3.18-150300.59.198.1 * kernel-default-livepatch-devel-5.3.18-150300.59.198.1 * kernel-default-livepatch-5.3.18-150300.59.198.1 * kernel-default-debuginfo-5.3.18-150300.59.198.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * ocfs2-kmp-default-5.3.18-150300.59.198.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.198.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.198.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.198.1 * cluster-md-kmp-default-5.3.18-150300.59.198.1 * gfs2-kmp-default-5.3.18-150300.59.198.1 * kernel-default-debugsource-5.3.18-150300.59.198.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.198.1 * dlm-kmp-default-5.3.18-150300.59.198.1 * kernel-default-debuginfo-5.3.18-150300.59.198.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc) * kernel-default-5.3.18-150300.59.198.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.198.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64) * kernel-64kb-debugsource-5.3.18-150300.59.198.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.198.1 * kernel-64kb-debuginfo-5.3.18-150300.59.198.1 * kernel-64kb-devel-5.3.18-150300.59.198.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.198.1 * kernel-default-5.3.18-150300.59.198.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * kernel-preempt-debuginfo-5.3.18-150300.59.198.1 * kernel-default-devel-5.3.18-150300.59.198.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.198.1 * kernel-syms-5.3.18-150300.59.198.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.198.1 * kernel-preempt-devel-5.3.18-150300.59.198.1 * reiserfs-kmp-default-5.3.18-150300.59.198.1 * kernel-default-debugsource-5.3.18-150300.59.198.1 * kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 * kernel-preempt-debugsource-5.3.18-150300.59.198.1 * kernel-obs-build-debugsource-5.3.18-150300.59.198.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.198.1 * kernel-obs-build-5.3.18-150300.59.198.1 * kernel-default-debuginfo-5.3.18-150300.59.198.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.198.1 * kernel-devel-5.3.18-150300.59.198.1 * kernel-macros-5.3.18-150300.59.198.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64) * kernel-64kb-debugsource-5.3.18-150300.59.198.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.198.1 * kernel-64kb-debuginfo-5.3.18-150300.59.198.1 * kernel-64kb-devel-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-devel-5.3.18-150300.59.198.1 * kernel-syms-5.3.18-150300.59.198.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.198.1 * kernel-default-debugsource-5.3.18-150300.59.198.1 * kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 * reiserfs-kmp-default-5.3.18-150300.59.198.1 * kernel-obs-build-debugsource-5.3.18-150300.59.198.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.198.1 * kernel-obs-build-5.3.18-150300.59.198.1 * kernel-default-debuginfo-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * kernel-source-5.3.18-150300.59.198.1 * kernel-devel-5.3.18-150300.59.198.1 * kernel-macros-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch nosrc) * kernel-docs-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 x86_64) * kernel-preempt-debuginfo-5.3.18-150300.59.198.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.198.1 * kernel-preempt-devel-5.3.18-150300.59.198.1 * kernel-preempt-debugsource-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x) * kernel-zfcpdump-debuginfo-5.3.18-150300.59.198.1 * kernel-zfcpdump-debugsource-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * kernel-default-devel-5.3.18-150300.59.198.1 * kernel-syms-5.3.18-150300.59.198.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.198.1 * kernel-default-debugsource-5.3.18-150300.59.198.1 * kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 * reiserfs-kmp-default-5.3.18-150300.59.198.1 * kernel-obs-build-debugsource-5.3.18-150300.59.198.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.198.1 * kernel-obs-build-5.3.18-150300.59.198.1 * kernel-default-debuginfo-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.198.1 * kernel-devel-5.3.18-150300.59.198.1 * kernel-macros-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64) * kernel-preempt-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * kernel-preempt-debuginfo-5.3.18-150300.59.198.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.198.1 * kernel-preempt-devel-5.3.18-150300.59.198.1 * kernel-preempt-debugsource-5.3.18-150300.59.198.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.198.1 * SUSE Enterprise Storage 7.1 (aarch64) * kernel-64kb-debugsource-5.3.18-150300.59.198.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.198.1 * kernel-64kb-debuginfo-5.3.18-150300.59.198.1 * kernel-64kb-devel-5.3.18-150300.59.198.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.198.1 * kernel-default-5.3.18-150300.59.198.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * kernel-preempt-debuginfo-5.3.18-150300.59.198.1 * kernel-default-devel-5.3.18-150300.59.198.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.198.1 * kernel-syms-5.3.18-150300.59.198.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.198.1 * kernel-preempt-devel-5.3.18-150300.59.198.1 * reiserfs-kmp-default-5.3.18-150300.59.198.1 * kernel-default-debugsource-5.3.18-150300.59.198.1 * kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 * kernel-preempt-debugsource-5.3.18-150300.59.198.1 * kernel-obs-build-debugsource-5.3.18-150300.59.198.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.198.1 * kernel-obs-build-5.3.18-150300.59.198.1 * kernel-default-debuginfo-5.3.18-150300.59.198.1 * SUSE Enterprise Storage 7.1 (noarch) * kernel-source-5.3.18-150300.59.198.1 * kernel-devel-5.3.18-150300.59.198.1 * kernel-macros-5.3.18-150300.59.198.1 * SUSE Enterprise Storage 7.1 (noarch nosrc) * kernel-docs-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * kernel-default-debugsource-5.3.18-150300.59.198.1 * kernel-default-debuginfo-5.3.18-150300.59.198.1 * kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * kernel-default-debugsource-5.3.18-150300.59.198.1 * kernel-default-debuginfo-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.198.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.198.1.150300.18.118.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * kernel-default-debugsource-5.3.18-150300.59.198.1 * kernel-default-debuginfo-5.3.18-150300.59.198.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47633.html * https://www.suse.com/security/cve/CVE-2022-49080.html * https://www.suse.com/security/cve/CVE-2023-4244.html * https://www.suse.com/security/cve/CVE-2023-52924.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2025-21690.html * https://www.suse.com/security/cve/CVE-2025-21692.html * https://www.suse.com/security/cve/CVE-2025-21699.html * https://bugzilla.suse.com/show_bug.cgi?id=1215420 * https://bugzilla.suse.com/show_bug.cgi?id=1224700 * https://bugzilla.suse.com/show_bug.cgi?id=1225742 * https://bugzilla.suse.com/show_bug.cgi?id=1232919 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1236757 * https://bugzilla.suse.com/show_bug.cgi?id=1236761 * https://bugzilla.suse.com/show_bug.cgi?id=1236821 * https://bugzilla.suse.com/show_bug.cgi?id=1237025 * https://bugzilla.suse.com/show_bug.cgi?id=1237028 * https://bugzilla.suse.com/show_bug.cgi?id=1237139 * https://bugzilla.suse.com/show_bug.cgi?id=1237768 * https://bugzilla.suse.com/show_bug.cgi?id=1238033 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 13 20:30:20 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 13 Mar 2025 20:30:20 -0000 Subject: SUSE-SU-2025:0858-1: important: Security update for rubygem-rack-1_6 Message-ID: <174189782014.2308.8461447221053401898@smelt2.prg2.suse.org> # Security update for rubygem-rack-1_6 Announcement ID: SUSE-SU-2025:0858-1 Release Date: 2025-03-13T17:58:53Z Rating: important References: * bsc#1237141 * bsc#1239298 Cross-References: * CVE-2025-25184 * CVE-2025-27610 CVSS scores: * CVE-2025-25184 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-25184 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-25184 ( NVD ): 5.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-27610 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-27610 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-27610 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.6 An update that solves two vulnerabilities can now be installed. ## Description: This update for rubygem-rack-1_6 fixes the following issues: * CVE-2025-27610: Fixed improper sanitization of user-supplied paths when serving files leading to local file inclusion (bsc#1239298). * CVE-2025-25184: Fixed Rack::CommonLogger log entry manipulation (bsc#1237141). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-858=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-1_6-1.6.8-150000.3.3.1 * ruby2.5-rubygem-rack-testsuite-1_6-1.6.8-150000.3.3.1 * ruby2.5-rubygem-rack-doc-1_6-1.6.8-150000.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-25184.html * https://www.suse.com/security/cve/CVE-2025-27610.html * https://bugzilla.suse.com/show_bug.cgi?id=1237141 * https://bugzilla.suse.com/show_bug.cgi?id=1239298 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 13 20:30:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 13 Mar 2025 20:30:25 -0000 Subject: SUSE-SU-2025:0857-1: important: Security update for build Message-ID: <174189782513.2308.16668887775728561425@smelt2.prg2.suse.org> # Security update for build Announcement ID: SUSE-SU-2025:0857-1 Release Date: 2025-03-13T17:58:42Z Rating: important References: * bsc#1217269 * bsc#1230469 Cross-References: * CVE-2024-22038 CVSS scores: * CVE-2024-22038 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-22038 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H * CVE-2024-22038 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-22038 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for build fixes the following issues: \- CVE-2024-22038: Fixed DoS attacks, information leaks with crafted Git repositories (bnc#1230469) Other fixes: \- Fixed behaviour when using "\--shell" aka "osc shell" option in a VM build. Startup is faster and permissions stay intact now. * fixes for POSIX compatibility for obs-docker-support adn mkbaselibs * Add support for apk in docker/podman builds * Add support for 'wget' in Docker images * Fix debian support for Dockerfile builds * Fix preinstallimages in containers * mkosi: add back system-packages used by build-recipe directly * pbuild: parse the Release files for debian repos * mkosi: drop most systemd/build-packages deps and use obs_scm directory as source if present * improve source copy handling * Introduce --repos-directory and --containers-directory options * productcompose: support of building against a baseiso * preinstallimage: avoid inclusion of build script generated files * preserve timestamps on sources copy-in for kiwi and productcompose * alpine package support updates * tumbleweed config update * debian: Support installation of foreign architecture packages (required for armv7l setups) * Parse unknown timezones as UTC * Apk (Alpine Linux) format support added * Implement default value in parameter expansion * Also support supplements that use & as "and" * Add workaround for skopeo's argument parser * add cap-htm=off on power9 * Fixed usage of chown calls * Remove leading `go` from `purl` locators * container related: * Implement support for the new element in kiwi recipes * Fixes for SBOM and dependencies of multi stage container builds * obs-docker-support: enable dnf and yum substitutions * Arch Linux: * fix file path for Arch repo * exclude unsupported arch * Use root as download user * build-vm-qemu: force sv48 satp mode on riscv64 * mkosi: * Create .sha256 files after mkosi builds * Always pass --image-version to mkosi * General improvements and bugfixes (mkosi, pbuild, appimage/livebuild, obs work detection, documention, SBOM) * Support slsa v1 in unpack_slsa_provenance * generate_sbom: do not clobber spdx supplier * Harden export_debian_orig_from_git (bsc#1230469) * SBOM generation: * Adding golang introspection support * Adding rust binary introspection support * Keep track of unknwon licenses and add a "hasExtractedLicensingInfos" section * Also normalize licenses for cyclonedx * Make generate_sbom errors fatal * general improvements * Fix noprep building not working because the buildir is removed * kiwi image: also detect a debian build if /var/lib/dpkg/status is present * Do not use the Encode module to convert a code point to utf8 * Fix personality syscall number for riscv * add more required recommendations for KVM builds * set PACKAGER field in build-recipe-arch * fix writing _modulemd.yaml * pbuild: support --release and --baselibs option * container: * copy base container information from the annotation into the containerinfo * track base containers over multiple stages * always put the base container last in the dependencies * providing fileprovides in createdirdeps tool * Introduce buildflag nochecks * productcompose: support **all** option * config update: tumbleweed using preinstallexpand * minor improvements * tumbleweed build config update * support the %load macro * improve container filename generation (docker) * fix hanging curl calls during build (docker) * productcompose: fix milestone query * tumbleweed build config update * 15.6 build config fixes * sourcerpm & sourcedep handling fixes * productcompose: * Fix milestone handling * Support bcntsynctag * Adding debian support to generate_sbom * Add syscall for personality switch on loongarch64 kernel * vm-build: ext3 & ext4: fix disk space allocation * mkosi format updates, not fully working yet * pbuild exception fixes * Fixes for current fedora and centos distros * Don't copy original dsc sources if OBS-DCH-RELEASE set * Unbreak parsing of sources/patches * Support ForceMultiVersion in the dockerfile parser * Support %bcond of rpm 4.17.1 * Add a hack for systemd 255.3, creating an empty /etc/os-release if missing after preinstall. * docker: Fix HEAD request in dummyhttpserver * pbuild: Make docker-nobasepackages expand flag the default * rpm: Support a couple of builtin rpm macros * rpm: Implement argument expansion for define/with/bcond... * Fix multiline macro handling * Accept -N parameter of %autosetup * documentation updates * various code cleanup and speedup work. * ProductCompose: multiple improvements * Add buildflags:define_specfile support * Fix copy-in of git subdirectory sources * pbuild: Speed up XML parsing * pubild: product compose support * generate_sbom: add help option * podman: enforce runtime=runc * Implement direct conflicts from the distro config * changelog2spec: fix time zone handling * Do not unmount /proc/sys/fs/binfmt_misc before runnint the check scripts * spec file cleanup * documentation updates * productcompose: * support schema 0.1 * support milestones * Leap 15.6 config * SLE 15 SP6 config * productcompose: follow incompatible flavor syntax change * pbuild: support for zstd * fixed handling for cmdline parameters via kernel packages * productcompose: * BREAKING: support new schema * adapt flavor architecture parsing * productcompose: * support filtered package lists * support default architecture listing * fix copy in binaries in VM builds^ * obsproduct build type got renamed to productcompose * Support zstd compressed rpm-md meta data (bsc#1217269) * Added Debian 12 configuration * First ObsProduct build format support * fix SLE 15 SP5 build configuration * Improve user agent handling for obs repositories * Docker: * Support flavor specific build descriptions via Dockerfile.$flavor * support "PlusRecommended" hint to also provide recommended packages * use the name/version as filename if both are known * Produce docker format containers by default * pbuild: Support for signature authentification of OBS resources * Fix wiping build root for --vm-type podman * Put BUILD_RELEASE and BUILD_CHANGELOG_TIMESTAMP in the /.buildenv * build-vm-kvm: use -cpu host on riscv64 * small fixes and cleanups * Added parser for BcntSyncTag in sources * pbuild: * fix dependency expansion for build types other than spec * Reworked cycle handling code * add --extra-packs option * add debugflags option * Pass-through --buildtool-opt * Parse Patch and Source lines more accurately * fix tunefs functionality * minor bugfixes * \--vm-type=podman added (supports also root-less builds) * Also support build constraints in the Dockerfile * minor fixes * Add SUSE ALP build config * BREAKING: Record errors when parsing the project config former behaviour was undefined * container: Support compression format configuration option * Don't setup ccache with --no-init * improved loongarch64 support * sbom: SPDX supplier tag added * kiwi: support different versions per profile * preinstallimage: fail when recompression fails * Add support for recommends and supplements dependencies * Support the "keepfilerequires" expand flag * add '\--buildtool-opt=OPTIONS' to pass options to the used build tool * distro config updates * ArchLinux * Tumbleweed * documentation updates * openSUSE Tumbleweed: sync config and move to suse_version 1699. * universal post-build hook, just place a file in /usr/lib/build/post_build.d/ * mkbaselibs/hwcaps, fix pattern name once again (x86_64_v3) * KiwiProduct: add --use-newest-package hint if the option is set * Dockerfile support: * export multibuild flavor as argument * allow parameters in FROM .. scratch lines * include OS name in build result if != linux * Workaround directory->symlink usrmerge problems for cross arch sysroot * multiple fixes for SBOM support * KIWI VM image SBOM support added ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-857=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-857=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-857=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-857=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-857=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-857=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-857=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-857=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-857=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-857=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-857=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-857=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-857=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-857=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * build-mkbaselibs-20250306-150200.19.1 * build-20250306-150200.19.1 * SUSE Enterprise Storage 7.1 (noarch) * build-mkbaselibs-20250306-150200.19.1 * build-20250306-150200.19.1 * openSUSE Leap 15.6 (noarch) * build-mkbaselibs-20250306-150200.19.1 * build-initvm-x86_64-20250306-150200.19.1 * build-initvm-aarch64-20250306-150200.19.1 * build-initvm-s390x-20250306-150200.19.1 * build-mkdrpms-20250306-150200.19.1 * build-initvm-powerpc64le-20250306-150200.19.1 * build-20250306-150200.19.1 * Development Tools Module 15-SP6 (noarch) * build-mkbaselibs-20250306-150200.19.1 * build-20250306-150200.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * build-mkbaselibs-20250306-150200.19.1 * build-20250306-150200.19.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * build-mkbaselibs-20250306-150200.19.1 * build-20250306-150200.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * build-mkbaselibs-20250306-150200.19.1 * build-20250306-150200.19.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * build-mkbaselibs-20250306-150200.19.1 * build-20250306-150200.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * build-mkbaselibs-20250306-150200.19.1 * build-20250306-150200.19.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * build-mkbaselibs-20250306-150200.19.1 * build-20250306-150200.19.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * build-mkbaselibs-20250306-150200.19.1 * build-20250306-150200.19.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * build-mkbaselibs-20250306-150200.19.1 * build-20250306-150200.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * build-mkbaselibs-20250306-150200.19.1 * build-20250306-150200.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * build-mkbaselibs-20250306-150200.19.1 * build-20250306-150200.19.1 ## References: * https://www.suse.com/security/cve/CVE-2024-22038.html * https://bugzilla.suse.com/show_bug.cgi?id=1217269 * https://bugzilla.suse.com/show_bug.cgi?id=1230469 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 14 12:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 14 Mar 2025 12:30:08 -0000 Subject: SUSE-SU-2025:0869-1: low: Security update for python Message-ID: <174195540839.12423.6117386390891818043@smelt2.prg2.suse.org> # Security update for python Announcement ID: SUSE-SU-2025:0869-1 Release Date: 2025-03-14T10:42:34Z Rating: low References: * bsc#1233307 Cross-References: * CVE-2024-11168 CVSS scores: * CVE-2024-11168 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-11168 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python fixes the following issues: * CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses (bsc#1233307). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-869=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * python-debugsource-2.7.18-33.47.1 * python-devel-2.7.18-33.47.1 * python-gdbm-2.7.18-33.47.1 * python-tk-2.7.18-33.47.1 * libpython2_7-1_0-32bit-2.7.18-33.47.1 * python-base-debuginfo-32bit-2.7.18-33.47.1 * python-tk-debuginfo-2.7.18-33.47.1 * python-base-2.7.18-33.47.1 * python-debuginfo-2.7.18-33.47.1 * libpython2_7-1_0-debuginfo-2.7.18-33.47.1 * python-demo-2.7.18-33.47.1 * python-base-32bit-2.7.18-33.47.1 * python-curses-2.7.18-33.47.1 * libpython2_7-1_0-2.7.18-33.47.1 * python-curses-debuginfo-2.7.18-33.47.1 * python-xml-debuginfo-2.7.18-33.47.1 * python-32bit-2.7.18-33.47.1 * python-base-debugsource-2.7.18-33.47.1 * python-2.7.18-33.47.1 * python-base-debuginfo-2.7.18-33.47.1 * python-idle-2.7.18-33.47.1 * python-gdbm-debuginfo-2.7.18-33.47.1 * libpython2_7-1_0-debuginfo-32bit-2.7.18-33.47.1 * python-debuginfo-32bit-2.7.18-33.47.1 * python-xml-2.7.18-33.47.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * python-doc-pdf-2.7.18-33.47.1 * python-doc-2.7.18-33.47.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11168.html * https://bugzilla.suse.com/show_bug.cgi?id=1233307 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 14 12:30:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 14 Mar 2025 12:30:11 -0000 Subject: SUSE-SU-2025:0868-1: low: Security update for python3 Message-ID: <174195541114.12423.14588401155495037362@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2025:0868-1 Release Date: 2025-03-14T10:42:25Z Rating: low References: * bsc#1233307 Cross-References: * CVE-2024-11168 CVSS scores: * CVE-2024-11168 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-11168 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise Micro 5.1 An update that solves one vulnerability can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses (bsc#1233307). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-868=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * python3-3.6.15-150000.3.173.1 * python3-debuginfo-3.6.15-150000.3.173.1 * python3-base-debuginfo-3.6.15-150000.3.173.1 * python3-core-debugsource-3.6.15-150000.3.173.1 * python3-debugsource-3.6.15-150000.3.173.1 * python3-base-3.6.15-150000.3.173.1 * libpython3_6m1_0-3.6.15-150000.3.173.1 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.173.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11168.html * https://bugzilla.suse.com/show_bug.cgi?id=1233307 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 14 12:30:42 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 14 Mar 2025 12:30:42 -0000 Subject: SUSE-SU-2025:0867-1: important: Security update for the Linux Kernel Message-ID: <174195544202.12423.7341043615008540687@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0867-1 Release Date: 2025-03-14T09:55:18Z Rating: important References: * bsc#1215420 * bsc#1224700 * bsc#1224763 * bsc#1225742 * bsc#1231847 * bsc#1232919 * bsc#1233112 * bsc#1234025 * bsc#1234853 * bsc#1234891 * bsc#1234963 * bsc#1235054 * bsc#1235061 * bsc#1235073 * bsc#1235217 * bsc#1235230 * bsc#1235249 * bsc#1235430 * bsc#1235441 * bsc#1235466 * bsc#1235645 * bsc#1235759 * bsc#1235814 * bsc#1235818 * bsc#1235920 * bsc#1236104 * bsc#1236757 * bsc#1236761 * bsc#1236821 * bsc#1237025 * bsc#1237028 * bsc#1237139 * bsc#1237160 * bsc#1237389 * bsc#1237768 * bsc#1238033 Cross-References: * CVE-2021-47633 * CVE-2022-49080 * CVE-2023-4244 * CVE-2023-52923 * CVE-2023-52924 * CVE-2024-35863 * CVE-2024-35949 * CVE-2024-50115 * CVE-2024-50199 * CVE-2024-53104 * CVE-2024-53173 * CVE-2024-53239 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56600 * CVE-2024-56601 * CVE-2024-56605 * CVE-2024-56623 * CVE-2024-56650 * CVE-2024-56658 * CVE-2024-56664 * CVE-2024-56759 * CVE-2024-57791 * CVE-2024-57798 * CVE-2024-57849 * CVE-2024-57893 * CVE-2025-21690 * CVE-2025-21692 * CVE-2025-21699 CVSS scores: * CVE-2021-47633 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2021-47633 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-49080 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49080 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4244 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4244 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4244 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52923 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52923 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52924 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-52924 ( SUSE ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50199 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53104 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53104 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53104 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56548 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56600 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56600 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56601 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56601 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56601 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56601 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56623 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56623 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56623 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56623 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56650 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-56658 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56658 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56759 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56759 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57791 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57791 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57798 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57798 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57849 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57849 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57893 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57893 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21690 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21690 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21692 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21692 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21692 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21699 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21699 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21699 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves 29 vulnerabilities and has seven security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47633: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 (bsc#1237768). * CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700). * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112). * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025). * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217). * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230). * CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466). * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235430). * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441). * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249). * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645). * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759). * CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (bsc#1235818). * CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling (bsc#1235814). * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages (bsc#1235920). * CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025). * CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028). * CVE-2025-21699: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (bsc#1237139). The following non-security bugs were fixed: * net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761). * net: netvsc: Update default VMBus channels (bsc#1236757). * NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847). * NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847). * NFS: Improve heuristic for readdirplus -revert (bsc#1237160). * NFS: Improve heuristic for readdirplus (bsc#1231847). * NFS: Reduce readdir stack usage (bsc#1231847). * NFS: Trigger the "ls -l" readdir heuristic sooner (bsc#1231847). * NFS: Use kmemdup_nul() in nfs_readdir_make_qstr() (bsc#1231847). * scsi: storvsc: Handle SRB status value 0x30 (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-867=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-867=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-867=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (nosrc x86_64) * kernel-rt-5.3.18-150300.202.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * kernel-rt-debuginfo-5.3.18-150300.202.1 * kernel-rt-debugsource-5.3.18-150300.202.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * kernel-source-rt-5.3.18-150300.202.1 * SUSE Linux Enterprise Micro 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.202.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * kernel-rt-debuginfo-5.3.18-150300.202.1 * kernel-rt-debugsource-5.3.18-150300.202.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * kernel-source-rt-5.3.18-150300.202.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.202.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * kernel-rt-debuginfo-5.3.18-150300.202.1 * kernel-rt-debugsource-5.3.18-150300.202.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * kernel-source-rt-5.3.18-150300.202.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47633.html * https://www.suse.com/security/cve/CVE-2022-49080.html * https://www.suse.com/security/cve/CVE-2023-4244.html * https://www.suse.com/security/cve/CVE-2023-52923.html * https://www.suse.com/security/cve/CVE-2023-52924.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-50199.html * https://www.suse.com/security/cve/CVE-2024-53104.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56600.html * https://www.suse.com/security/cve/CVE-2024-56601.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56623.html * https://www.suse.com/security/cve/CVE-2024-56650.html * https://www.suse.com/security/cve/CVE-2024-56658.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2024-56759.html * https://www.suse.com/security/cve/CVE-2024-57791.html * https://www.suse.com/security/cve/CVE-2024-57798.html * https://www.suse.com/security/cve/CVE-2024-57849.html * https://www.suse.com/security/cve/CVE-2024-57893.html * https://www.suse.com/security/cve/CVE-2025-21690.html * https://www.suse.com/security/cve/CVE-2025-21692.html * https://www.suse.com/security/cve/CVE-2025-21699.html * https://bugzilla.suse.com/show_bug.cgi?id=1215420 * https://bugzilla.suse.com/show_bug.cgi?id=1224700 * https://bugzilla.suse.com/show_bug.cgi?id=1224763 * https://bugzilla.suse.com/show_bug.cgi?id=1225742 * https://bugzilla.suse.com/show_bug.cgi?id=1231847 * https://bugzilla.suse.com/show_bug.cgi?id=1232919 * https://bugzilla.suse.com/show_bug.cgi?id=1233112 * https://bugzilla.suse.com/show_bug.cgi?id=1234025 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235217 * https://bugzilla.suse.com/show_bug.cgi?id=1235230 * https://bugzilla.suse.com/show_bug.cgi?id=1235249 * https://bugzilla.suse.com/show_bug.cgi?id=1235430 * https://bugzilla.suse.com/show_bug.cgi?id=1235441 * https://bugzilla.suse.com/show_bug.cgi?id=1235466 * https://bugzilla.suse.com/show_bug.cgi?id=1235645 * https://bugzilla.suse.com/show_bug.cgi?id=1235759 * https://bugzilla.suse.com/show_bug.cgi?id=1235814 * https://bugzilla.suse.com/show_bug.cgi?id=1235818 * https://bugzilla.suse.com/show_bug.cgi?id=1235920 * https://bugzilla.suse.com/show_bug.cgi?id=1236104 * https://bugzilla.suse.com/show_bug.cgi?id=1236757 * https://bugzilla.suse.com/show_bug.cgi?id=1236761 * https://bugzilla.suse.com/show_bug.cgi?id=1236821 * https://bugzilla.suse.com/show_bug.cgi?id=1237025 * https://bugzilla.suse.com/show_bug.cgi?id=1237028 * https://bugzilla.suse.com/show_bug.cgi?id=1237139 * https://bugzilla.suse.com/show_bug.cgi?id=1237160 * https://bugzilla.suse.com/show_bug.cgi?id=1237389 * https://bugzilla.suse.com/show_bug.cgi?id=1237768 * https://bugzilla.suse.com/show_bug.cgi?id=1238033 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 14 12:30:44 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 14 Mar 2025 12:30:44 -0000 Subject: SUSE-SU-2025:0866-1: moderate: Security update for amazon-ssm-agent Message-ID: <174195544430.12423.15986903459537375463@smelt2.prg2.suse.org> # Security update for amazon-ssm-agent Announcement ID: SUSE-SU-2025:0866-1 Release Date: 2025-03-14T09:32:08Z Rating: moderate References: * bsc#1238702 Cross-References: * CVE-2025-22870 CVSS scores: * CVE-2025-22870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22870 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for amazon-ssm-agent fixes the following issues: * CVE-2025-22870: golang.org/x/net/proxy: Fixed proxy bypass using IPv6 zone IDs (bsc#1238702) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-866=1 ## Package List: * Public Cloud Module 12 (aarch64 x86_64) * amazon-ssm-agent-3.3.1611.0-4.39.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22870.html * https://bugzilla.suse.com/show_bug.cgi?id=1238702 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 14 12:31:03 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 14 Mar 2025 12:31:03 -0000 Subject: SUSE-SU-2025:0862-1: important: Security update for ffmpeg-4 Message-ID: <174195546352.12423.1402435181954700781@smelt2.prg2.suse.org> # Security update for ffmpeg-4 Announcement ID: SUSE-SU-2025:0862-1 Release Date: 2025-03-14T08:45:39Z Rating: important References: * bsc#1202848 * bsc#1215945 * bsc#1223070 * bsc#1223235 * bsc#1223256 * bsc#1223272 * bsc#1223304 * bsc#1223437 * bsc#1227296 * bsc#1229026 * bsc#1229338 * bsc#1234028 * bsc#1235092 * bsc#1236007 * bsc#1237351 * bsc#1237358 * bsc#1237371 * bsc#1237382 Cross-References: * CVE-2023-49502 * CVE-2023-50010 * CVE-2023-51793 * CVE-2023-51794 * CVE-2023-51798 * CVE-2024-12361 * CVE-2024-31578 * CVE-2024-32230 * CVE-2024-35368 * CVE-2024-36613 * CVE-2024-7055 * CVE-2025-0518 * CVE-2025-22919 * CVE-2025-22921 * CVE-2025-25473 CVSS scores: * CVE-2023-49502 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-50010 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-51793 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-51794 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2023-51798 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-12361 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-12361 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-31578 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2024-32230 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H * CVE-2024-32230 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-35368 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-35368 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-35368 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36613 ( SUSE ): 4.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-36613 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2024-36613 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7055 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-0518 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-0518 ( NVD ): 4.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-22919 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22919 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-22919 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-22921 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22921 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-22921 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-25473 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-25473 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2025-25473 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves 15 vulnerabilities and has three security fixes can now be installed. ## Description: This update for ffmpeg-4 fixes the following issues: * CVE-2025-22921: Fixed segmentation violation in NULL pointer dereference via the component /libavcodec/jpeg2000dec.c (bsc#1237382). * CVE-2025-25473: Fixed memory leak in avformat_free_context() (bsc#1237351). * CVE-2025-0518: Fixed unchecked sscanf return value which leads to memory data leak (bsc#1236007). * CVE-2025-22919: Fixed denial of service (DoS) via opening a crafted AAC file (bsc#1237371). * CVE-2024-12361: Fixed NULL Pointer Dereference (bsc#1237358). * CVE-2024-35368: Fixed Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c (bsc#1234028). * CVE-2024-36613: Fixed Integer overflow in ffmpeg (bsc#1235092). * CVE-2023-50010: Fixed arbitrary code execution via the set_encoder_id function in /fftools/ffmpeg_enc.c component (bsc#1223256). * CVE-2023-51794: Fixed heap-buffer-overflow at libavfilter/af_stereowiden.c (bsc#1223437). * CVE-2023-51793: Fixed heap buffer overflow in the image_copy_plane function in libavutil/imgutils.c (bsc#1223272). * CVE-2023-49502: Fixed heap buffer overflow via the ff_bwdif_filter_intra_c function in libavfilter/bwdifdsp.c (bsc#1223235). * CVE-2023-51798: Fixed floating point exception(FPE) via the interpolate function in libavfilter/vf_minterpolate.c (bsc#1223304). * CVE-2024-31578: Fixed heap use-after-free via the av_hwframe_ctx_init function (bsc#1223070). * CVE-2024-7055: Fixed heap-based buffer overflow in pnmdec.c (bsc#1229026). * CVE-2024-32230: Fixed buffer overflow due to negative-size-param bug at libavcodec/mpegvideo_enc.c in load_input_picture (bsc#1227296). Other fixes: \- Updated to version 4.4.5. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-862=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-862=1 openSUSE-SLE-15.6-2025-862=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-862=1 ## Package List: * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * libavcodec58_134-4.4.5-150600.13.16.1 * ffmpeg-4-debuginfo-4.4.5-150600.13.16.1 * libswresample3_9-4.4.5-150600.13.16.1 * libavutil56_70-debuginfo-4.4.5-150600.13.16.1 * libavformat58_76-4.4.5-150600.13.16.1 * libswscale5_9-4.4.5-150600.13.16.1 * libavutil56_70-4.4.5-150600.13.16.1 * libavcodec58_134-debuginfo-4.4.5-150600.13.16.1 * ffmpeg-4-debugsource-4.4.5-150600.13.16.1 * libavformat58_76-debuginfo-4.4.5-150600.13.16.1 * libswscale5_9-debuginfo-4.4.5-150600.13.16.1 * libswresample3_9-debuginfo-4.4.5-150600.13.16.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * ffmpeg-4-private-devel-4.4.5-150600.13.16.1 * libpostproc55_9-4.4.5-150600.13.16.1 * libpostproc55_9-debuginfo-4.4.5-150600.13.16.1 * libavformat58_76-4.4.5-150600.13.16.1 * libavresample4_0-4.4.5-150600.13.16.1 * libavformat58_76-debuginfo-4.4.5-150600.13.16.1 * ffmpeg-4-libavformat-devel-4.4.5-150600.13.16.1 * ffmpeg-4-libavutil-devel-4.4.5-150600.13.16.1 * libavcodec58_134-4.4.5-150600.13.16.1 * libavfilter7_110-debuginfo-4.4.5-150600.13.16.1 * libavdevice58_13-4.4.5-150600.13.16.1 * libavresample4_0-debuginfo-4.4.5-150600.13.16.1 * libswscale5_9-4.4.5-150600.13.16.1 * ffmpeg-4-libavresample-devel-4.4.5-150600.13.16.1 * libavcodec58_134-debuginfo-4.4.5-150600.13.16.1 * ffmpeg-4-debugsource-4.4.5-150600.13.16.1 * libswscale5_9-debuginfo-4.4.5-150600.13.16.1 * ffmpeg-4-libavcodec-devel-4.4.5-150600.13.16.1 * ffmpeg-4-libpostproc-devel-4.4.5-150600.13.16.1 * ffmpeg-4-libswscale-devel-4.4.5-150600.13.16.1 * libavdevice58_13-debuginfo-4.4.5-150600.13.16.1 * ffmpeg-4-4.4.5-150600.13.16.1 * libswresample3_9-debuginfo-4.4.5-150600.13.16.1 * ffmpeg-4-libswresample-devel-4.4.5-150600.13.16.1 * ffmpeg-4-debuginfo-4.4.5-150600.13.16.1 * libswresample3_9-4.4.5-150600.13.16.1 * ffmpeg-4-libavfilter-devel-4.4.5-150600.13.16.1 * libavfilter7_110-4.4.5-150600.13.16.1 * ffmpeg-4-libavdevice-devel-4.4.5-150600.13.16.1 * libavutil56_70-4.4.5-150600.13.16.1 * libavutil56_70-debuginfo-4.4.5-150600.13.16.1 * openSUSE Leap 15.6 (x86_64) * libavresample4_0-32bit-4.4.5-150600.13.16.1 * libpostproc55_9-32bit-4.4.5-150600.13.16.1 * libavcodec58_134-32bit-4.4.5-150600.13.16.1 * libavutil56_70-32bit-4.4.5-150600.13.16.1 * libavdevice58_13-32bit-4.4.5-150600.13.16.1 * libswresample3_9-32bit-debuginfo-4.4.5-150600.13.16.1 * libavutil56_70-32bit-debuginfo-4.4.5-150600.13.16.1 * libswscale5_9-32bit-debuginfo-4.4.5-150600.13.16.1 * libswscale5_9-32bit-4.4.5-150600.13.16.1 * libswresample3_9-32bit-4.4.5-150600.13.16.1 * libpostproc55_9-32bit-debuginfo-4.4.5-150600.13.16.1 * libavdevice58_13-32bit-debuginfo-4.4.5-150600.13.16.1 * libavresample4_0-32bit-debuginfo-4.4.5-150600.13.16.1 * libavformat58_76-32bit-debuginfo-4.4.5-150600.13.16.1 * libavformat58_76-32bit-4.4.5-150600.13.16.1 * libavfilter7_110-32bit-4.4.5-150600.13.16.1 * libavfilter7_110-32bit-debuginfo-4.4.5-150600.13.16.1 * libavcodec58_134-32bit-debuginfo-4.4.5-150600.13.16.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libavresample4_0-64bit-4.4.5-150600.13.16.1 * libavcodec58_134-64bit-4.4.5-150600.13.16.1 * libavutil56_70-64bit-debuginfo-4.4.5-150600.13.16.1 * libavfilter7_110-64bit-4.4.5-150600.13.16.1 * libavformat58_76-64bit-4.4.5-150600.13.16.1 * libavresample4_0-64bit-debuginfo-4.4.5-150600.13.16.1 * libpostproc55_9-64bit-4.4.5-150600.13.16.1 * libswresample3_9-64bit-debuginfo-4.4.5-150600.13.16.1 * libavformat58_76-64bit-debuginfo-4.4.5-150600.13.16.1 * libavfilter7_110-64bit-debuginfo-4.4.5-150600.13.16.1 * libpostproc55_9-64bit-debuginfo-4.4.5-150600.13.16.1 * libswresample3_9-64bit-4.4.5-150600.13.16.1 * libswscale5_9-64bit-4.4.5-150600.13.16.1 * libavdevice58_13-64bit-debuginfo-4.4.5-150600.13.16.1 * libavutil56_70-64bit-4.4.5-150600.13.16.1 * libswscale5_9-64bit-debuginfo-4.4.5-150600.13.16.1 * libavdevice58_13-64bit-4.4.5-150600.13.16.1 * libavcodec58_134-64bit-debuginfo-4.4.5-150600.13.16.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * ffmpeg-4-private-devel-4.4.5-150600.13.16.1 * libpostproc55_9-4.4.5-150600.13.16.1 * libpostproc55_9-debuginfo-4.4.5-150600.13.16.1 * libavformat58_76-4.4.5-150600.13.16.1 * libavresample4_0-4.4.5-150600.13.16.1 * libavformat58_76-debuginfo-4.4.5-150600.13.16.1 * ffmpeg-4-libavformat-devel-4.4.5-150600.13.16.1 * ffmpeg-4-libavutil-devel-4.4.5-150600.13.16.1 * libavcodec58_134-4.4.5-150600.13.16.1 * libavfilter7_110-debuginfo-4.4.5-150600.13.16.1 * libavdevice58_13-4.4.5-150600.13.16.1 * libavresample4_0-debuginfo-4.4.5-150600.13.16.1 * libswscale5_9-4.4.5-150600.13.16.1 * ffmpeg-4-libavresample-devel-4.4.5-150600.13.16.1 * libavcodec58_134-debuginfo-4.4.5-150600.13.16.1 * ffmpeg-4-debugsource-4.4.5-150600.13.16.1 * libswscale5_9-debuginfo-4.4.5-150600.13.16.1 * ffmpeg-4-libavcodec-devel-4.4.5-150600.13.16.1 * ffmpeg-4-libpostproc-devel-4.4.5-150600.13.16.1 * ffmpeg-4-libswscale-devel-4.4.5-150600.13.16.1 * libavdevice58_13-debuginfo-4.4.5-150600.13.16.1 * ffmpeg-4-4.4.5-150600.13.16.1 * libswresample3_9-debuginfo-4.4.5-150600.13.16.1 * ffmpeg-4-libswresample-devel-4.4.5-150600.13.16.1 * ffmpeg-4-debuginfo-4.4.5-150600.13.16.1 * libswresample3_9-4.4.5-150600.13.16.1 * ffmpeg-4-libavfilter-devel-4.4.5-150600.13.16.1 * libavfilter7_110-4.4.5-150600.13.16.1 * ffmpeg-4-libavdevice-devel-4.4.5-150600.13.16.1 * libavutil56_70-4.4.5-150600.13.16.1 * libavutil56_70-debuginfo-4.4.5-150600.13.16.1 ## References: * https://www.suse.com/security/cve/CVE-2023-49502.html * https://www.suse.com/security/cve/CVE-2023-50010.html * https://www.suse.com/security/cve/CVE-2023-51793.html * https://www.suse.com/security/cve/CVE-2023-51794.html * https://www.suse.com/security/cve/CVE-2023-51798.html * https://www.suse.com/security/cve/CVE-2024-12361.html * https://www.suse.com/security/cve/CVE-2024-31578.html * https://www.suse.com/security/cve/CVE-2024-32230.html * https://www.suse.com/security/cve/CVE-2024-35368.html * https://www.suse.com/security/cve/CVE-2024-36613.html * https://www.suse.com/security/cve/CVE-2024-7055.html * https://www.suse.com/security/cve/CVE-2025-0518.html * https://www.suse.com/security/cve/CVE-2025-22919.html * https://www.suse.com/security/cve/CVE-2025-22921.html * https://www.suse.com/security/cve/CVE-2025-25473.html * https://bugzilla.suse.com/show_bug.cgi?id=1202848 * https://bugzilla.suse.com/show_bug.cgi?id=1215945 * https://bugzilla.suse.com/show_bug.cgi?id=1223070 * https://bugzilla.suse.com/show_bug.cgi?id=1223235 * https://bugzilla.suse.com/show_bug.cgi?id=1223256 * https://bugzilla.suse.com/show_bug.cgi?id=1223272 * https://bugzilla.suse.com/show_bug.cgi?id=1223304 * https://bugzilla.suse.com/show_bug.cgi?id=1223437 * https://bugzilla.suse.com/show_bug.cgi?id=1227296 * https://bugzilla.suse.com/show_bug.cgi?id=1229026 * https://bugzilla.suse.com/show_bug.cgi?id=1229338 * https://bugzilla.suse.com/show_bug.cgi?id=1234028 * https://bugzilla.suse.com/show_bug.cgi?id=1235092 * https://bugzilla.suse.com/show_bug.cgi?id=1236007 * https://bugzilla.suse.com/show_bug.cgi?id=1237351 * https://bugzilla.suse.com/show_bug.cgi?id=1237358 * https://bugzilla.suse.com/show_bug.cgi?id=1237371 * https://bugzilla.suse.com/show_bug.cgi?id=1237382 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 14 12:31:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 14 Mar 2025 12:31:05 -0000 Subject: SUSE-SU-2025:0861-1: low: Security update for python Message-ID: <174195546587.12423.2644943944958179728@smelt2.prg2.suse.org> # Security update for python Announcement ID: SUSE-SU-2025:0861-1 Release Date: 2025-03-14T08:45:22Z Rating: low References: * bsc#1233307 Cross-References: * CVE-2024-11168 CVSS scores: * CVE-2024-11168 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-11168 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python fixes the following issues: * CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses (bsc#1233307). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-861=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-861=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python-base-debugsource-2.7.18-150000.77.1 * python-xml-debuginfo-2.7.18-150000.77.1 * python-curses-debuginfo-2.7.18-150000.77.1 * python-gdbm-debuginfo-2.7.18-150000.77.1 * python-demo-2.7.18-150000.77.1 * libpython2_7-1_0-debuginfo-2.7.18-150000.77.1 * python-gdbm-2.7.18-150000.77.1 * python-curses-2.7.18-150000.77.1 * python-tk-debuginfo-2.7.18-150000.77.1 * python-xml-2.7.18-150000.77.1 * python-devel-2.7.18-150000.77.1 * python-debuginfo-2.7.18-150000.77.1 * python-debugsource-2.7.18-150000.77.1 * python-idle-2.7.18-150000.77.1 * libpython2_7-1_0-2.7.18-150000.77.1 * python-2.7.18-150000.77.1 * python-base-debuginfo-2.7.18-150000.77.1 * python-tk-2.7.18-150000.77.1 * python-base-2.7.18-150000.77.1 * openSUSE Leap 15.6 (x86_64) * python-32bit-2.7.18-150000.77.1 * python-32bit-debuginfo-2.7.18-150000.77.1 * libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.77.1 * python-base-32bit-debuginfo-2.7.18-150000.77.1 * libpython2_7-1_0-32bit-2.7.18-150000.77.1 * python-base-32bit-2.7.18-150000.77.1 * openSUSE Leap 15.6 (noarch) * python-doc-2.7.18-150000.77.1 * python-doc-pdf-2.7.18-150000.77.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * python-base-debugsource-2.7.18-150000.77.1 * python-xml-debuginfo-2.7.18-150000.77.1 * python-curses-debuginfo-2.7.18-150000.77.1 * python-gdbm-debuginfo-2.7.18-150000.77.1 * libpython2_7-1_0-debuginfo-2.7.18-150000.77.1 * python-gdbm-2.7.18-150000.77.1 * python-curses-2.7.18-150000.77.1 * python-xml-2.7.18-150000.77.1 * python-debuginfo-2.7.18-150000.77.1 * python-debugsource-2.7.18-150000.77.1 * libpython2_7-1_0-2.7.18-150000.77.1 * python-2.7.18-150000.77.1 * python-base-debuginfo-2.7.18-150000.77.1 * python-base-2.7.18-150000.77.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11168.html * https://bugzilla.suse.com/show_bug.cgi?id=1233307 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 14 16:30:10 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 14 Mar 2025 16:30:10 -0000 Subject: SUSE-SU-2025:0874-1: important: Security update for rubygem-rack Message-ID: <174196981059.19801.17803973570510162908@smelt2.prg2.suse.org> # Security update for rubygem-rack Announcement ID: SUSE-SU-2025:0874-1 Release Date: 2025-03-14T14:47:55Z Rating: important References: * bsc#1237141 * bsc#1238607 * bsc#1239298 Cross-References: * CVE-2025-25184 * CVE-2025-27111 * CVE-2025-27610 CVSS scores: * CVE-2025-25184 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-25184 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-25184 ( NVD ): 5.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-27111 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-27111 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-27111 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-27610 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-27610 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-27610 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves three vulnerabilities can now be installed. ## Description: This update for rubygem-rack fixes the following issues: * CVE-2025-25184: Fixed escape sequence injection vulnerability in rack leading to possible log injection (bsc#1237141) * CVE-2025-27111: Fixed escape sequence injection vulnerability in rack leading to possible log injection (bsc#1238607) * CVE-2025-27610: Fixed improper sanitization of user-supplied paths (bsc#1239298) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2025-874=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-874=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2025-874=1 * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2025-874=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2025-874=1 ## Package List: * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-2.0.8-150000.3.26.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-2.0.8-150000.3.26.1 * ruby2.5-rubygem-rack-testsuite-2.0.8-150000.3.26.1 * ruby2.5-rubygem-rack-doc-2.0.8-150000.3.26.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-2.0.8-150000.3.26.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-2.0.8-150000.3.26.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-2.0.8-150000.3.26.1 ## References: * https://www.suse.com/security/cve/CVE-2025-25184.html * https://www.suse.com/security/cve/CVE-2025-27111.html * https://www.suse.com/security/cve/CVE-2025-27610.html * https://bugzilla.suse.com/show_bug.cgi?id=1237141 * https://bugzilla.suse.com/show_bug.cgi?id=1238607 * https://bugzilla.suse.com/show_bug.cgi?id=1239298 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 14 16:30:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 14 Mar 2025 16:30:14 -0000 Subject: SUSE-SU-2025:0873-1: moderate: Security update for amazon-ssm-agent Message-ID: <174196981450.19801.554171966129738909@smelt2.prg2.suse.org> # Security update for amazon-ssm-agent Announcement ID: SUSE-SU-2025:0873-1 Release Date: 2025-03-14T12:51:03Z Rating: moderate References: * bsc#1238702 Cross-References: * CVE-2025-22870 CVSS scores: * CVE-2025-22870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22870 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for amazon-ssm-agent fixes the following issues: * CVE-2025-22870: golang.org/x/net/proxy: Fixed proxy bypass using IPv6 zone IDs (bsc#1238702) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-873=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-873=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-873=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-873=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-873=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64) * amazon-ssm-agent-3.3.1611.0-150000.5.23.1 * Public Cloud Module 15-SP3 (aarch64 x86_64) * amazon-ssm-agent-3.3.1611.0-150000.5.23.1 * Public Cloud Module 15-SP4 (aarch64 x86_64) * amazon-ssm-agent-3.3.1611.0-150000.5.23.1 * Public Cloud Module 15-SP5 (aarch64 x86_64) * amazon-ssm-agent-3.3.1611.0-150000.5.23.1 * Public Cloud Module 15-SP6 (aarch64 x86_64) * amazon-ssm-agent-3.3.1611.0-150000.5.23.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22870.html * https://bugzilla.suse.com/show_bug.cgi?id=1238702 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 14 16:30:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 14 Mar 2025 16:30:16 -0000 Subject: SUSE-SU-2025:0872-1: important: Security update for google-guest-agent Message-ID: <174196981683.19801.9349516508320111678@smelt2.prg2.suse.org> # Security update for google-guest-agent Announcement ID: SUSE-SU-2025:0872-1 Release Date: 2025-03-14T12:50:45Z Rating: important References: * bsc#1239197 Cross-References: * CVE-2025-22868 CVSS scores: * CVE-2025-22868 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for google-guest-agent fixes the following issues: * CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-872=1 ## Package List: * Public Cloud Module 12 (aarch64 ppc64le s390x x86_64) * google-guest-agent-20250116.00-1.47.2 ## References: * https://www.suse.com/security/cve/CVE-2025-22868.html * https://bugzilla.suse.com/show_bug.cgi?id=1239197 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 14 16:30:20 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 14 Mar 2025 16:30:20 -0000 Subject: SUSE-SU-2025:0871-1: important: Security update for subversion Message-ID: <174196982007.19801.4785749489349861863@smelt2.prg2.suse.org> # Security update for subversion Announcement ID: SUSE-SU-2025:0871-1 Release Date: 2025-03-14T12:50:27Z Rating: important References: * bsc#1234317 Cross-References: * CVE-2024-46901 CVSS scores: * CVE-2024-46901 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-46901 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for subversion fixes the following issues: * CVE-2024-46901: Fixed mod_dav_svn denial-of-service via control characters in paths (bsc#1234317) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-871=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * subversion-devel-1.10.6-3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46901.html * https://bugzilla.suse.com/show_bug.cgi?id=1234317 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 17 08:30:03 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 17 Mar 2025 08:30:03 -0000 Subject: SUSE-SU-2025:0876-1: moderate: Security update for govulncheck-vulndb Message-ID: <174220020325.2052.10106886742946521437@smelt2.prg2.suse.org> # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2025:0876-1 Release Date: 2025-03-17T07:26:27Z Rating: moderate References: * jsc#PED-11136 Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: * Update to version 0.0.20250313T170021 2025-03-13T17:00:21Z (jsc#PED-11136) * GO-2025-3427 * GO-2025-3442 * GO-2025-3443 * GO-2025-3508 * GO-2025-3509 * GO-2025-3510 * GO-2025-3511 * GO-2025-3512 * GO-2025-3514 * GO-2025-3515 * Update to version 0.0.20250312T181707 2025-03-12T18:17:07Z (jsc#PED-11136): * GO-2025-3459 * GO-2025-3460 * GO-2025-3461 * GO-2025-3462 * GO-2025-3463 * GO-2025-3465 * GO-2025-3466 * GO-2025-3467 * GO-2025-3468 * GO-2025-3470 * GO-2025-3472 * GO-2025-3474 * GO-2025-3475 * GO-2025-3476 * GO-2025-3477 * GO-2025-3479 * GO-2025-3480 * GO-2025-3481 * GO-2025-3482 * GO-2025-3483 * GO-2025-3484 * GO-2025-3485 * GO-2025-3489 * GO-2025-3490 * GO-2025-3491 * GO-2025-3492 * GO-2025-3494 * GO-2025-3495 * GO-2025-3498 * GO-2025-3499 * GO-2025-3500 * GO-2025-3503 * GO-2025-3504 * GO-2025-3505 * GO-2025-3507 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-876=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-876=1 ## Package List: * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20250313T170021-150000.1.40.1 * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20250313T170021-150000.1.40.1 ## References: * https://jira.suse.com/browse/PED-11136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 17 12:30:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 17 Mar 2025 12:30:05 -0000 Subject: SUSE-SU-2025:0882-1: important: Security update for google-cloud-sap-agent Message-ID: <174221460539.2308.15298562824622739045@smelt2.prg2.suse.org> # Security update for google-cloud-sap-agent Announcement ID: SUSE-SU-2025:0882-1 Release Date: 2025-03-17T11:26:00Z Rating: important References: * bsc#1239197 Cross-References: * CVE-2025-22868 CVSS scores: * CVE-2025-22868 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for google-cloud-sap-agent fixes the following issues: * CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-882=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-882=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-882=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-882=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-882=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.6-150100.3.44.1 * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.6-150100.3.44.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.6-150100.3.44.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.6-150100.3.44.1 * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.6-150100.3.44.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22868.html * https://bugzilla.suse.com/show_bug.cgi?id=1239197 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 17 12:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 17 Mar 2025 12:30:09 -0000 Subject: SUSE-SU-2025:0881-1: important: Security update for google-cloud-sap-agent Message-ID: <174221460936.2308.456303975810673930@smelt2.prg2.suse.org> # Security update for google-cloud-sap-agent Announcement ID: SUSE-SU-2025:0881-1 Release Date: 2025-03-17T11:24:55Z Rating: important References: * bsc#1239197 Cross-References: * CVE-2025-22868 CVSS scores: * CVE-2025-22868 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for google-cloud-sap-agent fixes the following issues: * CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-881=1 ## Package List: * Public Cloud Module 12 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.6-6.43.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22868.html * https://bugzilla.suse.com/show_bug.cgi?id=1239197 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 17 16:30:06 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 17 Mar 2025 16:30:06 -0000 Subject: SUSE-SU-2025:0883-1: low: Security update for python312 Message-ID: <174222900694.2052.9622772011815412198@smelt2.prg2.suse.org> # Security update for python312 Announcement ID: SUSE-SU-2025:0883-1 Release Date: 2025-03-17T15:21:49Z Rating: low References: * bsc#1238450 * bsc#1239210 Cross-References: * CVE-2025-1795 CVSS scores: * CVE-2025-1795 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1795 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-1795 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python312 fixes the following issues: * CVE-2025-1795: Fixed mishandling of comma during folding and unicode- encoding of email headers (bsc#1238450). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-883=1 openSUSE-SLE-15.6-2025-883=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-883=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python312-testsuite-3.12.9-150600.3.21.1 * python312-idle-3.12.9-150600.3.21.1 * python312-testsuite-debuginfo-3.12.9-150600.3.21.1 * python312-curses-debuginfo-3.12.9-150600.3.21.1 * python312-debuginfo-3.12.9-150600.3.21.1 * python312-3.12.9-150600.3.21.1 * python312-base-debuginfo-3.12.9-150600.3.21.1 * python312-doc-devhelp-3.12.9-150600.3.21.1 * python312-dbm-3.12.9-150600.3.21.1 * libpython3_12-1_0-debuginfo-3.12.9-150600.3.21.1 * python312-debugsource-3.12.9-150600.3.21.1 * python312-core-debugsource-3.12.9-150600.3.21.1 * python312-devel-3.12.9-150600.3.21.1 * python312-tk-3.12.9-150600.3.21.1 * python312-dbm-debuginfo-3.12.9-150600.3.21.1 * python312-base-3.12.9-150600.3.21.1 * python312-tools-3.12.9-150600.3.21.1 * python312-tk-debuginfo-3.12.9-150600.3.21.1 * python312-curses-3.12.9-150600.3.21.1 * libpython3_12-1_0-3.12.9-150600.3.21.1 * python312-doc-3.12.9-150600.3.21.1 * openSUSE Leap 15.6 (x86_64) * python312-32bit-debuginfo-3.12.9-150600.3.21.1 * libpython3_12-1_0-32bit-debuginfo-3.12.9-150600.3.21.1 * python312-base-32bit-3.12.9-150600.3.21.1 * libpython3_12-1_0-32bit-3.12.9-150600.3.21.1 * python312-base-32bit-debuginfo-3.12.9-150600.3.21.1 * python312-32bit-3.12.9-150600.3.21.1 * openSUSE Leap 15.6 (aarch64_ilp32) * python312-64bit-debuginfo-3.12.9-150600.3.21.1 * python312-64bit-3.12.9-150600.3.21.1 * libpython3_12-1_0-64bit-3.12.9-150600.3.21.1 * libpython3_12-1_0-64bit-debuginfo-3.12.9-150600.3.21.1 * python312-base-64bit-debuginfo-3.12.9-150600.3.21.1 * python312-base-64bit-3.12.9-150600.3.21.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python312-core-debugsource-3.12.9-150600.3.21.1 * python312-devel-3.12.9-150600.3.21.1 * python312-curses-debuginfo-3.12.9-150600.3.21.1 * python312-base-3.12.9-150600.3.21.1 * python312-debuginfo-3.12.9-150600.3.21.1 * python312-tools-3.12.9-150600.3.21.1 * python312-3.12.9-150600.3.21.1 * python312-tk-debuginfo-3.12.9-150600.3.21.1 * python312-idle-3.12.9-150600.3.21.1 * python312-tk-3.12.9-150600.3.21.1 * python312-debugsource-3.12.9-150600.3.21.1 * python312-dbm-debuginfo-3.12.9-150600.3.21.1 * python312-base-debuginfo-3.12.9-150600.3.21.1 * python312-curses-3.12.9-150600.3.21.1 * python312-dbm-3.12.9-150600.3.21.1 * libpython3_12-1_0-debuginfo-3.12.9-150600.3.21.1 * libpython3_12-1_0-3.12.9-150600.3.21.1 ## References: * https://www.suse.com/security/cve/CVE-2025-1795.html * https://bugzilla.suse.com/show_bug.cgi?id=1238450 * https://bugzilla.suse.com/show_bug.cgi?id=1239210 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 17 20:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 17 Mar 2025 20:30:08 -0000 Subject: SUSE-SU-2025:0892-1: important: Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5) Message-ID: <174224340802.2052.1473634607728152524@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:0892-1 Release Date: 2025-03-17T19:33:38Z Rating: important References: * bsc#1227656 * bsc#1228017 * bsc#1229640 * bsc#1231204 * bsc#1233679 Cross-References: * CVE-2021-47496 * CVE-2022-48792 * CVE-2022-48911 * CVE-2024-46818 * CVE-2024-50302 CVSS scores: * CVE-2021-47496 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48792 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48792 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_216 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2022-48792: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (bsc#1228017). * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640). * CVE-2021-47496: Fix flipped sign in tls_err_abort() calls (bsc#1225354) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-892=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_216-default-12-2.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47496.html * https://www.suse.com/security/cve/CVE-2022-48792.html * https://www.suse.com/security/cve/CVE-2022-48911.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://bugzilla.suse.com/show_bug.cgi?id=1227656 * https://bugzilla.suse.com/show_bug.cgi?id=1228017 * https://bugzilla.suse.com/show_bug.cgi?id=1229640 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 17 20:30:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 17 Mar 2025 20:30:11 -0000 Subject: SUSE-SU-2025:0889-1: important: Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6) Message-ID: <174224341113.2052.10687352228475184658@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0889-1 Release Date: 2025-03-17T16:33:46Z Rating: important References: * bsc#1235452 Cross-References: * CVE-2024-56648 CVSS scores: * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_23 fixes one issue. The following security issue was fixed: * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-889=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-890=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_23-rt-2-150600.2.1 * kernel-livepatch-6_4_0-150600_10_20-rt-2-150600.2.1 * kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo-2-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource-2-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_7-debugsource-2-150600.2.1 * kernel-livepatch-6_4_0-150600_10_23-rt-debuginfo-2-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 17 20:30:15 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 17 Mar 2025 20:30:15 -0000 Subject: SUSE-SU-2025:0888-1: important: Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6) Message-ID: <174224341557.2052.15743439159431362189@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0888-1 Release Date: 2025-03-17T17:33:37Z Rating: important References: * bsc#1233679 * bsc#1235452 Cross-References: * CVE-2024-50302 * CVE-2024-56648 CVSS scores: * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_17 fixes several issues. The following security issues were fixed: * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-888=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-891=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo-4-150600.2.1 * kernel-livepatch-6_4_0-150600_10_17-rt-4-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource-5-150600.2.1 * kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo-5-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource-4-150600.2.1 * kernel-livepatch-6_4_0-150600_10_14-rt-5-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50302.html * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1233679 * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 17 20:30:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 17 Mar 2025 20:30:21 -0000 Subject: SUSE-SU-2025:0886-1: important: Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6) Message-ID: <174224342118.2052.4437644395921418496@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0886-1 Release Date: 2025-03-17T16:33:34Z Rating: important References: * bsc#1228755 * bsc#1231196 * bsc#1231204 * bsc#1233679 * bsc#1235452 Cross-References: * CVE-2024-42159 * CVE-2024-46815 * CVE-2024-46818 * CVE-2024-50302 * CVE-2024-56648 CVSS scores: * CVE-2024-42159 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42159 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42159 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_5 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231196). * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2024-42159: scsi: mpi3mr: fix sanitise num_phys (bsc#1228755). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-887=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-886=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_8-rt-debuginfo-11-150600.3.1 * kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo-10-150600.2.1 * kernel-livepatch-6_4_0-150600_10_5-rt-10-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource-10-150600.2.1 * kernel-livepatch-6_4_0-150600_8-rt-11-150600.3.1 * kernel-livepatch-SLE15-SP6-RT_Update_0-debugsource-11-150600.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-42159.html * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1228755 * https://bugzilla.suse.com/show_bug.cgi?id=1231196 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 17 20:30:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 17 Mar 2025 20:30:25 -0000 Subject: SUSE-SU-2025:0885-1: important: Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP6) Message-ID: <174224342532.2052.4411239081762085130@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0885-1 Release Date: 2025-03-17T16:03:56Z Rating: important References: * bsc#1231196 * bsc#1231204 * bsc#1233679 * bsc#1235452 Cross-References: * CVE-2024-46815 * CVE-2024-46818 * CVE-2024-50302 * CVE-2024-56648 CVSS scores: * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_11 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231196). * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-885=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-884=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_8-rt-6-150600.2.1 * kernel-livepatch-6_4_0-150600_10_11-rt-debuginfo-6-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_3-debugsource-6-150600.2.1 * kernel-livepatch-6_4_0-150600_10_11-rt-6-150600.2.1 * kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo-6-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource-6-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1231196 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 18 08:30:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 18 Mar 2025 08:30:13 -0000 Subject: SUSE-SU-2025:0898-1: important: Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3) Message-ID: <174228661334.2052.8231603830680672837@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0898-1 Release Date: 2025-03-18T05:04:14Z Rating: important References: * bsc#1227656 * bsc#1227751 * bsc#1228017 * bsc#1229640 * bsc#1231204 * bsc#1233679 Cross-References: * CVE-2021-47261 * CVE-2021-47496 * CVE-2022-48792 * CVE-2022-48911 * CVE-2024-46818 * CVE-2024-50302 CVSS scores: * CVE-2021-47261 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47496 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48792 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48792 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves six vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_161 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2021-47261: Fix initializing CQ fragments buffer (bsc#1224954) * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2022-48792: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (bsc#1228017). * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640). * CVE-2021-47496: Fix flipped sign in tls_err_abort() calls (bsc#1225354) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-898=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-898=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_161-default-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_161-default-debuginfo-13-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_44-debugsource-13-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_161-preempt-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo-13-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_161-default-13-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47261.html * https://www.suse.com/security/cve/CVE-2021-47496.html * https://www.suse.com/security/cve/CVE-2022-48792.html * https://www.suse.com/security/cve/CVE-2022-48911.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://bugzilla.suse.com/show_bug.cgi?id=1227656 * https://bugzilla.suse.com/show_bug.cgi?id=1227751 * https://bugzilla.suse.com/show_bug.cgi?id=1228017 * https://bugzilla.suse.com/show_bug.cgi?id=1229640 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 18 08:30:17 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 18 Mar 2025 08:30:17 -0000 Subject: SUSE-SU-2025:0897-1: important: Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3) Message-ID: <174228661710.2052.10252791215204911603@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0897-1 Release Date: 2025-03-18T04:33:47Z Rating: important References: * bsc#1229640 * bsc#1231204 * bsc#1233679 Cross-References: * CVE-2022-48911 * CVE-2024-46818 * CVE-2024-50302 CVSS scores: * CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_174 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-897=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-897=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_174-default-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_174-default-debuginfo-6-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_48-debugsource-6-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_174-preempt-debuginfo-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_174-preempt-6-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_174-default-6-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48911.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://bugzilla.suse.com/show_bug.cgi?id=1229640 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 18 08:30:19 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 18 Mar 2025 08:30:19 -0000 Subject: SUSE-SU-2025:0896-1: important: Security update for the Linux Kernel (Live Patch 62 for SLE 12 SP5) Message-ID: <174228661963.2052.17431889841036391074@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 62 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:0896-1 Release Date: 2025-03-17T21:40:56Z Rating: important References: * bsc#1233679 Cross-References: * CVE-2024-50302 CVSS scores: * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_234 fixes one issue. The following security issue was fixed: * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-896=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_234-default-5-2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50302.html * https://bugzilla.suse.com/show_bug.cgi?id=1233679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 18 08:30:26 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 18 Mar 2025 08:30:26 -0000 Subject: SUSE-SU-2025:0893-1: important: Security update for the Linux Kernel (Live Patch 58 for SLE 12 SP5) Message-ID: <174228662692.2052.2066362986991528373@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 58 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:0893-1 Release Date: 2025-03-17T20:04:07Z Rating: important References: * bsc#1228017 * bsc#1229640 * bsc#1231204 * bsc#1233679 Cross-References: * CVE-2022-48792 * CVE-2022-48911 * CVE-2024-46818 * CVE-2024-50302 CVSS scores: * CVE-2022-48792 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48792 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_222 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2022-48792: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (bsc#1228017). * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-894=1 SUSE-SLE-Live- Patching-12-SP5-2025-893=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_222-default-7-2.1 * kgraft-patch-4_12_14-122_194-default-15-2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48792.html * https://www.suse.com/security/cve/CVE-2022-48911.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://bugzilla.suse.com/show_bug.cgi?id=1228017 * https://bugzilla.suse.com/show_bug.cgi?id=1229640 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 18 12:30:06 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 18 Mar 2025 12:30:06 -0000 Subject: SUSE-SU-2025:0901-1: moderate: Security update for erlang Message-ID: <174230100643.4895.12810990166385174279@smelt2.prg2.suse.org> # Security update for erlang Announcement ID: SUSE-SU-2025:0901-1 Release Date: 2025-03-18T09:59:04Z Rating: moderate References: * bsc#1237467 Cross-References: * CVE-2025-26618 CVSS scores: * CVE-2025-26618 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-26618 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-26618 ( NVD ): 7.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for erlang fixes the following issues: * CVE-2025-26618: Fixed SSH SFTP packet size not verified properly in Erlang OTP (bsc#1237467). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-901=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-901=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-901=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * erlang-observer-23.3.4.19-150300.3.17.1 * erlang-dialyzer-src-23.3.4.19-150300.3.17.1 * erlang-debuginfo-23.3.4.19-150300.3.17.1 * erlang-et-src-23.3.4.19-150300.3.17.1 * erlang-observer-src-23.3.4.19-150300.3.17.1 * erlang-dialyzer-23.3.4.19-150300.3.17.1 * erlang-23.3.4.19-150300.3.17.1 * erlang-wx-src-23.3.4.19-150300.3.17.1 * erlang-diameter-23.3.4.19-150300.3.17.1 * erlang-debugsource-23.3.4.19-150300.3.17.1 * erlang-src-23.3.4.19-150300.3.17.1 * erlang-reltool-src-23.3.4.19-150300.3.17.1 * erlang-doc-23.3.4.19-150300.3.17.1 * erlang-jinterface-src-23.3.4.19-150300.3.17.1 * erlang-et-23.3.4.19-150300.3.17.1 * erlang-debugger-23.3.4.19-150300.3.17.1 * erlang-reltool-23.3.4.19-150300.3.17.1 * erlang-jinterface-23.3.4.19-150300.3.17.1 * erlang-epmd-23.3.4.19-150300.3.17.1 * erlang-dialyzer-debuginfo-23.3.4.19-150300.3.17.1 * erlang-wx-debuginfo-23.3.4.19-150300.3.17.1 * erlang-wx-23.3.4.19-150300.3.17.1 * erlang-diameter-src-23.3.4.19-150300.3.17.1 * erlang-debugger-src-23.3.4.19-150300.3.17.1 * erlang-epmd-debuginfo-23.3.4.19-150300.3.17.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * erlang-observer-23.3.4.19-150300.3.17.1 * erlang-dialyzer-src-23.3.4.19-150300.3.17.1 * erlang-debuginfo-23.3.4.19-150300.3.17.1 * erlang-et-src-23.3.4.19-150300.3.17.1 * erlang-observer-src-23.3.4.19-150300.3.17.1 * erlang-dialyzer-23.3.4.19-150300.3.17.1 * erlang-23.3.4.19-150300.3.17.1 * erlang-wx-src-23.3.4.19-150300.3.17.1 * erlang-diameter-23.3.4.19-150300.3.17.1 * erlang-debugsource-23.3.4.19-150300.3.17.1 * erlang-src-23.3.4.19-150300.3.17.1 * erlang-reltool-src-23.3.4.19-150300.3.17.1 * erlang-doc-23.3.4.19-150300.3.17.1 * erlang-jinterface-src-23.3.4.19-150300.3.17.1 * erlang-et-23.3.4.19-150300.3.17.1 * erlang-debugger-23.3.4.19-150300.3.17.1 * erlang-reltool-23.3.4.19-150300.3.17.1 * erlang-jinterface-23.3.4.19-150300.3.17.1 * erlang-epmd-23.3.4.19-150300.3.17.1 * erlang-dialyzer-debuginfo-23.3.4.19-150300.3.17.1 * erlang-wx-debuginfo-23.3.4.19-150300.3.17.1 * erlang-wx-23.3.4.19-150300.3.17.1 * erlang-diameter-src-23.3.4.19-150300.3.17.1 * erlang-debugger-src-23.3.4.19-150300.3.17.1 * erlang-epmd-debuginfo-23.3.4.19-150300.3.17.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * erlang-epmd-23.3.4.19-150300.3.17.1 * erlang-23.3.4.19-150300.3.17.1 * erlang-debugsource-23.3.4.19-150300.3.17.1 * erlang-debuginfo-23.3.4.19-150300.3.17.1 * erlang-epmd-debuginfo-23.3.4.19-150300.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2025-26618.html * https://bugzilla.suse.com/show_bug.cgi?id=1237467 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 18 16:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 18 Mar 2025 16:30:07 -0000 Subject: SUSE-SU-2025:0904-1: important: Security update for the Linux Kernel (Live Patch 57 for SLE 12 SP5) Message-ID: <174231540731.4831.17619780894035322953@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 57 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:0904-1 Release Date: 2025-03-18T15:03:43Z Rating: important References: * bsc#1228017 * bsc#1229640 * bsc#1231204 * bsc#1233679 Cross-References: * CVE-2022-48792 * CVE-2022-48911 * CVE-2024-46818 * CVE-2024-50302 CVSS scores: * CVE-2022-48792 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48792 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_219 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2022-48792: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (bsc#1228017). * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-904=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_219-default-9-2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48792.html * https://www.suse.com/security/cve/CVE-2022-48911.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://bugzilla.suse.com/show_bug.cgi?id=1228017 * https://bugzilla.suse.com/show_bug.cgi?id=1229640 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 18 16:30:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 18 Mar 2025 16:30:13 -0000 Subject: SUSE-SU-2025:0903-1: important: Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP4) Message-ID: <174231541369.4831.10981333968518700159@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0903-1 Release Date: 2025-03-18T15:03:51Z Rating: important References: * bsc#1229640 * bsc#1231196 * bsc#1231204 * bsc#1233679 * bsc#1235452 Cross-References: * CVE-2022-48911 * CVE-2024-46815 * CVE-2024-46818 * CVE-2024-50302 * CVE-2024-56648 CVSS scores: * CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_128 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231196). * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-903=1 SUSE-2025-905=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-903=1 SUSE-SLE- Module-Live-Patching-15-SP4-2025-905=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_116-default-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_29-debugsource-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_128-default-6-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_25-debugsource-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-14-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_116-default-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_29-debugsource-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_128-default-6-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_25-debugsource-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-14-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48911.html * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1229640 * https://bugzilla.suse.com/show_bug.cgi?id=1231196 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 18 20:30:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 18 Mar 2025 20:30:05 -0000 Subject: SUSE-SU-2025:0907-1: important: Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP3) Message-ID: <174232980542.4895.9005811556554174367@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0907-1 Release Date: 2025-03-18T19:33:36Z Rating: important References: * bsc#1233679 Cross-References: * CVE-2024-50302 CVSS scores: * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_182 fixes one issue. The following security issue was fixed: * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-907=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-907=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_182-default-4-150300.2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_182-default-debuginfo-4-150300.2.1 * kernel-livepatch-5_3_18-150300_59_182-default-4-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_50-debugsource-4-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_182-preempt-debuginfo-4-150300.2.1 * kernel-livepatch-5_3_18-150300_59_182-preempt-4-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50302.html * https://bugzilla.suse.com/show_bug.cgi?id=1233679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 18 20:30:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 18 Mar 2025 20:30:13 -0000 Subject: SUSE-SU-2025:0906-1: important: Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP5) Message-ID: <174232981399.4895.13883937114297291647@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0906-1 Release Date: 2025-03-18T19:04:01Z Rating: important References: * bsc#1229640 * bsc#1231196 * bsc#1231204 * bsc#1233679 * bsc#1235452 Cross-References: * CVE-2022-48911 * CVE-2024-46815 * CVE-2024-46818 * CVE-2024-50302 * CVE-2024-56648 CVSS scores: * CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_80 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231196). * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-906=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-906=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_19-debugsource-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_80-default-5-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_19-debugsource-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_80-default-5-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48911.html * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1229640 * https://bugzilla.suse.com/show_bug.cgi?id=1231196 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 08:30:06 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 08:30:06 -0000 Subject: SUSE-SU-2025:0919-1: important: Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6) Message-ID: <174237300608.4591.14812942494006946905@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0919-1 Release Date: 2025-03-19T07:34:11Z Rating: important References: * bsc#1231196 * bsc#1231204 * bsc#1233679 * bsc#1235452 Cross-References: * CVE-2024-46815 * CVE-2024-46818 * CVE-2024-50302 * CVE-2024-56648 CVSS scores: * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_22 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231196). * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-919=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-919=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_22-default-6-150600.2.1 * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-6-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_4-debugsource-6-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_22-default-6-150600.2.1 * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-6-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_4-debugsource-6-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1231196 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 08:30:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 08:30:11 -0000 Subject: SUSE-SU-2025:0917-1: important: Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5) Message-ID: <174237301153.4591.7221292329831112900@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0917-1 Release Date: 2025-03-19T07:33:46Z Rating: important References: * bsc#1229640 * bsc#1231196 * bsc#1231204 * bsc#1233679 * bsc#1235452 Cross-References: * CVE-2022-48911 * CVE-2024-46815 * CVE-2024-46818 * CVE-2024-50302 * CVE-2024-56648 CVSS scores: * CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_62 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231196). * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-912=1 SUSE-2025-917=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-912=1 SUSE-SLE- Module-Live-Patching-15-SP4-2025-917=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-914=1 SUSE-2025-913=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-914=1 SUSE-SLE- Module-Live-Patching-15-SP5-2025-913=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_108-default-16-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_23-debugsource-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-8-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_28-debugsource-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_125-default-8-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_108-default-16-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_23-debugsource-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-8-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_28-debugsource-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_125-default-8-150400.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_59-default-14-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_13-debugsource-12-150500.2.1 * kernel-livepatch-5_14_21-150500_55_62-default-12-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_12-debugsource-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-12-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_59-default-14-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_13-debugsource-12-150500.2.1 * kernel-livepatch-5_14_21-150500_55_62-default-12-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_12-debugsource-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-12-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48911.html * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1229640 * https://bugzilla.suse.com/show_bug.cgi?id=1231196 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 08:30:17 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 08:30:17 -0000 Subject: SUSE-SU-2025:0911-1: important: Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6) Message-ID: <174237301706.4591.9399064362996385480@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0911-1 Release Date: 2025-03-19T07:33:59Z Rating: important References: * bsc#1228755 * bsc#1231196 * bsc#1231204 * bsc#1233679 * bsc#1235452 Cross-References: * CVE-2024-42159 * CVE-2024-46815 * CVE-2024-46818 * CVE-2024-50302 * CVE-2024-56648 CVSS scores: * CVE-2024-42159 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42159 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42159 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_14 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231196). * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2024-42159: scsi: mpi3mr: fix sanitise num_phys (bsc#1228755). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-911=1 SUSE-2025-918=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-911=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-918=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-10-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_1-debugsource-10-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_2-debugsource-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_14-default-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_7-default-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-10-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-10-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_1-debugsource-10-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_2-debugsource-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_14-default-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_7-default-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-10-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-42159.html * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1228755 * https://bugzilla.suse.com/show_bug.cgi?id=1231196 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 08:30:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 08:30:21 -0000 Subject: SUSE-SU-2025:0910-1: important: Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4) Message-ID: <174237302161.4591.17771875535339703607@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0910-1 Release Date: 2025-03-18T21:58:02Z Rating: important References: * bsc#1235452 Cross-References: * CVE-2024-56648 CVSS scores: * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_147 fixes one issue. The following security issue was fixed: * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-910=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-910=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_147-default-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-3-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_35-debugsource-3-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_147-default-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-3-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_35-debugsource-3-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 08:30:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 08:30:25 -0000 Subject: SUSE-SU-2025:0916-1: important: Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3) Message-ID: <174237302544.4591.14371364212606215909@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0916-1 Release Date: 2025-03-19T07:33:35Z Rating: important References: * bsc#1229640 * bsc#1231204 * bsc#1233679 Cross-References: * CVE-2022-48911 * CVE-2024-46818 * CVE-2024-50302 CVSS scores: * CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_170 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-916=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-909=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-909=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_228-default-5-2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-7-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_47-debugsource-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-default-7-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_170-preempt-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo-7-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-7-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_47-debugsource-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_170-default-7-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48911.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://bugzilla.suse.com/show_bug.cgi?id=1229640 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 08:30:31 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 08:30:31 -0000 Subject: SUSE-SU-2025:0908-1: important: Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5) Message-ID: <174237303158.4591.10505891608394238617@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:0908-1 Release Date: 2025-03-18T21:57:48Z Rating: important References: * bsc#1227656 * bsc#1228017 * bsc#1229640 * bsc#1231204 * bsc#1233679 Cross-References: * CVE-2021-47496 * CVE-2022-48792 * CVE-2022-48911 * CVE-2024-46818 * CVE-2024-50302 CVSS scores: * CVE-2021-47496 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48792 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48792 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_201 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2022-48792: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (bsc#1228017). * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640). * CVE-2021-47496: Fix flipped sign in tls_err_abort() calls (bsc#1225354) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-908=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_201-default-14-2.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47496.html * https://www.suse.com/security/cve/CVE-2022-48792.html * https://www.suse.com/security/cve/CVE-2022-48911.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://bugzilla.suse.com/show_bug.cgi?id=1227656 * https://bugzilla.suse.com/show_bug.cgi?id=1228017 * https://bugzilla.suse.com/show_bug.cgi?id=1229640 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 12:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 12:30:09 -0000 Subject: SUSE-SU-2025:0942-1: important: Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3) Message-ID: <174238740939.3465.3917477338606030806@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0942-1 Release Date: 2025-03-19T11:33:56Z Rating: important References: * bsc#1227751 * bsc#1228017 * bsc#1229640 * bsc#1231204 * bsc#1233679 Cross-References: * CVE-2021-47261 * CVE-2022-48792 * CVE-2022-48911 * CVE-2024-46818 * CVE-2024-50302 CVSS scores: * CVE-2021-47261 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48792 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48792 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_150 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2021-47261: Fix initializing CQ fragments buffer (bsc#1224954) * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2022-48792: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (bsc#1228017). * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-942=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-942=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_41-debugsource-18-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-default-18-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-default-debuginfo-18-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_150-preempt-18-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-preempt-debuginfo-18-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_150-default-18-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47261.html * https://www.suse.com/security/cve/CVE-2022-48792.html * https://www.suse.com/security/cve/CVE-2022-48911.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://bugzilla.suse.com/show_bug.cgi?id=1227751 * https://bugzilla.suse.com/show_bug.cgi?id=1228017 * https://bugzilla.suse.com/show_bug.cgi?id=1229640 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 12:30:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 12:30:13 -0000 Subject: SUSE-SU-2025:0937-1: important: Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP6) Message-ID: <174238741321.3465.9756581455510614300@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0937-1 Release Date: 2025-03-19T10:34:33Z Rating: important References: * bsc#1235452 Cross-References: * CVE-2024-56648 CVSS scores: * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_33 fixes one issue. The following security issue was fixed: * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-937=1 SUSE-2025-938=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-937=1 SUSE-SLE- Module-Live-Patching-15-SP5-2025-938=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-940=1 SUSE-2025-939=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-939=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-940=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_91-default-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_91-default-debuginfo-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_88-default-debuginfo-2-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_21-debugsource-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_88-default-2-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_22-debugsource-2-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_91-default-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_91-default-debuginfo-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_88-default-debuginfo-2-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_21-debugsource-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_88-default-2-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_22-debugsource-2-150500.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_33-default-debuginfo-2-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_6-debugsource-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_30-default-debuginfo-2-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_7-debugsource-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_30-default-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_33-default-2-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_33-default-debuginfo-2-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_6-debugsource-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_30-default-debuginfo-2-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_7-debugsource-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_30-default-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_33-default-2-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 12:30:20 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 12:30:20 -0000 Subject: SUSE-SU-2025:0943-1: important: Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3) Message-ID: <174238742030.3465.16750210901866669253@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0943-1 Release Date: 2025-03-19T11:34:03Z Rating: important References: * bsc#1227656 * bsc#1227751 * bsc#1228017 * bsc#1229640 * bsc#1231204 * bsc#1233679 Cross-References: * CVE-2021-47261 * CVE-2021-47496 * CVE-2022-48792 * CVE-2022-48911 * CVE-2024-46818 * CVE-2024-50302 CVSS scores: * CVE-2021-47261 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47496 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48792 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48792 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves six vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_158 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2021-47261: Fix initializing CQ fragments buffer (bsc#1224954) * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2022-48792: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (bsc#1228017). * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640). * CVE-2021-47496: Fix flipped sign in tls_err_abort() calls (bsc#1225354) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-943=1 SUSE-SLE- Module-Live-Patching-15-SP3-2025-936=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-936=1 SUSE-2025-943=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_158-default-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_153-default-15-150300.2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_158-default-14-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_42-debugsource-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_153-default-debuginfo-15-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_43-debugsource-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_158-default-debuginfo-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_153-default-15-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_153-preempt-15-150300.2.1 * kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_158-preempt-14-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47261.html * https://www.suse.com/security/cve/CVE-2021-47496.html * https://www.suse.com/security/cve/CVE-2022-48792.html * https://www.suse.com/security/cve/CVE-2022-48911.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://bugzilla.suse.com/show_bug.cgi?id=1227656 * https://bugzilla.suse.com/show_bug.cgi?id=1227751 * https://bugzilla.suse.com/show_bug.cgi?id=1228017 * https://bugzilla.suse.com/show_bug.cgi?id=1229640 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 12:30:23 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 12:30:23 -0000 Subject: SUSE-SU-2025:0929-1: important: Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4) Message-ID: <174238742378.3465.44489174968264099@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0929-1 Release Date: 2025-03-19T10:04:22Z Rating: important References: * bsc#1233679 * bsc#1235452 Cross-References: * CVE-2024-50302 * CVE-2024-56648 CVSS scores: * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_141 fixes several issues. The following security issues were fixed: * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-929=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-929=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_141-default-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_33-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-4-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_141-default-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_33-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-4-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50302.html * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1233679 * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 12:30:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 12:30:28 -0000 Subject: SUSE-SU-2025:0927-1: important: Security update for the Linux Kernel (Live Patch 59 for SLE 12 SP5) Message-ID: <174238742889.3465.8529396542002962803@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 59 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:0927-1 Release Date: 2025-03-19T10:04:06Z Rating: important References: * bsc#1229640 * bsc#1231204 * bsc#1233679 Cross-References: * CVE-2022-48911 * CVE-2024-46818 * CVE-2024-50302 CVSS scores: * CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_225 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-927=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_225-default-6-2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48911.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://bugzilla.suse.com/show_bug.cgi?id=1229640 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 12:30:33 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 12:30:33 -0000 Subject: SUSE-SU-2025:0924-1: important: Security update for the Linux Kernel (Live Patch 61 for SLE 12 SP5) Message-ID: <174238743319.3465.2470526842521754922@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 61 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:0924-1 Release Date: 2025-03-19T09:33:40Z Rating: important References: * bsc#1231204 * bsc#1233679 Cross-References: * CVE-2024-46818 * CVE-2024-50302 CVSS scores: * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_231 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-924=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_231-default-5-2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 12:30:38 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 12:30:38 -0000 Subject: SUSE-SU-2025:0922-1: important: Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6) Message-ID: <174238743891.3465.7192972209750414355@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0922-1 Release Date: 2025-03-19T08:04:31Z Rating: important References: * bsc#1228755 * bsc#1231196 * bsc#1231204 * bsc#1233679 * bsc#1235452 Cross-References: * CVE-2024-42159 * CVE-2024-46815 * CVE-2024-46818 * CVE-2024-50302 * CVE-2024-56648 CVSS scores: * CVE-2024-42159 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42159 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42159 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_17 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231196). * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2024-42159: scsi: mpi3mr: fix sanitise num_phys (bsc#1228755). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-922=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-922=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_17-default-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-10-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_3-debugsource-10-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_17-default-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-10-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_3-debugsource-10-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-42159.html * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1228755 * https://bugzilla.suse.com/show_bug.cgi?id=1231196 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 12:30:44 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 12:30:44 -0000 Subject: SUSE-SU-2025:0920-1: important: Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5) Message-ID: <174238744406.3465.11553601722215504333@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0920-1 Release Date: 2025-03-19T10:04:30Z Rating: important References: * bsc#1229640 * bsc#1231196 * bsc#1231204 * bsc#1233679 * bsc#1235452 Cross-References: * CVE-2022-48911 * CVE-2024-46815 * CVE-2024-46818 * CVE-2024-50302 * CVE-2024-56648 CVSS scores: * CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_68 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231196). * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-926=1 SUSE-SLE- Module-Live-Patching-15-SP5-2025-930=1 SUSE-SLE-Module-Live- Patching-15-SP5-2025-925=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-921=1 SUSE-2025-920=1 SUSE-2025-928=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-928=1 SUSE-SLE- Module-Live-Patching-15-SP4-2025-921=1 SUSE-SLE-Module-Live- Patching-15-SP4-2025-920=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-930=1 SUSE-2025-925=1 SUSE-2025-926=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_14-debugsource-12-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_15-debugsource-11-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_11-debugsource-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_68-default-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-12-150500.2.1 * kernel-livepatch-5_14_21-150500_55_65-default-12-150500.2.1 * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_52-default-14-150500.2.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_26-debugsource-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_133-default-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_122-default-11-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_27-debugsource-11-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_31-debugsource-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_119-default-13-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_26-debugsource-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_133-default-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_122-default-11-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_27-debugsource-11-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_31-debugsource-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_119-default-13-150400.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_14-debugsource-12-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_15-debugsource-11-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_11-debugsource-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-12-150500.2.1 * kernel-livepatch-5_14_21-150500_55_68-default-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_65-default-12-150500.2.1 * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_52-default-14-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48911.html * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1229640 * https://bugzilla.suse.com/show_bug.cgi?id=1231196 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 16:30:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 16:30:11 -0000 Subject: SUSE-SU-2025:0952-1: important: Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6) Message-ID: <174240181191.4895.13871804129895207291@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0952-1 Release Date: 2025-03-19T13:34:10Z Rating: important References: * bsc#1228755 * bsc#1231196 * bsc#1231204 * bsc#1233679 * bsc#1235452 Cross-References: * CVE-2024-42159 * CVE-2024-46815 * CVE-2024-46818 * CVE-2024-50302 * CVE-2024-56648 CVSS scores: * CVE-2024-42159 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42159 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42159 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_21 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231196). * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2024-42159: scsi: mpi3mr: fix sanitise num_phys (bsc#1228755). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-952=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-952=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_0-debugsource-12-150600.4.28.1 * kernel-livepatch-6_4_0-150600_21-default-debuginfo-12-150600.4.28.1 * kernel-livepatch-6_4_0-150600_21-default-12-150600.4.28.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_0-debugsource-12-150600.4.28.1 * kernel-livepatch-6_4_0-150600_21-default-debuginfo-12-150600.4.28.1 * kernel-livepatch-6_4_0-150600_21-default-12-150600.4.28.1 ## References: * https://www.suse.com/security/cve/CVE-2024-42159.html * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1228755 * https://bugzilla.suse.com/show_bug.cgi?id=1231196 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 16:30:15 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 16:30:15 -0000 Subject: SUSE-SU-2025:0949-1: important: Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4) Message-ID: <174240181577.4895.8001435664842745886@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0949-1 Release Date: 2025-03-19T13:04:19Z Rating: important References: * bsc#1235452 Cross-References: * CVE-2024-56648 CVSS scores: * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_144 fixes one issue. The following security issue was fixed: * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-949=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-949=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-3-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_34-debugsource-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_144-default-3-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-3-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_34-debugsource-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_144-default-3-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 16:30:23 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 16:30:23 -0000 Subject: SUSE-SU-2025:0950-1: important: Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5) Message-ID: <174240182337.4895.6461885424349877273@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0950-1 Release Date: 2025-03-19T13:34:04Z Rating: important References: * bsc#1229640 * bsc#1231196 * bsc#1231204 * bsc#1233679 * bsc#1235452 Cross-References: * CVE-2022-48911 * CVE-2024-46815 * CVE-2024-46818 * CVE-2024-50302 * CVE-2024-56648 CVSS scores: * CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_73 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231196). * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-950=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-951=1 SUSE-2025-947=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-951=1 SUSE-SLE- Module-Live-Patching-15-SP5-2025-947=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-950=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_24-debugsource-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-14-150400.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1 * kernel-livepatch-5_14_21-150500_55_73-default-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-16-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_10-debugsource-16-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_17-debugsource-6-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1 * kernel-livepatch-5_14_21-150500_55_73-default-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-16-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_10-debugsource-16-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le x86_64) * kernel-livepatch-SLE15-SP5_Update_17-debugsource-6-150500.2.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_24-debugsource-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-14-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48911.html * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1229640 * https://bugzilla.suse.com/show_bug.cgi?id=1231196 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 16:30:29 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 16:30:29 -0000 Subject: SUSE-SU-2025:0946-1: important: Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4) Message-ID: <174240182942.4895.1201970163348911337@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4) Announcement ID: SUSE-SU-2025:0946-1 Release Date: 2025-03-19T12:35:10Z Rating: important References: * bsc#1231196 * bsc#1231204 * bsc#1233679 * bsc#1235452 Cross-References: * CVE-2024-46815 * CVE-2024-46818 * CVE-2024-50302 * CVE-2024-56648 CVSS scores: * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_136 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231196). * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-946=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-946=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_136-default-5-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_32-debugsource-5-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_136-default-5-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_32-debugsource-5-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1231196 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 16:30:34 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 16:30:34 -0000 Subject: SUSE-SU-2025:0944-1: important: Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3) Message-ID: <174240183424.4895.17399707185690838113@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0944-1 Release Date: 2025-03-19T13:04:12Z Rating: important References: * bsc#1228017 * bsc#1229640 * bsc#1231204 * bsc#1233679 Cross-References: * CVE-2022-48792 * CVE-2022-48911 * CVE-2024-46818 * CVE-2024-50302 CVSS scores: * CVE-2022-48792 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48792 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_167 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). * CVE-2022-48792: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (bsc#1228017). * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-944=1 SUSE-2025-948=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-944=1 SUSE-SLE- Module-Live-Patching-15-SP3-2025-948=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_164-default-debuginfo-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_164-default-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_167-default-debuginfo-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_167-default-9-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_46-debugsource-9-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_45-debugsource-10-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_167-preempt-debuginfo-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_164-preempt-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_167-preempt-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo-10-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_167-default-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_164-default-10-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48792.html * https://www.suse.com/security/cve/CVE-2022-48911.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://bugzilla.suse.com/show_bug.cgi?id=1228017 * https://bugzilla.suse.com/show_bug.cgi?id=1229640 * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 16:30:36 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 16:30:36 -0000 Subject: SUSE-SU-2025:0954-1: important: Security update for tomcat Message-ID: <174240183662.4895.12418775193108053184@smelt2.prg2.suse.org> # Security update for tomcat Announcement ID: SUSE-SU-2025:0954-1 Release Date: 2025-03-19T13:50:57Z Rating: important References: * bsc#1239302 Cross-References: * CVE-2025-24813 CVSS scores: * CVE-2025-24813 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-24813 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-24813 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-24813 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for tomcat fixes the following issues: * CVE-2025-24813: Fixed potential RCE and/or information disclosure/corruption with partial PUT (bsc#1239302) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-954=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-954=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * tomcat-docs-webapp-9.0.36-3.139.1 * tomcat-9.0.36-3.139.1 * tomcat-servlet-4_0-api-9.0.36-3.139.1 * tomcat-jsp-2_3-api-9.0.36-3.139.1 * tomcat-javadoc-9.0.36-3.139.1 * tomcat-el-3_0-api-9.0.36-3.139.1 * tomcat-webapps-9.0.36-3.139.1 * tomcat-lib-9.0.36-3.139.1 * tomcat-admin-webapps-9.0.36-3.139.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * tomcat-docs-webapp-9.0.36-3.139.1 * tomcat-9.0.36-3.139.1 * tomcat-servlet-4_0-api-9.0.36-3.139.1 * tomcat-jsp-2_3-api-9.0.36-3.139.1 * tomcat-javadoc-9.0.36-3.139.1 * tomcat-el-3_0-api-9.0.36-3.139.1 * tomcat-webapps-9.0.36-3.139.1 * tomcat-lib-9.0.36-3.139.1 * tomcat-admin-webapps-9.0.36-3.139.1 ## References: * https://www.suse.com/security/cve/CVE-2025-24813.html * https://bugzilla.suse.com/show_bug.cgi?id=1239302 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 16:31:01 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 16:31:01 -0000 Subject: SUSE-SU-2025:0945-1: important: Security update for the Linux Kernel Message-ID: <174240186188.4895.9680291116392799070@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0945-1 Release Date: 2025-03-19T12:13:45Z Rating: important References: * bsc#1208995 * bsc#1220946 * bsc#1224700 * bsc#1225742 * bsc#1232905 * bsc#1232919 * bsc#1234154 * bsc#1234853 * bsc#1234891 * bsc#1234963 * bsc#1235054 * bsc#1235061 * bsc#1235073 * bsc#1236661 * bsc#1236675 * bsc#1236677 * bsc#1236757 * bsc#1236758 * bsc#1236760 * bsc#1236761 * bsc#1237025 * bsc#1237028 * bsc#1237139 * bsc#1237316 * bsc#1237693 * bsc#1238033 Cross-References: * CVE-2022-49080 * CVE-2023-1192 * CVE-2023-52572 * CVE-2024-35949 * CVE-2024-50115 * CVE-2024-50128 * CVE-2024-53135 * CVE-2024-53173 * CVE-2024-53239 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56605 * CVE-2024-57948 * CVE-2025-21690 * CVE-2025-21692 * CVE-2025-21699 CVSS scores: * CVE-2022-49080 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49080 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1192 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1192 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52572 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2023-52572 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50128 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50128 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2024-50128 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53135 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53135 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56548 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57948 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57948 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21690 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21690 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21692 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21692 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21692 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21699 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21699 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21699 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves 16 vulnerabilities and has 10 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700). * CVE-2024-50128: net: wwan: fix global oob in wwan_rtnl_policy (bsc#1232905). * CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154). * CVE-2024-57948: mac802154: check local interfaces before deleting sdata list (bsc#1236677). * CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025). * CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028). * CVE-2025-21699: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (bsc#1237139). The following non-security bugs were fixed: * idpf: call set_real_num_queues in idpf_open (bsc#1236661 bsc#1237316). * ipv4/tcp: do not use per netns ctl sockets (bsc#1237693). * net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761). * net: mana: Cleanup "mana" debugfs dir after cleanup of all children (bsc#1236760). * net: mana: Enable debugfs files for MANA device (bsc#1236758). * net: netvsc: Update default VMBus channels (bsc#1236757). * scsi: storvsc: Use scsi_cmd_to_rq() instead of scsi_cmnd.request (git- fixes). * x86/kvm: fix is_stale_page_fault() (bsc#1236675). * x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes). * x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-945=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-945=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-945=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-945=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.112.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.112.1 * kernel-rt-debuginfo-5.14.21-150400.15.112.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.112.1 * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.112.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.112.1 * kernel-rt-debuginfo-5.14.21-150400.15.112.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.112.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.112.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.112.1 * kernel-rt-debuginfo-5.14.21-150400.15.112.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.112.1 * SUSE Linux Enterprise Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.112.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.112.1 * kernel-rt-debuginfo-5.14.21-150400.15.112.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.112.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49080.html * https://www.suse.com/security/cve/CVE-2023-1192.html * https://www.suse.com/security/cve/CVE-2023-52572.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-50128.html * https://www.suse.com/security/cve/CVE-2024-53135.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-57948.html * https://www.suse.com/security/cve/CVE-2025-21690.html * https://www.suse.com/security/cve/CVE-2025-21692.html * https://www.suse.com/security/cve/CVE-2025-21699.html * https://bugzilla.suse.com/show_bug.cgi?id=1208995 * https://bugzilla.suse.com/show_bug.cgi?id=1220946 * https://bugzilla.suse.com/show_bug.cgi?id=1224700 * https://bugzilla.suse.com/show_bug.cgi?id=1225742 * https://bugzilla.suse.com/show_bug.cgi?id=1232905 * https://bugzilla.suse.com/show_bug.cgi?id=1232919 * https://bugzilla.suse.com/show_bug.cgi?id=1234154 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1236661 * https://bugzilla.suse.com/show_bug.cgi?id=1236675 * https://bugzilla.suse.com/show_bug.cgi?id=1236677 * https://bugzilla.suse.com/show_bug.cgi?id=1236757 * https://bugzilla.suse.com/show_bug.cgi?id=1236758 * https://bugzilla.suse.com/show_bug.cgi?id=1236760 * https://bugzilla.suse.com/show_bug.cgi?id=1236761 * https://bugzilla.suse.com/show_bug.cgi?id=1237025 * https://bugzilla.suse.com/show_bug.cgi?id=1237028 * https://bugzilla.suse.com/show_bug.cgi?id=1237139 * https://bugzilla.suse.com/show_bug.cgi?id=1237316 * https://bugzilla.suse.com/show_bug.cgi?id=1237693 * https://bugzilla.suse.com/show_bug.cgi?id=1238033 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 20:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 20:30:07 -0000 Subject: SUSE-SU-2025:0962-1: important: Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6) Message-ID: <174241620709.21928.14931616808389799272@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:0962-1 Release Date: 2025-03-19T19:04:26Z Rating: important References: * bsc#1233679 * bsc#1235452 Cross-References: * CVE-2024-50302 * CVE-2024-56648 CVSS scores: * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56648 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56648 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_25 fixes several issues. The following security issues were fixed: * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-963=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-963=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-962=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-962=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_25-default-5-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_5-debugsource-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-5-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_25-default-5-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_5-debugsource-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-5-150600.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_83-default-5-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_20-debugsource-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-5-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_83-default-5-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_20-debugsource-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-5-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50302.html * https://www.suse.com/security/cve/CVE-2024-56648.html * https://bugzilla.suse.com/show_bug.cgi?id=1233679 * https://bugzilla.suse.com/show_bug.cgi?id=1235452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 20:30:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 20:30:12 -0000 Subject: SUSE-SU-2025:0961-1: important: Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3) Message-ID: <174241621286.21928.7296370579276001388@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0961-1 Release Date: 2025-03-19T19:04:10Z Rating: important References: * bsc#1231204 * bsc#1233679 Cross-References: * CVE-2024-46818 * CVE-2024-50302 CVSS scores: * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50302 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50302 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_179 fixes several issues. The following security issues were fixed: * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). * CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-961=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-961=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-5-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_49-debugsource-5-150300.2.1 * kernel-livepatch-5_3_18-150300_59_179-default-5-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_179-preempt-debuginfo-5-150300.2.1 * kernel-livepatch-5_3_18-150300_59_179-preempt-5-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-5-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_49-debugsource-5-150300.2.1 * kernel-livepatch-5_3_18-150300_59_179-default-5-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-50302.html * https://bugzilla.suse.com/show_bug.cgi?id=1231204 * https://bugzilla.suse.com/show_bug.cgi?id=1233679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 20:32:01 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 20:32:01 -0000 Subject: SUSE-SU-2025:0955-1: important: Security update for the Linux Kernel Message-ID: <174241632113.21928.3267427962805315073@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0955-1 Release Date: 2025-03-19T16:11:26Z Rating: important References: * bsc#1012628 * bsc#1215199 * bsc#1219367 * bsc#1222672 * bsc#1222803 * bsc#1225606 * bsc#1225742 * bsc#1225981 * bsc#1227937 * bsc#1228521 * bsc#1230235 * bsc#1230438 * bsc#1230439 * bsc#1230497 * bsc#1231432 * bsc#1231912 * bsc#1231920 * bsc#1231949 * bsc#1232159 * bsc#1232198 * bsc#1232201 * bsc#1232299 * bsc#1232508 * bsc#1232520 * bsc#1232919 * bsc#1233028 * bsc#1233109 * bsc#1233483 * bsc#1233749 * bsc#1234070 * bsc#1234853 * bsc#1234857 * bsc#1234891 * bsc#1234894 * bsc#1234895 * bsc#1234896 * bsc#1234963 * bsc#1235054 * bsc#1235061 * bsc#1235073 * bsc#1235435 * bsc#1235485 * bsc#1235592 * bsc#1235599 * bsc#1235609 * bsc#1235932 * bsc#1235933 * bsc#1236113 * bsc#1236114 * bsc#1236115 * bsc#1236122 * bsc#1236123 * bsc#1236133 * bsc#1236138 * bsc#1236199 * bsc#1236200 * bsc#1236203 * bsc#1236205 * bsc#1236573 * bsc#1236575 * bsc#1236576 * bsc#1236591 * bsc#1236661 * bsc#1236677 * bsc#1236681 * bsc#1236682 * bsc#1236684 * bsc#1236689 * bsc#1236700 * bsc#1236702 * bsc#1236752 * bsc#1236759 * bsc#1236821 * bsc#1236822 * bsc#1236896 * bsc#1236897 * bsc#1236952 * bsc#1236967 * bsc#1236994 * bsc#1237007 * bsc#1237017 * bsc#1237025 * bsc#1237028 * bsc#1237045 * bsc#1237126 * bsc#1237132 * bsc#1237139 * bsc#1237155 * bsc#1237158 * bsc#1237159 * bsc#1237232 * bsc#1237234 * bsc#1237325 * bsc#1237356 * bsc#1237415 * bsc#1237452 * bsc#1237504 * bsc#1237521 * bsc#1237558 * bsc#1237562 * bsc#1237563 * bsc#1237848 * bsc#1237849 * bsc#1237879 * bsc#1237889 * bsc#1237891 * bsc#1237901 * bsc#1237950 * bsc#1238214 * bsc#1238303 * bsc#1238347 * bsc#1238368 * bsc#1238509 * bsc#1238525 * bsc#1238570 * bsc#1238739 * bsc#1238751 * bsc#1238753 * bsc#1238759 * bsc#1238860 * bsc#1238863 * bsc#1238877 * jsc#PED-10028 * jsc#PED-11253 * jsc#PED-12094 * jsc#PED-348 Cross-References: * CVE-2023-52924 * CVE-2023-52925 * CVE-2024-26708 * CVE-2024-26810 * CVE-2024-40980 * CVE-2024-41055 * CVE-2024-44974 * CVE-2024-45009 * CVE-2024-45010 * CVE-2024-47701 * CVE-2024-49884 * CVE-2024-49950 * CVE-2024-50029 * CVE-2024-50036 * CVE-2024-50073 * CVE-2024-50085 * CVE-2024-50115 * CVE-2024-50142 * CVE-2024-50185 * CVE-2024-50294 * CVE-2024-53123 * CVE-2024-53147 * CVE-2024-53173 * CVE-2024-53176 * CVE-2024-53177 * CVE-2024-53178 * CVE-2024-53226 * CVE-2024-53239 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56579 * CVE-2024-56605 * CVE-2024-56633 * CVE-2024-56647 * CVE-2024-56720 * CVE-2024-57889 * CVE-2024-57948 * CVE-2024-57994 * CVE-2025-21636 * CVE-2025-21637 * CVE-2025-21638 * CVE-2025-21639 * CVE-2025-21640 * CVE-2025-21647 * CVE-2025-21665 * CVE-2025-21667 * CVE-2025-21668 * CVE-2025-21673 * CVE-2025-21680 * CVE-2025-21681 * CVE-2025-21684 * CVE-2025-21687 * CVE-2025-21688 * CVE-2025-21689 * CVE-2025-21690 * CVE-2025-21692 * CVE-2025-21697 * CVE-2025-21699 * CVE-2025-21700 * CVE-2025-21705 * CVE-2025-21715 * CVE-2025-21716 * CVE-2025-21719 * CVE-2025-21724 * CVE-2025-21725 * CVE-2025-21728 * CVE-2025-21767 * CVE-2025-21790 * CVE-2025-21795 * CVE-2025-21799 * CVE-2025-21802 CVSS scores: * CVE-2023-52924 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-52924 ( SUSE ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52925 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52925 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52925 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26708 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26708 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26810 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26810 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40980 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40980 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41055 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41055 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44974 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2024-44974 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-44974 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45009 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-45009 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45010 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-45010 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47701 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47701 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-47701 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49950 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50029 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50029 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50036 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50036 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50073 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50073 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-50073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50085 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50085 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50142 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50142 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50142 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50294 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53123 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53147 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53147 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53176 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53176 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53177 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53178 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53178 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53226 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53226 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53226 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56548 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56579 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56579 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56579 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56633 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56633 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56647 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56647 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56647 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56720 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56720 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57889 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57948 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57948 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57994 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21636 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21636 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21637 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21637 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21638 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21638 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21638 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21639 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21639 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21640 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21640 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21640 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21647 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21647 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21665 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21665 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21665 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21667 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21667 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21668 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-21668 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-21673 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21673 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-21673 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21680 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21680 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21680 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21681 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2025-21681 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2025-21681 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21684 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21684 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21687 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21687 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21687 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21688 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21689 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21689 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21690 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21690 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21692 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21692 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21692 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21697 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-21697 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21699 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21699 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21699 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21700 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21700 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21705 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21715 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21715 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21716 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21716 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21719 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21724 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21725 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21790 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21795 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21799 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21802 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Real Time Module 15-SP6 An update that solves 71 vulnerabilities, contains four features and has 51 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-26708: mptcp: fix inconsistent state on fastopen race (bsc#1222672). * CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock (bsc#1227937). * CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235). * CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438). * CVE-2024-45010: mptcp: pm: only mark 'subflow' endp as available (bsc#1230439). * CVE-2024-50029: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync (bsc#1231949). * CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912). * CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508). * CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028). * CVE-2024-50185: kABI fix for mptcp: handle consistently DSS corruption (bsc#1233109). * CVE-2024-50294: rxrpc: Fix missing locking causing hanging calls (bsc#1233483). * CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070). * CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857). * CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894). * CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896). * CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895). * CVE-2024-56633: selftests/bpf: Add apply_bytes test to test_txmsg_redir_wait_sndmem in test_sockmap (bsc#1235485). * CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435). * CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592). * CVE-2024-57994: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() (bsc#1237901). * CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (bsc#1236113). * CVE-2025-21637: sctp: sysctl: udp_port: avoid using current->nsproxy (bsc#1236114). * CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy (bsc#1236115). * CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy (bsc#1236122). * CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (bsc#1236123). * CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133). * CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits (bsc#1236684). * CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits (bsc#1236681). * CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition (bsc#1236682). * CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689). * CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700). * CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1236702). * CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045). * CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028). * CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159). * CVE-2025-21705: mptcp: handle fastopen disconnect correctly (bsc#1238525). * CVE-2025-21715: net: davicom: fix UAF in dm9000_drv_remove (bsc#1237889). * CVE-2025-21716: vxlan: Fix uninit-value in vxlan_vnifilter_dump() (bsc#1237891). * CVE-2025-21719: ipmr: do not call mr_mfc_uses_dev() for unres entries (bsc#1238860). * CVE-2025-21724: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() (bsc#1238863). * CVE-2025-21725: smb: client: fix oops due to unset link speed (bsc#1238877). * CVE-2025-21728: bpf: Send signals asynchronously if !preemptible (bsc#1237879). * CVE-2025-21767: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (bsc#1238509). * CVE-2025-21790: vxlan: check vxlan_vnigroup_init() return value (bsc#1238753). * CVE-2025-21795: NFSD: fix hang in nfsd4_shutdown_callback (bsc#1238759). * CVE-2025-21799: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (bsc#1238739). * CVE-2025-21802: net: hns3: fix oops when unload drivers paralleling (bsc#1238751). The following non-security bugs were fixed: * acct: block access to kernel internal filesystems (git-fixes). * acct: perform last write from workqueue (git-fixes). * ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes). * ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read() (git-fixes). * ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10 tablet 5V (stable-fixes). * add nf_tables for iptables non-legacy network handling * af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (bsc#1237849). * ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (git-fixes). * ALSA: hda/cirrus: Correct the full scale volume set logic (git-fixes). * ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (stable-fixes). * ALSA: hda/realtek: Fix microphone regression on ASUS N705UD (git-fixes). * ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15 (git-fixes). * ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes). * ALSA: seq: Drop UMP events when no UMP-conversion is set (git-fixes). * ALSA: seq: Make dependency on UMP clearer (git-fixes). * ALSA: seq: remove redundant 'tristate' for SND_SEQ_UMP_CLIENT (stable- fixes). * ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (git- fixes). * ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (stable- fixes). * amdgpu/pm/legacy: fix suspend/resume issues (git-fixes). * APEI: GHES: Have GHES honor the panic= setting (stable-fixes). * arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes) * arm64: Handle .ARM.attributes section in linker scripts (git-fixes) * arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes) * arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes) * arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git- fixes) * arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes) * ASoC: amd: Add ACPI dependency to fix build error (stable-fixes). * ASoC: es8328: fix route from DAC to output (git-fixes). * ASoC: fsl_micfil: Enable default case in micfil_set_quality() (git-fixes). * ASoC: Intel: avs: Abstract IPC handling (stable-fixes). * ASoC: Intel: avs: Do not readq() u32 registers (git-fixes). * ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes). * ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (stable-fixes). * ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] (git- fixes). * ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (git-fixes). * ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (git- fixes). * ata: libata-sff: Ensure that we cannot write outside the allocated buffer (stable-fixes). * batman-adv: Drop unmanaged ELP metric worker (git-fixes). * batman-adv: fix panic during interface removal (git-fixes). * batman-adv: Ignore neighbor throughput metrics in error case (stable-fixes). * bio-integrity: do not restrict the size of integrity metadata (git-fixes). * blk_iocost: remove some duplicate irq disable/enables (git-fixes). * blk-cgroup: Fix class @block_class's subsystem refcount leakage (bsc#1237558). * blk-cgroup: Properly propagate the iostat update up the hierarchy (bsc#1225606). * blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (git- fixes). * blk-mq: add number of queue calc helper (bsc#1236897). * blk-mq: create correct map for fallback case (bsc#1236896). * blk-mq: do not count completed flush data request as inflight in case of quiesce (git-fixes). * blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896). * blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1236897). * blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex less long (git- fixes). * blk-mq: move cpuhp callback registering out of q->sysfs_lock (git-fixes). * blk-mq: register cpuhp callback after hctx is added to xarray table (git- fixes). * blk-mq: use hk cpus only when isolcpus=managed_irq is enabled (bsc#1236897). * block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (git-fixes). * block: add a disk_has_partscan helper (git-fixes). * block: add a partscan sysfs attribute for disks (git-fixes). * block: add check of 'minors' and 'first_minor' in device_add_disk() (git- fixes). * block: avoid to reuse `hctx` not removed from cpuhp callback list (git- fixes). * block: change rq_integrity_vec to respect the iterator (git-fixes). * block: Clear zone limits for a non-zoned stacked queue (git-fixes). * block: copy back bounce buffer to user-space correctly in case of split (git-fixes). * block: ensure we hold a queue reference when using queue limits (git-fixes). * block: fix and simplify blkdevparts= cmdline parsing (git-fixes). * block: fix bio_split_rw_at to take zone_write_granularity into account (git- fixes). * block: Fix elevator_get_default() checking for NULL q->tag_set (git-fixes). * block: fix integer overflow in BLKSECDISCARD (git-fixes). * block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes). * block: fix missing dispatching request when queue is started or unquiesced (git-fixes). * block: fix ordering between checking BLK_MQ_S_STOPPED request adding (git- fixes). * block: fix ordering between checking QUEUE_FLAG_QUIESCED request adding (git-fixes). * block: Fix page refcounts for unaligned buffers in __bio_release_pages() (git-fixes). * block: fix sanity checks in blk_rq_map_user_bvec (git-fixes). * block: propagate partition scanning errors to the BLKRRPART ioctl (git- fixes). * block: Provide bdev_open_* functions (git-fixes). * block: Remove special-casing of compound pages (git-fixes). * block: remove the blk_flush_integrity call in blk_integrity_unregister (git- fixes). * block: retry call probe after request_module in blk_request_module (git- fixes). * block: return unsigned int from bdev_io_min (git-fixes). * block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() (git-fixes). * block: Set memalloc_noio to false on device_add_disk() error path (git- fixes). * block: support to account io_ticks precisely (git-fixes). * block: use the right type for stub rq_integrity_vec() (git-fixes). * bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() (git- fixes). * bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() (git-fixes). * bluetooth: btusb: Initialize .owner field of force_poll_sync_fops (git- fixes). * bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes). * bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (stable-fixes). * bnxt_en: Fix possible memory leak when hwrm_req_replace fails (git-fixes). * bnxt_en: Refactor bnxt_ptp_init() (git-fixes). * bnxt_en: Unregister PTP during PCI shutdown and suspend (git-fixes). * btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1237232). * btrfs: fix extent map merging not happening for adjacent extents (bsc#1237232). * can: c_can: fix unbalanced runtime PM disable in error path (git-fixes). * can: ctucanfd: handle skb allocation failure (git-fixes). * can: etas_es58x: fix potential NULL pointer dereference on udev->serial (git-fixes). * can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (git-fixes). * chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes). * cifs: commands that are retried should have replay flag set (bsc#1231432). * cifs: Fix parsing reparse point with native symlink in SMB1 non-UNICODE session (git-fixes). * cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (bsc#1231432). * cifs: helper function to check replayable error codes (bsc#1231432). * cifs: new mount option called retrans (bsc#1231432). * cifs: open_cached_dir should not rely on primary channel (bsc#1231432). * cifs: open_cached_dir(): add FILE_READ_EA to desired access (git-fixes). * cifs: Remove intermediate object of failed create reparse call (git-fixes). * cifs: update desired access while requesting for directory lease (git- fixes). * cifs: update the same create_guid on replay (git-fixes). * clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe (git- fixes). * clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes). * clk: mediatek: mt2701-img: add missing dummy clk (git-fixes). * clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes). * clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe (git- fixes). * clk: qcom: clk-alpha-pll: fix alpha mode configuration (git-fixes). * clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (git-fixes). * clk: qcom: dispcc-sm6350: Add missing parent_map for a clock (git-fixes). * clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (git-fixes). * clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (git-fixes). * clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() (git-fixes). * clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes). * cpu/hotplug: Do not offline the last non-isolated CPU (bsc#1237562). * cpu/hotplug: Prevent self deadlock on CPU hot-unplug (bsc#1237562). * cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes). * cpufreq: imx6q: do not warn for disabling a non-existing frequency (git- fixes). * cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes). * cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes). * cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes). * cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes). * cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes). * cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes). * cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes). * cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes). * cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes). * cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is not available (git-fixes). * cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks (git-fixes). * cpufreq: s3c64xx: Fix compilation warning (stable-fixes). * crypto: hisilicon/sec2 - fix for aead icv error (git-fixes). * crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes). * crypto: hisilicon/sec2 - optimize the error return process (stable-fixes). * cxgb4: Avoid removal of uninserted tid (git-fixes). * cxgb4: use port number to set mac addr (git-fixes). * devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1237234). * dlm: fix srcu_read_lock() return type to int (git-fixes). * doc: update managed_irq documentation (bsc#1236897). * driver core: bus: add irq_get_affinity callback to bus_type (bsc#1236896). * drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor (stable-fixes). * drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params (git-fixes). * drm/amd/pm: Mark MM activity as unsupported (stable-fixes). * drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (stable- fixes). * drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() (git-fixes). * drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes). * drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759). * drm/amdkfd: only flush the validate MES contex (stable-fixes). * drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT (stable- fixes). * drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes). * drm/bridge: it6505: fix HDCP CTS compare V matching (stable-fixes). * drm/bridge: it6505: fix HDCP CTS KSV list wait timer (stable-fixes). * drm/bridge: it6505: fix HDCP encryption when R0 ready (stable-fixes). * drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (stable-fixes). * drm/i915: Fix page cleanup on DMA remap failure (git-fixes). * drm/i915: Make sure all planes in use by the joiner have their crtc included (stable-fixes). * drm/i915/dp: Fix error handling during 128b/132b link training (stable- fixes). * drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes). * drm/i915/guc: Debug print LRC state entries only if the context is pinned (git-fixes). * drm/i915/pmu: Fix zero delta busyness issue (git-fixes). * drm/i915/selftests: avoid using uninitialized context (git-fixes). * drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes). * drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094) * drm/modeset: Handle tiled displays in pan_display_atomic (stable-fixes). * drm/msm: Avoid rounding up to one jiffy (git-fixes). * drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes). * drm/msm/dpu: Do not leak bits_per_component into random DSC_ENC fields (git- fixes). * drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER (stable-fixes). * drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (git-fixes). * drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes). * drm/rockchip: move output interface related definition to rockchip_drm_drv.h (stable-fixes). * drm/rockchip: vop2: Fix the windows switch between different layers (git- fixes). * drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes). * drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable- fixes). * drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes). * drm/sched: Fix preprocessor guard (git-fixes). * drm/virtio: New fence for every plane update (stable-fixes). * efi: Avoid cold plugged memory for placing the kernel (stable-fixes). * efi: libstub: Use '-std=gnu11' to fix build with GCC 15 (stable-fixes). * eth: gve: use appropriate helper to set xdp_features (git-fixes). * exfat: convert to ctime accessor functions (git-fixes). * exfat: do not zero the extended part (bsc#1237356). * exfat: fix appending discontinuous clusters to empty file (bsc#1237356). * exfat: fix file being changed by unaligned direct write (git-fixes). * exfat: fix timing of synchronizing bitmap and inode (bsc#1237356). * exfat: fix zero the unwritten part for dio read (git-fixes). * fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes). * firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes). * Fix conditional for selecting gcc-13 * Fix conditional for selecting gcc-13. * Fix memory-hotplug regression (bsc#1237504) * futex: Do not include process MM in futex key on no-MMU (git-fixes). * gpio: bcm-kona: Add missing newline to dev_err format string (git-fixes). * gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (git-fixes). * gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (git- fixes). * gpio: pca953x: Improve interrupt support (git-fixes). * gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (git-fixes). * gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes). * gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes). * Grab mm lock before grabbing pt lock (git-fixes). * gup: make the stack expansion warning a bit more targeted (bsc#1238214). * hfs: Sanity check the root record (git-fixes). * hid: hid-steam: Add Deck IMU support (stable-fixes). * hid: hid-steam: Add gamepad-only mode switched to by holding options (stable-fixes). * hid: hid-steam: Avoid overwriting smoothing parameter (stable-fixes). * hid: hid-steam: Clean up locking (stable-fixes). * hid: hid-steam: Disable watchdog instead of using a heartbeat (stable- fixes). * hid: hid-steam: Do not use cancel_delayed_work_sync in IRQ context (git- fixes). * hid: hid-steam: Fix cleanup in probe() (git-fixes). * hid: hid-steam: Make sure rumble work is canceled on removal (stable-fixes). * hid: hid-steam: Move hidraw input (un)registering to work (git-fixes). * hid: hid-steam: remove pointless error message (stable-fixes). * hid: hid-steam: Update list of identifiers from SDL (stable-fixes). * hid: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() (git-fixes). * hid: multitouch: Add NULL check in mt_input_configured (git-fixes). * hid: Wacom: Add PCI Wacom device support (stable-fixes). * i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (stable-fixes). * i2c: ls2x: Fix frequency division register access (git-fixes). * i2c: npcm: disable interrupt enable bit before devm_request_irq (git-fixes). * iavf: allow changing VLAN state without calling PF (git-fixes). * IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes) * ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1237415). * ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1237415). * ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset (git- fixes). * ice: fix incorrect PHY settings for 100 GB/s (git-fixes). * ice: fix max values for dpll pin phase adjust (git-fixes). * ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1237415). * ice: gather page_count()'s of each frag right before XDP prog call (git- fixes). * ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848 bsc#1230497). * ice: put Rx buffers after being done with current frame (git-fixes). * ice: Skip PTP HW writes during PTP reset procedure (git-fixes). * ice: stop storing XDP verdict within ice_rx_buf (git-fixes). * ice: use internal pf id instead of function number (git-fixes). * idpf: add read memory barrier when checking descriptor done bit (git-fixes). * idpf: call set_real_num_queues in idpf_open (bsc#1236661). * idpf: convert workqueues to unbound (git-fixes). * idpf: fix handling rsc packet with a single segment (git-fixes). * idpf: fix VF dynamic interrupt ctl register initialization (git-fixes). * igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes). * igc: return early when failing to read EECD register (git-fixes). * igc: Set buffer type for empty frames in igc_init_empty_frame (git-fixes). * initcall_blacklist: Does not allow kernel_lockdown be blacklisted (bsc#1237521). * Input: allocate keycode for phone linking (stable-fixes). * iommu/arm-smmu-v3: Clean up more on probe failure (stable-fixes). * kabi: fix bus type (bsc#1236896). * kabi: fix group_cpus_evenly (bsc#1236897). * kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749). * kasan: do not call find_vm_area() in a PREEMPT_RT kernel (git-fixes). * kbuild: userprogs: fix bitsize and target detection on clang (git-fixes). * kernel-source: Also replace bin/env * kvm: arm64: Do not eagerly teardown the vgic on init error (git-fixes). * kvm: arm64: Ensure vgic_ready() is ordered against MMIO registration (git- fixes). * kvm: arm64: Fix alignment of kvm_hyp_memcache allocations (git-fixes). * kvm: arm64: Flush hyp bss section after initialization of variables in bss (git-fixes). * kvm: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes) * kvm: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (git-fixes). * kvm: nSVM: Enter guest mode before initializing nested NPT MMU (git-fixes). * kvm: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes). * kvm: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes). * kvm: s390: vsie: fix some corner-cases when grabbing vsie pages (git-fixes bsc#1237155). * kvm: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable bit is cleared (git-fixes). * kvm: VMX: Fix comment of handle_vmx_instruction() (git-fixes). * kvm: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes). * kvm: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes). * kvm: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX (git-fixes). * kvm: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes). * kvm: x86: AMD's IBPB is not equivalent to Intel's IBPB (git-fixes). * kvm: x86: Avoid double RDPKRU when loading host/guest PKRU (git-fixes). * kvm: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init (git- fixes). * kvm: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit() (git- fixes). * kvm: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (git-fixes). * kvm: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348). * kvm: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348). * kvm: x86: Zero out PV features cache when the CPUID leaf is not present (git-fixes). * kvm: x86/mmu: Skip the "try unsync" path iff the old SPTE was a leaf SPTE (git-fixes). * lib: stackinit: hide never-taken branch from compiler (stable-fixes). * lib/group_cpus: honor housekeeping config when grouping CPUs (bsc#1236897). * lib/group_cpus: let group_cpu_evenly return number initialized masks (bsc#1236897). * lib/iov_iter: fix import_iovec_ubuf iovec management (git-fixes). * lockdep: fix deadlock issue between lockdep and rcu (git-fixes). * lockdep: Fix upper limit for LOCKDEP_*_BITS configs (stable-fixes). * locking/lockdep: Avoid creating new name string literals in lockdep_set_subclass() (git-fixes). * locking/rwsem: Add __always_inline annotation to __down_write_common() and inlined callers (git-fixes). * loop: do not set QUEUE_FLAG_NOMERGES (git-fixes). * md: convert comma to semicolon (git-fixes). * md: Do not flush sync_work in md_write_start() (git-fixes). * md/md-bitmap: add 'sync_size' into struct md_bitmap_stats (git-fixes). * md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes). * md/md-bitmap: replace md_bitmap_status() with a new helper md_bitmap_get_stats() (git-fixes). * md/md-cluster: fix spares warnings for __le64 (git-fixes). * md/raid0: do not free conf on raid0_run failure (git-fixes). * md/raid1: do not free conf on raid0_run failure (git-fixes). * md/raid5: Wait sync io to finish before changing group cnt (git-fixes). * media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes). * media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes). * media: uvcvideo: Add new quirk definition for the Sonix Technology Co. 292a camera (stable-fixes). * media: uvcvideo: Implement dual stream quirk to fix loss of usb packets (stable-fixes). * media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (stable-fixes). * mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (stable- fixes). * mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git- fixes) * mmc: core: Respect quirk_max_rate for non-UHS SDIO card (stable-fixes). * mmc: mtk-sd: Fix register settings for hs400(es) mode (git-fixes). * mmc: sdhci-msm: Correctly set the load for the regulator (stable-fixes). * Move upstreamed ACPI patch into sorted section * mptcp: export local_address (git-fixes) * mptcp: fix data races on local_id (git-fixes) * mptcp: fix inconsistent state on fastopen race (bsc#1222672). * mptcp: fix NL PM announced address accounting (git-fixes) * mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes) * mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes) * mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes) * mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git- fixes) * mptcp: pm: deny endp with signal + subflow + port (git-fixes) * mptcp: pm: do not ignore 'subflow' if 'signal' flag is also set (git-fixes) * mptcp: pm: do not try to create sf if alloc failed (git-fixes) * mptcp: pm: fullmesh: select the right ID later (git-fixes) * mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes) * mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes) * mptcp: pm: re-using ID of unused flushed subflows (git-fixes) * mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes) * mptcp: pm: re-using ID of unused removed subflows (git-fixes) * mptcp: pm: reduce indentation blocks (git-fixes) * mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes) * mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes) * mptcp: unify pm get_local_id interfaces (git-fixes) * mptcp: unify pm set_flags interfaces (git-fixes) * mtd: rawnand: cadence: fix error code in cadence_nand_init() (git-fixes). * mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (git-fixes). * mtd: rawnand: cadence: fix unchecked dereference (git-fixes). * mtd: rawnand: cadence: use dma_map_resource for sdma address (git-fixes). * nbd: do not allow reconnect after disconnect (git-fixes). * nbd: Fix signal handling (git-fixes). * nbd: Improve the documentation of the locking assumptions (git-fixes). * net: avoid UAF on deleted altname (bsc#1233749). * net: check for altname conflicts when changing netdev's netns (bsc#1233749). * net: core: Use the bitmap API to allocate bitmaps (bsc#1233749). * net: do not send a MOVE event when netdev changes netns (bsc#1233749). * net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749). * net: fix ifname in netlink ntf during netns move (bsc#1233749). * net: fix removing a namespace with conflicting altnames (bsc#1233749). * net: Fix undefined behavior in netdev name allocation (bsc#1233749). * net: free altname using an RCU callback (bsc#1233749). * net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749). * net: move altnames together with the netdevice (bsc#1233749). * net: reduce indentation of __dev_alloc_name() (bsc#1233749). * net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749). * net: remove else after return in dev_prep_valid_name() (bsc#1233749). * net: rose: lock the socket in rose_bind() (git-fixes). * net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (git-fixes). * net: smc: fix spurious error message from __sock_release() (bsc#1237126). * net: trust the bitmap in __dev_alloc_name() (bsc#1233749). * net: wwan: iosm: Fix hibernation by re-binding the driver around it (stable- fixes). * net/mlx5: Correct TASR typo into TSAR (git-fixes). * net/mlx5: Fix msix vectors to respect platform limit (bsc#1225981). * net/mlx5: Fix RDMA TX steering prio (git-fixes). * net/mlx5: SF, Fix add port error handling (git-fixes). * net/mlx5: Verify support for scheduling element and TSAR type (git-fixes). * net/mlx5e: Always start IPsec sequence number from 1 (git-fixes). * net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes). * net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes). * net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (bsc#1236994). * nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() (git-fixes). * null_blk: Do not allow runt zone with zone capacity smaller then zone size (git-fixes). * null_blk: do not cap max_hw_sectors to BLK_DEF_MAX_SECTORS (git-fixes). * null_blk: Fix missing mutex_destroy() at module removal (git-fixes). * null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (git- fixes). * null_blk: fix validation of block size (git-fixes). * null_blk: Print correct max open zones limit in null_init_zoned_dev() (git- fixes). * null_blk: Remove usage of the deprecated ida_simple_xx() API (git-fixes). * nvme-fc: use ctrl state getter (git-fixes). * nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (git-fixes). * nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (git-fixes). * nvme-pci: use block layer helpers to calculate num of queues (bsc#1236897). * nvme-tcp: fix connect failure on receiving partial ICResp PDU (git-fixes). * nvme: handle connectivity loss in nvme_set_queue_count (git-fixes). * nvme: make nvme_tls_attrs_group static (git-fixes). * nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896). * nvme: tcp: Fix compilation warning with W=1 (git-fixes). * nvme/ioctl: add missing space in err message (git-fixes). * nvmet: Fix crash when a namespace is disabled (git-fixes). * ocfs2: fix incorrect CPU endianness conversion causing mount failure (bsc#1236138). * packaging: Turn gcc version into config.sh variable. * padata: Clean up in padata_do_multithreaded() (bsc#1237563). * padata: Honor the caller's alignment in case of chunk_size 0 (bsc#1237563). * partitions: ldm: remove the initial kernel-doc notation (git-fixes). * PCI: hookup irq_get_affinity callback (bsc#1236896). * PCI: imx6: Simplify clock handling by using clk_bulk*() function (git- fixes). * PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes). * PCI: Use downstream bridges for distributing resources (bsc#1237325). * PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (stable-fixes). * phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (git-fixes). * phy: rockchip: naneng-combphy: compatible reset with old DT (git-fixes). * phy: tegra: xusb: reset VBUS & ID OVERRIDE (git-fixes). * Pickup RXE code change introduced by upstream merge * pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware (git-fixes). * platform/x86: acer-wmi: Ignore AC events (stable-fixes). * platform/x86: int3472: Check for adev == NULL (stable-fixes). * platform/x86: ISST: Ignore minor version change (bsc#1237452). * platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1237452). * platform/x86/intel-uncore-freq: Increase minor number support (bsc#1237452). * platform/x86/intel/tpmi: Add defines to get version information (bsc#1237452). * power: supply: da9150-fg: fix potential overflow (git-fixes). * powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (bsc#1215199). * powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (bsc#1215199). * powerpc/code-patching: Disable KASAN report during patching via temporary mm (bsc#1215199). * powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (bsc#1215199). * powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid mode (ltc#210895 bsc#1235933 ltc#210896 bsc#1235932). * powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API (bsc#1236967 ltc#210988). * printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950). * rbd: do not assume rbd_is_lock_owner() for exclusive mappings (git-fixes). * rbd: do not assume RBD_LOCK_STATE_LOCKED for exclusive mappings (git-fixes). * rbd: do not move requests to the running list on errors (git-fixes). * rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (git-fixes). * RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes) * RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes) * RDMA/efa: Reset device on probe failure (git-fixes) * RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes) * RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes). * RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git- fixes) * RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes) * RDMA/mlx5: Fix AH static rate parsing (git-fixes) * RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes) * RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes) * RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes) * RDMA/rxe: Improve newline in printing messages (git-fixes) * regmap-irq: Add missing kfree() (git-fixes). * Revert "blk-throttle: Fix IO hang for a corner case" (git-fixes). * Revert "drm/amd/display: Use HW lock mgr for PSR1" (stable-fixes). * rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303) * rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570) * s390/cio: rename bitmap_size() -> idset_bitmap_size() (git-fixes bsc#1236205). * s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes bsc#1237158). * s390/iucv: fix receive buffer virtual vs physical address confusion (git- fixes bsc#1236200). * s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368). * s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (bsc#1236752). * s390/pci: Fix SR-IOV for PFs initially in standby (git-fixes bsc#1236752). * s390/pci: Ignore RID for isolated VFs (bsc#1236752). * s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (git- fixes bsc#1238368). * s390/pci: Sort PCI functions prior to creating virtual busses (bsc#1236752). * s390/pci: Use topology ID for multi-function devices (bsc#1236752). * s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199). * s390/topology: Improve topology detection (bsc#1236591). * s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops (git-fixes bsc#1236203). * scripts/gdb: fix aarch64 userspace detection in get_current_task (stable- fixes). * scsi: core: Clear driver private data when retrying request (git-fixes). * scsi: core: Do not retry I/Os during depopulation (git-fixes). * scsi: core: Handle depopulation and restoration in progress (git-fixes). * scsi: hisi_sas: Allocate DFX memory during dump trigger (git-fixes). * scsi: hisi_sas: Directly call register snapshot instead of using workqueue (git-fixes). * scsi: hisi_sas: Enable all PHYs that are not disabled by user during controller reset (git-fixes). * scsi: hisi_sas: Fix a deadlock issue related to automatic dump (git-fixes). * scsi: hisi_sas: Remove redundant checks for automatic debugfs dump (git- fixes). * scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (git-fixes). * scsi: lpfc: Copyright updates for 14.4.0.8 patches (bsc#1238347). * scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when pci_irq_vector() fails (bsc#1238347). * scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (bsc#1238347). * scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (bsc#1238347). * scsi: lpfc: Reduce log message generation during ELS ring clean up (bsc#1238347). * scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347). * scsi: megaraid_sas: Fix for a potential deadlock (git-fixes). * scsi: mpi3mr: Fix possible crash when setting up bsg fails (git-fixes). * scsi: mpi3mr: Start controller indexing from 0 (git-fixes). * scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes). * scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (jsc#PED-11253). * scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (jsc#PED-11253). * scsi: myrb: Remove dead code (git-fixes). * scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes). * scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (git-fixes). * scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896). * scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes). * scsi: sg: Enable runtime power management (git-fixes). * scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (git- fixes). * scsi: st: Do not modify unknown block number in MTIOCGET (git-fixes). * scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes). * scsi: use block layer helpers to calculate num of queues (bsc#1236897). * selftest: hugetlb_dio: fix test naming (git-fixes). * selftest: mm: Test if hugepage does not get leaked during __bio_release_pages() (git-fixes). * selftests: gpio: gpio-sim: Fix missing chip disablements (stable-fixes). * selftests: hugetlb_dio: check for initial conditions to skip in the start (git-fixes). * selftests: hugetlb_dio: fixup check for initial conditions to skip in the start (git-fixes). * selftests: mptcp: connect: -f: no reconnect (git-fixes). * selftests: rtnetlink: update netdevsim ipsec output format (stable-fixes). * selftests/futex: pass _GNU_SOURCE without a value to the compiler (git- fixes). * selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (stable- fixes). * serial: 8250: Fix fifo underflow on flush (git-fixes). * serial: sc16is7xx: use device_property APIs when configuring irda mode (stable-fixes). * smb: cached directories can be more than root file handle (bsc#1231432). * smb: cilent: set reparse mount points as automounts (git-fixes). * smb: client: add support for WSL reparse points (git-fixes). * smb: client: allow creating special files via reparse points (git-fixes). * smb: client: allow creating symlinks via reparse points (git-fixes). * smb: client: cleanup smb2_query_reparse_point() (git-fixes). * smb: client: do not query reparse points twice on symlinks (git-fixes). * smb: client: extend smb2_compound_op() to accept more commands (bsc#1231432). * smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs() (git-fixes). * smb: client: fix corruption in cifs_extend_writeback (bsc#1235609). * smb: client: fix double put of @cfile in smb2_rename_path() (git-fixes). * smb: client: fix double put of @cfile in smb2_set_path_size() (git-fixes). * smb: client: fix hardlinking of reparse points (git-fixes). * smb: client: Fix minor whitespace errors and warnings (git-fixes). * smb: client: fix missing mode bits for SMB symlinks (git-fixes). * smb: client: Fix netns refcount imbalance causing leaks and use-after-free (git-fixes). * smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432). * smb: client: fix OOB in smb2_query_reparse_point() (git-fixes). * smb: client: fix possible double free in smb2_set_ea() (git-fixes). * smb: client: fix potential broken compound request (git-fixes). * smb: client: fix renaming of reparse points (git-fixes). * smb: client: get rid of smb311_posix_query_path_info() (git-fixes). * smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (git-fixes). * smb: client: handle path separator of created SMB symlinks (git-fixes). * smb: client: handle special files and symlinks in SMB3 POSIX (git-fixes). * smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED (git-fixes). * smb: client: ignore unhandled reparse tags (git-fixes). * smb: client: implement ->query_reparse_point() for SMB1 (git-fixes). * smb: client: instantiate when creating SFU files (git-fixes). * smb: client: introduce ->parse_reparse_point() (git-fixes). * smb: client: introduce cifs_sfu_make_node() (git-fixes). * smb: client: introduce reparse mount option (git-fixes). * smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes). * smb: client: make smb2_compound_op() return resp buffer on success (bsc#1231432). * smb: client: move most of reparse point handling code to common file (git- fixes). * smb: client: move some params to cifs_open_info_data (bsc#1231432). * smb: client: optimise reparse point querying (git-fixes). * smb: client: parse owner/group when creating reparse points (git-fixes). * smb: client: parse reparse point flag in create response (bsc#1231432). * smb: client: parse uid, gid, mode and dev from WSL reparse points (git- fixes). * smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896). * smb: client: reduce number of parameters in smb2_compound_op() (git-fixes). * smb: client: reduce stack usage in smb2_query_info_compound() (bsc#1231432). * smb: client: reduce stack usage in smb2_query_reparse_point() (git-fixes). * smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432). * smb: client: retry compound request without reusing lease (git-fixes). * smb: client: return reparse type in /proc/mounts (git-fixes). * smb: client: reuse file lease key in compound operations (git-fixes). * smb: client: set correct d_type for reparse DFS/DFSR and mount point (git- fixes). * smb: client: set correct file type from NFS reparse points (git-fixes). * smb: client: stop revalidating reparse points unnecessarily (git-fixes). * smb: use kernel_connect() and kernel_bind() (git-fixes). * smb3: fix creating FIFOs when mounting with "sfu" mount option (git-fixes). * smb3: request handle caching when caching directories (bsc#1231432). * smb3: retrying on failed server close (bsc#1231432). * soc: loongson: loongson2_guts: Add check for devm_kstrdup() (git-fixes). * soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (git-fixes). * soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes). * soc: qcom: socinfo: move SMEM item struct and defines to a header (git- fixes). * soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (stable-fixes). * soc/tegra: fuse: Update Tegra234 nvmem keepout list (stable-fixes). * spi: atmel-qspi: Memory barriers after memory-mapped I/O (git-fixes). * spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families (stable-fixes). * spi: sn-f-ospi: Fix division by zero (git-fixes). * tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367). * tomoyo: do not emit warning in tomoyo_write_control() (stable-fixes). * tools: fix annoying "mkdir -p ..." logs when building tools in parallel (git-fixes). * ublk: fix error code for unsupported command (git-fixes). * ublk: fix ublk_ch_mmap() for 64K page size (git-fixes). * ublk: move ublk_cancel_dev() out of ub->mutex (git-fixes). * ublk: move zone report data out of request pdu (git-fixes). * usb: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (stable- fixes). * usb: cdc-acm: Check control transfer buffer size before access (git-fixes). * usb: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (git-fixes). * usb: cdc-acm: Fix handling of oversized fragments (git-fixes). * usb: core: fix pipe creation for get_bMaxPacketSize0 (git-fixes). * usb: dwc2: gadget: remove of_node reference upon udc_stop (git-fixes). * usb: dwc3: core: Defer the probe until USB power supply ready (git-fixes). * usb: dwc3: Fix timeout issue during controller enter/exit from halt state (git-fixes). * usb: Fix the issue of task recovery failure caused by USB status when S4 wakes up (git-fixes). * usb: gadget: core: flush gadget workqueue after device removal (git-fixes). * usb: gadget: f_midi: f_midi_complete to call queue_work (git-fixes). * usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (git-fixes). * usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue during MIDI bind retries (git-fixes). * usb: gadget: udc: renesas_usb3: Fix compiler warning (git-fixes). * usb: hub: Ignore non-compliant devices with too many configs or interfaces (stable-fixes). * usb: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (stable-fixes). * usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device (git-fixes). * usb: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (stable-fixes). * usb: roles: set switch registered flag early on (git-fixes). * usb: serial: option: add MeiG Smart SLM828 (stable-fixes). * usb: serial: option: add Telit Cinterion FN990B compositions (stable-fixes). * usb: serial: option: drop MeiG Smart defines (stable-fixes). * usb: serial: option: fix Telit Cinterion FN990A name (stable-fixes). * usb: xhci: Fix NULL pointer dereference on certain command aborts (git- fixes). * usbnet: gl620a: fix endpoint checking in genelink_bind() (git-fixes). * usbnet: ipheth: document scope of NCM implementation (stable-fixes). * Use gcc-13 for build on SLE16 (jsc#PED-10028). * util_macros.h: fix/rework find_closest() macros (git-fixes). * vhost/net: Set num_buffers for virtio 1.0 (git-fixes). * virtio_blk: reverse request order in virtio_queue_rqs (git-fixes). * virtio: blk/scsi: replace blk_mq_virtio_map_queues with blk_mq_map_hw_queues (bsc#1236896). * virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1236897). * virtio: hookup irq_get_affinity callback (bsc#1236896). * wifi: ath12k: fix handling of 6 GHz rules (git-fixes). * wifi: brcmfmac: Check the return value of of_property_read_string_index() (stable-fixes). * wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (stable- fixes). * wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (stable-fixes). * wifi: cfg80211: regulatory: improve invalid hints checking (git-fixes). * wifi: iwlwifi: avoid memory leak (stable-fixes). * wifi: iwlwifi: limit printed string from FW file (git-fixes). * wifi: iwlwifi: mvm: do not try to talk to a dead firmware (git-fixes). * wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes). * wifi: mt76: mt7915: fix omac index assignment after hardware reset (git- fixes). * wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes). * wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH (stable-fixes). * wifi: nl80211: reject cooked mode if it is set along with other flags (git- fixes). * wifi: rtw88: sdio: Fix disconnection after beacon loss (stable-fixes). * wifi: rtw89: add crystal_cap check to avoid setting as overflow value (stable-fixes). * x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes). * x86/asm: Make serialize() always_inline (git-fixes). * x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes). * x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes). * x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes). * x86/mm: Carve out INVLPG inline asm for use by others (git-fixes). * x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes). * x86/xen: allow larger contiguous memory regions in PV guests (git-fixes). * x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes). * xen/swiotlb: relax alignment requirements (git-fixes). * xhci: dbgtty: remove kfifo_out() wrapper (git-fixes). * zram: clear IDLE flag after recompression (git-fixes). * zram: clear IDLE flag in mark_idle() (git-fixes). * zram: do not mark idle slots that cannot be idle (git-fixes). * zram: fix potential UAF of zram table (git-fixes). * zram: fix uninitialized ZRAM not releasing backing device (git-fixes). * zram: refuse to use zero sized block device as backing device (git-fixes). * zram: split memory-tracking and ac-time tracking (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-955=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-955=1 * SUSE Real Time Module 15-SP6 zypper in -t patch SUSE-SLE-Module-RT-15-SP6-2025-955=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * cluster-md-kmp-rt-6.4.0-150600.10.29.1 * dlm-kmp-rt-debuginfo-6.4.0-150600.10.29.1 * reiserfs-kmp-rt-debuginfo-6.4.0-150600.10.29.1 * kernel-rt-livepatch-devel-6.4.0-150600.10.29.1 * kernel-rt_debug-debugsource-6.4.0-150600.10.29.1 * kernel-rt_debug-vdso-debuginfo-6.4.0-150600.10.29.1 * kernel-rt-optional-debuginfo-6.4.0-150600.10.29.1 * dlm-kmp-rt-6.4.0-150600.10.29.1 * kernel-syms-rt-6.4.0-150600.10.29.1 * gfs2-kmp-rt-debuginfo-6.4.0-150600.10.29.1 * kernel-rt-vdso-debuginfo-6.4.0-150600.10.29.1 * ocfs2-kmp-rt-6.4.0-150600.10.29.1 * kernel-rt-optional-6.4.0-150600.10.29.1 * kselftests-kmp-rt-debuginfo-6.4.0-150600.10.29.1 * kernel-rt-vdso-6.4.0-150600.10.29.1 * kernel-rt-debugsource-6.4.0-150600.10.29.1 * cluster-md-kmp-rt-debuginfo-6.4.0-150600.10.29.1 * kernel-rt-debuginfo-6.4.0-150600.10.29.1 * reiserfs-kmp-rt-6.4.0-150600.10.29.1 * kernel-rt_debug-devel-6.4.0-150600.10.29.1 * ocfs2-kmp-rt-debuginfo-6.4.0-150600.10.29.1 * kernel-rt-extra-debuginfo-6.4.0-150600.10.29.1 * kernel-rt-extra-6.4.0-150600.10.29.1 * kernel-rt_debug-debuginfo-6.4.0-150600.10.29.1 * kselftests-kmp-rt-6.4.0-150600.10.29.1 * kernel-rt_debug-devel-debuginfo-6.4.0-150600.10.29.1 * gfs2-kmp-rt-6.4.0-150600.10.29.1 * kernel-rt-devel-6.4.0-150600.10.29.1 * kernel-rt_debug-vdso-6.4.0-150600.10.29.1 * kernel-rt-devel-debuginfo-6.4.0-150600.10.29.1 * openSUSE Leap 15.6 (noarch) * kernel-source-rt-6.4.0-150600.10.29.1 * kernel-devel-rt-6.4.0-150600.10.29.1 * openSUSE Leap 15.6 (nosrc x86_64) * kernel-rt_debug-6.4.0-150600.10.29.1 * kernel-rt-6.4.0-150600.10.29.1 * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_29-rt-debuginfo-1-150600.1.3.2 * kernel-livepatch-6_4_0-150600_10_29-rt-1-150600.1.3.2 * kernel-livepatch-SLE15-SP6-RT_Update_9-debugsource-1-150600.1.3.2 * SUSE Real Time Module 15-SP6 (x86_64) * kernel-rt_debug-devel-debuginfo-6.4.0-150600.10.29.1 * gfs2-kmp-rt-debuginfo-6.4.0-150600.10.29.1 * cluster-md-kmp-rt-6.4.0-150600.10.29.1 * kernel-rt-devel-6.4.0-150600.10.29.1 * kernel-rt-debuginfo-6.4.0-150600.10.29.1 * ocfs2-kmp-rt-6.4.0-150600.10.29.1 * kernel-rt_debug-devel-6.4.0-150600.10.29.1 * dlm-kmp-rt-debuginfo-6.4.0-150600.10.29.1 * kernel-rt_debug-debuginfo-6.4.0-150600.10.29.1 * ocfs2-kmp-rt-debuginfo-6.4.0-150600.10.29.1 * kernel-rt-devel-debuginfo-6.4.0-150600.10.29.1 * kernel-rt_debug-debugsource-6.4.0-150600.10.29.1 * kernel-rt-debugsource-6.4.0-150600.10.29.1 * dlm-kmp-rt-6.4.0-150600.10.29.1 * kernel-syms-rt-6.4.0-150600.10.29.1 * cluster-md-kmp-rt-debuginfo-6.4.0-150600.10.29.1 * gfs2-kmp-rt-6.4.0-150600.10.29.1 * SUSE Real Time Module 15-SP6 (noarch) * kernel-source-rt-6.4.0-150600.10.29.1 * kernel-devel-rt-6.4.0-150600.10.29.1 * SUSE Real Time Module 15-SP6 (nosrc x86_64) * kernel-rt_debug-6.4.0-150600.10.29.1 * kernel-rt-6.4.0-150600.10.29.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52924.html * https://www.suse.com/security/cve/CVE-2023-52925.html * https://www.suse.com/security/cve/CVE-2024-26708.html * https://www.suse.com/security/cve/CVE-2024-26810.html * https://www.suse.com/security/cve/CVE-2024-40980.html * https://www.suse.com/security/cve/CVE-2024-41055.html * https://www.suse.com/security/cve/CVE-2024-44974.html * https://www.suse.com/security/cve/CVE-2024-45009.html * https://www.suse.com/security/cve/CVE-2024-45010.html * https://www.suse.com/security/cve/CVE-2024-47701.html * https://www.suse.com/security/cve/CVE-2024-49884.html * https://www.suse.com/security/cve/CVE-2024-49950.html * https://www.suse.com/security/cve/CVE-2024-50029.html * https://www.suse.com/security/cve/CVE-2024-50036.html * https://www.suse.com/security/cve/CVE-2024-50073.html * https://www.suse.com/security/cve/CVE-2024-50085.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-50142.html * https://www.suse.com/security/cve/CVE-2024-50185.html * https://www.suse.com/security/cve/CVE-2024-50294.html * https://www.suse.com/security/cve/CVE-2024-53123.html * https://www.suse.com/security/cve/CVE-2024-53147.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53176.html * https://www.suse.com/security/cve/CVE-2024-53177.html * https://www.suse.com/security/cve/CVE-2024-53178.html * https://www.suse.com/security/cve/CVE-2024-53226.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56579.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56633.html * https://www.suse.com/security/cve/CVE-2024-56647.html * https://www.suse.com/security/cve/CVE-2024-56720.html * https://www.suse.com/security/cve/CVE-2024-57889.html * https://www.suse.com/security/cve/CVE-2024-57948.html * https://www.suse.com/security/cve/CVE-2024-57994.html * https://www.suse.com/security/cve/CVE-2025-21636.html * https://www.suse.com/security/cve/CVE-2025-21637.html * https://www.suse.com/security/cve/CVE-2025-21638.html * https://www.suse.com/security/cve/CVE-2025-21639.html * https://www.suse.com/security/cve/CVE-2025-21640.html * https://www.suse.com/security/cve/CVE-2025-21647.html * https://www.suse.com/security/cve/CVE-2025-21665.html * https://www.suse.com/security/cve/CVE-2025-21667.html * https://www.suse.com/security/cve/CVE-2025-21668.html * https://www.suse.com/security/cve/CVE-2025-21673.html * https://www.suse.com/security/cve/CVE-2025-21680.html * https://www.suse.com/security/cve/CVE-2025-21681.html * https://www.suse.com/security/cve/CVE-2025-21684.html * https://www.suse.com/security/cve/CVE-2025-21687.html * https://www.suse.com/security/cve/CVE-2025-21688.html * https://www.suse.com/security/cve/CVE-2025-21689.html * https://www.suse.com/security/cve/CVE-2025-21690.html * https://www.suse.com/security/cve/CVE-2025-21692.html * https://www.suse.com/security/cve/CVE-2025-21697.html * https://www.suse.com/security/cve/CVE-2025-21699.html * https://www.suse.com/security/cve/CVE-2025-21700.html * https://www.suse.com/security/cve/CVE-2025-21705.html * https://www.suse.com/security/cve/CVE-2025-21715.html * https://www.suse.com/security/cve/CVE-2025-21716.html * https://www.suse.com/security/cve/CVE-2025-21719.html * https://www.suse.com/security/cve/CVE-2025-21724.html * https://www.suse.com/security/cve/CVE-2025-21725.html * https://www.suse.com/security/cve/CVE-2025-21728.html * https://www.suse.com/security/cve/CVE-2025-21767.html * https://www.suse.com/security/cve/CVE-2025-21790.html * https://www.suse.com/security/cve/CVE-2025-21795.html * https://www.suse.com/security/cve/CVE-2025-21799.html * https://www.suse.com/security/cve/CVE-2025-21802.html * https://bugzilla.suse.com/show_bug.cgi?id=1012628 * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1219367 * https://bugzilla.suse.com/show_bug.cgi?id=1222672 * https://bugzilla.suse.com/show_bug.cgi?id=1222803 * https://bugzilla.suse.com/show_bug.cgi?id=1225606 * https://bugzilla.suse.com/show_bug.cgi?id=1225742 * https://bugzilla.suse.com/show_bug.cgi?id=1225981 * https://bugzilla.suse.com/show_bug.cgi?id=1227937 * https://bugzilla.suse.com/show_bug.cgi?id=1228521 * https://bugzilla.suse.com/show_bug.cgi?id=1230235 * https://bugzilla.suse.com/show_bug.cgi?id=1230438 * https://bugzilla.suse.com/show_bug.cgi?id=1230439 * https://bugzilla.suse.com/show_bug.cgi?id=1230497 * https://bugzilla.suse.com/show_bug.cgi?id=1231432 * https://bugzilla.suse.com/show_bug.cgi?id=1231912 * https://bugzilla.suse.com/show_bug.cgi?id=1231920 * https://bugzilla.suse.com/show_bug.cgi?id=1231949 * https://bugzilla.suse.com/show_bug.cgi?id=1232159 * https://bugzilla.suse.com/show_bug.cgi?id=1232198 * https://bugzilla.suse.com/show_bug.cgi?id=1232201 * https://bugzilla.suse.com/show_bug.cgi?id=1232299 * https://bugzilla.suse.com/show_bug.cgi?id=1232508 * https://bugzilla.suse.com/show_bug.cgi?id=1232520 * https://bugzilla.suse.com/show_bug.cgi?id=1232919 * https://bugzilla.suse.com/show_bug.cgi?id=1233028 * https://bugzilla.suse.com/show_bug.cgi?id=1233109 * https://bugzilla.suse.com/show_bug.cgi?id=1233483 * https://bugzilla.suse.com/show_bug.cgi?id=1233749 * https://bugzilla.suse.com/show_bug.cgi?id=1234070 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234857 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234894 * https://bugzilla.suse.com/show_bug.cgi?id=1234895 * https://bugzilla.suse.com/show_bug.cgi?id=1234896 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235435 * https://bugzilla.suse.com/show_bug.cgi?id=1235485 * https://bugzilla.suse.com/show_bug.cgi?id=1235592 * https://bugzilla.suse.com/show_bug.cgi?id=1235599 * https://bugzilla.suse.com/show_bug.cgi?id=1235609 * https://bugzilla.suse.com/show_bug.cgi?id=1235932 * https://bugzilla.suse.com/show_bug.cgi?id=1235933 * https://bugzilla.suse.com/show_bug.cgi?id=1236113 * https://bugzilla.suse.com/show_bug.cgi?id=1236114 * https://bugzilla.suse.com/show_bug.cgi?id=1236115 * https://bugzilla.suse.com/show_bug.cgi?id=1236122 * https://bugzilla.suse.com/show_bug.cgi?id=1236123 * https://bugzilla.suse.com/show_bug.cgi?id=1236133 * https://bugzilla.suse.com/show_bug.cgi?id=1236138 * https://bugzilla.suse.com/show_bug.cgi?id=1236199 * https://bugzilla.suse.com/show_bug.cgi?id=1236200 * https://bugzilla.suse.com/show_bug.cgi?id=1236203 * https://bugzilla.suse.com/show_bug.cgi?id=1236205 * https://bugzilla.suse.com/show_bug.cgi?id=1236573 * https://bugzilla.suse.com/show_bug.cgi?id=1236575 * https://bugzilla.suse.com/show_bug.cgi?id=1236576 * https://bugzilla.suse.com/show_bug.cgi?id=1236591 * https://bugzilla.suse.com/show_bug.cgi?id=1236661 * https://bugzilla.suse.com/show_bug.cgi?id=1236677 * https://bugzilla.suse.com/show_bug.cgi?id=1236681 * https://bugzilla.suse.com/show_bug.cgi?id=1236682 * https://bugzilla.suse.com/show_bug.cgi?id=1236684 * https://bugzilla.suse.com/show_bug.cgi?id=1236689 * https://bugzilla.suse.com/show_bug.cgi?id=1236700 * https://bugzilla.suse.com/show_bug.cgi?id=1236702 * https://bugzilla.suse.com/show_bug.cgi?id=1236752 * https://bugzilla.suse.com/show_bug.cgi?id=1236759 * https://bugzilla.suse.com/show_bug.cgi?id=1236821 * https://bugzilla.suse.com/show_bug.cgi?id=1236822 * https://bugzilla.suse.com/show_bug.cgi?id=1236896 * https://bugzilla.suse.com/show_bug.cgi?id=1236897 * https://bugzilla.suse.com/show_bug.cgi?id=1236952 * https://bugzilla.suse.com/show_bug.cgi?id=1236967 * https://bugzilla.suse.com/show_bug.cgi?id=1236994 * https://bugzilla.suse.com/show_bug.cgi?id=1237007 * https://bugzilla.suse.com/show_bug.cgi?id=1237017 * https://bugzilla.suse.com/show_bug.cgi?id=1237025 * https://bugzilla.suse.com/show_bug.cgi?id=1237028 * https://bugzilla.suse.com/show_bug.cgi?id=1237045 * https://bugzilla.suse.com/show_bug.cgi?id=1237126 * https://bugzilla.suse.com/show_bug.cgi?id=1237132 * https://bugzilla.suse.com/show_bug.cgi?id=1237139 * https://bugzilla.suse.com/show_bug.cgi?id=1237155 * https://bugzilla.suse.com/show_bug.cgi?id=1237158 * https://bugzilla.suse.com/show_bug.cgi?id=1237159 * https://bugzilla.suse.com/show_bug.cgi?id=1237232 * https://bugzilla.suse.com/show_bug.cgi?id=1237234 * https://bugzilla.suse.com/show_bug.cgi?id=1237325 * https://bugzilla.suse.com/show_bug.cgi?id=1237356 * https://bugzilla.suse.com/show_bug.cgi?id=1237415 * https://bugzilla.suse.com/show_bug.cgi?id=1237452 * https://bugzilla.suse.com/show_bug.cgi?id=1237504 * https://bugzilla.suse.com/show_bug.cgi?id=1237521 * https://bugzilla.suse.com/show_bug.cgi?id=1237558 * https://bugzilla.suse.com/show_bug.cgi?id=1237562 * https://bugzilla.suse.com/show_bug.cgi?id=1237563 * https://bugzilla.suse.com/show_bug.cgi?id=1237848 * https://bugzilla.suse.com/show_bug.cgi?id=1237849 * https://bugzilla.suse.com/show_bug.cgi?id=1237879 * https://bugzilla.suse.com/show_bug.cgi?id=1237889 * https://bugzilla.suse.com/show_bug.cgi?id=1237891 * https://bugzilla.suse.com/show_bug.cgi?id=1237901 * https://bugzilla.suse.com/show_bug.cgi?id=1237950 * https://bugzilla.suse.com/show_bug.cgi?id=1238214 * https://bugzilla.suse.com/show_bug.cgi?id=1238303 * https://bugzilla.suse.com/show_bug.cgi?id=1238347 * https://bugzilla.suse.com/show_bug.cgi?id=1238368 * https://bugzilla.suse.com/show_bug.cgi?id=1238509 * https://bugzilla.suse.com/show_bug.cgi?id=1238525 * https://bugzilla.suse.com/show_bug.cgi?id=1238570 * https://bugzilla.suse.com/show_bug.cgi?id=1238739 * https://bugzilla.suse.com/show_bug.cgi?id=1238751 * https://bugzilla.suse.com/show_bug.cgi?id=1238753 * https://bugzilla.suse.com/show_bug.cgi?id=1238759 * https://bugzilla.suse.com/show_bug.cgi?id=1238860 * https://bugzilla.suse.com/show_bug.cgi?id=1238863 * https://bugzilla.suse.com/show_bug.cgi?id=1238877 * https://jira.suse.com/browse/PED-10028 * https://jira.suse.com/browse/PED-11253 * https://jira.suse.com/browse/PED-12094 * https://jira.suse.com/browse/PED-348 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 20:32:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 20:32:05 -0000 Subject: SUSE-SU-2025:0960-1: important: Security update for freetype2 Message-ID: <174241632541.21928.14037351893361660957@smelt2.prg2.suse.org> # Security update for freetype2 Announcement ID: SUSE-SU-2025:0960-1 Release Date: 2025-03-19T18:34:12Z Rating: important References: * bsc#1239465 Cross-References: * CVE-2025-27363 CVSS scores: * CVE-2025-27363 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-27363 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-27363 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for freetype2 fixes the following issues: * CVE-2025-27363: Fixed out-of-bounds write when attempting to parse font subglyph structures related to TrueType GX and variable font files (bsc#1239465). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-960=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-960=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * freetype2-devel-2.6.3-7.21.1 * libfreetype6-32bit-2.6.3-7.21.1 * libfreetype6-debuginfo-2.6.3-7.21.1 * libfreetype6-debuginfo-32bit-2.6.3-7.21.1 * libfreetype6-2.6.3-7.21.1 * freetype2-debugsource-2.6.3-7.21.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (nosrc x86_64) * ft2demos-2.6.3-7.21.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libfreetype6-debuginfo-2.6.3-7.21.1 * freetype2-devel-2.6.3-7.21.1 * libfreetype6-2.6.3-7.21.1 * freetype2-debugsource-2.6.3-7.21.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * ft2demos-2.6.3-7.21.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libfreetype6-32bit-2.6.3-7.21.1 * libfreetype6-debuginfo-32bit-2.6.3-7.21.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27363.html * https://bugzilla.suse.com/show_bug.cgi?id=1239465 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 20:32:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 20:32:07 -0000 Subject: SUSE-SU-2025:0959-1: moderate: Security update for python-Django Message-ID: <174241632772.21928.14521565722086157140@smelt2.prg2.suse.org> # Security update for python-Django Announcement ID: SUSE-SU-2025:0959-1 Release Date: 2025-03-19T16:56:48Z Rating: moderate References: * bsc#1239052 Cross-References: * CVE-2025-26699 CVSS scores: * CVE-2025-26699 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-26699 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-26699 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-Django fixes the following issues: * CVE-2025-26699: Fixed potential denial-of-service in django.utils.text.wrap() (bsc#1239052). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-959=1 openSUSE-SLE-15.6-2025-959=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-959=1 ## Package List: * openSUSE Leap 15.6 (noarch) * python311-Django-4.2.11-150600.3.18.1 * SUSE Package Hub 15 15-SP6 (noarch) * python311-Django-4.2.11-150600.3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2025-26699.html * https://bugzilla.suse.com/show_bug.cgi?id=1239052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 20:32:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 20:32:13 -0000 Subject: SUSE-SU-2025:0958-1: important: Security update for ffmpeg-4 Message-ID: <174241633338.21928.10469354402516730082@smelt2.prg2.suse.org> # Security update for ffmpeg-4 Announcement ID: SUSE-SU-2025:0958-1 Release Date: 2025-03-19T16:56:05Z Rating: important References: * bsc#1186586 * bsc#1209934 * bsc#1215309 Cross-References: * CVE-2020-22021 * CVE-2020-22046 * CVE-2022-48434 CVSS scores: * CVE-2020-22021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2020-22021 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2020-22046 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2020-22046 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2022-48434 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-48434 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48434 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for ffmpeg-4 fixes the following issues: * CVE-2022-48434: Fixed use after free in libavcodec/pthread_frame.c (bsc#1209934) * CVE-2020-22021: Fixed Buffer Overflow vulnerability in filter_edges function in libavfilter/vf_yadif.c (bsc#1186586) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-958=1 openSUSE-SLE-15.6-2025-958=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-958=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-958=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * ffmpeg-4-libswresample-devel-4.4.5-150600.13.19.1 * ffmpeg-4-libavdevice-devel-4.4.5-150600.13.19.1 * libavformat58_76-debuginfo-4.4.5-150600.13.19.1 * libavcodec58_134-debuginfo-4.4.5-150600.13.19.1 * libavresample4_0-debuginfo-4.4.5-150600.13.19.1 * ffmpeg-4-libavresample-devel-4.4.5-150600.13.19.1 * libswscale5_9-4.4.5-150600.13.19.1 * ffmpeg-4-libavcodec-devel-4.4.5-150600.13.19.1 * libavresample4_0-4.4.5-150600.13.19.1 * libavdevice58_13-4.4.5-150600.13.19.1 * libavcodec58_134-4.4.5-150600.13.19.1 * ffmpeg-4-libavfilter-devel-4.4.5-150600.13.19.1 * libpostproc55_9-debuginfo-4.4.5-150600.13.19.1 * libswresample3_9-4.4.5-150600.13.19.1 * libswresample3_9-debuginfo-4.4.5-150600.13.19.1 * ffmpeg-4-libavutil-devel-4.4.5-150600.13.19.1 * libavfilter7_110-debuginfo-4.4.5-150600.13.19.1 * libavfilter7_110-4.4.5-150600.13.19.1 * ffmpeg-4-libavformat-devel-4.4.5-150600.13.19.1 * ffmpeg-4-debuginfo-4.4.5-150600.13.19.1 * ffmpeg-4-private-devel-4.4.5-150600.13.19.1 * ffmpeg-4-debugsource-4.4.5-150600.13.19.1 * ffmpeg-4-libpostproc-devel-4.4.5-150600.13.19.1 * libavutil56_70-4.4.5-150600.13.19.1 * libavutil56_70-debuginfo-4.4.5-150600.13.19.1 * ffmpeg-4-4.4.5-150600.13.19.1 * ffmpeg-4-libswscale-devel-4.4.5-150600.13.19.1 * libpostproc55_9-4.4.5-150600.13.19.1 * libavformat58_76-4.4.5-150600.13.19.1 * libswscale5_9-debuginfo-4.4.5-150600.13.19.1 * libavdevice58_13-debuginfo-4.4.5-150600.13.19.1 * openSUSE Leap 15.6 (x86_64) * libavfilter7_110-32bit-4.4.5-150600.13.19.1 * libavutil56_70-32bit-4.4.5-150600.13.19.1 * libswscale5_9-32bit-debuginfo-4.4.5-150600.13.19.1 * libavresample4_0-32bit-4.4.5-150600.13.19.1 * libavformat58_76-32bit-4.4.5-150600.13.19.1 * libavcodec58_134-32bit-debuginfo-4.4.5-150600.13.19.1 * libavdevice58_13-32bit-debuginfo-4.4.5-150600.13.19.1 * libavfilter7_110-32bit-debuginfo-4.4.5-150600.13.19.1 * libswresample3_9-32bit-debuginfo-4.4.5-150600.13.19.1 * libavdevice58_13-32bit-4.4.5-150600.13.19.1 * libavformat58_76-32bit-debuginfo-4.4.5-150600.13.19.1 * libavresample4_0-32bit-debuginfo-4.4.5-150600.13.19.1 * libswresample3_9-32bit-4.4.5-150600.13.19.1 * libpostproc55_9-32bit-debuginfo-4.4.5-150600.13.19.1 * libavutil56_70-32bit-debuginfo-4.4.5-150600.13.19.1 * libpostproc55_9-32bit-4.4.5-150600.13.19.1 * libswscale5_9-32bit-4.4.5-150600.13.19.1 * libavcodec58_134-32bit-4.4.5-150600.13.19.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libavformat58_76-64bit-4.4.5-150600.13.19.1 * libavutil56_70-64bit-4.4.5-150600.13.19.1 * libavresample4_0-64bit-4.4.5-150600.13.19.1 * libswresample3_9-64bit-debuginfo-4.4.5-150600.13.19.1 * libswresample3_9-64bit-4.4.5-150600.13.19.1 * libavformat58_76-64bit-debuginfo-4.4.5-150600.13.19.1 * libavcodec58_134-64bit-debuginfo-4.4.5-150600.13.19.1 * libavdevice58_13-64bit-4.4.5-150600.13.19.1 * libpostproc55_9-64bit-4.4.5-150600.13.19.1 * libswscale5_9-64bit-4.4.5-150600.13.19.1 * libpostproc55_9-64bit-debuginfo-4.4.5-150600.13.19.1 * libavresample4_0-64bit-debuginfo-4.4.5-150600.13.19.1 * libavutil56_70-64bit-debuginfo-4.4.5-150600.13.19.1 * libavdevice58_13-64bit-debuginfo-4.4.5-150600.13.19.1 * libswscale5_9-64bit-debuginfo-4.4.5-150600.13.19.1 * libavcodec58_134-64bit-4.4.5-150600.13.19.1 * libavfilter7_110-64bit-4.4.5-150600.13.19.1 * libavfilter7_110-64bit-debuginfo-4.4.5-150600.13.19.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * ffmpeg-4-libswresample-devel-4.4.5-150600.13.19.1 * ffmpeg-4-libavdevice-devel-4.4.5-150600.13.19.1 * libavformat58_76-debuginfo-4.4.5-150600.13.19.1 * libavcodec58_134-debuginfo-4.4.5-150600.13.19.1 * libavresample4_0-debuginfo-4.4.5-150600.13.19.1 * ffmpeg-4-libavresample-devel-4.4.5-150600.13.19.1 * libswscale5_9-4.4.5-150600.13.19.1 * ffmpeg-4-libavcodec-devel-4.4.5-150600.13.19.1 * libavresample4_0-4.4.5-150600.13.19.1 * libavdevice58_13-4.4.5-150600.13.19.1 * libavcodec58_134-4.4.5-150600.13.19.1 * ffmpeg-4-libavfilter-devel-4.4.5-150600.13.19.1 * libpostproc55_9-debuginfo-4.4.5-150600.13.19.1 * libswresample3_9-4.4.5-150600.13.19.1 * libswresample3_9-debuginfo-4.4.5-150600.13.19.1 * ffmpeg-4-libavutil-devel-4.4.5-150600.13.19.1 * libavfilter7_110-debuginfo-4.4.5-150600.13.19.1 * libavfilter7_110-4.4.5-150600.13.19.1 * ffmpeg-4-libavformat-devel-4.4.5-150600.13.19.1 * ffmpeg-4-debuginfo-4.4.5-150600.13.19.1 * ffmpeg-4-private-devel-4.4.5-150600.13.19.1 * ffmpeg-4-debugsource-4.4.5-150600.13.19.1 * ffmpeg-4-libpostproc-devel-4.4.5-150600.13.19.1 * libavutil56_70-4.4.5-150600.13.19.1 * libavutil56_70-debuginfo-4.4.5-150600.13.19.1 * ffmpeg-4-4.4.5-150600.13.19.1 * ffmpeg-4-libswscale-devel-4.4.5-150600.13.19.1 * libpostproc55_9-4.4.5-150600.13.19.1 * libavformat58_76-4.4.5-150600.13.19.1 * libswscale5_9-debuginfo-4.4.5-150600.13.19.1 * libavdevice58_13-debuginfo-4.4.5-150600.13.19.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * libswresample3_9-4.4.5-150600.13.19.1 * libswresample3_9-debuginfo-4.4.5-150600.13.19.1 * libavutil56_70-4.4.5-150600.13.19.1 * libavformat58_76-debuginfo-4.4.5-150600.13.19.1 * libavcodec58_134-debuginfo-4.4.5-150600.13.19.1 * libavformat58_76-4.4.5-150600.13.19.1 * libswscale5_9-4.4.5-150600.13.19.1 * ffmpeg-4-debuginfo-4.4.5-150600.13.19.1 * libswscale5_9-debuginfo-4.4.5-150600.13.19.1 * libavutil56_70-debuginfo-4.4.5-150600.13.19.1 * libavcodec58_134-4.4.5-150600.13.19.1 * ffmpeg-4-debugsource-4.4.5-150600.13.19.1 ## References: * https://www.suse.com/security/cve/CVE-2020-22021.html * https://www.suse.com/security/cve/CVE-2020-22046.html * https://www.suse.com/security/cve/CVE-2022-48434.html * https://bugzilla.suse.com/show_bug.cgi?id=1186586 * https://bugzilla.suse.com/show_bug.cgi?id=1209934 * https://bugzilla.suse.com/show_bug.cgi?id=1215309 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 19 20:32:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 19 Mar 2025 20:32:21 -0000 Subject: SUSE-SU-2025:0956-1: moderate: Security update for python-Jinja2 Message-ID: <174241634101.21928.7043422636587695171@smelt2.prg2.suse.org> # Security update for python-Jinja2 Announcement ID: SUSE-SU-2025:0956-1 Release Date: 2025-03-19T16:12:35Z Rating: moderate References: * bsc#1238879 Cross-References: * CVE-2025-27516 CVSS scores: * CVE-2025-27516 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-27516 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2025-27516 ( NVD ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-Jinja2 fixes the following issues: * CVE-2025-27516: Fixed sandbox breakout through attr filter selecting format method (bsc#1238879) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-956=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-956=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-956=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-956=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-Jinja2-3.1.2-150400.12.14.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python311-Jinja2-3.1.2-150400.12.14.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-Jinja2-3.1.2-150400.12.14.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-Jinja2-3.1.2-150400.12.14.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27516.html * https://bugzilla.suse.com/show_bug.cgi?id=1238879 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 21 12:30:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 21 Mar 2025 12:30:04 -0000 Subject: SUSE-SU-2025:0977-1: moderate: Security update for wpa_supplicant Message-ID: <174256020494.4612.17553131577354645724@smelt2.prg2.suse.org> # Security update for wpa_supplicant Announcement ID: SUSE-SU-2025:0977-1 Release Date: 2025-03-21T08:26:03Z Rating: moderate References: * bsc#1239461 Cross-References: * CVE-2025-24912 CVSS scores: * CVE-2025-24912 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-24912 ( NVD ): 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for wpa_supplicant fixes the following issues: * CVE-2025-24912: Fixed hostapd failing to process crafted RADIUS packets properly (bsc#1239461) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-977=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-977=1 openSUSE-SLE-15.6-2025-977=1 ## Package List: * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * wpa_supplicant-2.10-150600.7.6.1 * wpa_supplicant-debugsource-2.10-150600.7.6.1 * wpa_supplicant-debuginfo-2.10-150600.7.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * wpa_supplicant-debuginfo-2.10-150600.7.6.1 * wpa_supplicant-2.10-150600.7.6.1 * wpa_supplicant-gui-2.10-150600.7.6.1 * wpa_supplicant-gui-debuginfo-2.10-150600.7.6.1 * wpa_supplicant-debugsource-2.10-150600.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-24912.html * https://bugzilla.suse.com/show_bug.cgi?id=1239461 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 21 12:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 21 Mar 2025 12:30:09 -0000 Subject: SUSE-SU-2025:0976-1: important: Security update for libxml2 Message-ID: <174256020939.4612.18285966676403068943@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2025:0976-1 Release Date: 2025-03-21T08:25:31Z Rating: important References: * bsc#1237363 * bsc#1237370 * bsc#1237418 Cross-References: * CVE-2024-56171 * CVE-2025-24928 * CVE-2025-27113 CVSS scores: * CVE-2024-56171 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56171 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56171 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N * CVE-2025-24928 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-24928 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L * CVE-2025-24928 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N * CVE-2025-27113 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-27113 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-27113 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-27113 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2024-56171: Fixed use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c (bsc#1237363). * CVE-2025-24928: Fixed stack-based buffer overflow in xmlSnprintfElements in valid.c (bsc#1237370). * CVE-2025-27113: Fixed NULL Pointer Dereference in libxml2 xmlPatMatch (bsc#1237418). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-976=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-976=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-976=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-976=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-976=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-976=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-976=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-976=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python-libxml2-python-debugsource-2.9.7-150000.3.76.1 * python3-libxml2-python-2.9.7-150000.3.76.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.76.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.76.1 * libxml2-2-debuginfo-2.9.7-150000.3.76.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.76.1 * python3-libxml2-python-2.9.7-150000.3.76.1 * libxml2-tools-2.9.7-150000.3.76.1 * libxml2-devel-2.9.7-150000.3.76.1 * libxml2-debugsource-2.9.7-150000.3.76.1 * python-libxml2-python-debugsource-2.9.7-150000.3.76.1 * libxml2-2-2.9.7-150000.3.76.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * libxml2-2-32bit-debuginfo-2.9.7-150000.3.76.1 * libxml2-2-32bit-2.9.7-150000.3.76.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.76.1 * libxml2-2-debuginfo-2.9.7-150000.3.76.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.76.1 * python3-libxml2-python-2.9.7-150000.3.76.1 * libxml2-tools-2.9.7-150000.3.76.1 * libxml2-devel-2.9.7-150000.3.76.1 * libxml2-debugsource-2.9.7-150000.3.76.1 * python-libxml2-python-debugsource-2.9.7-150000.3.76.1 * libxml2-2-2.9.7-150000.3.76.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64) * libxml2-2-32bit-debuginfo-2.9.7-150000.3.76.1 * libxml2-2-32bit-2.9.7-150000.3.76.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.76.1 * libxml2-2-debuginfo-2.9.7-150000.3.76.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.76.1 * python3-libxml2-python-2.9.7-150000.3.76.1 * libxml2-tools-2.9.7-150000.3.76.1 * libxml2-devel-2.9.7-150000.3.76.1 * libxml2-debugsource-2.9.7-150000.3.76.1 * python-libxml2-python-debugsource-2.9.7-150000.3.76.1 * libxml2-2-2.9.7-150000.3.76.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * libxml2-2-32bit-debuginfo-2.9.7-150000.3.76.1 * libxml2-2-32bit-2.9.7-150000.3.76.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.76.1 * libxml2-2-debuginfo-2.9.7-150000.3.76.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.76.1 * python3-libxml2-python-2.9.7-150000.3.76.1 * libxml2-tools-2.9.7-150000.3.76.1 * libxml2-devel-2.9.7-150000.3.76.1 * libxml2-debugsource-2.9.7-150000.3.76.1 * python-libxml2-python-debugsource-2.9.7-150000.3.76.1 * libxml2-2-2.9.7-150000.3.76.1 * SUSE Enterprise Storage 7.1 (x86_64) * libxml2-2-32bit-debuginfo-2.9.7-150000.3.76.1 * libxml2-2-32bit-2.9.7-150000.3.76.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libxml2-2-debuginfo-2.9.7-150000.3.76.1 * libxml2-2-2.9.7-150000.3.76.1 * libxml2-tools-2.9.7-150000.3.76.1 * libxml2-debugsource-2.9.7-150000.3.76.1 * libxml2-tools-debuginfo-2.9.7-150000.3.76.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libxml2-2-debuginfo-2.9.7-150000.3.76.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.76.1 * python3-libxml2-python-2.9.7-150000.3.76.1 * libxml2-2-2.9.7-150000.3.76.1 * libxml2-tools-2.9.7-150000.3.76.1 * libxml2-debugsource-2.9.7-150000.3.76.1 * python-libxml2-python-debugsource-2.9.7-150000.3.76.1 * libxml2-tools-debuginfo-2.9.7-150000.3.76.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libxml2-2-debuginfo-2.9.7-150000.3.76.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.76.1 * python3-libxml2-python-2.9.7-150000.3.76.1 * libxml2-2-2.9.7-150000.3.76.1 * libxml2-tools-2.9.7-150000.3.76.1 * libxml2-debugsource-2.9.7-150000.3.76.1 * python-libxml2-python-debugsource-2.9.7-150000.3.76.1 * libxml2-tools-debuginfo-2.9.7-150000.3.76.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56171.html * https://www.suse.com/security/cve/CVE-2025-24928.html * https://www.suse.com/security/cve/CVE-2025-27113.html * https://bugzilla.suse.com/show_bug.cgi?id=1237363 * https://bugzilla.suse.com/show_bug.cgi?id=1237370 * https://bugzilla.suse.com/show_bug.cgi?id=1237418 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 21 12:30:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 21 Mar 2025 12:30:14 -0000 Subject: SUSE-SU-2025:0975-1: important: Security update for webkit2gtk3 Message-ID: <174256021451.4612.13131854385589230012@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:0975-1 Release Date: 2025-03-21T08:24:37Z Rating: important References: * bsc#1239547 Cross-References: * CVE-2025-24201 CVSS scores: * CVE-2025-24201 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: * CVE-2025-24201: Fixed out-of-bounds write vulnerability due to that WebGL context primitive restart can be toggled from WebContent process (bsc#1239547). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-975=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-975=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-975=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-975=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-975=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-975=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-975=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-975=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-975=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-975=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-975=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-975=1 ## Package List: * openSUSE Leap 15.4 (noarch) * WebKitGTK-6.0-lang-2.46.6-150400.4.109.1 * WebKitGTK-4.0-lang-2.46.6-150400.4.109.1 * WebKitGTK-4.1-lang-2.46.6-150400.4.109.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1 * webkit2gtk3-minibrowser-2.46.6-150400.4.109.1 * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.109.1 * webkit2gtk3-minibrowser-debuginfo-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1 * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-6_0-2.46.6-150400.4.109.1 * webkit-jsc-4-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk4-minibrowser-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-minibrowser-2.46.6-150400.4.109.1 * webkit2gtk3-debugsource-2.46.6-150400.4.109.1 * typelib-1_0-WebKit-6_0-2.46.6-150400.4.109.1 * webkit-jsc-4.1-2.46.6-150400.4.109.1 * webkit-jsc-4.1-debuginfo-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1 * webkit-jsc-4-2.46.6-150400.4.109.1 * webkit-jsc-6.0-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.109.1 * webkit2gtk4-minibrowser-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1 * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.109.1 * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-devel-2.46.6-150400.4.109.1 * webkit2gtk4-debugsource-2.46.6-150400.4.109.1 * webkit2gtk4-devel-2.46.6-150400.4.109.1 * libwebkitgtk-6_0-4-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.46.6-150400.4.109.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * webkit-jsc-6.0-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.6-150400.4.109.1 * openSUSE Leap 15.4 (x86_64) * libjavascriptcoregtk-4_0-18-32bit-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-32bit-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-32bit-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-32bit-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.6-150400.4.109.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libjavascriptcoregtk-4_1-0-64bit-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-64bit-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-64bit-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-64bit-2.46.6-150400.4.109.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * WebKitGTK-6.0-lang-2.46.6-150400.4.109.1 * WebKitGTK-4.0-lang-2.46.6-150400.4.109.1 * WebKitGTK-4.1-lang-2.46.6-150400.4.109.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1 * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1 * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.109.1 * webkit2gtk3-debugsource-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1 * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.109.1 * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-devel-2.46.6-150400.4.109.1 * webkit2gtk4-debugsource-2.46.6-150400.4.109.1 * libwebkitgtk-6_0-4-2.46.6-150400.4.109.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * WebKitGTK-6.0-lang-2.46.6-150400.4.109.1 * WebKitGTK-4.0-lang-2.46.6-150400.4.109.1 * WebKitGTK-4.1-lang-2.46.6-150400.4.109.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1 * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1 * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.109.1 * webkit2gtk3-debugsource-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1 * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.109.1 * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-devel-2.46.6-150400.4.109.1 * webkit2gtk4-debugsource-2.46.6-150400.4.109.1 * libwebkitgtk-6_0-4-2.46.6-150400.4.109.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * WebKitGTK-6.0-lang-2.46.6-150400.4.109.1 * WebKitGTK-4.0-lang-2.46.6-150400.4.109.1 * WebKitGTK-4.1-lang-2.46.6-150400.4.109.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1 * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1 * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.109.1 * webkit2gtk3-debugsource-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1 * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.109.1 * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-devel-2.46.6-150400.4.109.1 * webkit2gtk4-debugsource-2.46.6-150400.4.109.1 * libwebkitgtk-6_0-4-2.46.6-150400.4.109.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * WebKitGTK-6.0-lang-2.46.6-150400.4.109.1 * WebKitGTK-4.0-lang-2.46.6-150400.4.109.1 * WebKitGTK-4.1-lang-2.46.6-150400.4.109.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1 * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1 * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.109.1 * webkit2gtk3-debugsource-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1 * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.109.1 * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-devel-2.46.6-150400.4.109.1 * webkit2gtk4-debugsource-2.46.6-150400.4.109.1 * libwebkitgtk-6_0-4-2.46.6-150400.4.109.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * WebKitGTK-6.0-lang-2.46.6-150400.4.109.1 * WebKitGTK-4.0-lang-2.46.6-150400.4.109.1 * WebKitGTK-4.1-lang-2.46.6-150400.4.109.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1 * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1 * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.109.1 * webkit2gtk3-debugsource-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1 * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.109.1 * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-devel-2.46.6-150400.4.109.1 * webkit2gtk4-debugsource-2.46.6-150400.4.109.1 * libwebkitgtk-6_0-4-2.46.6-150400.4.109.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * WebKitGTK-6.0-lang-2.46.6-150400.4.109.1 * WebKitGTK-4.0-lang-2.46.6-150400.4.109.1 * WebKitGTK-4.1-lang-2.46.6-150400.4.109.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1 * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1 * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.109.1 * webkit2gtk3-debugsource-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1 * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.109.1 * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-devel-2.46.6-150400.4.109.1 * webkit2gtk4-debugsource-2.46.6-150400.4.109.1 * libwebkitgtk-6_0-4-2.46.6-150400.4.109.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * WebKitGTK-6.0-lang-2.46.6-150400.4.109.1 * WebKitGTK-4.0-lang-2.46.6-150400.4.109.1 * WebKitGTK-4.1-lang-2.46.6-150400.4.109.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1 * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1 * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.109.1 * webkit2gtk3-debugsource-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1 * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.109.1 * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-devel-2.46.6-150400.4.109.1 * webkit2gtk4-debugsource-2.46.6-150400.4.109.1 * libwebkitgtk-6_0-4-2.46.6-150400.4.109.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * WebKitGTK-6.0-lang-2.46.6-150400.4.109.1 * WebKitGTK-4.0-lang-2.46.6-150400.4.109.1 * WebKitGTK-4.1-lang-2.46.6-150400.4.109.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1 * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1 * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.109.1 * webkit2gtk3-debugsource-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1 * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.109.1 * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-devel-2.46.6-150400.4.109.1 * webkit2gtk4-debugsource-2.46.6-150400.4.109.1 * libwebkitgtk-6_0-4-2.46.6-150400.4.109.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * SUSE Manager Proxy 4.3 (noarch) * WebKitGTK-4.0-lang-2.46.6-150400.4.109.1 * SUSE Manager Proxy 4.3 (x86_64) * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1 * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.46.6-150400.4.109.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1 * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1 * SUSE Manager Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.46.6-150400.4.109.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.109.1 * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-devel-2.46.6-150400.4.109.1 * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.109.1 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.109.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.109.1 * libwebkit2gtk-4_0-37-2.46.6-150400.4.109.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.109.1 * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.109.1 ## References: * https://www.suse.com/security/cve/CVE-2025-24201.html * https://bugzilla.suse.com/show_bug.cgi?id=1239547 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 21 12:30:18 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 21 Mar 2025 12:30:18 -0000 Subject: SUSE-SU-2025:0974-1: important: Security update for webkit2gtk3 Message-ID: <174256021826.4612.9805504506865943153@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:0974-1 Release Date: 2025-03-21T08:23:25Z Rating: important References: * bsc#1239547 Cross-References: * CVE-2025-24201 CVSS scores: * CVE-2025-24201 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: * CVE-2025-24201: Fixed out-of-bounds write vulnerability due to that WebGL context primitive restart can be toggled from WebContent process (bsc#1239547). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-974=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-974=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-974=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-974=1 openSUSE-SLE-15.6-2025-974=1 ## Package List: * Basesystem Module 15-SP6 (noarch) * WebKitGTK-4.0-lang-2.46.6-150600.12.30.2 * WebKitGTK-6.0-lang-2.46.6-150600.12.30.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-6_0-1-2.46.6-150600.12.30.2 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.6-150600.12.30.2 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150600.12.30.2 * webkitgtk-6_0-injected-bundles-2.46.6-150600.12.30.2 * webkit2gtk3-soup2-devel-2.46.6-150600.12.30.2 * webkit2gtk4-debugsource-2.46.6-150600.12.30.2 * libwebkitgtk-6_0-4-debuginfo-2.46.6-150600.12.30.2 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk-4_0-injected-bundles-2.46.6-150600.12.30.2 * libwebkitgtk-6_0-4-2.46.6-150600.12.30.2 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150600.12.30.2 * typelib-1_0-WebKit2-4_0-2.46.6-150600.12.30.2 * webkit2gtk3-soup2-debugsource-2.46.6-150600.12.30.2 * libwebkit2gtk-4_0-37-2.46.6-150600.12.30.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_0-18-2.46.6-150600.12.30.2 * Desktop Applications Module 15-SP6 (noarch) * WebKitGTK-4.1-lang-2.46.6-150600.12.30.2 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * webkit2gtk3-devel-2.46.6-150600.12.30.2 * webkit2gtk3-debugsource-2.46.6-150600.12.30.2 * libwebkit2gtk-4_1-0-2.46.6-150600.12.30.2 * typelib-1_0-JavaScriptCore-4_1-2.46.6-150600.12.30.2 * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk-4_1-injected-bundles-2.46.6-150600.12.30.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150600.12.30.2 * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150600.12.30.2 * typelib-1_0-WebKit2-4_1-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_1-0-2.46.6-150600.12.30.2 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.6-150600.12.30.2 * webkit2gtk4-debugsource-2.46.6-150600.12.30.2 * typelib-1_0-WebKit-6_0-2.46.6-150600.12.30.2 * webkit2gtk4-devel-2.46.6-150600.12.30.2 * typelib-1_0-JavaScriptCore-6_0-2.46.6-150600.12.30.2 * openSUSE Leap 15.6 (noarch) * WebKitGTK-4.0-lang-2.46.6-150600.12.30.2 * WebKitGTK-6.0-lang-2.46.6-150600.12.30.2 * WebKitGTK-4.1-lang-2.46.6-150600.12.30.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libjavascriptcoregtk-6_0-1-2.46.6-150600.12.30.2 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk4-debugsource-2.46.6-150600.12.30.2 * webkit2gtk3-soup2-minibrowser-debuginfo-2.46.6-150600.12.30.2 * webkit-jsc-4.1-2.46.6-150600.12.30.2 * webkit2gtk-4_0-injected-bundles-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk3-minibrowser-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk3-soup2-minibrowser-2.46.6-150600.12.30.2 * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150600.12.30.2 * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.6-150600.12.30.2 * webkit2gtk4-minibrowser-debuginfo-2.46.6-150600.12.30.2 * webkitgtk-6_0-injected-bundles-2.46.6-150600.12.30.2 * typelib-1_0-WebKit-6_0-2.46.6-150600.12.30.2 * typelib-1_0-JavaScriptCore-4_1-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150600.12.30.2 * typelib-1_0-WebKit2-4_0-2.46.6-150600.12.30.2 * webkit2gtk3-minibrowser-2.46.6-150600.12.30.2 * typelib-1_0-WebKit2-4_1-2.46.6-150600.12.30.2 * webkit2gtk3-soup2-debugsource-2.46.6-150600.12.30.2 * libwebkit2gtk-4_0-37-2.46.6-150600.12.30.2 * webkit2gtk4-minibrowser-2.46.6-150600.12.30.2 * webkit-jsc-4-debuginfo-2.46.6-150600.12.30.2 * libwebkitgtk-6_0-4-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk3-debugsource-2.46.6-150600.12.30.2 * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150600.12.30.2 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150600.12.30.2 * webkit-jsc-4.1-debuginfo-2.46.6-150600.12.30.2 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150600.12.30.2 * libwebkitgtk-6_0-4-2.46.6-150600.12.30.2 * typelib-1_0-JavaScriptCore-6_0-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_1-0-2.46.6-150600.12.30.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150600.12.30.2 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk3-soup2-devel-2.46.6-150600.12.30.2 * webkit2gtk3-devel-2.46.6-150600.12.30.2 * libwebkit2gtk-4_1-0-2.46.6-150600.12.30.2 * webkit-jsc-4-2.46.6-150600.12.30.2 * webkit2gtk4-devel-2.46.6-150600.12.30.2 * webkit-jsc-6.0-2.46.6-150600.12.30.2 * webkit-jsc-6.0-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk-4_1-injected-bundles-2.46.6-150600.12.30.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_0-18-2.46.6-150600.12.30.2 * openSUSE Leap 15.6 (x86_64) * libwebkit2gtk-4_0-37-32bit-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_0-18-32bit-2.46.6-150600.12.30.2 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.6-150600.12.30.2 * libwebkit2gtk-4_1-0-32bit-2.46.6-150600.12.30.2 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_1-0-32bit-2.46.6-150600.12.30.2 * openSUSE Leap 15.6 (aarch64_ilp32) * libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_0-18-64bit-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_1-0-64bit-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.6-150600.12.30.2 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.6-150600.12.30.2 * libwebkit2gtk-4_0-37-64bit-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.6-150600.12.30.2 * libwebkit2gtk-4_1-0-64bit-2.46.6-150600.12.30.2 ## References: * https://www.suse.com/security/cve/CVE-2025-24201.html * https://bugzilla.suse.com/show_bug.cgi?id=1239547 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 21 16:30:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 21 Mar 2025 16:30:04 -0000 Subject: SUSE-SU-2025:0982-1: low: Security update for python311 Message-ID: <174257460486.4591.15502681043086302470@smelt2.prg2.suse.org> # Security update for python311 Announcement ID: SUSE-SU-2025:0982-1 Release Date: 2025-03-21T14:17:21Z Rating: low References: * bsc#1238450 * bsc#1239210 Cross-References: * CVE-2025-1795 CVSS scores: * CVE-2025-1795 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1795 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-1795 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python311 fixes the following issues: * CVE-2025-1795: Fixed mishandling of comma during folding and unicode- encoding of email headers (bsc#1238450). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-982=1 openSUSE-SLE-15.6-2025-982=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-982=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-982=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python311-debuginfo-3.11.11-150600.3.21.1 * python311-tk-debuginfo-3.11.11-150600.3.21.1 * python311-base-debuginfo-3.11.11-150600.3.21.1 * python311-core-debugsource-3.11.11-150600.3.21.1 * python311-tools-3.11.11-150600.3.21.1 * python311-testsuite-3.11.11-150600.3.21.1 * libpython3_11-1_0-debuginfo-3.11.11-150600.3.21.1 * python311-debugsource-3.11.11-150600.3.21.1 * python311-tk-3.11.11-150600.3.21.1 * python311-curses-debuginfo-3.11.11-150600.3.21.1 * python311-base-3.11.11-150600.3.21.1 * python311-testsuite-debuginfo-3.11.11-150600.3.21.1 * python311-curses-3.11.11-150600.3.21.1 * libpython3_11-1_0-3.11.11-150600.3.21.1 * python311-doc-devhelp-3.11.11-150600.3.21.1 * python311-dbm-debuginfo-3.11.11-150600.3.21.1 * python311-devel-3.11.11-150600.3.21.1 * python311-doc-3.11.11-150600.3.21.1 * python311-dbm-3.11.11-150600.3.21.1 * python311-idle-3.11.11-150600.3.21.1 * python311-3.11.11-150600.3.21.1 * openSUSE Leap 15.6 (x86_64) * python311-base-32bit-debuginfo-3.11.11-150600.3.21.1 * python311-32bit-3.11.11-150600.3.21.1 * libpython3_11-1_0-32bit-debuginfo-3.11.11-150600.3.21.1 * libpython3_11-1_0-32bit-3.11.11-150600.3.21.1 * python311-32bit-debuginfo-3.11.11-150600.3.21.1 * python311-base-32bit-3.11.11-150600.3.21.1 * openSUSE Leap 15.6 (aarch64_ilp32) * python311-64bit-debuginfo-3.11.11-150600.3.21.1 * libpython3_11-1_0-64bit-debuginfo-3.11.11-150600.3.21.1 * python311-base-64bit-debuginfo-3.11.11-150600.3.21.1 * python311-base-64bit-3.11.11-150600.3.21.1 * libpython3_11-1_0-64bit-3.11.11-150600.3.21.1 * python311-64bit-3.11.11-150600.3.21.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-base-3.11.11-150600.3.21.1 * libpython3_11-1_0-debuginfo-3.11.11-150600.3.21.1 * python311-base-debuginfo-3.11.11-150600.3.21.1 * python311-core-debugsource-3.11.11-150600.3.21.1 * libpython3_11-1_0-3.11.11-150600.3.21.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-debuginfo-3.11.11-150600.3.21.1 * python311-tk-debuginfo-3.11.11-150600.3.21.1 * python311-curses-debuginfo-3.11.11-150600.3.21.1 * python311-core-debugsource-3.11.11-150600.3.21.1 * python311-curses-3.11.11-150600.3.21.1 * python311-debugsource-3.11.11-150600.3.21.1 * python311-dbm-3.11.11-150600.3.21.1 * python311-idle-3.11.11-150600.3.21.1 * python311-tk-3.11.11-150600.3.21.1 * python311-3.11.11-150600.3.21.1 * python311-tools-3.11.11-150600.3.21.1 * python311-dbm-debuginfo-3.11.11-150600.3.21.1 * python311-devel-3.11.11-150600.3.21.1 ## References: * https://www.suse.com/security/cve/CVE-2025-1795.html * https://bugzilla.suse.com/show_bug.cgi?id=1238450 * https://bugzilla.suse.com/show_bug.cgi?id=1239210 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 21 16:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 21 Mar 2025 16:30:09 -0000 Subject: SUSE-SU-2025:0981-1: low: Security update for python311 Message-ID: <174257460913.4591.5114395626490558728@smelt2.prg2.suse.org> # Security update for python311 Announcement ID: SUSE-SU-2025:0981-1 Release Date: 2025-03-21T14:16:50Z Rating: low References: * bsc#1238450 * bsc#1239210 Cross-References: * CVE-2025-1795 CVSS scores: * CVE-2025-1795 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1795 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-1795 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.4 * Public Cloud Module 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python311 fixes the following issues: * CVE-2025-1795: Fixed mishandling of comma during folding and unicode- encoding of email headers (bsc#1238450). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-981=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-981=1 ## Package List: * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-3.11.11-150400.9.49.1 * libpython3_11-1_0-3.11.11-150400.9.49.1 * python311-base-3.11.11-150400.9.49.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-tk-3.11.11-150400.9.49.1 * python311-doc-3.11.11-150400.9.49.1 * python311-debuginfo-3.11.11-150400.9.49.1 * python311-idle-3.11.11-150400.9.49.1 * python311-testsuite-3.11.11-150400.9.49.1 * python311-curses-3.11.11-150400.9.49.1 * python311-tk-debuginfo-3.11.11-150400.9.49.1 * python311-3.11.11-150400.9.49.1 * libpython3_11-1_0-debuginfo-3.11.11-150400.9.49.1 * python311-base-debuginfo-3.11.11-150400.9.49.1 * python311-base-3.11.11-150400.9.49.1 * python311-testsuite-debuginfo-3.11.11-150400.9.49.1 * python311-core-debugsource-3.11.11-150400.9.49.1 * python311-doc-devhelp-3.11.11-150400.9.49.1 * python311-tools-3.11.11-150400.9.49.1 * python311-curses-debuginfo-3.11.11-150400.9.49.1 * python311-debugsource-3.11.11-150400.9.49.1 * python311-dbm-debuginfo-3.11.11-150400.9.49.1 * python311-dbm-3.11.11-150400.9.49.1 * python311-devel-3.11.11-150400.9.49.1 * libpython3_11-1_0-3.11.11-150400.9.49.1 * openSUSE Leap 15.4 (x86_64) * libpython3_11-1_0-32bit-debuginfo-3.11.11-150400.9.49.1 * python311-base-32bit-3.11.11-150400.9.49.1 * libpython3_11-1_0-32bit-3.11.11-150400.9.49.1 * python311-base-32bit-debuginfo-3.11.11-150400.9.49.1 * python311-32bit-debuginfo-3.11.11-150400.9.49.1 * python311-32bit-3.11.11-150400.9.49.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpython3_11-1_0-64bit-debuginfo-3.11.11-150400.9.49.1 * python311-64bit-3.11.11-150400.9.49.1 * python311-64bit-debuginfo-3.11.11-150400.9.49.1 * libpython3_11-1_0-64bit-3.11.11-150400.9.49.1 * python311-base-64bit-debuginfo-3.11.11-150400.9.49.1 * python311-base-64bit-3.11.11-150400.9.49.1 ## References: * https://www.suse.com/security/cve/CVE-2025-1795.html * https://bugzilla.suse.com/show_bug.cgi?id=1238450 * https://bugzilla.suse.com/show_bug.cgi?id=1239210 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 21 16:30:17 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 21 Mar 2025 16:30:17 -0000 Subject: SUSE-SU-2025:0980-1: critical: Security update for apptainer Message-ID: <174257461720.4591.1959454194022954021@smelt2.prg2.suse.org> # Security update for apptainer Announcement ID: SUSE-SU-2025:0980-1 Release Date: 2025-03-21T14:15:24Z Rating: critical References: * bsc#1228324 * bsc#1234595 * bsc#1234794 * bsc#1237679 * bsc#1238611 * bsc#1239341 Cross-References: * CVE-2024-41110 * CVE-2024-45337 * CVE-2024-45338 * CVE-2025-22869 * CVE-2025-22870 * CVE-2025-27144 CVSS scores: * CVE-2024-41110 ( SUSE ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-45337 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45337 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2024-45338 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45338 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45338 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22870 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-22870 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * HPC Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 An update that solves six vulnerabilities can now be installed. ## Description: This update for apptainer fixes the following issues: * CVE-2025-27144: Fixed Denial of Service in Go JOSE's Parsing (bsc#1237679). * CVE-2024-45338: Fixed denial of service due to non-linear parsing of case- insensitive content (bsc#1234794). * CVE-2024-45337: Fixed Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto (bsc#1234595). * CVE-2025-22870: Fixed proxy bypass using IPv6 zone IDs (bsc#1238611). * CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239341). * CVE-2024-41110: Fixed Authz zero length regression (bsc#1228324). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-980=1 openSUSE-SLE-15.6-2025-980=1 * HPC Module 15-SP6 zypper in -t patch SUSE-SLE-Module-HPC-15-SP6-2025-980=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64) * apptainer-debuginfo-1.3.6-150600.4.9.1 * apptainer-1.3.6-150600.4.9.1 * openSUSE Leap 15.6 (noarch) * apptainer-sle15_5-1.3.6-150600.4.9.1 * apptainer-sle15_6-1.3.6-150600.4.9.1 * apptainer-leap-1.3.6-150600.4.9.1 * apptainer-sle15_7-1.3.6-150600.4.9.1 * HPC Module 15-SP6 (aarch64 x86_64) * apptainer-debuginfo-1.3.6-150600.4.9.1 * apptainer-1.3.6-150600.4.9.1 * HPC Module 15-SP6 (noarch) * apptainer-sle15_6-1.3.6-150600.4.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-41110.html * https://www.suse.com/security/cve/CVE-2024-45337.html * https://www.suse.com/security/cve/CVE-2024-45338.html * https://www.suse.com/security/cve/CVE-2025-22869.html * https://www.suse.com/security/cve/CVE-2025-22870.html * https://www.suse.com/security/cve/CVE-2025-27144.html * https://bugzilla.suse.com/show_bug.cgi?id=1228324 * https://bugzilla.suse.com/show_bug.cgi?id=1234595 * https://bugzilla.suse.com/show_bug.cgi?id=1234794 * https://bugzilla.suse.com/show_bug.cgi?id=1237679 * https://bugzilla.suse.com/show_bug.cgi?id=1238611 * https://bugzilla.suse.com/show_bug.cgi?id=1239341 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 21 16:30:23 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 21 Mar 2025 16:30:23 -0000 Subject: SUSE-SU-2025:0979-1: important: Security update for zvbi Message-ID: <174257462351.4591.14837273765782134335@smelt2.prg2.suse.org> # Security update for zvbi Announcement ID: SUSE-SU-2025:0979-1 Release Date: 2025-03-21T12:54:45Z Rating: important References: * bsc#1239222 * bsc#1239299 * bsc#1239312 * bsc#1239319 * bsc#1239320 Cross-References: * CVE-2025-2173 * CVE-2025-2174 * CVE-2025-2175 * CVE-2025-2176 * CVE-2025-2177 CVSS scores: * CVE-2025-2173 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-2173 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-2173 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2173 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-2174 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2174 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-2174 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2174 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-2175 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2175 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-2175 ( NVD ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2175 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-2176 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-2176 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-2176 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2176 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-2177 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-2177 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-2177 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2177 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for zvbi fixes the following issues: * CVE-2025-2173: Fixed check on src_length to avoid an unitinialized heap read (bsc#1239222). * CVE-2025-2174: Fixed integer overflow leading to heap overflow in src/conv.c, src/io-sim.c, src/search.c (bsc#1239299). * CVE-2025-2175: Fixed integer overflow in _vbi_strndup_iconv (bsc#1239312). * CVE-2025-2176: Fixed integer overflow in function vbi_capture_sim_load_caption in src/io-sim.c (bsc#1239319). * CVE-2025-2177: Fixed integer overflow in function vbi_search_new in src/search.c (bsc#1239320). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-979=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-979=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-979=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-979=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-979=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-979=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-979=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-979=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-979=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-979=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-979=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * zvbi-debugsource-0.2.35-150000.4.3.1 * zvbi-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-0.2.35-150000.4.3.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * zvbi-debugsource-0.2.35-150000.4.3.1 * zvbi-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-0.2.35-150000.4.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * zvbi-debugsource-0.2.35-150000.4.3.1 * zvbi-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-0.2.35-150000.4.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * zvbi-debugsource-0.2.35-150000.4.3.1 * zvbi-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-0.2.35-150000.4.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * zvbi-0.2.35-150000.4.3.1 * zvbi-devel-0.2.35-150000.4.3.1 * zvbi-debugsource-0.2.35-150000.4.3.1 * libzvbi-chains0-debuginfo-0.2.35-150000.4.3.1 * zvbi-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-0.2.35-150000.4.3.1 * libzvbi-chains0-0.2.35-150000.4.3.1 * libzvbi0-debuginfo-0.2.35-150000.4.3.1 * openSUSE Leap 15.6 (x86_64) * libzvbi-chains0-32bit-0.2.35-150000.4.3.1 * libzvbi-chains0-32bit-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-32bit-debuginfo-0.2.35-150000.4.3.1 * zvbi-devel-32bit-0.2.35-150000.4.3.1 * libzvbi0-32bit-0.2.35-150000.4.3.1 * openSUSE Leap 15.6 (noarch) * zvbi-lang-0.2.35-150000.4.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * zvbi-debugsource-0.2.35-150000.4.3.1 * zvbi-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-0.2.35-150000.4.3.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * zvbi-0.2.35-150000.4.3.1 * zvbi-devel-0.2.35-150000.4.3.1 * zvbi-debugsource-0.2.35-150000.4.3.1 * libzvbi-chains0-debuginfo-0.2.35-150000.4.3.1 * zvbi-debuginfo-0.2.35-150000.4.3.1 * libzvbi-chains0-0.2.35-150000.4.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * zvbi-debugsource-0.2.35-150000.4.3.1 * zvbi-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-0.2.35-150000.4.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * zvbi-debugsource-0.2.35-150000.4.3.1 * zvbi-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-0.2.35-150000.4.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * zvbi-debugsource-0.2.35-150000.4.3.1 * zvbi-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-0.2.35-150000.4.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * zvbi-debugsource-0.2.35-150000.4.3.1 * zvbi-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-debuginfo-0.2.35-150000.4.3.1 * libzvbi0-0.2.35-150000.4.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2173.html * https://www.suse.com/security/cve/CVE-2025-2174.html * https://www.suse.com/security/cve/CVE-2025-2175.html * https://www.suse.com/security/cve/CVE-2025-2176.html * https://www.suse.com/security/cve/CVE-2025-2177.html * https://bugzilla.suse.com/show_bug.cgi?id=1239222 * https://bugzilla.suse.com/show_bug.cgi?id=1239299 * https://bugzilla.suse.com/show_bug.cgi?id=1239312 * https://bugzilla.suse.com/show_bug.cgi?id=1239319 * https://bugzilla.suse.com/show_bug.cgi?id=1239320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 21 20:30:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 21 Mar 2025 20:30:04 -0000 Subject: SUSE-SU-2025:0986-1: moderate: Security update for libarchive Message-ID: <174258900430.4591.6008062396845246142@smelt2.prg2.suse.org> # Security update for libarchive Announcement ID: SUSE-SU-2025:0986-1 Release Date: 2025-03-21T17:49:34Z Rating: moderate References: * bsc#1238610 Cross-References: * CVE-2025-25724 CVSS scores: * CVE-2025-25724 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-25724 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-25724 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for libarchive fixes the following issues: * CVE-2025-25724: Fixed buffer overflow vulnerability in function list_item_verbose() in tar/util.c (bsc#1238610). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-986=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-986=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-986=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-986=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-986=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-986=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libarchive13-3.5.1-150400.3.18.1 * libarchive13-debuginfo-3.5.1-150400.3.18.1 * libarchive-debugsource-3.5.1-150400.3.18.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libarchive13-3.5.1-150400.3.18.1 * libarchive13-debuginfo-3.5.1-150400.3.18.1 * libarchive-debugsource-3.5.1-150400.3.18.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libarchive13-3.5.1-150400.3.18.1 * libarchive13-debuginfo-3.5.1-150400.3.18.1 * libarchive-debugsource-3.5.1-150400.3.18.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libarchive13-debuginfo-3.5.1-150400.3.18.1 * libarchive13-3.5.1-150400.3.18.1 * bsdtar-debuginfo-3.5.1-150400.3.18.1 * libarchive-devel-3.5.1-150400.3.18.1 * bsdtar-3.5.1-150400.3.18.1 * libarchive-debugsource-3.5.1-150400.3.18.1 * openSUSE Leap 15.4 (x86_64) * libarchive13-32bit-3.5.1-150400.3.18.1 * libarchive13-32bit-debuginfo-3.5.1-150400.3.18.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libarchive13-64bit-3.5.1-150400.3.18.1 * libarchive13-64bit-debuginfo-3.5.1-150400.3.18.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libarchive13-3.5.1-150400.3.18.1 * libarchive13-debuginfo-3.5.1-150400.3.18.1 * libarchive-debugsource-3.5.1-150400.3.18.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libarchive13-3.5.1-150400.3.18.1 * libarchive13-debuginfo-3.5.1-150400.3.18.1 * libarchive-debugsource-3.5.1-150400.3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2025-25724.html * https://bugzilla.suse.com/show_bug.cgi?id=1238610 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 21 20:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 21 Mar 2025 20:30:08 -0000 Subject: SUSE-SU-2025:0985-1: moderate: Security update for libarchive Message-ID: <174258900879.4591.4635451831484491855@smelt2.prg2.suse.org> # Security update for libarchive Announcement ID: SUSE-SU-2025:0985-1 Release Date: 2025-03-21T17:45:26Z Rating: moderate References: * bsc#1237606 * bsc#1238610 Cross-References: * CVE-2025-1632 * CVE-2025-25724 CVSS scores: * CVE-2025-1632 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-1632 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-1632 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1632 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-25724 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-25724 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-25724 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for libarchive fixes the following issues: * CVE-2025-1632: Fixed null pointer dereference in bsdunzip.c (bsc#1237606) * CVE-2025-25724: Fixed buffer overflow vulnerability in function list_item_verbose() in tar/util.c (bsc#1238610) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-985=1 openSUSE-SLE-15.6-2025-985=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-985=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-985=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libarchive-devel-3.7.2-150600.3.12.1 * libarchive13-3.7.2-150600.3.12.1 * bsdtar-debuginfo-3.7.2-150600.3.12.1 * libarchive13-debuginfo-3.7.2-150600.3.12.1 * bsdtar-3.7.2-150600.3.12.1 * libarchive-debugsource-3.7.2-150600.3.12.1 * openSUSE Leap 15.6 (x86_64) * libarchive13-32bit-debuginfo-3.7.2-150600.3.12.1 * libarchive13-32bit-3.7.2-150600.3.12.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libarchive13-64bit-debuginfo-3.7.2-150600.3.12.1 * libarchive13-64bit-3.7.2-150600.3.12.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libarchive-devel-3.7.2-150600.3.12.1 * libarchive13-3.7.2-150600.3.12.1 * libarchive-debugsource-3.7.2-150600.3.12.1 * libarchive13-debuginfo-3.7.2-150600.3.12.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * bsdtar-3.7.2-150600.3.12.1 * libarchive-debugsource-3.7.2-150600.3.12.1 * bsdtar-debuginfo-3.7.2-150600.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-1632.html * https://www.suse.com/security/cve/CVE-2025-25724.html * https://bugzilla.suse.com/show_bug.cgi?id=1237606 * https://bugzilla.suse.com/show_bug.cgi?id=1238610 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 21 20:30:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 21 Mar 2025 20:30:11 -0000 Subject: SUSE-SU-2025:0984-1: moderate: Security update for xorg-x11-server Message-ID: <174258901186.4591.2133597407541570011@smelt2.prg2.suse.org> # Security update for xorg-x11-server Announcement ID: SUSE-SU-2025:0984-1 Release Date: 2025-03-21T17:44:55Z Rating: moderate References: * bsc#1239750 Cross-References: * CVE-2022-49737 CVSS scores: * CVE-2022-49737 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49737 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49737 ( NVD ): 7.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for xorg-x11-server fixes the following issues: * CVE-2022-49737: Fixed Xorg crashing when client applications use easystroke for mouse gestures (bsc#1239750) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-984=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-984=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-984=1 openSUSE-SLE-15.6-2025-984=1 ## Package List: * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-extra-21.1.11-150600.5.9.1 * xorg-x11-server-extra-debuginfo-21.1.11-150600.5.9.1 * xorg-x11-server-Xvfb-21.1.11-150600.5.9.1 * xorg-x11-server-Xvfb-debuginfo-21.1.11-150600.5.9.1 * xorg-x11-server-debugsource-21.1.11-150600.5.9.1 * xorg-x11-server-debuginfo-21.1.11-150600.5.9.1 * xorg-x11-server-21.1.11-150600.5.9.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-debuginfo-21.1.11-150600.5.9.1 * xorg-x11-server-sdk-21.1.11-150600.5.9.1 * xorg-x11-server-debugsource-21.1.11-150600.5.9.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * xorg-x11-server-extra-21.1.11-150600.5.9.1 * xorg-x11-server-extra-debuginfo-21.1.11-150600.5.9.1 * xorg-x11-server-Xvfb-21.1.11-150600.5.9.1 * xorg-x11-server-sdk-21.1.11-150600.5.9.1 * xorg-x11-server-Xvfb-debuginfo-21.1.11-150600.5.9.1 * xorg-x11-server-debugsource-21.1.11-150600.5.9.1 * xorg-x11-server-debuginfo-21.1.11-150600.5.9.1 * xorg-x11-server-source-21.1.11-150600.5.9.1 * xorg-x11-server-21.1.11-150600.5.9.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49737.html * https://bugzilla.suse.com/show_bug.cgi?id=1239750 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 21 20:30:23 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 21 Mar 2025 20:30:23 -0000 Subject: SUSE-SU-2025:0983-1: important: Security update for the Linux Kernel Message-ID: <174258902306.4591.17859707825091022828@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0983-1 Release Date: 2025-03-21T17:44:17Z Rating: important References: * bsc#1197331 * bsc#1203769 * bsc#1235441 * bsc#1237768 * bsc#1238271 * bsc#1238272 * bsc#1238454 * bsc#1238705 * bsc#1238729 * bsc#1238911 * bsc#1239073 * bsc#1239076 Cross-References: * CVE-2021-47633 * CVE-2022-1048 * CVE-2022-3303 * CVE-2022-49272 * CVE-2022-49288 * CVE-2022-49291 * CVE-2022-49545 * CVE-2022-49733 * CVE-2024-56658 * CVE-2024-57996 * CVE-2025-21718 * CVE-2025-21772 CVSS scores: * CVE-2021-47633 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2021-47633 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-1048 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-1048 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-3303 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-3303 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49288 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49291 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49291 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49291 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49545 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49545 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49733 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56658 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56658 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57996 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57996 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21718 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21718 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21718 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21772 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21772 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 11 SP4 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE An update that solves 12 vulnerabilities can now be installed. ## Description: The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47633: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 (bsc#1237768). * CVE-2022-49545: ALSA: usb-audio: Cancel pending work at closing a MIDI substream (bsc#1238729). * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441). * CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076). * CVE-2025-21718: net: rose: fix timer races against user threads (bsc#1239073). * CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-983=1 * SUSE Linux Enterprise Server 11 SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-983=1 ## Package List: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (nosrc x86_64) * kernel-trace-3.0.101-108.180.1 * kernel-default-3.0.101-108.180.1 * kernel-ec2-3.0.101-108.180.1 * kernel-xen-3.0.101-108.180.1 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (x86_64) * kernel-ec2-base-3.0.101-108.180.1 * kernel-trace-base-3.0.101-108.180.1 * kernel-default-base-3.0.101-108.180.1 * kernel-syms-3.0.101-108.180.1 * kernel-source-3.0.101-108.180.1 * kernel-xen-base-3.0.101-108.180.1 * kernel-trace-devel-3.0.101-108.180.1 * kernel-xen-devel-3.0.101-108.180.1 * kernel-ec2-devel-3.0.101-108.180.1 * kernel-default-devel-3.0.101-108.180.1 * SUSE Linux Enterprise Server 11 SP4 (nosrc x86_64) * kernel-trace-3.0.101-108.180.1 * kernel-default-3.0.101-108.180.1 * kernel-ec2-3.0.101-108.180.1 * kernel-xen-3.0.101-108.180.1 * SUSE Linux Enterprise Server 11 SP4 (x86_64) * kernel-ec2-base-3.0.101-108.180.1 * kernel-trace-base-3.0.101-108.180.1 * kernel-default-base-3.0.101-108.180.1 * kernel-syms-3.0.101-108.180.1 * kernel-source-3.0.101-108.180.1 * kernel-xen-base-3.0.101-108.180.1 * kernel-trace-devel-3.0.101-108.180.1 * kernel-xen-devel-3.0.101-108.180.1 * kernel-ec2-devel-3.0.101-108.180.1 * kernel-default-devel-3.0.101-108.180.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47633.html * https://www.suse.com/security/cve/CVE-2022-1048.html * https://www.suse.com/security/cve/CVE-2022-3303.html * https://www.suse.com/security/cve/CVE-2022-49272.html * https://www.suse.com/security/cve/CVE-2022-49288.html * https://www.suse.com/security/cve/CVE-2022-49291.html * https://www.suse.com/security/cve/CVE-2022-49545.html * https://www.suse.com/security/cve/CVE-2022-49733.html * https://www.suse.com/security/cve/CVE-2024-56658.html * https://www.suse.com/security/cve/CVE-2024-57996.html * https://www.suse.com/security/cve/CVE-2025-21718.html * https://www.suse.com/security/cve/CVE-2025-21772.html * https://bugzilla.suse.com/show_bug.cgi?id=1197331 * https://bugzilla.suse.com/show_bug.cgi?id=1203769 * https://bugzilla.suse.com/show_bug.cgi?id=1235441 * https://bugzilla.suse.com/show_bug.cgi?id=1237768 * https://bugzilla.suse.com/show_bug.cgi?id=1238271 * https://bugzilla.suse.com/show_bug.cgi?id=1238272 * https://bugzilla.suse.com/show_bug.cgi?id=1238454 * https://bugzilla.suse.com/show_bug.cgi?id=1238705 * https://bugzilla.suse.com/show_bug.cgi?id=1238729 * https://bugzilla.suse.com/show_bug.cgi?id=1238911 * https://bugzilla.suse.com/show_bug.cgi?id=1239073 * https://bugzilla.suse.com/show_bug.cgi?id=1239076 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 24 12:30:13 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 24 Mar 2025 12:30:13 -0000 Subject: SUSE-SU-2025:0989-1: moderate: Security update for u-boot Message-ID: <174281941347.18419.12951629415697728895@smelt2.prg2.suse.org> # Security update for u-boot Announcement ID: SUSE-SU-2025:0989-1 Release Date: 2025-03-24T09:32:47Z Rating: moderate References: * bsc#1237284 * bsc#1237287 Cross-References: * CVE-2024-57256 * CVE-2024-57258 CVSS scores: * CVE-2024-57256 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-57256 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2024-57256 ( NVD ): 7.1 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-57258 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-57258 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2024-57258 ( NVD ): 7.1 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for u-boot fixes the following issues: * CVE-2024-57256: integer overflow in U-Boot's ext4 symlink resolution function (bsc#1237284). * CVE-2024-57258: multiple integer overflows in U-Boot's memory allocator (bsc#1237287). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-989=1 openSUSE-SLE-15.6-2025-989=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-989=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * u-boot-tools-debuginfo-2021.10-150600.11.3.1 * u-boot-tools-2021.10-150600.11.3.1 * openSUSE Leap 15.6 (aarch64) * u-boot-pine64plus-2021.10-150600.11.3.1 * u-boot-dragonboard820c-doc-2021.10-150600.11.3.1 * u-boot-rock960-rk3399-doc-2021.10-150600.11.3.1 * u-boot-evb-rk3399-2021.10-150600.11.3.1 * u-boot-mvebudb-88f3720-2021.10-150600.11.3.1 * u-boot-pineh64-2021.10-150600.11.3.1 * u-boot-p2771-0000-500-doc-2021.10-150600.11.3.1 * u-boot-odroid-n2-2021.10-150600.11.3.1 * u-boot-libretech-ac-doc-2021.10-150600.11.3.1 * u-boot-poplar-doc-2021.10-150600.11.3.1 * u-boot-p3450-0000-doc-2021.10-150600.11.3.1 * u-boot-p3450-0000-2021.10-150600.11.3.1 * u-boot-xilinxzynqmpvirt-2021.10-150600.11.3.1 * u-boot-nanopia64-2021.10-150600.11.3.1 * u-boot-geekbox-2021.10-150600.11.3.1 * u-boot-odroid-c2-2021.10-150600.11.3.1 * u-boot-xilinxzynqmpzcu102rev10-2021.10-150600.11.3.1 * u-boot-khadas-vim-2021.10-150600.11.3.1 * u-boot-pine64plus-doc-2021.10-150600.11.3.1 * u-boot-mvebuespressobin-88f3720-2021.10-150600.11.3.1 * u-boot-khadas-vim2-doc-2021.10-150600.11.3.1 * u-boot-bananapim64-doc-2021.10-150600.11.3.1 * u-boot-mvebuespressobin-88f3720-doc-2021.10-150600.11.3.1 * u-boot-p2371-2180-doc-2021.10-150600.11.3.1 * u-boot-p2771-0000-500-2021.10-150600.11.3.1 * u-boot-rpi3-2021.10-150600.11.3.1 * u-boot-xilinxzynqmpzcu102rev10-doc-2021.10-150600.11.3.1 * u-boot-orangepipc2-2021.10-150600.11.3.1 * u-boot-rpi4-doc-2021.10-150600.11.3.1 * u-boot-pineh64-doc-2021.10-150600.11.3.1 * u-boot-rock64-rk3328-doc-2021.10-150600.11.3.1 * u-boot-mvebumcbin-88f8040-2021.10-150600.11.3.1 * u-boot-rock-pi-n10-rk3399pro-2021.10-150600.11.3.1 * u-boot-evb-rk3399-doc-2021.10-150600.11.3.1 * u-boot-mvebudbarmada8k-2021.10-150600.11.3.1 * u-boot-ls1012afrdmqspi-2021.10-150600.11.3.1 * u-boot-libretech-cc-doc-2021.10-150600.11.3.1 * u-boot-p2371-2180-2021.10-150600.11.3.1 * u-boot-pinebook-pro-rk3399-2021.10-150600.11.3.1 * u-boot-orangepipc2-doc-2021.10-150600.11.3.1 * u-boot-poplar-2021.10-150600.11.3.1 * u-boot-rock64-rk3328-2021.10-150600.11.3.1 * u-boot-libretech-cc-2021.10-150600.11.3.1 * u-boot-rpi4-2021.10-150600.11.3.1 * u-boot-dragonboard820c-2021.10-150600.11.3.1 * u-boot-mvebudbarmada8k-doc-2021.10-150600.11.3.1 * u-boot-firefly-rk3399-2021.10-150600.11.3.1 * u-boot-firefly-rk3399-doc-2021.10-150600.11.3.1 * u-boot-libretech-ac-2021.10-150600.11.3.1 * u-boot-odroid-n2-doc-2021.10-150600.11.3.1 * u-boot-pinebook-doc-2021.10-150600.11.3.1 * u-boot-pinephone-2021.10-150600.11.3.1 * u-boot-geekbox-doc-2021.10-150600.11.3.1 * u-boot-pinephone-doc-2021.10-150600.11.3.1 * u-boot-xilinxzynqmpvirt-doc-2021.10-150600.11.3.1 * u-boot-bananapim64-2021.10-150600.11.3.1 * u-boot-rpiarm64-2021.10-150600.11.3.1 * u-boot-avnetultra96rev1-2021.10-150600.11.3.1 * u-boot-hikey-doc-2021.10-150600.11.3.1 * u-boot-mvebumcbin-88f8040-doc-2021.10-150600.11.3.1 * u-boot-odroid-c2-doc-2021.10-150600.11.3.1 * u-boot-pinebook-pro-rk3399-doc-2021.10-150600.11.3.1 * u-boot-rpiarm64-doc-2021.10-150600.11.3.1 * u-boot-ls1012afrdmqspi-doc-2021.10-150600.11.3.1 * u-boot-rpi3-doc-2021.10-150600.11.3.1 * u-boot-khadas-vim-doc-2021.10-150600.11.3.1 * u-boot-dragonboard410c-2021.10-150600.11.3.1 * u-boot-hikey-2021.10-150600.11.3.1 * u-boot-rock-pi-4-rk3399-doc-2021.10-150600.11.3.1 * u-boot-rock-pi-4-rk3399-2021.10-150600.11.3.1 * u-boot-nanopia64-doc-2021.10-150600.11.3.1 * u-boot-avnetultra96rev1-doc-2021.10-150600.11.3.1 * u-boot-pinebook-2021.10-150600.11.3.1 * u-boot-rockpro64-rk3399-doc-2021.10-150600.11.3.1 * u-boot-rock-pi-n10-rk3399pro-doc-2021.10-150600.11.3.1 * u-boot-khadas-vim2-2021.10-150600.11.3.1 * u-boot-odroid-c4-2021.10-150600.11.3.1 * u-boot-odroid-c4-doc-2021.10-150600.11.3.1 * u-boot-rockpro64-rk3399-2021.10-150600.11.3.1 * u-boot-rock960-rk3399-2021.10-150600.11.3.1 * u-boot-mvebudb-88f3720-doc-2021.10-150600.11.3.1 * u-boot-dragonboard410c-doc-2021.10-150600.11.3.1 * Basesystem Module 15-SP6 (aarch64) * u-boot-rpiarm64-doc-2021.10-150600.11.3.1 * u-boot-rpiarm64-2021.10-150600.11.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * u-boot-tools-debuginfo-2021.10-150600.11.3.1 * u-boot-tools-2021.10-150600.11.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-57256.html * https://www.suse.com/security/cve/CVE-2024-57258.html * https://bugzilla.suse.com/show_bug.cgi?id=1237284 * https://bugzilla.suse.com/show_bug.cgi?id=1237287 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 24 12:30:20 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 24 Mar 2025 12:30:20 -0000 Subject: SUSE-SU-2025:0988-1: important: Security update for zvbi Message-ID: <174281942091.18419.1457688547407392112@smelt2.prg2.suse.org> # Security update for zvbi Announcement ID: SUSE-SU-2025:0988-1 Release Date: 2025-03-24T09:32:26Z Rating: important References: * bsc#1239222 * bsc#1239299 * bsc#1239312 * bsc#1239319 * bsc#1239320 Cross-References: * CVE-2025-2173 * CVE-2025-2174 * CVE-2025-2175 * CVE-2025-2176 * CVE-2025-2177 CVSS scores: * CVE-2025-2173 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-2173 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-2173 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2173 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-2174 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2174 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-2174 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2174 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-2175 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2175 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-2175 ( NVD ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2175 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-2176 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-2176 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-2176 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2176 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-2177 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-2177 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-2177 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2177 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for zvbi fixes the following issues: * CVE-2025-2173: Fixed check on src_length to avoid an unitinialized heap read (bsc#1239222). * CVE-2025-2174: Fixed integer overflow leading to heap overflow in src/conv.c, src/io-sim.c, src/search.c (bsc#1239299). * CVE-2025-2175: Fixed integer overflow in _vbi_strndup_iconv (bsc#1239312). * CVE-2025-2176: Fixed integer overflow in function vbi_capture_sim_load_caption in src/io-sim.c (bsc#1239319). * CVE-2025-2177: Fixed integer overflow in function vbi_search_new in src/search.c (bsc#1239320). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-988=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-988=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libzvbi0-debuginfo-0.2.35-3.3.1 * zvbi-devel-0.2.35-3.3.1 * libzvbi0-0.2.35-3.3.1 * zvbi-debugsource-0.2.35-3.3.1 * zvbi-debuginfo-0.2.35-3.3.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libzvbi0-debuginfo-0.2.35-3.3.1 * zvbi-devel-0.2.35-3.3.1 * libzvbi0-0.2.35-3.3.1 * zvbi-debugsource-0.2.35-3.3.1 * zvbi-debuginfo-0.2.35-3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2173.html * https://www.suse.com/security/cve/CVE-2025-2174.html * https://www.suse.com/security/cve/CVE-2025-2175.html * https://www.suse.com/security/cve/CVE-2025-2176.html * https://www.suse.com/security/cve/CVE-2025-2177.html * https://bugzilla.suse.com/show_bug.cgi?id=1239222 * https://bugzilla.suse.com/show_bug.cgi?id=1239299 * https://bugzilla.suse.com/show_bug.cgi?id=1239312 * https://bugzilla.suse.com/show_bug.cgi?id=1239319 * https://bugzilla.suse.com/show_bug.cgi?id=1239320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 24 16:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 24 Mar 2025 16:30:09 -0000 Subject: SUSE-SU-2025:0994-1: important: Security update for php8 Message-ID: <174283380939.8820.14745864114531397407@smelt2.prg2.suse.org> # Security update for php8 Announcement ID: SUSE-SU-2025:0994-1 Release Date: 2025-03-24T15:11:08Z Rating: important References: * bsc#1239664 * bsc#1239666 * bsc#1239667 * bsc#1239668 * bsc#1239669 * bsc#1239670 Cross-References: * CVE-2024-11235 * CVE-2025-1217 * CVE-2025-1219 * CVE-2025-1734 * CVE-2025-1736 * CVE-2025-1861 CVSS scores: * CVE-2024-11235 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-1217 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-1219 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-1734 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-1736 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-1861 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Server 4.3 An update that solves six vulnerabilities can now be installed. ## Description: This update for php8 fixes the following issues: * CVE-2024-11235: Fixed reference counting in php_request_shutdown causing Use-After-Free (bsc#1239666) * CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers (bsc#1239664) * CVE-2025-1219: Fixed libxml streams using wrong content-type header when requesting a redirected resource (bsc#1239667) * CVE-2025-1734: Fixed streams HTTP wrapper not failing for headers with invalid name and no colon (bsc#1239668) * CVE-2025-1736: Fixed stream HTTP wrapper header check might omitting basic auth header (bsc#1239670) * CVE-2025-1861: Fixed stream HTTP wrapper truncate redirect location to 1024 bytes (bsc#1239669) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-994=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-994=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-994=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-994=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-994=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-994=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-994=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-994=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-994=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-994=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * php8-ldap-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debugsource-8.0.30-150400.4.54.1 * php8-enchant-debuginfo-8.0.30-150400.4.54.1 * php8-mysql-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-8.0.30-150400.4.54.1 * php8-pdo-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-debuginfo-8.0.30-150400.4.54.1 * php8-pgsql-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-8.0.30-150400.4.54.1 * php8-soap-debuginfo-8.0.30-150400.4.54.1 * php8-tokenizer-8.0.30-150400.4.54.1 * php8-openssl-8.0.30-150400.4.54.1 * php8-xsl-8.0.30-150400.4.54.1 * php8-fpm-debuginfo-8.0.30-150400.4.54.1 * php8-readline-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-8.0.30-150400.4.54.1 * php8-openssl-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debuginfo-8.0.30-150400.4.54.1 * php8-sysvmsg-debuginfo-8.0.30-150400.4.54.1 * php8-exif-8.0.30-150400.4.54.1 * php8-sysvshm-debuginfo-8.0.30-150400.4.54.1 * php8-phar-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-8.0.30-150400.4.54.1 * php8-enchant-8.0.30-150400.4.54.1 * php8-sysvmsg-8.0.30-150400.4.54.1 * php8-gmp-8.0.30-150400.4.54.1 * php8-pcntl-debuginfo-8.0.30-150400.4.54.1 * php8-cli-debuginfo-8.0.30-150400.4.54.1 * php8-ldap-8.0.30-150400.4.54.1 * php8-zip-8.0.30-150400.4.54.1 * php8-opcache-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-debuginfo-8.0.30-150400.4.54.1 * php8-xmlwriter-8.0.30-150400.4.54.1 * php8-xmlwriter-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-8.0.30-150400.4.54.1 * php8-debugsource-8.0.30-150400.4.54.1 * php8-iconv-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-8.0.30-150400.4.54.1 * php8-intl-debuginfo-8.0.30-150400.4.54.1 * php8-posix-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-8.0.30-150400.4.54.1 * php8-readline-8.0.30-150400.4.54.1 * php8-iconv-8.0.30-150400.4.54.1 * php8-test-8.0.30-150400.4.54.1 * php8-mysql-8.0.30-150400.4.54.1 * php8-opcache-8.0.30-150400.4.54.1 * php8-curl-debuginfo-8.0.30-150400.4.54.1 * php8-exif-debuginfo-8.0.30-150400.4.54.1 * php8-zip-debuginfo-8.0.30-150400.4.54.1 * php8-8.0.30-150400.4.54.1 * php8-soap-8.0.30-150400.4.54.1 * php8-tidy-8.0.30-150400.4.54.1 * php8-devel-8.0.30-150400.4.54.1 * php8-bcmath-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-debuginfo-8.0.30-150400.4.54.1 * php8-sysvshm-8.0.30-150400.4.54.1 * php8-pcntl-8.0.30-150400.4.54.1 * php8-debuginfo-8.0.30-150400.4.54.1 * php8-gmp-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-8.0.30-150400.4.54.1 * php8-intl-8.0.30-150400.4.54.1 * php8-sodium-8.0.30-150400.4.54.1 * php8-zlib-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-debuginfo-8.0.30-150400.4.54.1 * php8-embed-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-8.0.30-150400.4.54.1 * php8-sockets-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-debuginfo-8.0.30-150400.4.54.1 * php8-gd-debuginfo-8.0.30-150400.4.54.1 * php8-shmop-debuginfo-8.0.30-150400.4.54.1 * php8-bz2-8.0.30-150400.4.54.1 * php8-dba-debuginfo-8.0.30-150400.4.54.1 * php8-posix-8.0.30-150400.4.54.1 * php8-bcmath-8.0.30-150400.4.54.1 * php8-pgsql-8.0.30-150400.4.54.1 * php8-tidy-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-debuginfo-8.0.30-150400.4.54.1 * php8-dom-8.0.30-150400.4.54.1 * php8-cli-8.0.30-150400.4.54.1 * php8-sysvsem-8.0.30-150400.4.54.1 * php8-fastcgi-8.0.30-150400.4.54.1 * php8-odbc-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-debuginfo-8.0.30-150400.4.54.1 * php8-curl-8.0.30-150400.4.54.1 * php8-bz2-debuginfo-8.0.30-150400.4.54.1 * php8-dba-8.0.30-150400.4.54.1 * php8-sysvsem-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-8.0.30-150400.4.54.1 * apache2-mod_php8-debugsource-8.0.30-150400.4.54.1 * php8-dom-debuginfo-8.0.30-150400.4.54.1 * php8-zlib-8.0.30-150400.4.54.1 * php8-tokenizer-debuginfo-8.0.30-150400.4.54.1 * php8-fpm-debugsource-8.0.30-150400.4.54.1 * php8-odbc-8.0.30-150400.4.54.1 * php8-sodium-debuginfo-8.0.30-150400.4.54.1 * php8-sockets-8.0.30-150400.4.54.1 * php8-fpm-8.0.30-150400.4.54.1 * php8-embed-8.0.30-150400.4.54.1 * php8-embed-debugsource-8.0.30-150400.4.54.1 * php8-pdo-8.0.30-150400.4.54.1 * php8-gd-8.0.30-150400.4.54.1 * php8-shmop-8.0.30-150400.4.54.1 * php8-phar-8.0.30-150400.4.54.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * php8-ldap-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debugsource-8.0.30-150400.4.54.1 * php8-enchant-debuginfo-8.0.30-150400.4.54.1 * php8-mysql-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-8.0.30-150400.4.54.1 * php8-pdo-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-debuginfo-8.0.30-150400.4.54.1 * php8-pgsql-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-8.0.30-150400.4.54.1 * php8-soap-debuginfo-8.0.30-150400.4.54.1 * php8-tokenizer-8.0.30-150400.4.54.1 * php8-openssl-8.0.30-150400.4.54.1 * php8-fpm-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-8.0.30-150400.4.54.1 * php8-readline-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-8.0.30-150400.4.54.1 * php8-openssl-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debuginfo-8.0.30-150400.4.54.1 * php8-sysvmsg-debuginfo-8.0.30-150400.4.54.1 * php8-exif-8.0.30-150400.4.54.1 * php8-sysvshm-debuginfo-8.0.30-150400.4.54.1 * php8-phar-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-8.0.30-150400.4.54.1 * php8-enchant-8.0.30-150400.4.54.1 * php8-sysvmsg-8.0.30-150400.4.54.1 * php8-gmp-8.0.30-150400.4.54.1 * php8-pcntl-debuginfo-8.0.30-150400.4.54.1 * php8-cli-debuginfo-8.0.30-150400.4.54.1 * php8-ldap-8.0.30-150400.4.54.1 * php8-zip-8.0.30-150400.4.54.1 * php8-opcache-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-debuginfo-8.0.30-150400.4.54.1 * php8-xmlwriter-8.0.30-150400.4.54.1 * php8-xmlwriter-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-8.0.30-150400.4.54.1 * php8-debugsource-8.0.30-150400.4.54.1 * php8-iconv-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-8.0.30-150400.4.54.1 * php8-intl-debuginfo-8.0.30-150400.4.54.1 * php8-posix-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-8.0.30-150400.4.54.1 * php8-readline-8.0.30-150400.4.54.1 * php8-iconv-8.0.30-150400.4.54.1 * php8-test-8.0.30-150400.4.54.1 * php8-mysql-8.0.30-150400.4.54.1 * php8-opcache-8.0.30-150400.4.54.1 * php8-curl-debuginfo-8.0.30-150400.4.54.1 * php8-exif-debuginfo-8.0.30-150400.4.54.1 * php8-zip-debuginfo-8.0.30-150400.4.54.1 * php8-8.0.30-150400.4.54.1 * php8-soap-8.0.30-150400.4.54.1 * php8-tidy-8.0.30-150400.4.54.1 * php8-devel-8.0.30-150400.4.54.1 * php8-bcmath-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-debuginfo-8.0.30-150400.4.54.1 * php8-sysvshm-8.0.30-150400.4.54.1 * php8-pcntl-8.0.30-150400.4.54.1 * php8-debuginfo-8.0.30-150400.4.54.1 * php8-gmp-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-8.0.30-150400.4.54.1 * php8-intl-8.0.30-150400.4.54.1 * php8-sodium-8.0.30-150400.4.54.1 * php8-zlib-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-debuginfo-8.0.30-150400.4.54.1 * php8-embed-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-8.0.30-150400.4.54.1 * php8-sockets-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-debuginfo-8.0.30-150400.4.54.1 * php8-gd-debuginfo-8.0.30-150400.4.54.1 * php8-shmop-debuginfo-8.0.30-150400.4.54.1 * php8-bz2-8.0.30-150400.4.54.1 * php8-dba-debuginfo-8.0.30-150400.4.54.1 * php8-posix-8.0.30-150400.4.54.1 * php8-bcmath-8.0.30-150400.4.54.1 * php8-pgsql-8.0.30-150400.4.54.1 * php8-tidy-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-debuginfo-8.0.30-150400.4.54.1 * php8-dom-8.0.30-150400.4.54.1 * php8-cli-8.0.30-150400.4.54.1 * php8-sysvsem-8.0.30-150400.4.54.1 * php8-fastcgi-8.0.30-150400.4.54.1 * php8-odbc-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-debuginfo-8.0.30-150400.4.54.1 * php8-curl-8.0.30-150400.4.54.1 * php8-bz2-debuginfo-8.0.30-150400.4.54.1 * php8-dba-8.0.30-150400.4.54.1 * php8-sysvsem-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-8.0.30-150400.4.54.1 * apache2-mod_php8-debugsource-8.0.30-150400.4.54.1 * php8-dom-debuginfo-8.0.30-150400.4.54.1 * php8-zlib-8.0.30-150400.4.54.1 * php8-fpm-debugsource-8.0.30-150400.4.54.1 * php8-tokenizer-debuginfo-8.0.30-150400.4.54.1 * php8-odbc-8.0.30-150400.4.54.1 * php8-sodium-debuginfo-8.0.30-150400.4.54.1 * php8-sockets-8.0.30-150400.4.54.1 * php8-fpm-8.0.30-150400.4.54.1 * php8-embed-8.0.30-150400.4.54.1 * php8-embed-debugsource-8.0.30-150400.4.54.1 * php8-pdo-8.0.30-150400.4.54.1 * php8-gd-8.0.30-150400.4.54.1 * php8-shmop-8.0.30-150400.4.54.1 * php8-phar-8.0.30-150400.4.54.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * php8-ldap-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debugsource-8.0.30-150400.4.54.1 * php8-enchant-debuginfo-8.0.30-150400.4.54.1 * php8-mysql-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-8.0.30-150400.4.54.1 * php8-pdo-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-debuginfo-8.0.30-150400.4.54.1 * php8-pgsql-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-8.0.30-150400.4.54.1 * php8-soap-debuginfo-8.0.30-150400.4.54.1 * php8-tokenizer-8.0.30-150400.4.54.1 * php8-openssl-8.0.30-150400.4.54.1 * php8-fpm-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-8.0.30-150400.4.54.1 * php8-readline-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-8.0.30-150400.4.54.1 * php8-openssl-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debuginfo-8.0.30-150400.4.54.1 * php8-sysvmsg-debuginfo-8.0.30-150400.4.54.1 * php8-exif-8.0.30-150400.4.54.1 * php8-sysvshm-debuginfo-8.0.30-150400.4.54.1 * php8-phar-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-8.0.30-150400.4.54.1 * php8-enchant-8.0.30-150400.4.54.1 * php8-sysvmsg-8.0.30-150400.4.54.1 * php8-gmp-8.0.30-150400.4.54.1 * php8-pcntl-debuginfo-8.0.30-150400.4.54.1 * php8-cli-debuginfo-8.0.30-150400.4.54.1 * php8-ldap-8.0.30-150400.4.54.1 * php8-zip-8.0.30-150400.4.54.1 * php8-opcache-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-debuginfo-8.0.30-150400.4.54.1 * php8-xmlwriter-8.0.30-150400.4.54.1 * php8-xmlwriter-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-8.0.30-150400.4.54.1 * php8-debugsource-8.0.30-150400.4.54.1 * php8-iconv-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-8.0.30-150400.4.54.1 * php8-intl-debuginfo-8.0.30-150400.4.54.1 * php8-posix-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-8.0.30-150400.4.54.1 * php8-readline-8.0.30-150400.4.54.1 * php8-iconv-8.0.30-150400.4.54.1 * php8-test-8.0.30-150400.4.54.1 * php8-mysql-8.0.30-150400.4.54.1 * php8-opcache-8.0.30-150400.4.54.1 * php8-curl-debuginfo-8.0.30-150400.4.54.1 * php8-exif-debuginfo-8.0.30-150400.4.54.1 * php8-zip-debuginfo-8.0.30-150400.4.54.1 * php8-8.0.30-150400.4.54.1 * php8-soap-8.0.30-150400.4.54.1 * php8-tidy-8.0.30-150400.4.54.1 * php8-devel-8.0.30-150400.4.54.1 * php8-bcmath-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-debuginfo-8.0.30-150400.4.54.1 * php8-sysvshm-8.0.30-150400.4.54.1 * php8-pcntl-8.0.30-150400.4.54.1 * php8-debuginfo-8.0.30-150400.4.54.1 * php8-gmp-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-8.0.30-150400.4.54.1 * php8-intl-8.0.30-150400.4.54.1 * php8-sodium-8.0.30-150400.4.54.1 * php8-zlib-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-debuginfo-8.0.30-150400.4.54.1 * php8-embed-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-8.0.30-150400.4.54.1 * php8-sockets-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-debuginfo-8.0.30-150400.4.54.1 * php8-gd-debuginfo-8.0.30-150400.4.54.1 * php8-shmop-debuginfo-8.0.30-150400.4.54.1 * php8-bz2-8.0.30-150400.4.54.1 * php8-dba-debuginfo-8.0.30-150400.4.54.1 * php8-posix-8.0.30-150400.4.54.1 * php8-bcmath-8.0.30-150400.4.54.1 * php8-pgsql-8.0.30-150400.4.54.1 * php8-tidy-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-debuginfo-8.0.30-150400.4.54.1 * php8-dom-8.0.30-150400.4.54.1 * php8-cli-8.0.30-150400.4.54.1 * php8-sysvsem-8.0.30-150400.4.54.1 * php8-fastcgi-8.0.30-150400.4.54.1 * php8-odbc-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-debuginfo-8.0.30-150400.4.54.1 * php8-curl-8.0.30-150400.4.54.1 * php8-bz2-debuginfo-8.0.30-150400.4.54.1 * php8-dba-8.0.30-150400.4.54.1 * php8-sysvsem-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-8.0.30-150400.4.54.1 * apache2-mod_php8-debugsource-8.0.30-150400.4.54.1 * php8-dom-debuginfo-8.0.30-150400.4.54.1 * php8-zlib-8.0.30-150400.4.54.1 * php8-fpm-debugsource-8.0.30-150400.4.54.1 * php8-tokenizer-debuginfo-8.0.30-150400.4.54.1 * php8-odbc-8.0.30-150400.4.54.1 * php8-sodium-debuginfo-8.0.30-150400.4.54.1 * php8-sockets-8.0.30-150400.4.54.1 * php8-fpm-8.0.30-150400.4.54.1 * php8-embed-8.0.30-150400.4.54.1 * php8-embed-debugsource-8.0.30-150400.4.54.1 * php8-pdo-8.0.30-150400.4.54.1 * php8-gd-8.0.30-150400.4.54.1 * php8-shmop-8.0.30-150400.4.54.1 * php8-phar-8.0.30-150400.4.54.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * php8-ldap-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debugsource-8.0.30-150400.4.54.1 * php8-enchant-debuginfo-8.0.30-150400.4.54.1 * php8-mysql-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-8.0.30-150400.4.54.1 * php8-pdo-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-debuginfo-8.0.30-150400.4.54.1 * php8-pgsql-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-8.0.30-150400.4.54.1 * php8-soap-debuginfo-8.0.30-150400.4.54.1 * php8-tokenizer-8.0.30-150400.4.54.1 * php8-openssl-8.0.30-150400.4.54.1 * php8-fpm-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-8.0.30-150400.4.54.1 * php8-readline-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-8.0.30-150400.4.54.1 * php8-openssl-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debuginfo-8.0.30-150400.4.54.1 * php8-sysvmsg-debuginfo-8.0.30-150400.4.54.1 * php8-exif-8.0.30-150400.4.54.1 * php8-sysvshm-debuginfo-8.0.30-150400.4.54.1 * php8-phar-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-8.0.30-150400.4.54.1 * php8-enchant-8.0.30-150400.4.54.1 * php8-sysvmsg-8.0.30-150400.4.54.1 * php8-gmp-8.0.30-150400.4.54.1 * php8-pcntl-debuginfo-8.0.30-150400.4.54.1 * php8-cli-debuginfo-8.0.30-150400.4.54.1 * php8-ldap-8.0.30-150400.4.54.1 * php8-zip-8.0.30-150400.4.54.1 * php8-opcache-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-debuginfo-8.0.30-150400.4.54.1 * php8-xmlwriter-8.0.30-150400.4.54.1 * php8-xmlwriter-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-8.0.30-150400.4.54.1 * php8-debugsource-8.0.30-150400.4.54.1 * php8-iconv-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-8.0.30-150400.4.54.1 * php8-intl-debuginfo-8.0.30-150400.4.54.1 * php8-posix-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-8.0.30-150400.4.54.1 * php8-readline-8.0.30-150400.4.54.1 * php8-iconv-8.0.30-150400.4.54.1 * php8-test-8.0.30-150400.4.54.1 * php8-mysql-8.0.30-150400.4.54.1 * php8-opcache-8.0.30-150400.4.54.1 * php8-curl-debuginfo-8.0.30-150400.4.54.1 * php8-exif-debuginfo-8.0.30-150400.4.54.1 * php8-zip-debuginfo-8.0.30-150400.4.54.1 * php8-8.0.30-150400.4.54.1 * php8-soap-8.0.30-150400.4.54.1 * php8-tidy-8.0.30-150400.4.54.1 * php8-devel-8.0.30-150400.4.54.1 * php8-bcmath-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-debuginfo-8.0.30-150400.4.54.1 * php8-sysvshm-8.0.30-150400.4.54.1 * php8-pcntl-8.0.30-150400.4.54.1 * php8-debuginfo-8.0.30-150400.4.54.1 * php8-gmp-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-8.0.30-150400.4.54.1 * php8-intl-8.0.30-150400.4.54.1 * php8-sodium-8.0.30-150400.4.54.1 * php8-zlib-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-debuginfo-8.0.30-150400.4.54.1 * php8-embed-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-8.0.30-150400.4.54.1 * php8-sockets-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-debuginfo-8.0.30-150400.4.54.1 * php8-gd-debuginfo-8.0.30-150400.4.54.1 * php8-shmop-debuginfo-8.0.30-150400.4.54.1 * php8-bz2-8.0.30-150400.4.54.1 * php8-dba-debuginfo-8.0.30-150400.4.54.1 * php8-posix-8.0.30-150400.4.54.1 * php8-bcmath-8.0.30-150400.4.54.1 * php8-pgsql-8.0.30-150400.4.54.1 * php8-tidy-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-debuginfo-8.0.30-150400.4.54.1 * php8-dom-8.0.30-150400.4.54.1 * php8-cli-8.0.30-150400.4.54.1 * php8-sysvsem-8.0.30-150400.4.54.1 * php8-fastcgi-8.0.30-150400.4.54.1 * php8-odbc-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-debuginfo-8.0.30-150400.4.54.1 * php8-curl-8.0.30-150400.4.54.1 * php8-bz2-debuginfo-8.0.30-150400.4.54.1 * php8-dba-8.0.30-150400.4.54.1 * php8-sysvsem-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-8.0.30-150400.4.54.1 * apache2-mod_php8-debugsource-8.0.30-150400.4.54.1 * php8-dom-debuginfo-8.0.30-150400.4.54.1 * php8-zlib-8.0.30-150400.4.54.1 * php8-fpm-debugsource-8.0.30-150400.4.54.1 * php8-tokenizer-debuginfo-8.0.30-150400.4.54.1 * php8-odbc-8.0.30-150400.4.54.1 * php8-sodium-debuginfo-8.0.30-150400.4.54.1 * php8-sockets-8.0.30-150400.4.54.1 * php8-fpm-8.0.30-150400.4.54.1 * php8-embed-8.0.30-150400.4.54.1 * php8-embed-debugsource-8.0.30-150400.4.54.1 * php8-pdo-8.0.30-150400.4.54.1 * php8-gd-8.0.30-150400.4.54.1 * php8-shmop-8.0.30-150400.4.54.1 * php8-phar-8.0.30-150400.4.54.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * php8-ldap-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debugsource-8.0.30-150400.4.54.1 * php8-enchant-debuginfo-8.0.30-150400.4.54.1 * php8-mysql-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-8.0.30-150400.4.54.1 * php8-pdo-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-debuginfo-8.0.30-150400.4.54.1 * php8-pgsql-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-8.0.30-150400.4.54.1 * php8-soap-debuginfo-8.0.30-150400.4.54.1 * php8-tokenizer-8.0.30-150400.4.54.1 * php8-openssl-8.0.30-150400.4.54.1 * php8-fpm-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-8.0.30-150400.4.54.1 * php8-readline-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-8.0.30-150400.4.54.1 * php8-openssl-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debuginfo-8.0.30-150400.4.54.1 * php8-sysvmsg-debuginfo-8.0.30-150400.4.54.1 * php8-exif-8.0.30-150400.4.54.1 * php8-sysvshm-debuginfo-8.0.30-150400.4.54.1 * php8-phar-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-8.0.30-150400.4.54.1 * php8-enchant-8.0.30-150400.4.54.1 * php8-sysvmsg-8.0.30-150400.4.54.1 * php8-gmp-8.0.30-150400.4.54.1 * php8-pcntl-debuginfo-8.0.30-150400.4.54.1 * php8-cli-debuginfo-8.0.30-150400.4.54.1 * php8-ldap-8.0.30-150400.4.54.1 * php8-zip-8.0.30-150400.4.54.1 * php8-opcache-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-debuginfo-8.0.30-150400.4.54.1 * php8-xmlwriter-8.0.30-150400.4.54.1 * php8-xmlwriter-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-8.0.30-150400.4.54.1 * php8-debugsource-8.0.30-150400.4.54.1 * php8-iconv-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-8.0.30-150400.4.54.1 * php8-intl-debuginfo-8.0.30-150400.4.54.1 * php8-posix-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-8.0.30-150400.4.54.1 * php8-readline-8.0.30-150400.4.54.1 * php8-iconv-8.0.30-150400.4.54.1 * php8-test-8.0.30-150400.4.54.1 * php8-mysql-8.0.30-150400.4.54.1 * php8-opcache-8.0.30-150400.4.54.1 * php8-curl-debuginfo-8.0.30-150400.4.54.1 * php8-exif-debuginfo-8.0.30-150400.4.54.1 * php8-zip-debuginfo-8.0.30-150400.4.54.1 * php8-8.0.30-150400.4.54.1 * php8-soap-8.0.30-150400.4.54.1 * php8-tidy-8.0.30-150400.4.54.1 * php8-devel-8.0.30-150400.4.54.1 * php8-bcmath-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-debuginfo-8.0.30-150400.4.54.1 * php8-sysvshm-8.0.30-150400.4.54.1 * php8-pcntl-8.0.30-150400.4.54.1 * php8-debuginfo-8.0.30-150400.4.54.1 * php8-gmp-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-8.0.30-150400.4.54.1 * php8-intl-8.0.30-150400.4.54.1 * php8-sodium-8.0.30-150400.4.54.1 * php8-zlib-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-debuginfo-8.0.30-150400.4.54.1 * php8-embed-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-8.0.30-150400.4.54.1 * php8-sockets-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-debuginfo-8.0.30-150400.4.54.1 * php8-gd-debuginfo-8.0.30-150400.4.54.1 * php8-shmop-debuginfo-8.0.30-150400.4.54.1 * php8-bz2-8.0.30-150400.4.54.1 * php8-dba-debuginfo-8.0.30-150400.4.54.1 * php8-posix-8.0.30-150400.4.54.1 * php8-bcmath-8.0.30-150400.4.54.1 * php8-pgsql-8.0.30-150400.4.54.1 * php8-tidy-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-debuginfo-8.0.30-150400.4.54.1 * php8-dom-8.0.30-150400.4.54.1 * php8-cli-8.0.30-150400.4.54.1 * php8-sysvsem-8.0.30-150400.4.54.1 * php8-fastcgi-8.0.30-150400.4.54.1 * php8-odbc-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-debuginfo-8.0.30-150400.4.54.1 * php8-curl-8.0.30-150400.4.54.1 * php8-bz2-debuginfo-8.0.30-150400.4.54.1 * php8-dba-8.0.30-150400.4.54.1 * php8-sysvsem-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-8.0.30-150400.4.54.1 * apache2-mod_php8-debugsource-8.0.30-150400.4.54.1 * php8-dom-debuginfo-8.0.30-150400.4.54.1 * php8-zlib-8.0.30-150400.4.54.1 * php8-fpm-debugsource-8.0.30-150400.4.54.1 * php8-tokenizer-debuginfo-8.0.30-150400.4.54.1 * php8-odbc-8.0.30-150400.4.54.1 * php8-sodium-debuginfo-8.0.30-150400.4.54.1 * php8-sockets-8.0.30-150400.4.54.1 * php8-fpm-8.0.30-150400.4.54.1 * php8-embed-8.0.30-150400.4.54.1 * php8-embed-debugsource-8.0.30-150400.4.54.1 * php8-pdo-8.0.30-150400.4.54.1 * php8-gd-8.0.30-150400.4.54.1 * php8-shmop-8.0.30-150400.4.54.1 * php8-phar-8.0.30-150400.4.54.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * php8-ldap-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debugsource-8.0.30-150400.4.54.1 * php8-enchant-debuginfo-8.0.30-150400.4.54.1 * php8-mysql-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-8.0.30-150400.4.54.1 * php8-pdo-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-debuginfo-8.0.30-150400.4.54.1 * php8-pgsql-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-8.0.30-150400.4.54.1 * php8-soap-debuginfo-8.0.30-150400.4.54.1 * php8-tokenizer-8.0.30-150400.4.54.1 * php8-openssl-8.0.30-150400.4.54.1 * php8-fpm-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-8.0.30-150400.4.54.1 * php8-readline-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-8.0.30-150400.4.54.1 * php8-openssl-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debuginfo-8.0.30-150400.4.54.1 * php8-sysvmsg-debuginfo-8.0.30-150400.4.54.1 * php8-exif-8.0.30-150400.4.54.1 * php8-sysvshm-debuginfo-8.0.30-150400.4.54.1 * php8-phar-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-8.0.30-150400.4.54.1 * php8-enchant-8.0.30-150400.4.54.1 * php8-sysvmsg-8.0.30-150400.4.54.1 * php8-gmp-8.0.30-150400.4.54.1 * php8-pcntl-debuginfo-8.0.30-150400.4.54.1 * php8-cli-debuginfo-8.0.30-150400.4.54.1 * php8-ldap-8.0.30-150400.4.54.1 * php8-zip-8.0.30-150400.4.54.1 * php8-opcache-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-debuginfo-8.0.30-150400.4.54.1 * php8-xmlwriter-8.0.30-150400.4.54.1 * php8-xmlwriter-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-8.0.30-150400.4.54.1 * php8-debugsource-8.0.30-150400.4.54.1 * php8-iconv-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-8.0.30-150400.4.54.1 * php8-intl-debuginfo-8.0.30-150400.4.54.1 * php8-posix-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-8.0.30-150400.4.54.1 * php8-readline-8.0.30-150400.4.54.1 * php8-iconv-8.0.30-150400.4.54.1 * php8-test-8.0.30-150400.4.54.1 * php8-mysql-8.0.30-150400.4.54.1 * php8-opcache-8.0.30-150400.4.54.1 * php8-curl-debuginfo-8.0.30-150400.4.54.1 * php8-exif-debuginfo-8.0.30-150400.4.54.1 * php8-zip-debuginfo-8.0.30-150400.4.54.1 * php8-8.0.30-150400.4.54.1 * php8-soap-8.0.30-150400.4.54.1 * php8-tidy-8.0.30-150400.4.54.1 * php8-devel-8.0.30-150400.4.54.1 * php8-bcmath-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-debuginfo-8.0.30-150400.4.54.1 * php8-sysvshm-8.0.30-150400.4.54.1 * php8-pcntl-8.0.30-150400.4.54.1 * php8-debuginfo-8.0.30-150400.4.54.1 * php8-gmp-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-8.0.30-150400.4.54.1 * php8-intl-8.0.30-150400.4.54.1 * php8-sodium-8.0.30-150400.4.54.1 * php8-zlib-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-debuginfo-8.0.30-150400.4.54.1 * php8-embed-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-8.0.30-150400.4.54.1 * php8-sockets-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-debuginfo-8.0.30-150400.4.54.1 * php8-gd-debuginfo-8.0.30-150400.4.54.1 * php8-shmop-debuginfo-8.0.30-150400.4.54.1 * php8-bz2-8.0.30-150400.4.54.1 * php8-dba-debuginfo-8.0.30-150400.4.54.1 * php8-posix-8.0.30-150400.4.54.1 * php8-bcmath-8.0.30-150400.4.54.1 * php8-pgsql-8.0.30-150400.4.54.1 * php8-tidy-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-debuginfo-8.0.30-150400.4.54.1 * php8-dom-8.0.30-150400.4.54.1 * php8-cli-8.0.30-150400.4.54.1 * php8-sysvsem-8.0.30-150400.4.54.1 * php8-fastcgi-8.0.30-150400.4.54.1 * php8-odbc-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-debuginfo-8.0.30-150400.4.54.1 * php8-curl-8.0.30-150400.4.54.1 * php8-bz2-debuginfo-8.0.30-150400.4.54.1 * php8-dba-8.0.30-150400.4.54.1 * php8-sysvsem-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-8.0.30-150400.4.54.1 * apache2-mod_php8-debugsource-8.0.30-150400.4.54.1 * php8-dom-debuginfo-8.0.30-150400.4.54.1 * php8-zlib-8.0.30-150400.4.54.1 * php8-fpm-debugsource-8.0.30-150400.4.54.1 * php8-tokenizer-debuginfo-8.0.30-150400.4.54.1 * php8-odbc-8.0.30-150400.4.54.1 * php8-sodium-debuginfo-8.0.30-150400.4.54.1 * php8-sockets-8.0.30-150400.4.54.1 * php8-fpm-8.0.30-150400.4.54.1 * php8-embed-8.0.30-150400.4.54.1 * php8-embed-debugsource-8.0.30-150400.4.54.1 * php8-pdo-8.0.30-150400.4.54.1 * php8-gd-8.0.30-150400.4.54.1 * php8-shmop-8.0.30-150400.4.54.1 * php8-phar-8.0.30-150400.4.54.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * php8-ldap-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debugsource-8.0.30-150400.4.54.1 * php8-enchant-debuginfo-8.0.30-150400.4.54.1 * php8-mysql-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-8.0.30-150400.4.54.1 * php8-pdo-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-debuginfo-8.0.30-150400.4.54.1 * php8-pgsql-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-8.0.30-150400.4.54.1 * php8-soap-debuginfo-8.0.30-150400.4.54.1 * php8-tokenizer-8.0.30-150400.4.54.1 * php8-openssl-8.0.30-150400.4.54.1 * php8-fpm-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-8.0.30-150400.4.54.1 * php8-readline-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-8.0.30-150400.4.54.1 * php8-openssl-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debuginfo-8.0.30-150400.4.54.1 * php8-sysvmsg-debuginfo-8.0.30-150400.4.54.1 * php8-exif-8.0.30-150400.4.54.1 * php8-sysvshm-debuginfo-8.0.30-150400.4.54.1 * php8-phar-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-8.0.30-150400.4.54.1 * php8-enchant-8.0.30-150400.4.54.1 * php8-sysvmsg-8.0.30-150400.4.54.1 * php8-gmp-8.0.30-150400.4.54.1 * php8-pcntl-debuginfo-8.0.30-150400.4.54.1 * php8-cli-debuginfo-8.0.30-150400.4.54.1 * php8-ldap-8.0.30-150400.4.54.1 * php8-zip-8.0.30-150400.4.54.1 * php8-opcache-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-debuginfo-8.0.30-150400.4.54.1 * php8-xmlwriter-8.0.30-150400.4.54.1 * php8-xmlwriter-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-8.0.30-150400.4.54.1 * php8-debugsource-8.0.30-150400.4.54.1 * php8-iconv-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-8.0.30-150400.4.54.1 * php8-intl-debuginfo-8.0.30-150400.4.54.1 * php8-posix-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-8.0.30-150400.4.54.1 * php8-readline-8.0.30-150400.4.54.1 * php8-iconv-8.0.30-150400.4.54.1 * php8-test-8.0.30-150400.4.54.1 * php8-mysql-8.0.30-150400.4.54.1 * php8-opcache-8.0.30-150400.4.54.1 * php8-curl-debuginfo-8.0.30-150400.4.54.1 * php8-exif-debuginfo-8.0.30-150400.4.54.1 * php8-zip-debuginfo-8.0.30-150400.4.54.1 * php8-8.0.30-150400.4.54.1 * php8-soap-8.0.30-150400.4.54.1 * php8-tidy-8.0.30-150400.4.54.1 * php8-devel-8.0.30-150400.4.54.1 * php8-bcmath-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-debuginfo-8.0.30-150400.4.54.1 * php8-sysvshm-8.0.30-150400.4.54.1 * php8-pcntl-8.0.30-150400.4.54.1 * php8-debuginfo-8.0.30-150400.4.54.1 * php8-gmp-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-8.0.30-150400.4.54.1 * php8-intl-8.0.30-150400.4.54.1 * php8-sodium-8.0.30-150400.4.54.1 * php8-zlib-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-debuginfo-8.0.30-150400.4.54.1 * php8-embed-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-8.0.30-150400.4.54.1 * php8-sockets-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-debuginfo-8.0.30-150400.4.54.1 * php8-gd-debuginfo-8.0.30-150400.4.54.1 * php8-shmop-debuginfo-8.0.30-150400.4.54.1 * php8-bz2-8.0.30-150400.4.54.1 * php8-dba-debuginfo-8.0.30-150400.4.54.1 * php8-posix-8.0.30-150400.4.54.1 * php8-bcmath-8.0.30-150400.4.54.1 * php8-pgsql-8.0.30-150400.4.54.1 * php8-tidy-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-debuginfo-8.0.30-150400.4.54.1 * php8-dom-8.0.30-150400.4.54.1 * php8-cli-8.0.30-150400.4.54.1 * php8-sysvsem-8.0.30-150400.4.54.1 * php8-fastcgi-8.0.30-150400.4.54.1 * php8-odbc-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-debuginfo-8.0.30-150400.4.54.1 * php8-curl-8.0.30-150400.4.54.1 * php8-bz2-debuginfo-8.0.30-150400.4.54.1 * php8-dba-8.0.30-150400.4.54.1 * php8-sysvsem-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-8.0.30-150400.4.54.1 * apache2-mod_php8-debugsource-8.0.30-150400.4.54.1 * php8-dom-debuginfo-8.0.30-150400.4.54.1 * php8-zlib-8.0.30-150400.4.54.1 * php8-fpm-debugsource-8.0.30-150400.4.54.1 * php8-tokenizer-debuginfo-8.0.30-150400.4.54.1 * php8-odbc-8.0.30-150400.4.54.1 * php8-sodium-debuginfo-8.0.30-150400.4.54.1 * php8-sockets-8.0.30-150400.4.54.1 * php8-fpm-8.0.30-150400.4.54.1 * php8-embed-8.0.30-150400.4.54.1 * php8-embed-debugsource-8.0.30-150400.4.54.1 * php8-pdo-8.0.30-150400.4.54.1 * php8-gd-8.0.30-150400.4.54.1 * php8-shmop-8.0.30-150400.4.54.1 * php8-phar-8.0.30-150400.4.54.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * php8-ldap-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debugsource-8.0.30-150400.4.54.1 * php8-enchant-debuginfo-8.0.30-150400.4.54.1 * php8-mysql-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-8.0.30-150400.4.54.1 * php8-pdo-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-debuginfo-8.0.30-150400.4.54.1 * php8-pgsql-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-8.0.30-150400.4.54.1 * php8-soap-debuginfo-8.0.30-150400.4.54.1 * php8-tokenizer-8.0.30-150400.4.54.1 * php8-openssl-8.0.30-150400.4.54.1 * php8-fpm-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-8.0.30-150400.4.54.1 * php8-readline-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-8.0.30-150400.4.54.1 * php8-openssl-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debuginfo-8.0.30-150400.4.54.1 * php8-sysvmsg-debuginfo-8.0.30-150400.4.54.1 * php8-exif-8.0.30-150400.4.54.1 * php8-sysvshm-debuginfo-8.0.30-150400.4.54.1 * php8-phar-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-8.0.30-150400.4.54.1 * php8-enchant-8.0.30-150400.4.54.1 * php8-sysvmsg-8.0.30-150400.4.54.1 * php8-gmp-8.0.30-150400.4.54.1 * php8-pcntl-debuginfo-8.0.30-150400.4.54.1 * php8-cli-debuginfo-8.0.30-150400.4.54.1 * php8-ldap-8.0.30-150400.4.54.1 * php8-zip-8.0.30-150400.4.54.1 * php8-opcache-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-debuginfo-8.0.30-150400.4.54.1 * php8-xmlwriter-8.0.30-150400.4.54.1 * php8-xmlwriter-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-8.0.30-150400.4.54.1 * php8-debugsource-8.0.30-150400.4.54.1 * php8-iconv-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-8.0.30-150400.4.54.1 * php8-intl-debuginfo-8.0.30-150400.4.54.1 * php8-posix-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-8.0.30-150400.4.54.1 * php8-readline-8.0.30-150400.4.54.1 * php8-iconv-8.0.30-150400.4.54.1 * php8-test-8.0.30-150400.4.54.1 * php8-mysql-8.0.30-150400.4.54.1 * php8-opcache-8.0.30-150400.4.54.1 * php8-curl-debuginfo-8.0.30-150400.4.54.1 * php8-exif-debuginfo-8.0.30-150400.4.54.1 * php8-zip-debuginfo-8.0.30-150400.4.54.1 * php8-8.0.30-150400.4.54.1 * php8-soap-8.0.30-150400.4.54.1 * php8-tidy-8.0.30-150400.4.54.1 * php8-devel-8.0.30-150400.4.54.1 * php8-bcmath-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-debuginfo-8.0.30-150400.4.54.1 * php8-sysvshm-8.0.30-150400.4.54.1 * php8-pcntl-8.0.30-150400.4.54.1 * php8-debuginfo-8.0.30-150400.4.54.1 * php8-gmp-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-8.0.30-150400.4.54.1 * php8-intl-8.0.30-150400.4.54.1 * php8-sodium-8.0.30-150400.4.54.1 * php8-zlib-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-debuginfo-8.0.30-150400.4.54.1 * php8-embed-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-8.0.30-150400.4.54.1 * php8-sockets-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-debuginfo-8.0.30-150400.4.54.1 * php8-gd-debuginfo-8.0.30-150400.4.54.1 * php8-shmop-debuginfo-8.0.30-150400.4.54.1 * php8-bz2-8.0.30-150400.4.54.1 * php8-dba-debuginfo-8.0.30-150400.4.54.1 * php8-posix-8.0.30-150400.4.54.1 * php8-bcmath-8.0.30-150400.4.54.1 * php8-pgsql-8.0.30-150400.4.54.1 * php8-tidy-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-debuginfo-8.0.30-150400.4.54.1 * php8-dom-8.0.30-150400.4.54.1 * php8-cli-8.0.30-150400.4.54.1 * php8-sysvsem-8.0.30-150400.4.54.1 * php8-fastcgi-8.0.30-150400.4.54.1 * php8-odbc-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-debuginfo-8.0.30-150400.4.54.1 * php8-curl-8.0.30-150400.4.54.1 * php8-bz2-debuginfo-8.0.30-150400.4.54.1 * php8-dba-8.0.30-150400.4.54.1 * php8-sysvsem-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-8.0.30-150400.4.54.1 * apache2-mod_php8-debugsource-8.0.30-150400.4.54.1 * php8-dom-debuginfo-8.0.30-150400.4.54.1 * php8-zlib-8.0.30-150400.4.54.1 * php8-fpm-debugsource-8.0.30-150400.4.54.1 * php8-tokenizer-debuginfo-8.0.30-150400.4.54.1 * php8-odbc-8.0.30-150400.4.54.1 * php8-sodium-debuginfo-8.0.30-150400.4.54.1 * php8-sockets-8.0.30-150400.4.54.1 * php8-fpm-8.0.30-150400.4.54.1 * php8-embed-8.0.30-150400.4.54.1 * php8-embed-debugsource-8.0.30-150400.4.54.1 * php8-pdo-8.0.30-150400.4.54.1 * php8-gd-8.0.30-150400.4.54.1 * php8-shmop-8.0.30-150400.4.54.1 * php8-phar-8.0.30-150400.4.54.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * php8-ldap-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debugsource-8.0.30-150400.4.54.1 * php8-enchant-debuginfo-8.0.30-150400.4.54.1 * php8-mysql-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-8.0.30-150400.4.54.1 * php8-pdo-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-debuginfo-8.0.30-150400.4.54.1 * php8-pgsql-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-8.0.30-150400.4.54.1 * php8-soap-debuginfo-8.0.30-150400.4.54.1 * php8-tokenizer-8.0.30-150400.4.54.1 * php8-openssl-8.0.30-150400.4.54.1 * php8-fpm-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-8.0.30-150400.4.54.1 * php8-readline-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-8.0.30-150400.4.54.1 * php8-openssl-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debuginfo-8.0.30-150400.4.54.1 * php8-sysvmsg-debuginfo-8.0.30-150400.4.54.1 * php8-exif-8.0.30-150400.4.54.1 * php8-sysvshm-debuginfo-8.0.30-150400.4.54.1 * php8-phar-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-8.0.30-150400.4.54.1 * php8-enchant-8.0.30-150400.4.54.1 * php8-sysvmsg-8.0.30-150400.4.54.1 * php8-gmp-8.0.30-150400.4.54.1 * php8-pcntl-debuginfo-8.0.30-150400.4.54.1 * php8-cli-debuginfo-8.0.30-150400.4.54.1 * php8-ldap-8.0.30-150400.4.54.1 * php8-zip-8.0.30-150400.4.54.1 * php8-opcache-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-debuginfo-8.0.30-150400.4.54.1 * php8-xmlwriter-8.0.30-150400.4.54.1 * php8-xmlwriter-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-8.0.30-150400.4.54.1 * php8-debugsource-8.0.30-150400.4.54.1 * php8-iconv-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-8.0.30-150400.4.54.1 * php8-intl-debuginfo-8.0.30-150400.4.54.1 * php8-posix-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-8.0.30-150400.4.54.1 * php8-readline-8.0.30-150400.4.54.1 * php8-iconv-8.0.30-150400.4.54.1 * php8-test-8.0.30-150400.4.54.1 * php8-mysql-8.0.30-150400.4.54.1 * php8-opcache-8.0.30-150400.4.54.1 * php8-curl-debuginfo-8.0.30-150400.4.54.1 * php8-exif-debuginfo-8.0.30-150400.4.54.1 * php8-zip-debuginfo-8.0.30-150400.4.54.1 * php8-8.0.30-150400.4.54.1 * php8-soap-8.0.30-150400.4.54.1 * php8-tidy-8.0.30-150400.4.54.1 * php8-devel-8.0.30-150400.4.54.1 * php8-bcmath-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-debuginfo-8.0.30-150400.4.54.1 * php8-sysvshm-8.0.30-150400.4.54.1 * php8-pcntl-8.0.30-150400.4.54.1 * php8-debuginfo-8.0.30-150400.4.54.1 * php8-gmp-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-8.0.30-150400.4.54.1 * php8-intl-8.0.30-150400.4.54.1 * php8-sodium-8.0.30-150400.4.54.1 * php8-zlib-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-debuginfo-8.0.30-150400.4.54.1 * php8-embed-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-8.0.30-150400.4.54.1 * php8-sockets-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-debuginfo-8.0.30-150400.4.54.1 * php8-gd-debuginfo-8.0.30-150400.4.54.1 * php8-shmop-debuginfo-8.0.30-150400.4.54.1 * php8-bz2-8.0.30-150400.4.54.1 * php8-dba-debuginfo-8.0.30-150400.4.54.1 * php8-posix-8.0.30-150400.4.54.1 * php8-bcmath-8.0.30-150400.4.54.1 * php8-pgsql-8.0.30-150400.4.54.1 * php8-tidy-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-debuginfo-8.0.30-150400.4.54.1 * php8-dom-8.0.30-150400.4.54.1 * php8-cli-8.0.30-150400.4.54.1 * php8-sysvsem-8.0.30-150400.4.54.1 * php8-fastcgi-8.0.30-150400.4.54.1 * php8-odbc-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-debuginfo-8.0.30-150400.4.54.1 * php8-curl-8.0.30-150400.4.54.1 * php8-bz2-debuginfo-8.0.30-150400.4.54.1 * php8-dba-8.0.30-150400.4.54.1 * php8-sysvsem-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-8.0.30-150400.4.54.1 * apache2-mod_php8-debugsource-8.0.30-150400.4.54.1 * php8-dom-debuginfo-8.0.30-150400.4.54.1 * php8-zlib-8.0.30-150400.4.54.1 * php8-fpm-debugsource-8.0.30-150400.4.54.1 * php8-tokenizer-debuginfo-8.0.30-150400.4.54.1 * php8-odbc-8.0.30-150400.4.54.1 * php8-sodium-debuginfo-8.0.30-150400.4.54.1 * php8-sockets-8.0.30-150400.4.54.1 * php8-fpm-8.0.30-150400.4.54.1 * php8-embed-8.0.30-150400.4.54.1 * php8-embed-debugsource-8.0.30-150400.4.54.1 * php8-pdo-8.0.30-150400.4.54.1 * php8-gd-8.0.30-150400.4.54.1 * php8-shmop-8.0.30-150400.4.54.1 * php8-phar-8.0.30-150400.4.54.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * php8-ldap-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debugsource-8.0.30-150400.4.54.1 * php8-enchant-debuginfo-8.0.30-150400.4.54.1 * php8-mysql-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-8.0.30-150400.4.54.1 * php8-pdo-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-debuginfo-8.0.30-150400.4.54.1 * php8-pgsql-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-8.0.30-150400.4.54.1 * php8-soap-debuginfo-8.0.30-150400.4.54.1 * php8-tokenizer-8.0.30-150400.4.54.1 * php8-openssl-8.0.30-150400.4.54.1 * php8-fpm-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-8.0.30-150400.4.54.1 * php8-readline-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-8.0.30-150400.4.54.1 * php8-openssl-debuginfo-8.0.30-150400.4.54.1 * php8-fastcgi-debuginfo-8.0.30-150400.4.54.1 * php8-sysvmsg-debuginfo-8.0.30-150400.4.54.1 * php8-exif-8.0.30-150400.4.54.1 * php8-sysvshm-debuginfo-8.0.30-150400.4.54.1 * php8-phar-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-8.0.30-150400.4.54.1 * php8-enchant-8.0.30-150400.4.54.1 * php8-sysvmsg-8.0.30-150400.4.54.1 * php8-gmp-8.0.30-150400.4.54.1 * php8-pcntl-debuginfo-8.0.30-150400.4.54.1 * php8-cli-debuginfo-8.0.30-150400.4.54.1 * php8-ldap-8.0.30-150400.4.54.1 * php8-zip-8.0.30-150400.4.54.1 * php8-opcache-debuginfo-8.0.30-150400.4.54.1 * php8-snmp-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-debuginfo-8.0.30-150400.4.54.1 * php8-xmlwriter-8.0.30-150400.4.54.1 * php8-xmlwriter-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-8.0.30-150400.4.54.1 * php8-debugsource-8.0.30-150400.4.54.1 * php8-iconv-debuginfo-8.0.30-150400.4.54.1 * php8-sqlite-8.0.30-150400.4.54.1 * php8-intl-debuginfo-8.0.30-150400.4.54.1 * php8-posix-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-8.0.30-150400.4.54.1 * php8-readline-8.0.30-150400.4.54.1 * php8-iconv-8.0.30-150400.4.54.1 * php8-test-8.0.30-150400.4.54.1 * php8-mysql-8.0.30-150400.4.54.1 * php8-opcache-8.0.30-150400.4.54.1 * php8-curl-debuginfo-8.0.30-150400.4.54.1 * php8-exif-debuginfo-8.0.30-150400.4.54.1 * php8-zip-debuginfo-8.0.30-150400.4.54.1 * php8-8.0.30-150400.4.54.1 * php8-soap-8.0.30-150400.4.54.1 * php8-tidy-8.0.30-150400.4.54.1 * php8-devel-8.0.30-150400.4.54.1 * php8-bcmath-debuginfo-8.0.30-150400.4.54.1 * php8-ctype-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-debuginfo-8.0.30-150400.4.54.1 * php8-sysvshm-8.0.30-150400.4.54.1 * php8-pcntl-8.0.30-150400.4.54.1 * php8-debuginfo-8.0.30-150400.4.54.1 * php8-gmp-debuginfo-8.0.30-150400.4.54.1 * php8-ftp-debuginfo-8.0.30-150400.4.54.1 * apache2-mod_php8-debuginfo-8.0.30-150400.4.54.1 * php8-mbstring-8.0.30-150400.4.54.1 * php8-intl-8.0.30-150400.4.54.1 * php8-sodium-8.0.30-150400.4.54.1 * php8-zlib-debuginfo-8.0.30-150400.4.54.1 * php8-fileinfo-debuginfo-8.0.30-150400.4.54.1 * php8-embed-debuginfo-8.0.30-150400.4.54.1 * php8-calendar-8.0.30-150400.4.54.1 * php8-sockets-debuginfo-8.0.30-150400.4.54.1 * php8-xsl-debuginfo-8.0.30-150400.4.54.1 * php8-gd-debuginfo-8.0.30-150400.4.54.1 * php8-shmop-debuginfo-8.0.30-150400.4.54.1 * php8-bz2-8.0.30-150400.4.54.1 * php8-dba-debuginfo-8.0.30-150400.4.54.1 * php8-posix-8.0.30-150400.4.54.1 * php8-bcmath-8.0.30-150400.4.54.1 * php8-pgsql-8.0.30-150400.4.54.1 * php8-tidy-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-debuginfo-8.0.30-150400.4.54.1 * php8-dom-8.0.30-150400.4.54.1 * php8-cli-8.0.30-150400.4.54.1 * php8-sysvsem-8.0.30-150400.4.54.1 * php8-fastcgi-8.0.30-150400.4.54.1 * php8-odbc-debuginfo-8.0.30-150400.4.54.1 * php8-xmlreader-debuginfo-8.0.30-150400.4.54.1 * php8-curl-8.0.30-150400.4.54.1 * php8-bz2-debuginfo-8.0.30-150400.4.54.1 * php8-dba-8.0.30-150400.4.54.1 * php8-sysvsem-debuginfo-8.0.30-150400.4.54.1 * php8-gettext-8.0.30-150400.4.54.1 * apache2-mod_php8-debugsource-8.0.30-150400.4.54.1 * php8-dom-debuginfo-8.0.30-150400.4.54.1 * php8-zlib-8.0.30-150400.4.54.1 * php8-fpm-debugsource-8.0.30-150400.4.54.1 * php8-tokenizer-debuginfo-8.0.30-150400.4.54.1 * php8-odbc-8.0.30-150400.4.54.1 * php8-sodium-debuginfo-8.0.30-150400.4.54.1 * php8-sockets-8.0.30-150400.4.54.1 * php8-fpm-8.0.30-150400.4.54.1 * php8-embed-8.0.30-150400.4.54.1 * php8-embed-debugsource-8.0.30-150400.4.54.1 * php8-pdo-8.0.30-150400.4.54.1 * php8-gd-8.0.30-150400.4.54.1 * php8-shmop-8.0.30-150400.4.54.1 * php8-phar-8.0.30-150400.4.54.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11235.html * https://www.suse.com/security/cve/CVE-2025-1217.html * https://www.suse.com/security/cve/CVE-2025-1219.html * https://www.suse.com/security/cve/CVE-2025-1734.html * https://www.suse.com/security/cve/CVE-2025-1736.html * https://www.suse.com/security/cve/CVE-2025-1861.html * https://bugzilla.suse.com/show_bug.cgi?id=1239664 * https://bugzilla.suse.com/show_bug.cgi?id=1239666 * https://bugzilla.suse.com/show_bug.cgi?id=1239667 * https://bugzilla.suse.com/show_bug.cgi?id=1239668 * https://bugzilla.suse.com/show_bug.cgi?id=1239669 * https://bugzilla.suse.com/show_bug.cgi?id=1239670 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 24 16:30:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 24 Mar 2025 16:30:12 -0000 Subject: SUSE-SU-2025:0993-1: important: Security update for webkit2gtk3 Message-ID: <174283381283.8820.1530425189118861318@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:0993-1 Release Date: 2025-03-24T14:33:34Z Rating: important References: * bsc#1239547 Cross-References: * CVE-2025-24201 CVSS scores: * CVE-2025-24201 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: * CVE-2025-24201: Fixed out-of-bounds write vulnerability (bsc#1239547). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-993=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-993=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-993=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-993=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libwebkit2gtk-4_0-37-2.46.6-150200.136.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150200.136.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.136.1 * typelib-1_0-WebKit2-4_0-2.46.6-150200.136.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150200.136.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150200.136.1 * webkit2gtk3-debugsource-2.46.6-150200.136.1 * webkit2gtk3-devel-2.46.6-150200.136.1 * libjavascriptcoregtk-4_0-18-2.46.6-150200.136.1 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.136.1 * webkit2gtk-4_0-injected-bundles-2.46.6-150200.136.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * libwebkit2gtk3-lang-2.46.6-150200.136.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * libwebkit2gtk-4_0-37-2.46.6-150200.136.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150200.136.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.136.1 * typelib-1_0-WebKit2-4_0-2.46.6-150200.136.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150200.136.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150200.136.1 * webkit2gtk3-debugsource-2.46.6-150200.136.1 * webkit2gtk3-devel-2.46.6-150200.136.1 * libjavascriptcoregtk-4_0-18-2.46.6-150200.136.1 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.136.1 * webkit2gtk-4_0-injected-bundles-2.46.6-150200.136.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * libwebkit2gtk3-lang-2.46.6-150200.136.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libwebkit2gtk-4_0-37-2.46.6-150200.136.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150200.136.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.136.1 * typelib-1_0-WebKit2-4_0-2.46.6-150200.136.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150200.136.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150200.136.1 * webkit2gtk3-debugsource-2.46.6-150200.136.1 * webkit2gtk3-devel-2.46.6-150200.136.1 * libjavascriptcoregtk-4_0-18-2.46.6-150200.136.1 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.136.1 * webkit2gtk-4_0-injected-bundles-2.46.6-150200.136.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * libwebkit2gtk3-lang-2.46.6-150200.136.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libwebkit2gtk-4_0-37-2.46.6-150200.136.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150200.136.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.136.1 * typelib-1_0-WebKit2-4_0-2.46.6-150200.136.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150200.136.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150200.136.1 * webkit2gtk3-debugsource-2.46.6-150200.136.1 * webkit2gtk3-devel-2.46.6-150200.136.1 * libjavascriptcoregtk-4_0-18-2.46.6-150200.136.1 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.136.1 * webkit2gtk-4_0-injected-bundles-2.46.6-150200.136.1 * SUSE Enterprise Storage 7.1 (noarch) * libwebkit2gtk3-lang-2.46.6-150200.136.1 ## References: * https://www.suse.com/security/cve/CVE-2025-24201.html * https://bugzilla.suse.com/show_bug.cgi?id=1239547 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 24 16:30:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 24 Mar 2025 16:30:16 -0000 Subject: SUSE-SU-2025:0992-1: important: Security update for docker Message-ID: <174283381660.8820.2008185891151947196@smelt2.prg2.suse.org> # Security update for docker Announcement ID: SUSE-SU-2025:0992-1 Release Date: 2025-03-24T14:31:39Z Rating: important References: * bsc#1234089 * bsc#1237335 Cross-References: * CVE-2024-29018 CVSS scores: * CVE-2024-29018 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-29018 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for docker fixes the following issues: Update to Docker 27.5.1-ce (bsc#1237335): * CVE-2024-29018: External DNS requests from 'internal' networks could lead to data exfiltration (bsc#1234089). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-992=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * docker-27.5.1_ce-98.123.1 * docker-debuginfo-27.5.1_ce-98.123.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * docker-bash-completion-27.5.1_ce-98.123.1 ## References: * https://www.suse.com/security/cve/CVE-2024-29018.html * https://bugzilla.suse.com/show_bug.cgi?id=1234089 * https://bugzilla.suse.com/show_bug.cgi?id=1237335 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 24 16:30:20 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 24 Mar 2025 16:30:20 -0000 Subject: SUSE-SU-2025:0991-1: moderate: Security update for rsync Message-ID: <174283382077.8820.12823912349104740915@smelt2.prg2.suse.org> # Security update for rsync Announcement ID: SUSE-SU-2025:0991-1 Release Date: 2025-03-24T13:56:43Z Rating: moderate References: * bsc#1235475 * bsc#1237187 Cross-References: * CVE-2024-12747 CVSS scores: * CVE-2024-12747 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-12747 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-12747 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for rsync fixes the following issues: * CVE-2024-12747: Fixed race condition in handling symbolic links (bsc#1235475) * Broken rsyncd after protocol bump, regression reported (bsc#1237187). * Bump protocol version to 32 - make it easier to show server is patched. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-991=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-991=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-991=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-991=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-991=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-991=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-991=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * rsync-debuginfo-3.2.3-150000.4.36.1 * rsync-debugsource-3.2.3-150000.4.36.1 * rsync-3.2.3-150000.4.36.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * rsync-debuginfo-3.2.3-150000.4.36.1 * rsync-debugsource-3.2.3-150000.4.36.1 * rsync-3.2.3-150000.4.36.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * rsync-debuginfo-3.2.3-150000.4.36.1 * rsync-debugsource-3.2.3-150000.4.36.1 * rsync-3.2.3-150000.4.36.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * rsync-debuginfo-3.2.3-150000.4.36.1 * rsync-debugsource-3.2.3-150000.4.36.1 * rsync-3.2.3-150000.4.36.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * rsync-debuginfo-3.2.3-150000.4.36.1 * rsync-debugsource-3.2.3-150000.4.36.1 * rsync-3.2.3-150000.4.36.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * rsync-debuginfo-3.2.3-150000.4.36.1 * rsync-debugsource-3.2.3-150000.4.36.1 * rsync-3.2.3-150000.4.36.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * rsync-debuginfo-3.2.3-150000.4.36.1 * rsync-debugsource-3.2.3-150000.4.36.1 * rsync-3.2.3-150000.4.36.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12747.html * https://bugzilla.suse.com/show_bug.cgi?id=1235475 * https://bugzilla.suse.com/show_bug.cgi?id=1237187 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 25 08:30:02 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 25 Mar 2025 08:30:02 -0000 Subject: SUSE-SU-2025:0998-1: important: Security update for freetype2 Message-ID: <174289140298.8820.4557674740812338477@smelt2.prg2.suse.org> # Security update for freetype2 Announcement ID: SUSE-SU-2025:0998-1 Release Date: 2025-03-25T02:08:14Z Rating: important References: * bsc#1239465 Cross-References: * CVE-2025-27363 CVSS scores: * CVE-2025-27363 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-27363 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-27363 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for freetype2 fixes the following issues: * CVE-2025-27363: Fixed out-of-bounds write when attempting to parse font subglyph structures related to TrueType GX and variable font files (bsc#1239465). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-998=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-998=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-998=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-998=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-998=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-998=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-998=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-998=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-998=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-998=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-998=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-998=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-998=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-998=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-998=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-998=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-998=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-998=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-998=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-998=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-998=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-998=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-998=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-998=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-998=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-998=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ftinspect-2.10.4-150000.4.18.1 * ftstring-2.10.4-150000.4.18.1 * ftgamma-2.10.4-150000.4.18.1 * freetype2-devel-2.10.4-150000.4.18.1 * libfreetype6-2.10.4-150000.4.18.1 * ftdiff-2.10.4-150000.4.18.1 * ftmulti-2.10.4-150000.4.18.1 * ftvalid-2.10.4-150000.4.18.1 * ftview-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * ftdump-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * ftbench-2.10.4-150000.4.18.1 * ftlint-2.10.4-150000.4.18.1 * ftgrid-2.10.4-150000.4.18.1 * openSUSE Leap 15.6 (x86_64) * libfreetype6-32bit-debuginfo-2.10.4-150000.4.18.1 * libfreetype6-32bit-2.10.4-150000.4.18.1 * freetype2-devel-32bit-2.10.4-150000.4.18.1 * openSUSE Leap 15.6 (noarch) * freetype2-profile-tti35-2.10.4-150000.4.18.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc) * ft2demos-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * freetype2-devel-2.10.4-150000.4.18.1 * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * Basesystem Module 15-SP6 (x86_64) * libfreetype6-32bit-debuginfo-2.10.4-150000.4.18.1 * libfreetype6-32bit-2.10.4-150000.4.18.1 * Desktop Applications Module 15-SP6 (nosrc) * ft2demos-2.10.4-150000.4.18.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ftdump-2.10.4-150000.4.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * freetype2-devel-2.10.4-150000.4.18.1 * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * ftdump-2.10.4-150000.4.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (nosrc) * ft2demos-2.10.4-150000.4.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * libfreetype6-32bit-debuginfo-2.10.4-150000.4.18.1 * libfreetype6-32bit-2.10.4-150000.4.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * freetype2-devel-2.10.4-150000.4.18.1 * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * ftdump-2.10.4-150000.4.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (nosrc) * ft2demos-2.10.4-150000.4.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libfreetype6-32bit-debuginfo-2.10.4-150000.4.18.1 * libfreetype6-32bit-2.10.4-150000.4.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * freetype2-devel-2.10.4-150000.4.18.1 * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * ftdump-2.10.4-150000.4.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (nosrc) * ft2demos-2.10.4-150000.4.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libfreetype6-32bit-debuginfo-2.10.4-150000.4.18.1 * libfreetype6-32bit-2.10.4-150000.4.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * freetype2-devel-2.10.4-150000.4.18.1 * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * ftdump-2.10.4-150000.4.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (nosrc) * ft2demos-2.10.4-150000.4.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libfreetype6-32bit-debuginfo-2.10.4-150000.4.18.1 * libfreetype6-32bit-2.10.4-150000.4.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * freetype2-devel-2.10.4-150000.4.18.1 * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * ftdump-2.10.4-150000.4.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (nosrc) * ft2demos-2.10.4-150000.4.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libfreetype6-32bit-debuginfo-2.10.4-150000.4.18.1 * libfreetype6-32bit-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * freetype2-devel-2.10.4-150000.4.18.1 * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * ftdump-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (nosrc) * ft2demos-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64) * libfreetype6-32bit-debuginfo-2.10.4-150000.4.18.1 * libfreetype6-32bit-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * freetype2-devel-2.10.4-150000.4.18.1 * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * ftdump-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (nosrc) * ft2demos-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libfreetype6-32bit-debuginfo-2.10.4-150000.4.18.1 * libfreetype6-32bit-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * freetype2-devel-2.10.4-150000.4.18.1 * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * ftdump-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (nosrc) * ft2demos-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libfreetype6-32bit-debuginfo-2.10.4-150000.4.18.1 * libfreetype6-32bit-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * freetype2-devel-2.10.4-150000.4.18.1 * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * ftdump-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc) * ft2demos-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * libfreetype6-32bit-debuginfo-2.10.4-150000.4.18.1 * libfreetype6-32bit-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * freetype2-devel-2.10.4-150000.4.18.1 * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * ftdump-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc) * ft2demos-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libfreetype6-32bit-debuginfo-2.10.4-150000.4.18.1 * libfreetype6-32bit-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * freetype2-devel-2.10.4-150000.4.18.1 * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * ftdump-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc) * ft2demos-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libfreetype6-32bit-debuginfo-2.10.4-150000.4.18.1 * libfreetype6-32bit-2.10.4-150000.4.18.1 * SUSE Manager Proxy 4.3 (x86_64) * libfreetype6-32bit-2.10.4-150000.4.18.1 * freetype2-devel-2.10.4-150000.4.18.1 * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-32bit-debuginfo-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libfreetype6-32bit-2.10.4-150000.4.18.1 * freetype2-devel-2.10.4-150000.4.18.1 * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-32bit-debuginfo-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * freetype2-devel-2.10.4-150000.4.18.1 * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * SUSE Manager Server 4.3 (x86_64) * libfreetype6-32bit-debuginfo-2.10.4-150000.4.18.1 * libfreetype6-32bit-2.10.4-150000.4.18.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * freetype2-devel-2.10.4-150000.4.18.1 * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * ftdump-2.10.4-150000.4.18.1 * SUSE Enterprise Storage 7.1 (nosrc) * ft2demos-2.10.4-150000.4.18.1 * SUSE Enterprise Storage 7.1 (x86_64) * libfreetype6-32bit-debuginfo-2.10.4-150000.4.18.1 * libfreetype6-32bit-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libfreetype6-2.10.4-150000.4.18.1 * libfreetype6-debuginfo-2.10.4-150000.4.18.1 * freetype2-debugsource-2.10.4-150000.4.18.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27363.html * https://bugzilla.suse.com/show_bug.cgi?id=1239465 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 25 12:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 25 Mar 2025 12:30:08 -0000 Subject: SUSE-SU-2025:1011-1: important: Security update for grafana Message-ID: <174290580857.9147.6559584926459035335@smelt2.prg2.suse.org> # Security update for grafana Announcement ID: SUSE-SU-2025:1011-1 Release Date: 2025-03-25T11:44:37Z Rating: important References: * bsc#1237671 * jsc#MSQA-935 Cross-References: * CVE-2025-27144 CVSS scores: * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability and contains one feature can now be installed. ## Description: This update for grafana fixes the following issues: * CVE-2025-27144: Fixed Go JOSE's Parsing Vulnerability (bsc#1237671) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1011=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1011=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * grafana-10.4.15-150200.3.69.1 * grafana-debuginfo-10.4.15-150200.3.69.1 * openSUSE Leap 15.6 (aarch64) * grafana-debuginfo-10.4.15-150200.3.67.1 * grafana-10.4.15-150200.3.67.1 * SUSE Package Hub 15 15-SP6 (aarch64) * grafana-debuginfo-10.4.15-150200.3.67.1 * grafana-10.4.15-150200.3.67.1 * SUSE Package Hub 15 15-SP6 (ppc64le s390x x86_64) * grafana-10.4.15-150200.3.69.1 * grafana-debuginfo-10.4.15-150200.3.69.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27144.html * https://bugzilla.suse.com/show_bug.cgi?id=1237671 * https://jira.suse.com/browse/MSQA-935 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 25 12:30:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 25 Mar 2025 12:30:11 -0000 Subject: SUSE-SU-2025:1010-1: important: Security update for grafana Message-ID: <174290581126.9147.10382622068324891667@smelt2.prg2.suse.org> # Security update for grafana Announcement ID: SUSE-SU-2025:1010-1 Release Date: 2025-03-25T11:44:16Z Rating: important References: * bsc#1237671 * jsc#MSQA-935 Cross-References: * CVE-2025-27144 CVSS scores: * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Desktop 12 * SUSE Linux Enterprise Desktop 12 SP1 * SUSE Linux Enterprise Desktop 12 SP2 * SUSE Linux Enterprise Desktop 12 SP3 * SUSE Linux Enterprise Desktop 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 * SUSE Manager Client Tools for SLE 12 An update that solves one vulnerability and contains one feature can now be installed. ## Description: This update for grafana fixes the following issues: * CVE-2025-27144: Fixed Go JOSE's Parsing Vulnerability (bsc#1237671) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-2025-1010=1 ## Package List: * SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64) * grafana-10.4.15-1.75.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27144.html * https://bugzilla.suse.com/show_bug.cgi?id=1237671 * https://jira.suse.com/browse/MSQA-935 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 25 12:30:14 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 25 Mar 2025 12:30:14 -0000 Subject: SUSE-SU-2025:1009-1: important: Security update for grafana Message-ID: <174290581463.9147.664779345114363266@smelt2.prg2.suse.org> # Security update for grafana Announcement ID: SUSE-SU-2025:1009-1 Release Date: 2025-03-25T11:44:04Z Rating: important References: * bsc#1237671 * jsc#MSQA-935 Cross-References: * CVE-2025-27144 CVSS scores: * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Client Tools for SLE 15 An update that solves one vulnerability and contains one feature can now be installed. ## Description: This update for grafana fixes the following issues: * CVE-2025-27144: Fixed Go JOSE's Parsing Vulnerability (bsc#1237671) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-2025-1009=1 ## Package List: * SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64) * grafana-debuginfo-10.4.15-150000.1.75.1 * grafana-10.4.15-150000.1.75.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27144.html * https://bugzilla.suse.com/show_bug.cgi?id=1237671 * https://jira.suse.com/browse/MSQA-935 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 25 12:30:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 25 Mar 2025 12:30:16 -0000 Subject: SUSE-SU-2025:1008-1: important: Security update for python-gunicorn Message-ID: <174290581698.9147.9020747150244794649@smelt2.prg2.suse.org> # Security update for python-gunicorn Announcement ID: SUSE-SU-2025:1008-1 Release Date: 2025-03-25T11:09:27Z Rating: important References: * bsc#1239830 Cross-References: * CVE-2024-6827 CVSS scores: * CVE-2024-6827 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-6827 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-6827 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-gunicorn fixes the following issues: * CVE-2024-6827: Fixed improper validation of the 'Transfer-Encoding' header value can allow for HTTP request smuggling attacks (bsc#1239830) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1008=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1008=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-1008=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1008=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1008=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1008=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1008=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1008=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1008=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1008=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1008=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-gunicorn-20.1.0-150400.12.9.1 * openSUSE Leap 15.6 (noarch) * python311-gunicorn-20.1.0-150400.12.9.1 * Python 3 Module 15-SP6 (noarch) * python311-gunicorn-20.1.0-150400.12.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python311-gunicorn-20.1.0-150400.12.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python311-gunicorn-20.1.0-150400.12.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * python311-gunicorn-20.1.0-150400.12.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * python311-gunicorn-20.1.0-150400.12.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * python311-gunicorn-20.1.0-150400.12.9.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * python311-gunicorn-20.1.0-150400.12.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python311-gunicorn-20.1.0-150400.12.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * python311-gunicorn-20.1.0-150400.12.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6827.html * https://bugzilla.suse.com/show_bug.cgi?id=1239830 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 25 12:30:19 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 25 Mar 2025 12:30:19 -0000 Subject: SUSE-SU-2025:1007-1: moderate: Security update for helm Message-ID: <174290581991.9147.17966706399696181005@smelt2.prg2.suse.org> # Security update for helm Announcement ID: SUSE-SU-2025:1007-1 Release Date: 2025-03-25T08:44:57Z Rating: moderate References: * bsc#1238688 Cross-References: * CVE-2025-22870 CVSS scores: * CVE-2025-22870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22870 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-22870 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for helm fixes the following issues: * CVE-2025-22870: Fixed proxy bypass using IPv6 zone IDs (bsc#1238688). Other fixes: \- Updated to version 3.17.2 \- Updated to 0.37.0 for x/net ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1007=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-1007=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1007=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1007=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.17.2-150000.1.44.1 * helm-3.17.2-150000.1.44.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * helm-bash-completion-3.17.2-150000.1.44.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.17.2-150000.1.44.1 * helm-3.17.2-150000.1.44.1 * Containers Module 15-SP6 (noarch) * helm-bash-completion-3.17.2-150000.1.44.1 * helm-zsh-completion-3.17.2-150000.1.44.1 * SUSE Package Hub 15 15-SP6 (noarch) * helm-fish-completion-3.17.2-150000.1.44.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.17.2-150000.1.44.1 * helm-3.17.2-150000.1.44.1 * openSUSE Leap 15.6 (noarch) * helm-bash-completion-3.17.2-150000.1.44.1 * helm-zsh-completion-3.17.2-150000.1.44.1 * helm-fish-completion-3.17.2-150000.1.44.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22870.html * https://bugzilla.suse.com/show_bug.cgi?id=1238688 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 25 12:30:24 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 25 Mar 2025 12:30:24 -0000 Subject: SUSE-SU-2025:1006-1: important: Security update for google-osconfig-agent Message-ID: <174290582449.9147.6139853187125742744@smelt2.prg2.suse.org> # Security update for google-osconfig-agent Announcement ID: SUSE-SU-2025:1006-1 Release Date: 2025-03-25T08:44:14Z Rating: important References: * bsc#1239197 Cross-References: * CVE-2025-22868 CVSS scores: * CVE-2025-22868 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for google-osconfig-agent fixes the following issues: * CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1006=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1006=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-1006=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-1006=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-1006=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1006=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20250115.01-150000.1.47.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20250115.01-150000.1.47.1 * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20250115.01-150000.1.47.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20250115.01-150000.1.47.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20250115.01-150000.1.47.1 * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20250115.01-150000.1.47.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22868.html * https://bugzilla.suse.com/show_bug.cgi?id=1239197 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 25 12:30:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 25 Mar 2025 12:30:28 -0000 Subject: SUSE-SU-2025:1005-1: important: Security update for google-guest-agent Message-ID: <174290582804.9147.10635355025767218597@smelt2.prg2.suse.org> # Security update for google-guest-agent Announcement ID: SUSE-SU-2025:1005-1 Release Date: 2025-03-25T08:43:38Z Rating: important References: * bsc#1239197 Cross-References: * CVE-2025-22868 CVSS scores: * CVE-2025-22868 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for google-guest-agent fixes the following issues: * CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1005=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1005=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1005=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-1005=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-1005=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-1005=1 ## Package List: * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64) * google-guest-agent-20250116.00-150000.1.57.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * google-guest-agent-20250116.00-150000.1.57.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * google-guest-agent-20250116.00-150000.1.57.1 * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64) * google-guest-agent-20250116.00-150000.1.57.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * google-guest-agent-20250116.00-150000.1.57.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * google-guest-agent-20250116.00-150000.1.57.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22868.html * https://bugzilla.suse.com/show_bug.cgi?id=1239197 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 25 12:30:31 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 25 Mar 2025 12:30:31 -0000 Subject: SUSE-SU-2025:1004-1: moderate: Security update for python-Jinja2 Message-ID: <174290583158.9147.7927526651904433708@smelt2.prg2.suse.org> # Security update for python-Jinja2 Announcement ID: SUSE-SU-2025:1004-1 Release Date: 2025-03-25T08:42:59Z Rating: moderate References: * bsc#1238879 Cross-References: * CVE-2025-27516 CVSS scores: * CVE-2025-27516 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-27516 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2025-27516 ( NVD ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-Jinja2 fixes the following issues: * CVE-2025-27516: Fixed sandbox breakout through attr filter selecting format method (bsc#1238879) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1004=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1004=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1004=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1004=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1004=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1004=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1004=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1004=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1004=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * python3-Jinja2-2.10.1-150000.3.21.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * python3-Jinja2-2.10.1-150000.3.21.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * python3-Jinja2-2.10.1-150000.3.21.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * python3-Jinja2-2.10.1-150000.3.21.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * python3-Jinja2-2.10.1-150000.3.21.1 * Basesystem Module 15-SP6 (noarch) * python3-Jinja2-2.10.1-150000.3.21.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * python3-Jinja2-2.10.1-150000.3.21.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * python3-Jinja2-2.10.1-150000.3.21.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * python3-Jinja2-2.10.1-150000.3.21.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27516.html * https://bugzilla.suse.com/show_bug.cgi?id=1238879 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 25 12:30:36 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 25 Mar 2025 12:30:36 -0000 Subject: SUSE-SU-2025:1003-1: important: Security update for libxslt Message-ID: <174290583654.9147.11758643317429217361@smelt2.prg2.suse.org> # Security update for libxslt Announcement ID: SUSE-SU-2025:1003-1 Release Date: 2025-03-25T08:42:21Z Rating: important References: * bsc#1238591 * bsc#1239625 * bsc#1239637 Cross-References: * CVE-2023-40403 * CVE-2024-55549 * CVE-2025-24855 CVSS scores: * CVE-2023-40403 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2023-40403 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-55549 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2024-55549 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2025-24855 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2025-24855 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for libxslt fixes the following issues: * CVE-2023-40403: Fixed sensitive information disclosure during processing web content (bsc#1238591) * CVE-2024-55549: Fixed use-after-free in xsltGetInheritedNsList (bsc#1239637) * CVE-2025-24855: Fixed use-after-free in numbers.c (bsc#1239625) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1003=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1003=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1003=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1003=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1003=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1003=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1003=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1003=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libxslt-python-1.1.32-150000.3.17.1 * libxslt-python-debugsource-1.1.32-150000.3.17.1 * libxslt-python-debuginfo-1.1.32-150000.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libxslt-debugsource-1.1.32-150000.3.17.1 * libxslt-tools-debuginfo-1.1.32-150000.3.17.1 * libxslt1-1.1.32-150000.3.17.1 * libxslt1-debuginfo-1.1.32-150000.3.17.1 * libxslt-tools-1.1.32-150000.3.17.1 * libxslt-devel-1.1.32-150000.3.17.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * libxslt-debugsource-1.1.32-150000.3.17.1 * libxslt-tools-debuginfo-1.1.32-150000.3.17.1 * libxslt1-1.1.32-150000.3.17.1 * libxslt1-debuginfo-1.1.32-150000.3.17.1 * libxslt-tools-1.1.32-150000.3.17.1 * libxslt-devel-1.1.32-150000.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libxslt-debugsource-1.1.32-150000.3.17.1 * libxslt-tools-debuginfo-1.1.32-150000.3.17.1 * libxslt1-1.1.32-150000.3.17.1 * libxslt1-debuginfo-1.1.32-150000.3.17.1 * libxslt-tools-1.1.32-150000.3.17.1 * libxslt-devel-1.1.32-150000.3.17.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libxslt-debugsource-1.1.32-150000.3.17.1 * libxslt-tools-debuginfo-1.1.32-150000.3.17.1 * libxslt1-1.1.32-150000.3.17.1 * libxslt1-debuginfo-1.1.32-150000.3.17.1 * libxslt-tools-1.1.32-150000.3.17.1 * libxslt-devel-1.1.32-150000.3.17.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libxslt1-debuginfo-1.1.32-150000.3.17.1 * libxslt-debugsource-1.1.32-150000.3.17.1 * libxslt1-1.1.32-150000.3.17.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libxslt1-debuginfo-1.1.32-150000.3.17.1 * libxslt-debugsource-1.1.32-150000.3.17.1 * libxslt1-1.1.32-150000.3.17.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libxslt1-debuginfo-1.1.32-150000.3.17.1 * libxslt-debugsource-1.1.32-150000.3.17.1 * libxslt1-1.1.32-150000.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2023-40403.html * https://www.suse.com/security/cve/CVE-2024-55549.html * https://www.suse.com/security/cve/CVE-2025-24855.html * https://bugzilla.suse.com/show_bug.cgi?id=1238591 * https://bugzilla.suse.com/show_bug.cgi?id=1239625 * https://bugzilla.suse.com/show_bug.cgi?id=1239637 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 25 12:30:39 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 25 Mar 2025 12:30:39 -0000 Subject: SUSE-SU-2025:1002-1: important: Security update for python-gunicorn Message-ID: <174290583900.9147.14537496284321276934@smelt2.prg2.suse.org> # Security update for python-gunicorn Announcement ID: SUSE-SU-2025:1002-1 Release Date: 2025-03-25T08:41:40Z Rating: important References: * bsc#1239830 Cross-References: * CVE-2024-6827 CVSS scores: * CVE-2024-6827 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-6827 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-6827 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-gunicorn fixes the following issues: * CVE-2024-6827: Fixed improper validation of the 'Transfer-Encoding' header value can allow for HTTP request smuggling attacks (bsc#1239830) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-1002=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-1002=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-1002=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1002=1 ## Package List: * Public Cloud Module 15-SP3 (noarch) * python3-gunicorn-19.7.1-150000.3.10.1 * Public Cloud Module 15-SP4 (noarch) * python3-gunicorn-19.7.1-150000.3.10.1 * Public Cloud Module 15-SP5 (noarch) * python3-gunicorn-19.7.1-150000.3.10.1 * Public Cloud Module 15-SP6 (noarch) * python3-gunicorn-19.7.1-150000.3.10.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6827.html * https://bugzilla.suse.com/show_bug.cgi?id=1239830 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 25 16:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 25 Mar 2025 16:30:09 -0000 Subject: SUSE-SU-2025:1014-1: important: Security update for buildah Message-ID: <174292020976.8841.17310106204453031326@smelt2.prg2.suse.org> # Security update for buildah Announcement ID: SUSE-SU-2025:1014-1 Release Date: 2025-03-25T13:05:56Z Rating: important References: * bsc#1239339 Cross-References: * CVE-2025-22869 * CVE-2025-27144 CVSS scores: * CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves two vulnerabilities can now be installed. ## Description: This update for buildah fixes the following issues: * CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239339). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1014=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1014=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1014=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1014=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1014=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * buildah-1.35.5-150400.3.45.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * buildah-1.35.5-150400.3.45.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * buildah-1.35.5-150400.3.45.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * buildah-1.35.5-150400.3.45.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * buildah-1.35.5-150400.3.45.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22869.html * https://www.suse.com/security/cve/CVE-2025-27144.html * https://bugzilla.suse.com/show_bug.cgi?id=1239339 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 25 16:30:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 25 Mar 2025 16:30:11 -0000 Subject: SUSE-SU-2025:1013-1: moderate: Security update for govulncheck-vulndb Message-ID: <174292021161.8841.2050300800235568592@smelt2.prg2.suse.org> # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2025:1013-1 Release Date: 2025-03-25T12:47:51Z Rating: moderate References: * jsc#PED-11136 Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: * Update to version 0.0.20250318T181448 2025-03-18T18:14:48Z (jsc#PED-11136): * GO-2025-3448 GHSA-23qp-3c2m-xx6w * GO-2025-3516 GHSA-47ww-ff84-4jrg * GO-2025-3517 GHSA-4wf3-5qj9-368v * GO-2025-3525 GHSA-93mq-9ffx-83m2 * GO-2025-3527 GHSA-m4gq-fm9h-8q75 * GO-2025-3528 GHSA-265r-hfxg-fhmg * GO-2025-3529 GHSA-c339-mwfc-fmr2 * GO-2025-3530 GHSA-c98h-7hp9-v9hq ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1013=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1013=1 ## Package List: * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20250318T181448-150000.1.43.1 * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20250318T181448-150000.1.43.1 ## References: * https://jira.suse.com/browse/PED-11136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 25 16:30:19 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 25 Mar 2025 16:30:19 -0000 Subject: SUSE-SU-2025:1012-1: important: Security update for php8 Message-ID: <174292021976.8841.5812614814864998671@smelt2.prg2.suse.org> # Security update for php8 Announcement ID: SUSE-SU-2025:1012-1 Release Date: 2025-03-25T12:47:38Z Rating: important References: * bsc#1239664 * bsc#1239666 * bsc#1239667 * bsc#1239668 * bsc#1239669 * bsc#1239670 Cross-References: * CVE-2024-11235 * CVE-2025-1217 * CVE-2025-1219 * CVE-2025-1734 * CVE-2025-1736 * CVE-2025-1861 CVSS scores: * CVE-2024-11235 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-1217 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-1219 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-1734 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-1736 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-1861 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * Web and Scripting Module 15-SP6 An update that solves six vulnerabilities can now be installed. ## Description: This update for php8 fixes the following issues: * CVE-2025-1217: Fixed header parser of `http` stream wrapper not handling folded headers (bsc#1239664) * CVE-2024-11235: Fixed reference counting in php_request_shutdown causing Use-After-Free (bsc#1239666) * CVE-2025-1219: Fixed libxml streams using wrong `content-type` header when requesting a redirected resource (bsc#1239667) * CVE-2025-1734: Fixed streams HTTP wrapper not failing for headers with invalid name and no colon (bsc#1239668) * CVE-2025-1861: Fixed stream HTTP wrapper truncate redirect location to 1024 bytes (bsc#1239669) * CVE-2025-1736: Fixed stream HTTP wrapper header check might omitting basic auth header (bsc#1239670) Version update to 8.2.28: Core: Fixed bug GH-17211 (observer segfault on function loaded with dl()). LibXML: Fixed GHSA-wg4p-4hqh-c3g9. Fixed GHSA-p3x9-6h7p-cgfc (libxml streams use wrong `content-type` header when requesting a redirected resource). Streams: Fixed GHSA-hgf5-96fm-v528 (Stream HTTP wrapper header check might omit basic auth header). Fixed GHSA-52jp- hrpf-2jff (Stream HTTP wrapper truncate redirect location to 1024 bytes). Fixed GHSA-pcmh-g36c-qc44 (Streams HTTP wrapper does not fail for headers without colon). Fixed GHSA-v8xr-gpvj-cx9g (Header parser of `http` stream wrapper does not handle folded headers). Version update version 8.2.27 Calendar: Fixed jdtogregorian overflow. Fixed cal_to_jd julian_days argument overflow. COM: Fixed bug GH-16991 (Getting typeinfo of non DISPATCH variant segfaults). Core: Fail early in *nix configuration build script. Fixed bug GH-16727 (Opcache bad signal 139 crash in ZTS bookworm (frankenphp)). Fixed bug GH-16799 (Assertion failure at Zend/zend_vm_execute.h:7469). Fixed bug GH-16630 (UAF in lexer with encoding translation and heredocs). Fix is_zend_ptr() huge block comparison. Fixed potential OOB read in zend_dirname() on Windows. Curl: Fix various memory leaks in curl mime handling. FPM: Fixed GH-16432 (PHP-FPM 8.2 SIGSEGV in fpm_get_status). GD: Fixed GH-16776 (imagecreatefromstring overflow). GMP: Revert gmp_pow() overly restrictive overflow checks. Hash: Fixed GH-16711: Segfault in mhash(). Opcache: Fixed bug GH-16770 (Tracing JIT type mismatch when returning UNDEF). Fixed bug GH-16851 (JIT_G(enabled) not set correctly on other threads). Fixed bug GH-16902 (Set of opcache tests fail zts+aarch64). OpenSSL: Prevent unexpected array entry conversion when reading key. Fix various memory leaks related to openssl exports. Fix memory leak in php_openssl_pkey_from_zval(). PDO: Fixed memory leak of `setFetchMode()`. Phar: Fixed bug GH-16695 (phar:// tar parser and zero-length file header blocks). PHPDBG: Fixed bug GH-15208 (Segfault with breakpoint map and phpdbg_clear()). SAPI: Fixed bug GH-16998 (UBSAN warning in rfc1867). SimpleXML: Fixed bug GH-16808 (Segmentation fault in RecursiveIteratorIterator ->current() with a xml element input). SNMP: Fixed bug GH-16959 (snmget modifies the object_id array). Standard: Fixed bug GH-16905 (Internal iterator functions can't handle UNDEF properties). Streams: Fixed network connect poll interuption handling. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1012=1 openSUSE-SLE-15.6-2025-1012=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2025-1012=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * php8-bz2-8.2.28-150600.3.16.1 * php8-readline-8.2.28-150600.3.16.1 * php8-fastcgi-debuginfo-8.2.28-150600.3.16.1 * php8-fastcgi-debugsource-8.2.28-150600.3.16.1 * php8-tokenizer-debuginfo-8.2.28-150600.3.16.1 * php8-embed-8.2.28-150600.3.16.1 * php8-embed-debugsource-8.2.28-150600.3.16.1 * php8-shmop-debuginfo-8.2.28-150600.3.16.1 * php8-sodium-debuginfo-8.2.28-150600.3.16.1 * php8-ctype-8.2.28-150600.3.16.1 * php8-calendar-debuginfo-8.2.28-150600.3.16.1 * php8-tidy-8.2.28-150600.3.16.1 * php8-xmlreader-8.2.28-150600.3.16.1 * php8-zlib-debuginfo-8.2.28-150600.3.16.1 * php8-bz2-debuginfo-8.2.28-150600.3.16.1 * php8-bcmath-8.2.28-150600.3.16.1 * apache2-mod_php8-8.2.28-150600.3.16.1 * php8-snmp-debuginfo-8.2.28-150600.3.16.1 * php8-ldap-debuginfo-8.2.28-150600.3.16.1 * php8-ftp-8.2.28-150600.3.16.1 * php8-readline-debuginfo-8.2.28-150600.3.16.1 * php8-mysql-8.2.28-150600.3.16.1 * php8-sysvsem-debuginfo-8.2.28-150600.3.16.1 * php8-fileinfo-debuginfo-8.2.28-150600.3.16.1 * php8-odbc-debuginfo-8.2.28-150600.3.16.1 * php8-debugsource-8.2.28-150600.3.16.1 * php8-posix-8.2.28-150600.3.16.1 * php8-fpm-debugsource-8.2.28-150600.3.16.1 * php8-phar-debuginfo-8.2.28-150600.3.16.1 * php8-gd-8.2.28-150600.3.16.1 * php8-zip-8.2.28-150600.3.16.1 * php8-curl-debuginfo-8.2.28-150600.3.16.1 * php8-tokenizer-8.2.28-150600.3.16.1 * php8-cli-8.2.28-150600.3.16.1 * php8-shmop-8.2.28-150600.3.16.1 * php8-openssl-debuginfo-8.2.28-150600.3.16.1 * php8-pdo-8.2.28-150600.3.16.1 * php8-devel-8.2.28-150600.3.16.1 * php8-pcntl-8.2.28-150600.3.16.1 * php8-sysvshm-8.2.28-150600.3.16.1 * php8-sqlite-debuginfo-8.2.28-150600.3.16.1 * php8-sqlite-8.2.28-150600.3.16.1 * php8-fpm-8.2.28-150600.3.16.1 * php8-opcache-debuginfo-8.2.28-150600.3.16.1 * php8-ldap-8.2.28-150600.3.16.1 * php8-iconv-8.2.28-150600.3.16.1 * php8-tidy-debuginfo-8.2.28-150600.3.16.1 * php8-curl-8.2.28-150600.3.16.1 * apache2-mod_php8-debuginfo-8.2.28-150600.3.16.1 * php8-xsl-8.2.28-150600.3.16.1 * php8-cli-debuginfo-8.2.28-150600.3.16.1 * php8-phar-8.2.28-150600.3.16.1 * php8-dom-debuginfo-8.2.28-150600.3.16.1 * php8-debuginfo-8.2.28-150600.3.16.1 * php8-fileinfo-8.2.28-150600.3.16.1 * php8-intl-8.2.28-150600.3.16.1 * php8-embed-debuginfo-8.2.28-150600.3.16.1 * php8-gettext-debuginfo-8.2.28-150600.3.16.1 * php8-mysql-debuginfo-8.2.28-150600.3.16.1 * php8-test-8.2.28-150600.3.16.1 * php8-iconv-debuginfo-8.2.28-150600.3.16.1 * php8-gmp-debuginfo-8.2.28-150600.3.16.1 * php8-fastcgi-8.2.28-150600.3.16.1 * php8-dom-8.2.28-150600.3.16.1 * php8-sysvmsg-debuginfo-8.2.28-150600.3.16.1 * php8-ctype-debuginfo-8.2.28-150600.3.16.1 * php8-sysvshm-debuginfo-8.2.28-150600.3.16.1 * php8-sysvsem-8.2.28-150600.3.16.1 * php8-calendar-8.2.28-150600.3.16.1 * php8-posix-debuginfo-8.2.28-150600.3.16.1 * php8-pgsql-debuginfo-8.2.28-150600.3.16.1 * php8-sysvmsg-8.2.28-150600.3.16.1 * php8-zlib-8.2.28-150600.3.16.1 * php8-mbstring-8.2.28-150600.3.16.1 * php8-openssl-8.2.28-150600.3.16.1 * php8-sockets-8.2.28-150600.3.16.1 * php8-sockets-debuginfo-8.2.28-150600.3.16.1 * php8-bcmath-debuginfo-8.2.28-150600.3.16.1 * apache2-mod_php8-debugsource-8.2.28-150600.3.16.1 * php8-pcntl-debuginfo-8.2.28-150600.3.16.1 * php8-enchant-8.2.28-150600.3.16.1 * php8-enchant-debuginfo-8.2.28-150600.3.16.1 * php8-odbc-8.2.28-150600.3.16.1 * php8-xmlwriter-debuginfo-8.2.28-150600.3.16.1 * php8-fpm-debuginfo-8.2.28-150600.3.16.1 * php8-snmp-8.2.28-150600.3.16.1 * php8-soap-8.2.28-150600.3.16.1 * php8-dba-debuginfo-8.2.28-150600.3.16.1 * php8-zip-debuginfo-8.2.28-150600.3.16.1 * php8-exif-8.2.28-150600.3.16.1 * php8-ffi-8.2.28-150600.3.16.1 * php8-gettext-8.2.28-150600.3.16.1 * php8-xsl-debuginfo-8.2.28-150600.3.16.1 * php8-xmlwriter-8.2.28-150600.3.16.1 * php8-xmlreader-debuginfo-8.2.28-150600.3.16.1 * php8-soap-debuginfo-8.2.28-150600.3.16.1 * php8-mbstring-debuginfo-8.2.28-150600.3.16.1 * php8-8.2.28-150600.3.16.1 * php8-pgsql-8.2.28-150600.3.16.1 * php8-sodium-8.2.28-150600.3.16.1 * php8-opcache-8.2.28-150600.3.16.1 * php8-dba-8.2.28-150600.3.16.1 * php8-gd-debuginfo-8.2.28-150600.3.16.1 * php8-exif-debuginfo-8.2.28-150600.3.16.1 * php8-gmp-8.2.28-150600.3.16.1 * php8-pdo-debuginfo-8.2.28-150600.3.16.1 * php8-ftp-debuginfo-8.2.28-150600.3.16.1 * php8-intl-debuginfo-8.2.28-150600.3.16.1 * php8-ffi-debuginfo-8.2.28-150600.3.16.1 * openSUSE Leap 15.6 (noarch) * php8-fpm-apache-8.2.28-150600.3.16.1 * Web and Scripting Module 15-SP6 (aarch64 ppc64le s390x x86_64) * php8-bz2-8.2.28-150600.3.16.1 * php8-readline-8.2.28-150600.3.16.1 * php8-fastcgi-debuginfo-8.2.28-150600.3.16.1 * php8-fastcgi-debugsource-8.2.28-150600.3.16.1 * php8-tokenizer-debuginfo-8.2.28-150600.3.16.1 * php8-embed-8.2.28-150600.3.16.1 * php8-embed-debugsource-8.2.28-150600.3.16.1 * php8-shmop-debuginfo-8.2.28-150600.3.16.1 * php8-sodium-debuginfo-8.2.28-150600.3.16.1 * php8-ctype-8.2.28-150600.3.16.1 * php8-calendar-debuginfo-8.2.28-150600.3.16.1 * php8-tidy-8.2.28-150600.3.16.1 * php8-xmlreader-8.2.28-150600.3.16.1 * php8-zlib-debuginfo-8.2.28-150600.3.16.1 * php8-bz2-debuginfo-8.2.28-150600.3.16.1 * php8-bcmath-8.2.28-150600.3.16.1 * apache2-mod_php8-8.2.28-150600.3.16.1 * php8-snmp-debuginfo-8.2.28-150600.3.16.1 * php8-ldap-debuginfo-8.2.28-150600.3.16.1 * php8-ftp-8.2.28-150600.3.16.1 * php8-readline-debuginfo-8.2.28-150600.3.16.1 * php8-mysql-8.2.28-150600.3.16.1 * php8-sysvsem-debuginfo-8.2.28-150600.3.16.1 * php8-fileinfo-debuginfo-8.2.28-150600.3.16.1 * php8-odbc-debuginfo-8.2.28-150600.3.16.1 * php8-debugsource-8.2.28-150600.3.16.1 * php8-posix-8.2.28-150600.3.16.1 * php8-fpm-debugsource-8.2.28-150600.3.16.1 * php8-phar-debuginfo-8.2.28-150600.3.16.1 * php8-gd-8.2.28-150600.3.16.1 * php8-zip-8.2.28-150600.3.16.1 * php8-curl-debuginfo-8.2.28-150600.3.16.1 * php8-cli-8.2.28-150600.3.16.1 * php8-shmop-8.2.28-150600.3.16.1 * php8-tokenizer-8.2.28-150600.3.16.1 * php8-openssl-debuginfo-8.2.28-150600.3.16.1 * php8-pdo-8.2.28-150600.3.16.1 * php8-devel-8.2.28-150600.3.16.1 * php8-pcntl-8.2.28-150600.3.16.1 * php8-sysvshm-8.2.28-150600.3.16.1 * php8-sqlite-debuginfo-8.2.28-150600.3.16.1 * php8-sqlite-8.2.28-150600.3.16.1 * php8-fpm-8.2.28-150600.3.16.1 * php8-opcache-debuginfo-8.2.28-150600.3.16.1 * php8-ldap-8.2.28-150600.3.16.1 * php8-iconv-8.2.28-150600.3.16.1 * php8-tidy-debuginfo-8.2.28-150600.3.16.1 * php8-curl-8.2.28-150600.3.16.1 * apache2-mod_php8-debuginfo-8.2.28-150600.3.16.1 * php8-xsl-8.2.28-150600.3.16.1 * php8-cli-debuginfo-8.2.28-150600.3.16.1 * php8-phar-8.2.28-150600.3.16.1 * php8-dom-debuginfo-8.2.28-150600.3.16.1 * php8-debuginfo-8.2.28-150600.3.16.1 * php8-fileinfo-8.2.28-150600.3.16.1 * php8-intl-8.2.28-150600.3.16.1 * php8-embed-debuginfo-8.2.28-150600.3.16.1 * php8-gettext-debuginfo-8.2.28-150600.3.16.1 * php8-mysql-debuginfo-8.2.28-150600.3.16.1 * php8-test-8.2.28-150600.3.16.1 * php8-iconv-debuginfo-8.2.28-150600.3.16.1 * php8-gmp-debuginfo-8.2.28-150600.3.16.1 * php8-fastcgi-8.2.28-150600.3.16.1 * php8-dom-8.2.28-150600.3.16.1 * php8-sysvmsg-debuginfo-8.2.28-150600.3.16.1 * php8-ctype-debuginfo-8.2.28-150600.3.16.1 * php8-sysvshm-debuginfo-8.2.28-150600.3.16.1 * php8-sysvsem-8.2.28-150600.3.16.1 * php8-calendar-8.2.28-150600.3.16.1 * php8-posix-debuginfo-8.2.28-150600.3.16.1 * php8-pgsql-debuginfo-8.2.28-150600.3.16.1 * php8-sysvmsg-8.2.28-150600.3.16.1 * php8-zlib-8.2.28-150600.3.16.1 * php8-mbstring-8.2.28-150600.3.16.1 * php8-openssl-8.2.28-150600.3.16.1 * php8-sockets-8.2.28-150600.3.16.1 * php8-sockets-debuginfo-8.2.28-150600.3.16.1 * php8-bcmath-debuginfo-8.2.28-150600.3.16.1 * apache2-mod_php8-debugsource-8.2.28-150600.3.16.1 * php8-pcntl-debuginfo-8.2.28-150600.3.16.1 * php8-enchant-8.2.28-150600.3.16.1 * php8-enchant-debuginfo-8.2.28-150600.3.16.1 * php8-odbc-8.2.28-150600.3.16.1 * php8-xmlwriter-debuginfo-8.2.28-150600.3.16.1 * php8-fpm-debuginfo-8.2.28-150600.3.16.1 * php8-snmp-8.2.28-150600.3.16.1 * php8-soap-8.2.28-150600.3.16.1 * php8-dba-debuginfo-8.2.28-150600.3.16.1 * php8-zip-debuginfo-8.2.28-150600.3.16.1 * php8-exif-8.2.28-150600.3.16.1 * php8-gettext-8.2.28-150600.3.16.1 * php8-xsl-debuginfo-8.2.28-150600.3.16.1 * php8-xmlwriter-8.2.28-150600.3.16.1 * php8-xmlreader-debuginfo-8.2.28-150600.3.16.1 * php8-soap-debuginfo-8.2.28-150600.3.16.1 * php8-mbstring-debuginfo-8.2.28-150600.3.16.1 * php8-8.2.28-150600.3.16.1 * php8-pgsql-8.2.28-150600.3.16.1 * php8-sodium-8.2.28-150600.3.16.1 * php8-opcache-8.2.28-150600.3.16.1 * php8-dba-8.2.28-150600.3.16.1 * php8-gd-debuginfo-8.2.28-150600.3.16.1 * php8-exif-debuginfo-8.2.28-150600.3.16.1 * php8-gmp-8.2.28-150600.3.16.1 * php8-pdo-debuginfo-8.2.28-150600.3.16.1 * php8-ftp-debuginfo-8.2.28-150600.3.16.1 * php8-intl-debuginfo-8.2.28-150600.3.16.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11235.html * https://www.suse.com/security/cve/CVE-2025-1217.html * https://www.suse.com/security/cve/CVE-2025-1219.html * https://www.suse.com/security/cve/CVE-2025-1734.html * https://www.suse.com/security/cve/CVE-2025-1736.html * https://www.suse.com/security/cve/CVE-2025-1861.html * https://bugzilla.suse.com/show_bug.cgi?id=1239664 * https://bugzilla.suse.com/show_bug.cgi?id=1239666 * https://bugzilla.suse.com/show_bug.cgi?id=1239667 * https://bugzilla.suse.com/show_bug.cgi?id=1239668 * https://bugzilla.suse.com/show_bug.cgi?id=1239669 * https://bugzilla.suse.com/show_bug.cgi?id=1239670 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 26 12:30:11 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 26 Mar 2025 12:30:11 -0000 Subject: SUSE-SU-2025:1026-1: important: Security update for php7 Message-ID: <174299221113.8820.11138381656863071283@smelt2.prg2.suse.org> # Security update for php7 Announcement ID: SUSE-SU-2025:1026-1 Release Date: 2025-03-26T11:30:50Z Rating: important References: * bsc#1239664 * bsc#1239666 * bsc#1239667 * bsc#1239668 * bsc#1239669 * bsc#1239670 Cross-References: * CVE-2024-11235 * CVE-2025-1217 * CVE-2025-1219 * CVE-2025-1734 * CVE-2025-1736 * CVE-2025-1861 CVSS scores: * CVE-2024-11235 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-1217 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-1219 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-1734 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-1736 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-1861 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves six vulnerabilities can now be installed. ## Description: This update for php7 fixes the following issues: * CVE-2024-11235: Fixed reference counting in php_request_shutdown causing Use-After-Free (bsc#1239666) * CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers (bsc#1239664) * CVE-2025-1219: Fixed libxml streams using wrong content-type header when requesting a redirected resource (bsc#1239667) * CVE-2025-1734: Fixed streams HTTP wrapper not failing for headers with invalid name and no colon (bsc#1239668) * CVE-2025-1736: Fixed stream HTTP wrapper header check might omitting basic auth header (bsc#1239670) * CVE-2025-1861: Fixed stream HTTP wrapper truncate redirect location to 1024 bytes (bsc#1239669) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1026=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1026=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1026=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1026=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * php7-bcmath-7.4.33-150200.3.76.1 * php7-soap-7.4.33-150200.3.76.1 * php7-posix-debuginfo-7.4.33-150200.3.76.1 * php7-curl-debuginfo-7.4.33-150200.3.76.1 * apache2-mod_php7-debuginfo-7.4.33-150200.3.76.1 * php7-gmp-7.4.33-150200.3.76.1 * php7-gmp-debuginfo-7.4.33-150200.3.76.1 * php7-bz2-7.4.33-150200.3.76.1 * php7-curl-7.4.33-150200.3.76.1 * php7-sysvmsg-debuginfo-7.4.33-150200.3.76.1 * php7-enchant-7.4.33-150200.3.76.1 * php7-odbc-7.4.33-150200.3.76.1 * php7-sysvshm-debuginfo-7.4.33-150200.3.76.1 * php7-sodium-debuginfo-7.4.33-150200.3.76.1 * php7-xmlrpc-debuginfo-7.4.33-150200.3.76.1 * php7-xsl-7.4.33-150200.3.76.1 * php7-snmp-7.4.33-150200.3.76.1 * php7-tokenizer-debuginfo-7.4.33-150200.3.76.1 * php7-sysvmsg-7.4.33-150200.3.76.1 * php7-phar-7.4.33-150200.3.76.1 * php7-pdo-7.4.33-150200.3.76.1 * php7-snmp-debuginfo-7.4.33-150200.3.76.1 * php7-iconv-debuginfo-7.4.33-150200.3.76.1 * php7-fastcgi-7.4.33-150200.3.76.1 * php7-ftp-debuginfo-7.4.33-150200.3.76.1 * php7-fpm-7.4.33-150200.3.76.1 * php7-ldap-debuginfo-7.4.33-150200.3.76.1 * php7-openssl-7.4.33-150200.3.76.1 * php7-phar-debuginfo-7.4.33-150200.3.76.1 * php7-ftp-7.4.33-150200.3.76.1 * php7-zlib-7.4.33-150200.3.76.1 * php7-xmlwriter-debuginfo-7.4.33-150200.3.76.1 * php7-bcmath-debuginfo-7.4.33-150200.3.76.1 * php7-pdo-debuginfo-7.4.33-150200.3.76.1 * php7-calendar-debuginfo-7.4.33-150200.3.76.1 * php7-zip-debuginfo-7.4.33-150200.3.76.1 * php7-opcache-7.4.33-150200.3.76.1 * php7-fileinfo-7.4.33-150200.3.76.1 * php7-sqlite-7.4.33-150200.3.76.1 * php7-gettext-debuginfo-7.4.33-150200.3.76.1 * php7-sysvshm-7.4.33-150200.3.76.1 * php7-fileinfo-debuginfo-7.4.33-150200.3.76.1 * php7-sysvsem-debuginfo-7.4.33-150200.3.76.1 * php7-exif-debuginfo-7.4.33-150200.3.76.1 * php7-tidy-debuginfo-7.4.33-150200.3.76.1 * php7-enchant-debuginfo-7.4.33-150200.3.76.1 * php7-fastcgi-debuginfo-7.4.33-150200.3.76.1 * php7-7.4.33-150200.3.76.1 * php7-zip-7.4.33-150200.3.76.1 * php7-openssl-debuginfo-7.4.33-150200.3.76.1 * php7-zlib-debuginfo-7.4.33-150200.3.76.1 * php7-calendar-7.4.33-150200.3.76.1 * php7-pgsql-debuginfo-7.4.33-150200.3.76.1 * php7-sockets-debuginfo-7.4.33-150200.3.76.1 * php7-debuginfo-7.4.33-150200.3.76.1 * php7-dom-7.4.33-150200.3.76.1 * php7-xmlreader-debuginfo-7.4.33-150200.3.76.1 * php7-sodium-7.4.33-150200.3.76.1 * php7-posix-7.4.33-150200.3.76.1 * php7-readline-debuginfo-7.4.33-150200.3.76.1 * php7-devel-7.4.33-150200.3.76.1 * php7-json-7.4.33-150200.3.76.1 * php7-iconv-7.4.33-150200.3.76.1 * php7-dom-debuginfo-7.4.33-150200.3.76.1 * php7-mbstring-7.4.33-150200.3.76.1 * php7-sockets-7.4.33-150200.3.76.1 * php7-sqlite-debuginfo-7.4.33-150200.3.76.1 * php7-xsl-debuginfo-7.4.33-150200.3.76.1 * php7-ctype-7.4.33-150200.3.76.1 * php7-xmlrpc-7.4.33-150200.3.76.1 * php7-mysql-7.4.33-150200.3.76.1 * php7-exif-7.4.33-150200.3.76.1 * php7-intl-7.4.33-150200.3.76.1 * apache2-mod_php7-7.4.33-150200.3.76.1 * php7-shmop-debuginfo-7.4.33-150200.3.76.1 * php7-mysql-debuginfo-7.4.33-150200.3.76.1 * php7-readline-7.4.33-150200.3.76.1 * php7-json-debuginfo-7.4.33-150200.3.76.1 * php7-dba-7.4.33-150200.3.76.1 * php7-odbc-debuginfo-7.4.33-150200.3.76.1 * php7-mbstring-debuginfo-7.4.33-150200.3.76.1 * php7-soap-debuginfo-7.4.33-150200.3.76.1 * php7-shmop-7.4.33-150200.3.76.1 * php7-tidy-7.4.33-150200.3.76.1 * php7-intl-debuginfo-7.4.33-150200.3.76.1 * php7-sysvsem-7.4.33-150200.3.76.1 * php7-pgsql-7.4.33-150200.3.76.1 * php7-gd-debuginfo-7.4.33-150200.3.76.1 * php7-opcache-debuginfo-7.4.33-150200.3.76.1 * php7-xmlwriter-7.4.33-150200.3.76.1 * php7-ctype-debuginfo-7.4.33-150200.3.76.1 * php7-gettext-7.4.33-150200.3.76.1 * php7-fpm-debuginfo-7.4.33-150200.3.76.1 * php7-xmlreader-7.4.33-150200.3.76.1 * php7-gd-7.4.33-150200.3.76.1 * php7-bz2-debuginfo-7.4.33-150200.3.76.1 * php7-tokenizer-7.4.33-150200.3.76.1 * php7-ldap-7.4.33-150200.3.76.1 * php7-pcntl-debuginfo-7.4.33-150200.3.76.1 * php7-debugsource-7.4.33-150200.3.76.1 * php7-pcntl-7.4.33-150200.3.76.1 * php7-dba-debuginfo-7.4.33-150200.3.76.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * php7-bcmath-7.4.33-150200.3.76.1 * php7-soap-7.4.33-150200.3.76.1 * php7-posix-debuginfo-7.4.33-150200.3.76.1 * php7-curl-debuginfo-7.4.33-150200.3.76.1 * apache2-mod_php7-debuginfo-7.4.33-150200.3.76.1 * php7-gmp-7.4.33-150200.3.76.1 * php7-gmp-debuginfo-7.4.33-150200.3.76.1 * php7-bz2-7.4.33-150200.3.76.1 * php7-curl-7.4.33-150200.3.76.1 * php7-sysvmsg-debuginfo-7.4.33-150200.3.76.1 * php7-enchant-7.4.33-150200.3.76.1 * php7-odbc-7.4.33-150200.3.76.1 * php7-sysvshm-debuginfo-7.4.33-150200.3.76.1 * php7-sodium-debuginfo-7.4.33-150200.3.76.1 * php7-xmlrpc-debuginfo-7.4.33-150200.3.76.1 * php7-xsl-7.4.33-150200.3.76.1 * php7-snmp-7.4.33-150200.3.76.1 * php7-tokenizer-debuginfo-7.4.33-150200.3.76.1 * php7-sysvmsg-7.4.33-150200.3.76.1 * php7-phar-7.4.33-150200.3.76.1 * php7-pdo-7.4.33-150200.3.76.1 * php7-snmp-debuginfo-7.4.33-150200.3.76.1 * php7-iconv-debuginfo-7.4.33-150200.3.76.1 * php7-fastcgi-7.4.33-150200.3.76.1 * php7-ftp-debuginfo-7.4.33-150200.3.76.1 * php7-fpm-7.4.33-150200.3.76.1 * php7-ldap-debuginfo-7.4.33-150200.3.76.1 * php7-openssl-7.4.33-150200.3.76.1 * php7-phar-debuginfo-7.4.33-150200.3.76.1 * php7-ftp-7.4.33-150200.3.76.1 * php7-zlib-7.4.33-150200.3.76.1 * php7-xmlwriter-debuginfo-7.4.33-150200.3.76.1 * php7-bcmath-debuginfo-7.4.33-150200.3.76.1 * php7-pdo-debuginfo-7.4.33-150200.3.76.1 * php7-calendar-debuginfo-7.4.33-150200.3.76.1 * php7-zip-debuginfo-7.4.33-150200.3.76.1 * php7-opcache-7.4.33-150200.3.76.1 * php7-fileinfo-7.4.33-150200.3.76.1 * php7-sqlite-7.4.33-150200.3.76.1 * php7-gettext-debuginfo-7.4.33-150200.3.76.1 * php7-sysvshm-7.4.33-150200.3.76.1 * php7-fileinfo-debuginfo-7.4.33-150200.3.76.1 * php7-sysvsem-debuginfo-7.4.33-150200.3.76.1 * php7-exif-debuginfo-7.4.33-150200.3.76.1 * php7-tidy-debuginfo-7.4.33-150200.3.76.1 * php7-enchant-debuginfo-7.4.33-150200.3.76.1 * php7-fastcgi-debuginfo-7.4.33-150200.3.76.1 * php7-7.4.33-150200.3.76.1 * php7-zip-7.4.33-150200.3.76.1 * php7-openssl-debuginfo-7.4.33-150200.3.76.1 * php7-zlib-debuginfo-7.4.33-150200.3.76.1 * php7-calendar-7.4.33-150200.3.76.1 * php7-pgsql-debuginfo-7.4.33-150200.3.76.1 * php7-sockets-debuginfo-7.4.33-150200.3.76.1 * php7-debuginfo-7.4.33-150200.3.76.1 * php7-dom-7.4.33-150200.3.76.1 * php7-xmlreader-debuginfo-7.4.33-150200.3.76.1 * php7-sodium-7.4.33-150200.3.76.1 * php7-posix-7.4.33-150200.3.76.1 * php7-readline-debuginfo-7.4.33-150200.3.76.1 * php7-devel-7.4.33-150200.3.76.1 * php7-json-7.4.33-150200.3.76.1 * php7-iconv-7.4.33-150200.3.76.1 * php7-dom-debuginfo-7.4.33-150200.3.76.1 * php7-mbstring-7.4.33-150200.3.76.1 * php7-sockets-7.4.33-150200.3.76.1 * php7-sqlite-debuginfo-7.4.33-150200.3.76.1 * php7-xsl-debuginfo-7.4.33-150200.3.76.1 * php7-ctype-7.4.33-150200.3.76.1 * php7-xmlrpc-7.4.33-150200.3.76.1 * php7-mysql-7.4.33-150200.3.76.1 * php7-exif-7.4.33-150200.3.76.1 * php7-intl-7.4.33-150200.3.76.1 * apache2-mod_php7-7.4.33-150200.3.76.1 * php7-shmop-debuginfo-7.4.33-150200.3.76.1 * php7-mysql-debuginfo-7.4.33-150200.3.76.1 * php7-readline-7.4.33-150200.3.76.1 * php7-json-debuginfo-7.4.33-150200.3.76.1 * php7-dba-7.4.33-150200.3.76.1 * php7-odbc-debuginfo-7.4.33-150200.3.76.1 * php7-mbstring-debuginfo-7.4.33-150200.3.76.1 * php7-soap-debuginfo-7.4.33-150200.3.76.1 * php7-shmop-7.4.33-150200.3.76.1 * php7-tidy-7.4.33-150200.3.76.1 * php7-intl-debuginfo-7.4.33-150200.3.76.1 * php7-sysvsem-7.4.33-150200.3.76.1 * php7-pgsql-7.4.33-150200.3.76.1 * php7-gd-debuginfo-7.4.33-150200.3.76.1 * php7-opcache-debuginfo-7.4.33-150200.3.76.1 * php7-xmlwriter-7.4.33-150200.3.76.1 * php7-ctype-debuginfo-7.4.33-150200.3.76.1 * php7-gettext-7.4.33-150200.3.76.1 * php7-fpm-debuginfo-7.4.33-150200.3.76.1 * php7-xmlreader-7.4.33-150200.3.76.1 * php7-gd-7.4.33-150200.3.76.1 * php7-bz2-debuginfo-7.4.33-150200.3.76.1 * php7-tokenizer-7.4.33-150200.3.76.1 * php7-ldap-7.4.33-150200.3.76.1 * php7-pcntl-debuginfo-7.4.33-150200.3.76.1 * php7-debugsource-7.4.33-150200.3.76.1 * php7-pcntl-7.4.33-150200.3.76.1 * php7-dba-debuginfo-7.4.33-150200.3.76.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * php7-bcmath-7.4.33-150200.3.76.1 * php7-soap-7.4.33-150200.3.76.1 * php7-posix-debuginfo-7.4.33-150200.3.76.1 * php7-curl-debuginfo-7.4.33-150200.3.76.1 * apache2-mod_php7-debuginfo-7.4.33-150200.3.76.1 * php7-gmp-7.4.33-150200.3.76.1 * php7-gmp-debuginfo-7.4.33-150200.3.76.1 * php7-bz2-7.4.33-150200.3.76.1 * php7-curl-7.4.33-150200.3.76.1 * php7-sysvmsg-debuginfo-7.4.33-150200.3.76.1 * php7-enchant-7.4.33-150200.3.76.1 * php7-odbc-7.4.33-150200.3.76.1 * php7-sysvshm-debuginfo-7.4.33-150200.3.76.1 * php7-sodium-debuginfo-7.4.33-150200.3.76.1 * php7-xmlrpc-debuginfo-7.4.33-150200.3.76.1 * php7-xsl-7.4.33-150200.3.76.1 * php7-snmp-7.4.33-150200.3.76.1 * php7-tokenizer-debuginfo-7.4.33-150200.3.76.1 * php7-sysvmsg-7.4.33-150200.3.76.1 * php7-phar-7.4.33-150200.3.76.1 * php7-pdo-7.4.33-150200.3.76.1 * php7-snmp-debuginfo-7.4.33-150200.3.76.1 * php7-iconv-debuginfo-7.4.33-150200.3.76.1 * php7-fastcgi-7.4.33-150200.3.76.1 * php7-ftp-debuginfo-7.4.33-150200.3.76.1 * php7-fpm-7.4.33-150200.3.76.1 * php7-ldap-debuginfo-7.4.33-150200.3.76.1 * php7-openssl-7.4.33-150200.3.76.1 * php7-phar-debuginfo-7.4.33-150200.3.76.1 * php7-ftp-7.4.33-150200.3.76.1 * php7-zlib-7.4.33-150200.3.76.1 * php7-xmlwriter-debuginfo-7.4.33-150200.3.76.1 * php7-bcmath-debuginfo-7.4.33-150200.3.76.1 * php7-pdo-debuginfo-7.4.33-150200.3.76.1 * php7-calendar-debuginfo-7.4.33-150200.3.76.1 * php7-zip-debuginfo-7.4.33-150200.3.76.1 * php7-opcache-7.4.33-150200.3.76.1 * php7-fileinfo-7.4.33-150200.3.76.1 * php7-sqlite-7.4.33-150200.3.76.1 * php7-gettext-debuginfo-7.4.33-150200.3.76.1 * php7-sysvshm-7.4.33-150200.3.76.1 * php7-fileinfo-debuginfo-7.4.33-150200.3.76.1 * php7-sysvsem-debuginfo-7.4.33-150200.3.76.1 * php7-exif-debuginfo-7.4.33-150200.3.76.1 * php7-tidy-debuginfo-7.4.33-150200.3.76.1 * php7-enchant-debuginfo-7.4.33-150200.3.76.1 * php7-fastcgi-debuginfo-7.4.33-150200.3.76.1 * php7-7.4.33-150200.3.76.1 * php7-zip-7.4.33-150200.3.76.1 * php7-openssl-debuginfo-7.4.33-150200.3.76.1 * php7-zlib-debuginfo-7.4.33-150200.3.76.1 * php7-calendar-7.4.33-150200.3.76.1 * php7-pgsql-debuginfo-7.4.33-150200.3.76.1 * php7-sockets-debuginfo-7.4.33-150200.3.76.1 * php7-debuginfo-7.4.33-150200.3.76.1 * php7-dom-7.4.33-150200.3.76.1 * php7-xmlreader-debuginfo-7.4.33-150200.3.76.1 * php7-sodium-7.4.33-150200.3.76.1 * php7-posix-7.4.33-150200.3.76.1 * php7-readline-debuginfo-7.4.33-150200.3.76.1 * php7-devel-7.4.33-150200.3.76.1 * php7-json-7.4.33-150200.3.76.1 * php7-iconv-7.4.33-150200.3.76.1 * php7-dom-debuginfo-7.4.33-150200.3.76.1 * php7-mbstring-7.4.33-150200.3.76.1 * php7-sockets-7.4.33-150200.3.76.1 * php7-sqlite-debuginfo-7.4.33-150200.3.76.1 * php7-xsl-debuginfo-7.4.33-150200.3.76.1 * php7-ctype-7.4.33-150200.3.76.1 * php7-xmlrpc-7.4.33-150200.3.76.1 * php7-mysql-7.4.33-150200.3.76.1 * php7-exif-7.4.33-150200.3.76.1 * php7-intl-7.4.33-150200.3.76.1 * apache2-mod_php7-7.4.33-150200.3.76.1 * php7-shmop-debuginfo-7.4.33-150200.3.76.1 * php7-mysql-debuginfo-7.4.33-150200.3.76.1 * php7-readline-7.4.33-150200.3.76.1 * php7-json-debuginfo-7.4.33-150200.3.76.1 * php7-dba-7.4.33-150200.3.76.1 * php7-odbc-debuginfo-7.4.33-150200.3.76.1 * php7-mbstring-debuginfo-7.4.33-150200.3.76.1 * php7-soap-debuginfo-7.4.33-150200.3.76.1 * php7-shmop-7.4.33-150200.3.76.1 * php7-tidy-7.4.33-150200.3.76.1 * php7-intl-debuginfo-7.4.33-150200.3.76.1 * php7-sysvsem-7.4.33-150200.3.76.1 * php7-pgsql-7.4.33-150200.3.76.1 * php7-gd-debuginfo-7.4.33-150200.3.76.1 * php7-opcache-debuginfo-7.4.33-150200.3.76.1 * php7-xmlwriter-7.4.33-150200.3.76.1 * php7-ctype-debuginfo-7.4.33-150200.3.76.1 * php7-gettext-7.4.33-150200.3.76.1 * php7-fpm-debuginfo-7.4.33-150200.3.76.1 * php7-xmlreader-7.4.33-150200.3.76.1 * php7-gd-7.4.33-150200.3.76.1 * php7-bz2-debuginfo-7.4.33-150200.3.76.1 * php7-tokenizer-7.4.33-150200.3.76.1 * php7-ldap-7.4.33-150200.3.76.1 * php7-pcntl-debuginfo-7.4.33-150200.3.76.1 * php7-debugsource-7.4.33-150200.3.76.1 * php7-pcntl-7.4.33-150200.3.76.1 * php7-dba-debuginfo-7.4.33-150200.3.76.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * php7-bcmath-7.4.33-150200.3.76.1 * php7-soap-7.4.33-150200.3.76.1 * php7-posix-debuginfo-7.4.33-150200.3.76.1 * php7-curl-debuginfo-7.4.33-150200.3.76.1 * apache2-mod_php7-debuginfo-7.4.33-150200.3.76.1 * php7-gmp-7.4.33-150200.3.76.1 * php7-gmp-debuginfo-7.4.33-150200.3.76.1 * php7-bz2-7.4.33-150200.3.76.1 * php7-curl-7.4.33-150200.3.76.1 * php7-sysvmsg-debuginfo-7.4.33-150200.3.76.1 * php7-enchant-7.4.33-150200.3.76.1 * php7-odbc-7.4.33-150200.3.76.1 * php7-sysvshm-debuginfo-7.4.33-150200.3.76.1 * php7-sodium-debuginfo-7.4.33-150200.3.76.1 * php7-xmlrpc-debuginfo-7.4.33-150200.3.76.1 * php7-xsl-7.4.33-150200.3.76.1 * php7-snmp-7.4.33-150200.3.76.1 * php7-tokenizer-debuginfo-7.4.33-150200.3.76.1 * php7-sysvmsg-7.4.33-150200.3.76.1 * php7-phar-7.4.33-150200.3.76.1 * php7-pdo-7.4.33-150200.3.76.1 * php7-snmp-debuginfo-7.4.33-150200.3.76.1 * php7-iconv-debuginfo-7.4.33-150200.3.76.1 * php7-fastcgi-7.4.33-150200.3.76.1 * php7-ftp-debuginfo-7.4.33-150200.3.76.1 * php7-fpm-7.4.33-150200.3.76.1 * php7-ldap-debuginfo-7.4.33-150200.3.76.1 * php7-openssl-7.4.33-150200.3.76.1 * php7-phar-debuginfo-7.4.33-150200.3.76.1 * php7-ftp-7.4.33-150200.3.76.1 * php7-zlib-7.4.33-150200.3.76.1 * php7-xmlwriter-debuginfo-7.4.33-150200.3.76.1 * php7-bcmath-debuginfo-7.4.33-150200.3.76.1 * php7-pdo-debuginfo-7.4.33-150200.3.76.1 * php7-calendar-debuginfo-7.4.33-150200.3.76.1 * php7-zip-debuginfo-7.4.33-150200.3.76.1 * php7-opcache-7.4.33-150200.3.76.1 * php7-fileinfo-7.4.33-150200.3.76.1 * php7-sqlite-7.4.33-150200.3.76.1 * php7-gettext-debuginfo-7.4.33-150200.3.76.1 * php7-sysvshm-7.4.33-150200.3.76.1 * php7-fileinfo-debuginfo-7.4.33-150200.3.76.1 * php7-sysvsem-debuginfo-7.4.33-150200.3.76.1 * php7-exif-debuginfo-7.4.33-150200.3.76.1 * php7-tidy-debuginfo-7.4.33-150200.3.76.1 * php7-enchant-debuginfo-7.4.33-150200.3.76.1 * php7-fastcgi-debuginfo-7.4.33-150200.3.76.1 * php7-7.4.33-150200.3.76.1 * php7-zip-7.4.33-150200.3.76.1 * php7-openssl-debuginfo-7.4.33-150200.3.76.1 * php7-zlib-debuginfo-7.4.33-150200.3.76.1 * php7-calendar-7.4.33-150200.3.76.1 * php7-pgsql-debuginfo-7.4.33-150200.3.76.1 * php7-sockets-debuginfo-7.4.33-150200.3.76.1 * php7-debuginfo-7.4.33-150200.3.76.1 * php7-dom-7.4.33-150200.3.76.1 * php7-xmlreader-debuginfo-7.4.33-150200.3.76.1 * php7-sodium-7.4.33-150200.3.76.1 * php7-posix-7.4.33-150200.3.76.1 * php7-readline-debuginfo-7.4.33-150200.3.76.1 * php7-devel-7.4.33-150200.3.76.1 * php7-json-7.4.33-150200.3.76.1 * php7-iconv-7.4.33-150200.3.76.1 * php7-dom-debuginfo-7.4.33-150200.3.76.1 * php7-mbstring-7.4.33-150200.3.76.1 * php7-sockets-7.4.33-150200.3.76.1 * php7-sqlite-debuginfo-7.4.33-150200.3.76.1 * php7-xsl-debuginfo-7.4.33-150200.3.76.1 * php7-ctype-7.4.33-150200.3.76.1 * php7-xmlrpc-7.4.33-150200.3.76.1 * php7-mysql-7.4.33-150200.3.76.1 * php7-exif-7.4.33-150200.3.76.1 * php7-intl-7.4.33-150200.3.76.1 * apache2-mod_php7-7.4.33-150200.3.76.1 * php7-shmop-debuginfo-7.4.33-150200.3.76.1 * php7-mysql-debuginfo-7.4.33-150200.3.76.1 * php7-readline-7.4.33-150200.3.76.1 * php7-json-debuginfo-7.4.33-150200.3.76.1 * php7-dba-7.4.33-150200.3.76.1 * php7-odbc-debuginfo-7.4.33-150200.3.76.1 * php7-mbstring-debuginfo-7.4.33-150200.3.76.1 * php7-soap-debuginfo-7.4.33-150200.3.76.1 * php7-shmop-7.4.33-150200.3.76.1 * php7-tidy-7.4.33-150200.3.76.1 * php7-intl-debuginfo-7.4.33-150200.3.76.1 * php7-sysvsem-7.4.33-150200.3.76.1 * php7-pgsql-7.4.33-150200.3.76.1 * php7-gd-debuginfo-7.4.33-150200.3.76.1 * php7-opcache-debuginfo-7.4.33-150200.3.76.1 * php7-xmlwriter-7.4.33-150200.3.76.1 * php7-ctype-debuginfo-7.4.33-150200.3.76.1 * php7-gettext-7.4.33-150200.3.76.1 * php7-fpm-debuginfo-7.4.33-150200.3.76.1 * php7-xmlreader-7.4.33-150200.3.76.1 * php7-gd-7.4.33-150200.3.76.1 * php7-bz2-debuginfo-7.4.33-150200.3.76.1 * php7-tokenizer-7.4.33-150200.3.76.1 * php7-ldap-7.4.33-150200.3.76.1 * php7-pcntl-debuginfo-7.4.33-150200.3.76.1 * php7-debugsource-7.4.33-150200.3.76.1 * php7-pcntl-7.4.33-150200.3.76.1 * php7-dba-debuginfo-7.4.33-150200.3.76.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11235.html * https://www.suse.com/security/cve/CVE-2025-1217.html * https://www.suse.com/security/cve/CVE-2025-1219.html * https://www.suse.com/security/cve/CVE-2025-1734.html * https://www.suse.com/security/cve/CVE-2025-1736.html * https://www.suse.com/security/cve/CVE-2025-1861.html * https://bugzilla.suse.com/show_bug.cgi?id=1239664 * https://bugzilla.suse.com/show_bug.cgi?id=1239666 * https://bugzilla.suse.com/show_bug.cgi?id=1239667 * https://bugzilla.suse.com/show_bug.cgi?id=1239668 * https://bugzilla.suse.com/show_bug.cgi?id=1239669 * https://bugzilla.suse.com/show_bug.cgi?id=1239670 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 26 12:30:17 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 26 Mar 2025 12:30:17 -0000 Subject: SUSE-SU-2025:1025-1: important: Security update for php7 Message-ID: <174299221778.8820.11933543410462127862@smelt2.prg2.suse.org> # Security update for php7 Announcement ID: SUSE-SU-2025:1025-1 Release Date: 2025-03-26T11:30:25Z Rating: important References: * bsc#1239664 * bsc#1239666 * bsc#1239667 * bsc#1239668 * bsc#1239669 * bsc#1239670 Cross-References: * CVE-2024-11235 * CVE-2025-1217 * CVE-2025-1219 * CVE-2025-1734 * CVE-2025-1736 * CVE-2025-1861 CVSS scores: * CVE-2024-11235 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2025-1217 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-1219 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-1734 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-1736 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-1861 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * Legacy Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves six vulnerabilities can now be installed. ## Description: This update for php7 fixes the following issues: * CVE-2024-11235: Fixed reference counting in php_request_shutdown causing Use-After-Free (bsc#1239666) * CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers (bsc#1239664) * CVE-2025-1219: Fixed libxml streams using wrong content-type header when requesting a redirected resource (bsc#1239667) * CVE-2025-1734: Fixed streams HTTP wrapper not failing for headers with invalid name and no colon (bsc#1239668) * CVE-2025-1736: Fixed stream HTTP wrapper header check might omitting basic auth header (bsc#1239670) * CVE-2025-1861: Fixed stream HTTP wrapper truncate redirect location to 1024 bytes (bsc#1239669) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1025=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1025=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-1025=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1025=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1025=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1025=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1025=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1025=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1025=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1025=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * php7-snmp-7.4.33-150400.4.48.1 * php7-zlib-7.4.33-150400.4.48.1 * php7-iconv-debuginfo-7.4.33-150400.4.48.1 * php7-xmlwriter-7.4.33-150400.4.48.1 * php7-opcache-7.4.33-150400.4.48.1 * php7-iconv-7.4.33-150400.4.48.1 * php7-odbc-7.4.33-150400.4.48.1 * php7-mbstring-7.4.33-150400.4.48.1 * php7-sysvmsg-debuginfo-7.4.33-150400.4.48.1 * php7-fileinfo-7.4.33-150400.4.48.1 * php7-readline-debuginfo-7.4.33-150400.4.48.1 * php7-dom-7.4.33-150400.4.48.1 * php7-fpm-7.4.33-150400.4.48.1 * php7-pcntl-debuginfo-7.4.33-150400.4.48.1 * php7-mbstring-debuginfo-7.4.33-150400.4.48.1 * php7-shmop-7.4.33-150400.4.48.1 * php7-tidy-7.4.33-150400.4.48.1 * php7-embed-debuginfo-7.4.33-150400.4.48.1 * php7-pcntl-7.4.33-150400.4.48.1 * php7-bcmath-debuginfo-7.4.33-150400.4.48.1 * php7-calendar-7.4.33-150400.4.48.1 * php7-phar-7.4.33-150400.4.48.1 * php7-posix-debuginfo-7.4.33-150400.4.48.1 * php7-fastcgi-debugsource-7.4.33-150400.4.48.1 * php7-gmp-7.4.33-150400.4.48.1 * php7-odbc-debuginfo-7.4.33-150400.4.48.1 * php7-fpm-debugsource-7.4.33-150400.4.48.1 * php7-fastcgi-debuginfo-7.4.33-150400.4.48.1 * php7-dba-debuginfo-7.4.33-150400.4.48.1 * php7-sysvshm-7.4.33-150400.4.48.1 * php7-ctype-debuginfo-7.4.33-150400.4.48.1 * php7-sysvsem-7.4.33-150400.4.48.1 * php7-embed-debugsource-7.4.33-150400.4.48.1 * php7-dba-7.4.33-150400.4.48.1 * php7-calendar-debuginfo-7.4.33-150400.4.48.1 * php7-json-7.4.33-150400.4.48.1 * php7-sysvmsg-7.4.33-150400.4.48.1 * php7-bcmath-7.4.33-150400.4.48.1 * php7-dom-debuginfo-7.4.33-150400.4.48.1 * php7-fastcgi-7.4.33-150400.4.48.1 * php7-mysql-debuginfo-7.4.33-150400.4.48.1 * php7-enchant-debuginfo-7.4.33-150400.4.48.1 * php7-ftp-debuginfo-7.4.33-150400.4.48.1 * php7-tokenizer-debuginfo-7.4.33-150400.4.48.1 * php7-posix-7.4.33-150400.4.48.1 * php7-sqlite-debuginfo-7.4.33-150400.4.48.1 * php7-xmlreader-7.4.33-150400.4.48.1 * php7-enchant-7.4.33-150400.4.48.1 * php7-sockets-7.4.33-150400.4.48.1 * php7-sockets-debuginfo-7.4.33-150400.4.48.1 * php7-sysvshm-debuginfo-7.4.33-150400.4.48.1 * php7-debugsource-7.4.33-150400.4.48.1 * php7-zip-debuginfo-7.4.33-150400.4.48.1 * php7-ldap-7.4.33-150400.4.48.1 * php7-pgsql-7.4.33-150400.4.48.1 * php7-sodium-7.4.33-150400.4.48.1 * php7-bz2-7.4.33-150400.4.48.1 * apache2-mod_php7-debugsource-7.4.33-150400.4.48.1 * php7-sysvsem-debuginfo-7.4.33-150400.4.48.1 * apache2-mod_php7-7.4.33-150400.4.48.1 * php7-curl-debuginfo-7.4.33-150400.4.48.1 * php7-json-debuginfo-7.4.33-150400.4.48.1 * php7-ctype-7.4.33-150400.4.48.1 * php7-intl-7.4.33-150400.4.48.1 * php7-xsl-7.4.33-150400.4.48.1 * php7-pgsql-debuginfo-7.4.33-150400.4.48.1 * php7-openssl-debuginfo-7.4.33-150400.4.48.1 * php7-openssl-7.4.33-150400.4.48.1 * php7-opcache-debuginfo-7.4.33-150400.4.48.1 * php7-7.4.33-150400.4.48.1 * php7-curl-7.4.33-150400.4.48.1 * php7-debuginfo-7.4.33-150400.4.48.1 * php7-xmlwriter-debuginfo-7.4.33-150400.4.48.1 * php7-xmlrpc-debuginfo-7.4.33-150400.4.48.1 * php7-intl-debuginfo-7.4.33-150400.4.48.1 * php7-snmp-debuginfo-7.4.33-150400.4.48.1 * php7-gmp-debuginfo-7.4.33-150400.4.48.1 * php7-xmlrpc-7.4.33-150400.4.48.1 * apache2-mod_php7-debuginfo-7.4.33-150400.4.48.1 * php7-test-7.4.33-150400.4.48.1 * php7-soap-debuginfo-7.4.33-150400.4.48.1 * php7-devel-7.4.33-150400.4.48.1 * php7-exif-debuginfo-7.4.33-150400.4.48.1 * php7-sqlite-7.4.33-150400.4.48.1 * php7-phar-debuginfo-7.4.33-150400.4.48.1 * php7-pdo-debuginfo-7.4.33-150400.4.48.1 * php7-embed-7.4.33-150400.4.48.1 * php7-readline-7.4.33-150400.4.48.1 * php7-cli-debuginfo-7.4.33-150400.4.48.1 * php7-ldap-debuginfo-7.4.33-150400.4.48.1 * php7-gd-7.4.33-150400.4.48.1 * php7-xsl-debuginfo-7.4.33-150400.4.48.1 * php7-fpm-debuginfo-7.4.33-150400.4.48.1 * php7-fileinfo-debuginfo-7.4.33-150400.4.48.1 * php7-mysql-7.4.33-150400.4.48.1 * php7-tokenizer-7.4.33-150400.4.48.1 * php7-exif-7.4.33-150400.4.48.1 * php7-xmlreader-debuginfo-7.4.33-150400.4.48.1 * php7-gettext-7.4.33-150400.4.48.1 * php7-cli-7.4.33-150400.4.48.1 * php7-zip-7.4.33-150400.4.48.1 * php7-bz2-debuginfo-7.4.33-150400.4.48.1 * php7-gettext-debuginfo-7.4.33-150400.4.48.1 * php7-pdo-7.4.33-150400.4.48.1 * php7-gd-debuginfo-7.4.33-150400.4.48.1 * php7-ftp-7.4.33-150400.4.48.1 * php7-shmop-debuginfo-7.4.33-150400.4.48.1 * php7-sodium-debuginfo-7.4.33-150400.4.48.1 * php7-tidy-debuginfo-7.4.33-150400.4.48.1 * php7-soap-7.4.33-150400.4.48.1 * php7-zlib-debuginfo-7.4.33-150400.4.48.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * php7-snmp-7.4.33-150400.4.48.1 * php7-zlib-7.4.33-150400.4.48.1 * php7-iconv-debuginfo-7.4.33-150400.4.48.1 * php7-xmlwriter-7.4.33-150400.4.48.1 * php7-opcache-7.4.33-150400.4.48.1 * php7-iconv-7.4.33-150400.4.48.1 * php7-odbc-7.4.33-150400.4.48.1 * php7-mbstring-7.4.33-150400.4.48.1 * php7-sysvmsg-debuginfo-7.4.33-150400.4.48.1 * php7-fileinfo-7.4.33-150400.4.48.1 * php7-readline-debuginfo-7.4.33-150400.4.48.1 * php7-dom-7.4.33-150400.4.48.1 * php7-fpm-7.4.33-150400.4.48.1 * php7-pcntl-debuginfo-7.4.33-150400.4.48.1 * php7-mbstring-debuginfo-7.4.33-150400.4.48.1 * php7-embed-debuginfo-7.4.33-150400.4.48.1 * php7-shmop-7.4.33-150400.4.48.1 * php7-tidy-7.4.33-150400.4.48.1 * php7-pcntl-7.4.33-150400.4.48.1 * php7-bcmath-debuginfo-7.4.33-150400.4.48.1 * php7-calendar-7.4.33-150400.4.48.1 * php7-phar-7.4.33-150400.4.48.1 * php7-fastcgi-debugsource-7.4.33-150400.4.48.1 * php7-posix-debuginfo-7.4.33-150400.4.48.1 * php7-gmp-7.4.33-150400.4.48.1 * php7-odbc-debuginfo-7.4.33-150400.4.48.1 * php7-fpm-debugsource-7.4.33-150400.4.48.1 * php7-fastcgi-debuginfo-7.4.33-150400.4.48.1 * php7-dba-debuginfo-7.4.33-150400.4.48.1 * php7-sysvshm-7.4.33-150400.4.48.1 * php7-ctype-debuginfo-7.4.33-150400.4.48.1 * php7-sysvsem-7.4.33-150400.4.48.1 * php7-embed-debugsource-7.4.33-150400.4.48.1 * php7-dba-7.4.33-150400.4.48.1 * php7-calendar-debuginfo-7.4.33-150400.4.48.1 * php7-json-7.4.33-150400.4.48.1 * php7-sysvmsg-7.4.33-150400.4.48.1 * php7-bcmath-7.4.33-150400.4.48.1 * php7-dom-debuginfo-7.4.33-150400.4.48.1 * php7-fastcgi-7.4.33-150400.4.48.1 * php7-mysql-debuginfo-7.4.33-150400.4.48.1 * php7-enchant-debuginfo-7.4.33-150400.4.48.1 * php7-ftp-debuginfo-7.4.33-150400.4.48.1 * php7-tokenizer-debuginfo-7.4.33-150400.4.48.1 * php7-posix-7.4.33-150400.4.48.1 * php7-sqlite-debuginfo-7.4.33-150400.4.48.1 * php7-xmlreader-7.4.33-150400.4.48.1 * php7-enchant-7.4.33-150400.4.48.1 * php7-sockets-7.4.33-150400.4.48.1 * php7-sockets-debuginfo-7.4.33-150400.4.48.1 * php7-sysvshm-debuginfo-7.4.33-150400.4.48.1 * php7-debugsource-7.4.33-150400.4.48.1 * php7-zip-debuginfo-7.4.33-150400.4.48.1 * php7-ldap-7.4.33-150400.4.48.1 * php7-pgsql-7.4.33-150400.4.48.1 * php7-sodium-7.4.33-150400.4.48.1 * php7-bz2-7.4.33-150400.4.48.1 * apache2-mod_php7-debugsource-7.4.33-150400.4.48.1 * php7-sysvsem-debuginfo-7.4.33-150400.4.48.1 * apache2-mod_php7-7.4.33-150400.4.48.1 * php7-curl-debuginfo-7.4.33-150400.4.48.1 * php7-json-debuginfo-7.4.33-150400.4.48.1 * php7-ctype-7.4.33-150400.4.48.1 * php7-intl-7.4.33-150400.4.48.1 * php7-xsl-7.4.33-150400.4.48.1 * php7-pgsql-debuginfo-7.4.33-150400.4.48.1 * php7-openssl-debuginfo-7.4.33-150400.4.48.1 * php7-openssl-7.4.33-150400.4.48.1 * php7-opcache-debuginfo-7.4.33-150400.4.48.1 * php7-7.4.33-150400.4.48.1 * php7-curl-7.4.33-150400.4.48.1 * php7-debuginfo-7.4.33-150400.4.48.1 * php7-xmlwriter-debuginfo-7.4.33-150400.4.48.1 * php7-xmlrpc-debuginfo-7.4.33-150400.4.48.1 * php7-intl-debuginfo-7.4.33-150400.4.48.1 * php7-snmp-debuginfo-7.4.33-150400.4.48.1 * php7-gmp-debuginfo-7.4.33-150400.4.48.1 * php7-xmlrpc-7.4.33-150400.4.48.1 * apache2-mod_php7-debuginfo-7.4.33-150400.4.48.1 * php7-test-7.4.33-150400.4.48.1 * php7-soap-debuginfo-7.4.33-150400.4.48.1 * php7-devel-7.4.33-150400.4.48.1 * php7-exif-debuginfo-7.4.33-150400.4.48.1 * php7-sqlite-7.4.33-150400.4.48.1 * php7-phar-debuginfo-7.4.33-150400.4.48.1 * php7-pdo-debuginfo-7.4.33-150400.4.48.1 * php7-embed-7.4.33-150400.4.48.1 * php7-readline-7.4.33-150400.4.48.1 * php7-cli-debuginfo-7.4.33-150400.4.48.1 * php7-ldap-debuginfo-7.4.33-150400.4.48.1 * php7-gd-7.4.33-150400.4.48.1 * php7-xsl-debuginfo-7.4.33-150400.4.48.1 * php7-fpm-debuginfo-7.4.33-150400.4.48.1 * php7-fileinfo-debuginfo-7.4.33-150400.4.48.1 * php7-mysql-7.4.33-150400.4.48.1 * php7-tokenizer-7.4.33-150400.4.48.1 * php7-exif-7.4.33-150400.4.48.1 * php7-xmlreader-debuginfo-7.4.33-150400.4.48.1 * php7-gettext-7.4.33-150400.4.48.1 * php7-cli-7.4.33-150400.4.48.1 * php7-zip-7.4.33-150400.4.48.1 * php7-bz2-debuginfo-7.4.33-150400.4.48.1 * php7-gettext-debuginfo-7.4.33-150400.4.48.1 * php7-pdo-7.4.33-150400.4.48.1 * php7-gd-debuginfo-7.4.33-150400.4.48.1 * php7-ftp-7.4.33-150400.4.48.1 * php7-shmop-debuginfo-7.4.33-150400.4.48.1 * php7-sodium-debuginfo-7.4.33-150400.4.48.1 * php7-tidy-debuginfo-7.4.33-150400.4.48.1 * php7-soap-7.4.33-150400.4.48.1 * php7-zlib-debuginfo-7.4.33-150400.4.48.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * php7-snmp-7.4.33-150400.4.48.1 * php7-zlib-7.4.33-150400.4.48.1 * php7-iconv-debuginfo-7.4.33-150400.4.48.1 * php7-xmlwriter-7.4.33-150400.4.48.1 * php7-opcache-7.4.33-150400.4.48.1 * php7-iconv-7.4.33-150400.4.48.1 * php7-odbc-7.4.33-150400.4.48.1 * php7-mbstring-7.4.33-150400.4.48.1 * php7-sysvmsg-debuginfo-7.4.33-150400.4.48.1 * php7-fileinfo-7.4.33-150400.4.48.1 * php7-readline-debuginfo-7.4.33-150400.4.48.1 * php7-dom-7.4.33-150400.4.48.1 * php7-fpm-7.4.33-150400.4.48.1 * php7-pcntl-debuginfo-7.4.33-150400.4.48.1 * php7-mbstring-debuginfo-7.4.33-150400.4.48.1 * php7-shmop-7.4.33-150400.4.48.1 * php7-tidy-7.4.33-150400.4.48.1 * php7-pcntl-7.4.33-150400.4.48.1 * php7-bcmath-debuginfo-7.4.33-150400.4.48.1 * php7-calendar-7.4.33-150400.4.48.1 * php7-phar-7.4.33-150400.4.48.1 * php7-fastcgi-debugsource-7.4.33-150400.4.48.1 * php7-posix-debuginfo-7.4.33-150400.4.48.1 * php7-gmp-7.4.33-150400.4.48.1 * php7-odbc-debuginfo-7.4.33-150400.4.48.1 * php7-fpm-debugsource-7.4.33-150400.4.48.1 * php7-fastcgi-debuginfo-7.4.33-150400.4.48.1 * php7-dba-debuginfo-7.4.33-150400.4.48.1 * php7-sysvshm-7.4.33-150400.4.48.1 * php7-ctype-debuginfo-7.4.33-150400.4.48.1 * php7-sysvsem-7.4.33-150400.4.48.1 * php7-dba-7.4.33-150400.4.48.1 * php7-calendar-debuginfo-7.4.33-150400.4.48.1 * php7-json-7.4.33-150400.4.48.1 * php7-sysvmsg-7.4.33-150400.4.48.1 * php7-bcmath-7.4.33-150400.4.48.1 * php7-dom-debuginfo-7.4.33-150400.4.48.1 * php7-fastcgi-7.4.33-150400.4.48.1 * php7-mysql-debuginfo-7.4.33-150400.4.48.1 * php7-enchant-debuginfo-7.4.33-150400.4.48.1 * php7-ftp-debuginfo-7.4.33-150400.4.48.1 * php7-tokenizer-debuginfo-7.4.33-150400.4.48.1 * php7-posix-7.4.33-150400.4.48.1 * php7-sqlite-debuginfo-7.4.33-150400.4.48.1 * php7-xmlreader-7.4.33-150400.4.48.1 * php7-enchant-7.4.33-150400.4.48.1 * php7-sockets-7.4.33-150400.4.48.1 * php7-sockets-debuginfo-7.4.33-150400.4.48.1 * php7-sysvshm-debuginfo-7.4.33-150400.4.48.1 * php7-debugsource-7.4.33-150400.4.48.1 * php7-zip-debuginfo-7.4.33-150400.4.48.1 * php7-ldap-7.4.33-150400.4.48.1 * php7-pgsql-7.4.33-150400.4.48.1 * php7-sodium-7.4.33-150400.4.48.1 * php7-bz2-7.4.33-150400.4.48.1 * apache2-mod_php7-debugsource-7.4.33-150400.4.48.1 * php7-sysvsem-debuginfo-7.4.33-150400.4.48.1 * apache2-mod_php7-7.4.33-150400.4.48.1 * php7-curl-debuginfo-7.4.33-150400.4.48.1 * php7-json-debuginfo-7.4.33-150400.4.48.1 * php7-ctype-7.4.33-150400.4.48.1 * php7-intl-7.4.33-150400.4.48.1 * php7-xsl-7.4.33-150400.4.48.1 * php7-pgsql-debuginfo-7.4.33-150400.4.48.1 * php7-openssl-debuginfo-7.4.33-150400.4.48.1 * php7-openssl-7.4.33-150400.4.48.1 * php7-opcache-debuginfo-7.4.33-150400.4.48.1 * php7-7.4.33-150400.4.48.1 * php7-curl-7.4.33-150400.4.48.1 * php7-debuginfo-7.4.33-150400.4.48.1 * php7-xmlwriter-debuginfo-7.4.33-150400.4.48.1 * php7-xmlrpc-debuginfo-7.4.33-150400.4.48.1 * php7-intl-debuginfo-7.4.33-150400.4.48.1 * php7-snmp-debuginfo-7.4.33-150400.4.48.1 * php7-gmp-debuginfo-7.4.33-150400.4.48.1 * php7-xmlrpc-7.4.33-150400.4.48.1 * apache2-mod_php7-debuginfo-7.4.33-150400.4.48.1 * php7-soap-debuginfo-7.4.33-150400.4.48.1 * php7-devel-7.4.33-150400.4.48.1 * php7-exif-debuginfo-7.4.33-150400.4.48.1 * php7-sqlite-7.4.33-150400.4.48.1 * php7-phar-debuginfo-7.4.33-150400.4.48.1 * php7-pdo-debuginfo-7.4.33-150400.4.48.1 * php7-readline-7.4.33-150400.4.48.1 * php7-cli-debuginfo-7.4.33-150400.4.48.1 * php7-ldap-debuginfo-7.4.33-150400.4.48.1 * php7-gd-7.4.33-150400.4.48.1 * php7-xsl-debuginfo-7.4.33-150400.4.48.1 * php7-fpm-debuginfo-7.4.33-150400.4.48.1 * php7-fileinfo-debuginfo-7.4.33-150400.4.48.1 * php7-mysql-7.4.33-150400.4.48.1 * php7-tokenizer-7.4.33-150400.4.48.1 * php7-exif-7.4.33-150400.4.48.1 * php7-xmlreader-debuginfo-7.4.33-150400.4.48.1 * php7-gettext-7.4.33-150400.4.48.1 * php7-cli-7.4.33-150400.4.48.1 * php7-zip-7.4.33-150400.4.48.1 * php7-bz2-debuginfo-7.4.33-150400.4.48.1 * php7-gettext-debuginfo-7.4.33-150400.4.48.1 * php7-pdo-7.4.33-150400.4.48.1 * php7-gd-debuginfo-7.4.33-150400.4.48.1 * php7-ftp-7.4.33-150400.4.48.1 * php7-shmop-debuginfo-7.4.33-150400.4.48.1 * php7-sodium-debuginfo-7.4.33-150400.4.48.1 * php7-tidy-debuginfo-7.4.33-150400.4.48.1 * php7-soap-7.4.33-150400.4.48.1 * php7-zlib-debuginfo-7.4.33-150400.4.48.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * php7-embed-debuginfo-7.4.33-150400.4.48.1 * php7-embed-7.4.33-150400.4.48.1 * php7-embed-debugsource-7.4.33-150400.4.48.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * php7-snmp-7.4.33-150400.4.48.1 * php7-zlib-7.4.33-150400.4.48.1 * php7-iconv-debuginfo-7.4.33-150400.4.48.1 * php7-xmlwriter-7.4.33-150400.4.48.1 * php7-opcache-7.4.33-150400.4.48.1 * php7-iconv-7.4.33-150400.4.48.1 * php7-odbc-7.4.33-150400.4.48.1 * php7-mbstring-7.4.33-150400.4.48.1 * php7-sysvmsg-debuginfo-7.4.33-150400.4.48.1 * php7-fileinfo-7.4.33-150400.4.48.1 * php7-readline-debuginfo-7.4.33-150400.4.48.1 * php7-dom-7.4.33-150400.4.48.1 * php7-fpm-7.4.33-150400.4.48.1 * php7-pcntl-debuginfo-7.4.33-150400.4.48.1 * php7-mbstring-debuginfo-7.4.33-150400.4.48.1 * php7-shmop-7.4.33-150400.4.48.1 * php7-tidy-7.4.33-150400.4.48.1 * php7-pcntl-7.4.33-150400.4.48.1 * php7-bcmath-debuginfo-7.4.33-150400.4.48.1 * php7-calendar-7.4.33-150400.4.48.1 * php7-phar-7.4.33-150400.4.48.1 * php7-fastcgi-debugsource-7.4.33-150400.4.48.1 * php7-posix-debuginfo-7.4.33-150400.4.48.1 * php7-gmp-7.4.33-150400.4.48.1 * php7-odbc-debuginfo-7.4.33-150400.4.48.1 * php7-fpm-debugsource-7.4.33-150400.4.48.1 * php7-fastcgi-debuginfo-7.4.33-150400.4.48.1 * php7-dba-debuginfo-7.4.33-150400.4.48.1 * php7-sysvshm-7.4.33-150400.4.48.1 * php7-ctype-debuginfo-7.4.33-150400.4.48.1 * php7-sysvsem-7.4.33-150400.4.48.1 * php7-dba-7.4.33-150400.4.48.1 * php7-calendar-debuginfo-7.4.33-150400.4.48.1 * php7-json-7.4.33-150400.4.48.1 * php7-sysvmsg-7.4.33-150400.4.48.1 * php7-bcmath-7.4.33-150400.4.48.1 * php7-dom-debuginfo-7.4.33-150400.4.48.1 * php7-fastcgi-7.4.33-150400.4.48.1 * php7-mysql-debuginfo-7.4.33-150400.4.48.1 * php7-enchant-debuginfo-7.4.33-150400.4.48.1 * php7-ftp-debuginfo-7.4.33-150400.4.48.1 * php7-tokenizer-debuginfo-7.4.33-150400.4.48.1 * php7-posix-7.4.33-150400.4.48.1 * php7-sqlite-debuginfo-7.4.33-150400.4.48.1 * php7-xmlreader-7.4.33-150400.4.48.1 * php7-enchant-7.4.33-150400.4.48.1 * php7-sockets-7.4.33-150400.4.48.1 * php7-sockets-debuginfo-7.4.33-150400.4.48.1 * php7-sysvshm-debuginfo-7.4.33-150400.4.48.1 * php7-debugsource-7.4.33-150400.4.48.1 * php7-zip-debuginfo-7.4.33-150400.4.48.1 * php7-ldap-7.4.33-150400.4.48.1 * php7-pgsql-7.4.33-150400.4.48.1 * php7-sodium-7.4.33-150400.4.48.1 * php7-bz2-7.4.33-150400.4.48.1 * apache2-mod_php7-debugsource-7.4.33-150400.4.48.1 * php7-sysvsem-debuginfo-7.4.33-150400.4.48.1 * apache2-mod_php7-7.4.33-150400.4.48.1 * php7-curl-debuginfo-7.4.33-150400.4.48.1 * php7-json-debuginfo-7.4.33-150400.4.48.1 * php7-ctype-7.4.33-150400.4.48.1 * php7-intl-7.4.33-150400.4.48.1 * php7-xsl-7.4.33-150400.4.48.1 * php7-pgsql-debuginfo-7.4.33-150400.4.48.1 * php7-openssl-debuginfo-7.4.33-150400.4.48.1 * php7-openssl-7.4.33-150400.4.48.1 * php7-opcache-debuginfo-7.4.33-150400.4.48.1 * php7-7.4.33-150400.4.48.1 * php7-curl-7.4.33-150400.4.48.1 * php7-debuginfo-7.4.33-150400.4.48.1 * php7-xmlwriter-debuginfo-7.4.33-150400.4.48.1 * php7-xmlrpc-debuginfo-7.4.33-150400.4.48.1 * php7-intl-debuginfo-7.4.33-150400.4.48.1 * php7-snmp-debuginfo-7.4.33-150400.4.48.1 * php7-gmp-debuginfo-7.4.33-150400.4.48.1 * php7-xmlrpc-7.4.33-150400.4.48.1 * apache2-mod_php7-debuginfo-7.4.33-150400.4.48.1 * php7-soap-debuginfo-7.4.33-150400.4.48.1 * php7-devel-7.4.33-150400.4.48.1 * php7-exif-debuginfo-7.4.33-150400.4.48.1 * php7-sqlite-7.4.33-150400.4.48.1 * php7-phar-debuginfo-7.4.33-150400.4.48.1 * php7-pdo-debuginfo-7.4.33-150400.4.48.1 * php7-readline-7.4.33-150400.4.48.1 * php7-cli-debuginfo-7.4.33-150400.4.48.1 * php7-ldap-debuginfo-7.4.33-150400.4.48.1 * php7-gd-7.4.33-150400.4.48.1 * php7-xsl-debuginfo-7.4.33-150400.4.48.1 * php7-fpm-debuginfo-7.4.33-150400.4.48.1 * php7-fileinfo-debuginfo-7.4.33-150400.4.48.1 * php7-mysql-7.4.33-150400.4.48.1 * php7-tokenizer-7.4.33-150400.4.48.1 * php7-exif-7.4.33-150400.4.48.1 * php7-xmlreader-debuginfo-7.4.33-150400.4.48.1 * php7-gettext-7.4.33-150400.4.48.1 * php7-cli-7.4.33-150400.4.48.1 * php7-zip-7.4.33-150400.4.48.1 * php7-bz2-debuginfo-7.4.33-150400.4.48.1 * php7-gettext-debuginfo-7.4.33-150400.4.48.1 * php7-pdo-7.4.33-150400.4.48.1 * php7-gd-debuginfo-7.4.33-150400.4.48.1 * php7-ftp-7.4.33-150400.4.48.1 * php7-shmop-debuginfo-7.4.33-150400.4.48.1 * php7-sodium-debuginfo-7.4.33-150400.4.48.1 * php7-tidy-debuginfo-7.4.33-150400.4.48.1 * php7-soap-7.4.33-150400.4.48.1 * php7-zlib-debuginfo-7.4.33-150400.4.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * php7-snmp-7.4.33-150400.4.48.1 * php7-zlib-7.4.33-150400.4.48.1 * php7-iconv-debuginfo-7.4.33-150400.4.48.1 * php7-xmlwriter-7.4.33-150400.4.48.1 * php7-opcache-7.4.33-150400.4.48.1 * php7-iconv-7.4.33-150400.4.48.1 * php7-odbc-7.4.33-150400.4.48.1 * php7-mbstring-7.4.33-150400.4.48.1 * php7-sysvmsg-debuginfo-7.4.33-150400.4.48.1 * php7-fileinfo-7.4.33-150400.4.48.1 * php7-readline-debuginfo-7.4.33-150400.4.48.1 * php7-dom-7.4.33-150400.4.48.1 * php7-fpm-7.4.33-150400.4.48.1 * php7-pcntl-debuginfo-7.4.33-150400.4.48.1 * php7-mbstring-debuginfo-7.4.33-150400.4.48.1 * php7-shmop-7.4.33-150400.4.48.1 * php7-tidy-7.4.33-150400.4.48.1 * php7-pcntl-7.4.33-150400.4.48.1 * php7-bcmath-debuginfo-7.4.33-150400.4.48.1 * php7-calendar-7.4.33-150400.4.48.1 * php7-phar-7.4.33-150400.4.48.1 * php7-fastcgi-debugsource-7.4.33-150400.4.48.1 * php7-posix-debuginfo-7.4.33-150400.4.48.1 * php7-gmp-7.4.33-150400.4.48.1 * php7-odbc-debuginfo-7.4.33-150400.4.48.1 * php7-fpm-debugsource-7.4.33-150400.4.48.1 * php7-fastcgi-debuginfo-7.4.33-150400.4.48.1 * php7-dba-debuginfo-7.4.33-150400.4.48.1 * php7-sysvshm-7.4.33-150400.4.48.1 * php7-ctype-debuginfo-7.4.33-150400.4.48.1 * php7-sysvsem-7.4.33-150400.4.48.1 * php7-dba-7.4.33-150400.4.48.1 * php7-calendar-debuginfo-7.4.33-150400.4.48.1 * php7-json-7.4.33-150400.4.48.1 * php7-sysvmsg-7.4.33-150400.4.48.1 * php7-bcmath-7.4.33-150400.4.48.1 * php7-dom-debuginfo-7.4.33-150400.4.48.1 * php7-fastcgi-7.4.33-150400.4.48.1 * php7-mysql-debuginfo-7.4.33-150400.4.48.1 * php7-enchant-debuginfo-7.4.33-150400.4.48.1 * php7-ftp-debuginfo-7.4.33-150400.4.48.1 * php7-tokenizer-debuginfo-7.4.33-150400.4.48.1 * php7-posix-7.4.33-150400.4.48.1 * php7-sqlite-debuginfo-7.4.33-150400.4.48.1 * php7-xmlreader-7.4.33-150400.4.48.1 * php7-enchant-7.4.33-150400.4.48.1 * php7-sockets-7.4.33-150400.4.48.1 * php7-sockets-debuginfo-7.4.33-150400.4.48.1 * php7-sysvshm-debuginfo-7.4.33-150400.4.48.1 * php7-debugsource-7.4.33-150400.4.48.1 * php7-zip-debuginfo-7.4.33-150400.4.48.1 * php7-ldap-7.4.33-150400.4.48.1 * php7-pgsql-7.4.33-150400.4.48.1 * php7-sodium-7.4.33-150400.4.48.1 * php7-bz2-7.4.33-150400.4.48.1 * apache2-mod_php7-debugsource-7.4.33-150400.4.48.1 * php7-sysvsem-debuginfo-7.4.33-150400.4.48.1 * apache2-mod_php7-7.4.33-150400.4.48.1 * php7-curl-debuginfo-7.4.33-150400.4.48.1 * php7-json-debuginfo-7.4.33-150400.4.48.1 * php7-ctype-7.4.33-150400.4.48.1 * php7-intl-7.4.33-150400.4.48.1 * php7-xsl-7.4.33-150400.4.48.1 * php7-pgsql-debuginfo-7.4.33-150400.4.48.1 * php7-openssl-debuginfo-7.4.33-150400.4.48.1 * php7-openssl-7.4.33-150400.4.48.1 * php7-opcache-debuginfo-7.4.33-150400.4.48.1 * php7-7.4.33-150400.4.48.1 * php7-curl-7.4.33-150400.4.48.1 * php7-debuginfo-7.4.33-150400.4.48.1 * php7-xmlwriter-debuginfo-7.4.33-150400.4.48.1 * php7-xmlrpc-debuginfo-7.4.33-150400.4.48.1 * php7-intl-debuginfo-7.4.33-150400.4.48.1 * php7-snmp-debuginfo-7.4.33-150400.4.48.1 * php7-gmp-debuginfo-7.4.33-150400.4.48.1 * php7-xmlrpc-7.4.33-150400.4.48.1 * apache2-mod_php7-debuginfo-7.4.33-150400.4.48.1 * php7-soap-debuginfo-7.4.33-150400.4.48.1 * php7-devel-7.4.33-150400.4.48.1 * php7-exif-debuginfo-7.4.33-150400.4.48.1 * php7-sqlite-7.4.33-150400.4.48.1 * php7-phar-debuginfo-7.4.33-150400.4.48.1 * php7-pdo-debuginfo-7.4.33-150400.4.48.1 * php7-readline-7.4.33-150400.4.48.1 * php7-cli-debuginfo-7.4.33-150400.4.48.1 * php7-ldap-debuginfo-7.4.33-150400.4.48.1 * php7-gd-7.4.33-150400.4.48.1 * php7-xsl-debuginfo-7.4.33-150400.4.48.1 * php7-fpm-debuginfo-7.4.33-150400.4.48.1 * php7-fileinfo-debuginfo-7.4.33-150400.4.48.1 * php7-mysql-7.4.33-150400.4.48.1 * php7-tokenizer-7.4.33-150400.4.48.1 * php7-exif-7.4.33-150400.4.48.1 * php7-xmlreader-debuginfo-7.4.33-150400.4.48.1 * php7-gettext-7.4.33-150400.4.48.1 * php7-cli-7.4.33-150400.4.48.1 * php7-zip-7.4.33-150400.4.48.1 * php7-bz2-debuginfo-7.4.33-150400.4.48.1 * php7-gettext-debuginfo-7.4.33-150400.4.48.1 * php7-pdo-7.4.33-150400.4.48.1 * php7-gd-debuginfo-7.4.33-150400.4.48.1 * php7-ftp-7.4.33-150400.4.48.1 * php7-shmop-debuginfo-7.4.33-150400.4.48.1 * php7-sodium-debuginfo-7.4.33-150400.4.48.1 * php7-tidy-debuginfo-7.4.33-150400.4.48.1 * php7-soap-7.4.33-150400.4.48.1 * php7-zlib-debuginfo-7.4.33-150400.4.48.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * php7-snmp-7.4.33-150400.4.48.1 * php7-zlib-7.4.33-150400.4.48.1 * php7-iconv-debuginfo-7.4.33-150400.4.48.1 * php7-xmlwriter-7.4.33-150400.4.48.1 * php7-opcache-7.4.33-150400.4.48.1 * php7-iconv-7.4.33-150400.4.48.1 * php7-odbc-7.4.33-150400.4.48.1 * php7-mbstring-7.4.33-150400.4.48.1 * php7-sysvmsg-debuginfo-7.4.33-150400.4.48.1 * php7-fileinfo-7.4.33-150400.4.48.1 * php7-readline-debuginfo-7.4.33-150400.4.48.1 * php7-dom-7.4.33-150400.4.48.1 * php7-fpm-7.4.33-150400.4.48.1 * php7-pcntl-debuginfo-7.4.33-150400.4.48.1 * php7-mbstring-debuginfo-7.4.33-150400.4.48.1 * php7-shmop-7.4.33-150400.4.48.1 * php7-tidy-7.4.33-150400.4.48.1 * php7-pcntl-7.4.33-150400.4.48.1 * php7-bcmath-debuginfo-7.4.33-150400.4.48.1 * php7-calendar-7.4.33-150400.4.48.1 * php7-phar-7.4.33-150400.4.48.1 * php7-fastcgi-debugsource-7.4.33-150400.4.48.1 * php7-posix-debuginfo-7.4.33-150400.4.48.1 * php7-gmp-7.4.33-150400.4.48.1 * php7-odbc-debuginfo-7.4.33-150400.4.48.1 * php7-fpm-debugsource-7.4.33-150400.4.48.1 * php7-fastcgi-debuginfo-7.4.33-150400.4.48.1 * php7-dba-debuginfo-7.4.33-150400.4.48.1 * php7-sysvshm-7.4.33-150400.4.48.1 * php7-ctype-debuginfo-7.4.33-150400.4.48.1 * php7-sysvsem-7.4.33-150400.4.48.1 * php7-dba-7.4.33-150400.4.48.1 * php7-calendar-debuginfo-7.4.33-150400.4.48.1 * php7-json-7.4.33-150400.4.48.1 * php7-sysvmsg-7.4.33-150400.4.48.1 * php7-bcmath-7.4.33-150400.4.48.1 * php7-dom-debuginfo-7.4.33-150400.4.48.1 * php7-fastcgi-7.4.33-150400.4.48.1 * php7-mysql-debuginfo-7.4.33-150400.4.48.1 * php7-enchant-debuginfo-7.4.33-150400.4.48.1 * php7-ftp-debuginfo-7.4.33-150400.4.48.1 * php7-tokenizer-debuginfo-7.4.33-150400.4.48.1 * php7-posix-7.4.33-150400.4.48.1 * php7-sqlite-debuginfo-7.4.33-150400.4.48.1 * php7-xmlreader-7.4.33-150400.4.48.1 * php7-enchant-7.4.33-150400.4.48.1 * php7-sockets-7.4.33-150400.4.48.1 * php7-sockets-debuginfo-7.4.33-150400.4.48.1 * php7-sysvshm-debuginfo-7.4.33-150400.4.48.1 * php7-debugsource-7.4.33-150400.4.48.1 * php7-zip-debuginfo-7.4.33-150400.4.48.1 * php7-ldap-7.4.33-150400.4.48.1 * php7-pgsql-7.4.33-150400.4.48.1 * php7-sodium-7.4.33-150400.4.48.1 * php7-bz2-7.4.33-150400.4.48.1 * apache2-mod_php7-debugsource-7.4.33-150400.4.48.1 * php7-sysvsem-debuginfo-7.4.33-150400.4.48.1 * apache2-mod_php7-7.4.33-150400.4.48.1 * php7-curl-debuginfo-7.4.33-150400.4.48.1 * php7-json-debuginfo-7.4.33-150400.4.48.1 * php7-ctype-7.4.33-150400.4.48.1 * php7-intl-7.4.33-150400.4.48.1 * php7-xsl-7.4.33-150400.4.48.1 * php7-pgsql-debuginfo-7.4.33-150400.4.48.1 * php7-openssl-debuginfo-7.4.33-150400.4.48.1 * php7-openssl-7.4.33-150400.4.48.1 * php7-opcache-debuginfo-7.4.33-150400.4.48.1 * php7-7.4.33-150400.4.48.1 * php7-curl-7.4.33-150400.4.48.1 * php7-debuginfo-7.4.33-150400.4.48.1 * php7-xmlwriter-debuginfo-7.4.33-150400.4.48.1 * php7-xmlrpc-debuginfo-7.4.33-150400.4.48.1 * php7-intl-debuginfo-7.4.33-150400.4.48.1 * php7-snmp-debuginfo-7.4.33-150400.4.48.1 * php7-gmp-debuginfo-7.4.33-150400.4.48.1 * php7-xmlrpc-7.4.33-150400.4.48.1 * apache2-mod_php7-debuginfo-7.4.33-150400.4.48.1 * php7-soap-debuginfo-7.4.33-150400.4.48.1 * php7-devel-7.4.33-150400.4.48.1 * php7-exif-debuginfo-7.4.33-150400.4.48.1 * php7-sqlite-7.4.33-150400.4.48.1 * php7-phar-debuginfo-7.4.33-150400.4.48.1 * php7-pdo-debuginfo-7.4.33-150400.4.48.1 * php7-readline-7.4.33-150400.4.48.1 * php7-cli-debuginfo-7.4.33-150400.4.48.1 * php7-ldap-debuginfo-7.4.33-150400.4.48.1 * php7-gd-7.4.33-150400.4.48.1 * php7-xsl-debuginfo-7.4.33-150400.4.48.1 * php7-fpm-debuginfo-7.4.33-150400.4.48.1 * php7-fileinfo-debuginfo-7.4.33-150400.4.48.1 * php7-mysql-7.4.33-150400.4.48.1 * php7-tokenizer-7.4.33-150400.4.48.1 * php7-exif-7.4.33-150400.4.48.1 * php7-xmlreader-debuginfo-7.4.33-150400.4.48.1 * php7-gettext-7.4.33-150400.4.48.1 * php7-cli-7.4.33-150400.4.48.1 * php7-zip-7.4.33-150400.4.48.1 * php7-bz2-debuginfo-7.4.33-150400.4.48.1 * php7-gettext-debuginfo-7.4.33-150400.4.48.1 * php7-pdo-7.4.33-150400.4.48.1 * php7-gd-debuginfo-7.4.33-150400.4.48.1 * php7-ftp-7.4.33-150400.4.48.1 * php7-shmop-debuginfo-7.4.33-150400.4.48.1 * php7-sodium-debuginfo-7.4.33-150400.4.48.1 * php7-tidy-debuginfo-7.4.33-150400.4.48.1 * php7-soap-7.4.33-150400.4.48.1 * php7-zlib-debuginfo-7.4.33-150400.4.48.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * php7-snmp-7.4.33-150400.4.48.1 * php7-zlib-7.4.33-150400.4.48.1 * php7-iconv-debuginfo-7.4.33-150400.4.48.1 * php7-xmlwriter-7.4.33-150400.4.48.1 * php7-opcache-7.4.33-150400.4.48.1 * php7-iconv-7.4.33-150400.4.48.1 * php7-odbc-7.4.33-150400.4.48.1 * php7-mbstring-7.4.33-150400.4.48.1 * php7-sysvmsg-debuginfo-7.4.33-150400.4.48.1 * php7-fileinfo-7.4.33-150400.4.48.1 * php7-readline-debuginfo-7.4.33-150400.4.48.1 * php7-dom-7.4.33-150400.4.48.1 * php7-fpm-7.4.33-150400.4.48.1 * php7-pcntl-debuginfo-7.4.33-150400.4.48.1 * php7-mbstring-debuginfo-7.4.33-150400.4.48.1 * php7-shmop-7.4.33-150400.4.48.1 * php7-tidy-7.4.33-150400.4.48.1 * php7-pcntl-7.4.33-150400.4.48.1 * php7-bcmath-debuginfo-7.4.33-150400.4.48.1 * php7-calendar-7.4.33-150400.4.48.1 * php7-phar-7.4.33-150400.4.48.1 * php7-fastcgi-debugsource-7.4.33-150400.4.48.1 * php7-posix-debuginfo-7.4.33-150400.4.48.1 * php7-gmp-7.4.33-150400.4.48.1 * php7-odbc-debuginfo-7.4.33-150400.4.48.1 * php7-fpm-debugsource-7.4.33-150400.4.48.1 * php7-fastcgi-debuginfo-7.4.33-150400.4.48.1 * php7-dba-debuginfo-7.4.33-150400.4.48.1 * php7-sysvshm-7.4.33-150400.4.48.1 * php7-ctype-debuginfo-7.4.33-150400.4.48.1 * php7-sysvsem-7.4.33-150400.4.48.1 * php7-dba-7.4.33-150400.4.48.1 * php7-calendar-debuginfo-7.4.33-150400.4.48.1 * php7-json-7.4.33-150400.4.48.1 * php7-sysvmsg-7.4.33-150400.4.48.1 * php7-bcmath-7.4.33-150400.4.48.1 * php7-dom-debuginfo-7.4.33-150400.4.48.1 * php7-fastcgi-7.4.33-150400.4.48.1 * php7-mysql-debuginfo-7.4.33-150400.4.48.1 * php7-enchant-debuginfo-7.4.33-150400.4.48.1 * php7-ftp-debuginfo-7.4.33-150400.4.48.1 * php7-tokenizer-debuginfo-7.4.33-150400.4.48.1 * php7-posix-7.4.33-150400.4.48.1 * php7-sqlite-debuginfo-7.4.33-150400.4.48.1 * php7-xmlreader-7.4.33-150400.4.48.1 * php7-enchant-7.4.33-150400.4.48.1 * php7-sockets-7.4.33-150400.4.48.1 * php7-sockets-debuginfo-7.4.33-150400.4.48.1 * php7-sysvshm-debuginfo-7.4.33-150400.4.48.1 * php7-debugsource-7.4.33-150400.4.48.1 * php7-zip-debuginfo-7.4.33-150400.4.48.1 * php7-ldap-7.4.33-150400.4.48.1 * php7-pgsql-7.4.33-150400.4.48.1 * php7-sodium-7.4.33-150400.4.48.1 * php7-bz2-7.4.33-150400.4.48.1 * apache2-mod_php7-debugsource-7.4.33-150400.4.48.1 * php7-sysvsem-debuginfo-7.4.33-150400.4.48.1 * apache2-mod_php7-7.4.33-150400.4.48.1 * php7-curl-debuginfo-7.4.33-150400.4.48.1 * php7-json-debuginfo-7.4.33-150400.4.48.1 * php7-ctype-7.4.33-150400.4.48.1 * php7-intl-7.4.33-150400.4.48.1 * php7-xsl-7.4.33-150400.4.48.1 * php7-pgsql-debuginfo-7.4.33-150400.4.48.1 * php7-openssl-debuginfo-7.4.33-150400.4.48.1 * php7-openssl-7.4.33-150400.4.48.1 * php7-opcache-debuginfo-7.4.33-150400.4.48.1 * php7-7.4.33-150400.4.48.1 * php7-curl-7.4.33-150400.4.48.1 * php7-debuginfo-7.4.33-150400.4.48.1 * php7-xmlwriter-debuginfo-7.4.33-150400.4.48.1 * php7-xmlrpc-debuginfo-7.4.33-150400.4.48.1 * php7-intl-debuginfo-7.4.33-150400.4.48.1 * php7-snmp-debuginfo-7.4.33-150400.4.48.1 * php7-gmp-debuginfo-7.4.33-150400.4.48.1 * php7-xmlrpc-7.4.33-150400.4.48.1 * apache2-mod_php7-debuginfo-7.4.33-150400.4.48.1 * php7-soap-debuginfo-7.4.33-150400.4.48.1 * php7-devel-7.4.33-150400.4.48.1 * php7-exif-debuginfo-7.4.33-150400.4.48.1 * php7-sqlite-7.4.33-150400.4.48.1 * php7-phar-debuginfo-7.4.33-150400.4.48.1 * php7-pdo-debuginfo-7.4.33-150400.4.48.1 * php7-readline-7.4.33-150400.4.48.1 * php7-cli-debuginfo-7.4.33-150400.4.48.1 * php7-ldap-debuginfo-7.4.33-150400.4.48.1 * php7-gd-7.4.33-150400.4.48.1 * php7-xsl-debuginfo-7.4.33-150400.4.48.1 * php7-fpm-debuginfo-7.4.33-150400.4.48.1 * php7-fileinfo-debuginfo-7.4.33-150400.4.48.1 * php7-mysql-7.4.33-150400.4.48.1 * php7-tokenizer-7.4.33-150400.4.48.1 * php7-exif-7.4.33-150400.4.48.1 * php7-xmlreader-debuginfo-7.4.33-150400.4.48.1 * php7-gettext-7.4.33-150400.4.48.1 * php7-cli-7.4.33-150400.4.48.1 * php7-zip-7.4.33-150400.4.48.1 * php7-bz2-debuginfo-7.4.33-150400.4.48.1 * php7-gettext-debuginfo-7.4.33-150400.4.48.1 * php7-pdo-7.4.33-150400.4.48.1 * php7-gd-debuginfo-7.4.33-150400.4.48.1 * php7-ftp-7.4.33-150400.4.48.1 * php7-shmop-debuginfo-7.4.33-150400.4.48.1 * php7-sodium-debuginfo-7.4.33-150400.4.48.1 * php7-tidy-debuginfo-7.4.33-150400.4.48.1 * php7-soap-7.4.33-150400.4.48.1 * php7-zlib-debuginfo-7.4.33-150400.4.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * php7-snmp-7.4.33-150400.4.48.1 * php7-zlib-7.4.33-150400.4.48.1 * php7-iconv-debuginfo-7.4.33-150400.4.48.1 * php7-xmlwriter-7.4.33-150400.4.48.1 * php7-opcache-7.4.33-150400.4.48.1 * php7-iconv-7.4.33-150400.4.48.1 * php7-odbc-7.4.33-150400.4.48.1 * php7-mbstring-7.4.33-150400.4.48.1 * php7-sysvmsg-debuginfo-7.4.33-150400.4.48.1 * php7-fileinfo-7.4.33-150400.4.48.1 * php7-readline-debuginfo-7.4.33-150400.4.48.1 * php7-dom-7.4.33-150400.4.48.1 * php7-fpm-7.4.33-150400.4.48.1 * php7-pcntl-debuginfo-7.4.33-150400.4.48.1 * php7-mbstring-debuginfo-7.4.33-150400.4.48.1 * php7-shmop-7.4.33-150400.4.48.1 * php7-tidy-7.4.33-150400.4.48.1 * php7-pcntl-7.4.33-150400.4.48.1 * php7-bcmath-debuginfo-7.4.33-150400.4.48.1 * php7-calendar-7.4.33-150400.4.48.1 * php7-phar-7.4.33-150400.4.48.1 * php7-fastcgi-debugsource-7.4.33-150400.4.48.1 * php7-posix-debuginfo-7.4.33-150400.4.48.1 * php7-gmp-7.4.33-150400.4.48.1 * php7-odbc-debuginfo-7.4.33-150400.4.48.1 * php7-fpm-debugsource-7.4.33-150400.4.48.1 * php7-fastcgi-debuginfo-7.4.33-150400.4.48.1 * php7-dba-debuginfo-7.4.33-150400.4.48.1 * php7-sysvshm-7.4.33-150400.4.48.1 * php7-ctype-debuginfo-7.4.33-150400.4.48.1 * php7-sysvsem-7.4.33-150400.4.48.1 * php7-dba-7.4.33-150400.4.48.1 * php7-calendar-debuginfo-7.4.33-150400.4.48.1 * php7-json-7.4.33-150400.4.48.1 * php7-sysvmsg-7.4.33-150400.4.48.1 * php7-bcmath-7.4.33-150400.4.48.1 * php7-dom-debuginfo-7.4.33-150400.4.48.1 * php7-fastcgi-7.4.33-150400.4.48.1 * php7-mysql-debuginfo-7.4.33-150400.4.48.1 * php7-enchant-debuginfo-7.4.33-150400.4.48.1 * php7-ftp-debuginfo-7.4.33-150400.4.48.1 * php7-tokenizer-debuginfo-7.4.33-150400.4.48.1 * php7-posix-7.4.33-150400.4.48.1 * php7-sqlite-debuginfo-7.4.33-150400.4.48.1 * php7-xmlreader-7.4.33-150400.4.48.1 * php7-enchant-7.4.33-150400.4.48.1 * php7-sockets-7.4.33-150400.4.48.1 * php7-sockets-debuginfo-7.4.33-150400.4.48.1 * php7-sysvshm-debuginfo-7.4.33-150400.4.48.1 * php7-debugsource-7.4.33-150400.4.48.1 * php7-zip-debuginfo-7.4.33-150400.4.48.1 * php7-ldap-7.4.33-150400.4.48.1 * php7-pgsql-7.4.33-150400.4.48.1 * php7-sodium-7.4.33-150400.4.48.1 * php7-bz2-7.4.33-150400.4.48.1 * apache2-mod_php7-debugsource-7.4.33-150400.4.48.1 * php7-sysvsem-debuginfo-7.4.33-150400.4.48.1 * apache2-mod_php7-7.4.33-150400.4.48.1 * php7-curl-debuginfo-7.4.33-150400.4.48.1 * php7-json-debuginfo-7.4.33-150400.4.48.1 * php7-ctype-7.4.33-150400.4.48.1 * php7-intl-7.4.33-150400.4.48.1 * php7-xsl-7.4.33-150400.4.48.1 * php7-pgsql-debuginfo-7.4.33-150400.4.48.1 * php7-openssl-debuginfo-7.4.33-150400.4.48.1 * php7-openssl-7.4.33-150400.4.48.1 * php7-opcache-debuginfo-7.4.33-150400.4.48.1 * php7-7.4.33-150400.4.48.1 * php7-curl-7.4.33-150400.4.48.1 * php7-debuginfo-7.4.33-150400.4.48.1 * php7-xmlwriter-debuginfo-7.4.33-150400.4.48.1 * php7-xmlrpc-debuginfo-7.4.33-150400.4.48.1 * php7-intl-debuginfo-7.4.33-150400.4.48.1 * php7-snmp-debuginfo-7.4.33-150400.4.48.1 * php7-gmp-debuginfo-7.4.33-150400.4.48.1 * php7-xmlrpc-7.4.33-150400.4.48.1 * apache2-mod_php7-debuginfo-7.4.33-150400.4.48.1 * php7-soap-debuginfo-7.4.33-150400.4.48.1 * php7-devel-7.4.33-150400.4.48.1 * php7-exif-debuginfo-7.4.33-150400.4.48.1 * php7-sqlite-7.4.33-150400.4.48.1 * php7-phar-debuginfo-7.4.33-150400.4.48.1 * php7-pdo-debuginfo-7.4.33-150400.4.48.1 * php7-readline-7.4.33-150400.4.48.1 * php7-cli-debuginfo-7.4.33-150400.4.48.1 * php7-ldap-debuginfo-7.4.33-150400.4.48.1 * php7-gd-7.4.33-150400.4.48.1 * php7-xsl-debuginfo-7.4.33-150400.4.48.1 * php7-fpm-debuginfo-7.4.33-150400.4.48.1 * php7-fileinfo-debuginfo-7.4.33-150400.4.48.1 * php7-mysql-7.4.33-150400.4.48.1 * php7-tokenizer-7.4.33-150400.4.48.1 * php7-exif-7.4.33-150400.4.48.1 * php7-xmlreader-debuginfo-7.4.33-150400.4.48.1 * php7-gettext-7.4.33-150400.4.48.1 * php7-cli-7.4.33-150400.4.48.1 * php7-zip-7.4.33-150400.4.48.1 * php7-bz2-debuginfo-7.4.33-150400.4.48.1 * php7-gettext-debuginfo-7.4.33-150400.4.48.1 * php7-pdo-7.4.33-150400.4.48.1 * php7-gd-debuginfo-7.4.33-150400.4.48.1 * php7-ftp-7.4.33-150400.4.48.1 * php7-shmop-debuginfo-7.4.33-150400.4.48.1 * php7-sodium-debuginfo-7.4.33-150400.4.48.1 * php7-tidy-debuginfo-7.4.33-150400.4.48.1 * php7-soap-7.4.33-150400.4.48.1 * php7-zlib-debuginfo-7.4.33-150400.4.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * php7-snmp-7.4.33-150400.4.48.1 * php7-zlib-7.4.33-150400.4.48.1 * php7-iconv-debuginfo-7.4.33-150400.4.48.1 * php7-xmlwriter-7.4.33-150400.4.48.1 * php7-opcache-7.4.33-150400.4.48.1 * php7-iconv-7.4.33-150400.4.48.1 * php7-odbc-7.4.33-150400.4.48.1 * php7-mbstring-7.4.33-150400.4.48.1 * php7-sysvmsg-debuginfo-7.4.33-150400.4.48.1 * php7-fileinfo-7.4.33-150400.4.48.1 * php7-readline-debuginfo-7.4.33-150400.4.48.1 * php7-dom-7.4.33-150400.4.48.1 * php7-fpm-7.4.33-150400.4.48.1 * php7-pcntl-debuginfo-7.4.33-150400.4.48.1 * php7-mbstring-debuginfo-7.4.33-150400.4.48.1 * php7-shmop-7.4.33-150400.4.48.1 * php7-tidy-7.4.33-150400.4.48.1 * php7-pcntl-7.4.33-150400.4.48.1 * php7-bcmath-debuginfo-7.4.33-150400.4.48.1 * php7-calendar-7.4.33-150400.4.48.1 * php7-phar-7.4.33-150400.4.48.1 * php7-fastcgi-debugsource-7.4.33-150400.4.48.1 * php7-posix-debuginfo-7.4.33-150400.4.48.1 * php7-gmp-7.4.33-150400.4.48.1 * php7-odbc-debuginfo-7.4.33-150400.4.48.1 * php7-fpm-debugsource-7.4.33-150400.4.48.1 * php7-fastcgi-debuginfo-7.4.33-150400.4.48.1 * php7-dba-debuginfo-7.4.33-150400.4.48.1 * php7-sysvshm-7.4.33-150400.4.48.1 * php7-ctype-debuginfo-7.4.33-150400.4.48.1 * php7-sysvsem-7.4.33-150400.4.48.1 * php7-dba-7.4.33-150400.4.48.1 * php7-calendar-debuginfo-7.4.33-150400.4.48.1 * php7-json-7.4.33-150400.4.48.1 * php7-sysvmsg-7.4.33-150400.4.48.1 * php7-bcmath-7.4.33-150400.4.48.1 * php7-dom-debuginfo-7.4.33-150400.4.48.1 * php7-fastcgi-7.4.33-150400.4.48.1 * php7-mysql-debuginfo-7.4.33-150400.4.48.1 * php7-enchant-debuginfo-7.4.33-150400.4.48.1 * php7-ftp-debuginfo-7.4.33-150400.4.48.1 * php7-tokenizer-debuginfo-7.4.33-150400.4.48.1 * php7-posix-7.4.33-150400.4.48.1 * php7-sqlite-debuginfo-7.4.33-150400.4.48.1 * php7-xmlreader-7.4.33-150400.4.48.1 * php7-enchant-7.4.33-150400.4.48.1 * php7-sockets-7.4.33-150400.4.48.1 * php7-sockets-debuginfo-7.4.33-150400.4.48.1 * php7-sysvshm-debuginfo-7.4.33-150400.4.48.1 * php7-debugsource-7.4.33-150400.4.48.1 * php7-zip-debuginfo-7.4.33-150400.4.48.1 * php7-ldap-7.4.33-150400.4.48.1 * php7-pgsql-7.4.33-150400.4.48.1 * php7-sodium-7.4.33-150400.4.48.1 * php7-bz2-7.4.33-150400.4.48.1 * apache2-mod_php7-debugsource-7.4.33-150400.4.48.1 * php7-sysvsem-debuginfo-7.4.33-150400.4.48.1 * apache2-mod_php7-7.4.33-150400.4.48.1 * php7-curl-debuginfo-7.4.33-150400.4.48.1 * php7-json-debuginfo-7.4.33-150400.4.48.1 * php7-ctype-7.4.33-150400.4.48.1 * php7-intl-7.4.33-150400.4.48.1 * php7-xsl-7.4.33-150400.4.48.1 * php7-pgsql-debuginfo-7.4.33-150400.4.48.1 * php7-openssl-debuginfo-7.4.33-150400.4.48.1 * php7-openssl-7.4.33-150400.4.48.1 * php7-opcache-debuginfo-7.4.33-150400.4.48.1 * php7-7.4.33-150400.4.48.1 * php7-curl-7.4.33-150400.4.48.1 * php7-debuginfo-7.4.33-150400.4.48.1 * php7-xmlwriter-debuginfo-7.4.33-150400.4.48.1 * php7-xmlrpc-debuginfo-7.4.33-150400.4.48.1 * php7-intl-debuginfo-7.4.33-150400.4.48.1 * php7-snmp-debuginfo-7.4.33-150400.4.48.1 * php7-gmp-debuginfo-7.4.33-150400.4.48.1 * php7-xmlrpc-7.4.33-150400.4.48.1 * apache2-mod_php7-debuginfo-7.4.33-150400.4.48.1 * php7-soap-debuginfo-7.4.33-150400.4.48.1 * php7-devel-7.4.33-150400.4.48.1 * php7-exif-debuginfo-7.4.33-150400.4.48.1 * php7-sqlite-7.4.33-150400.4.48.1 * php7-phar-debuginfo-7.4.33-150400.4.48.1 * php7-pdo-debuginfo-7.4.33-150400.4.48.1 * php7-readline-7.4.33-150400.4.48.1 * php7-cli-debuginfo-7.4.33-150400.4.48.1 * php7-ldap-debuginfo-7.4.33-150400.4.48.1 * php7-gd-7.4.33-150400.4.48.1 * php7-xsl-debuginfo-7.4.33-150400.4.48.1 * php7-fpm-debuginfo-7.4.33-150400.4.48.1 * php7-fileinfo-debuginfo-7.4.33-150400.4.48.1 * php7-mysql-7.4.33-150400.4.48.1 * php7-tokenizer-7.4.33-150400.4.48.1 * php7-exif-7.4.33-150400.4.48.1 * php7-xmlreader-debuginfo-7.4.33-150400.4.48.1 * php7-gettext-7.4.33-150400.4.48.1 * php7-cli-7.4.33-150400.4.48.1 * php7-zip-7.4.33-150400.4.48.1 * php7-bz2-debuginfo-7.4.33-150400.4.48.1 * php7-gettext-debuginfo-7.4.33-150400.4.48.1 * php7-pdo-7.4.33-150400.4.48.1 * php7-gd-debuginfo-7.4.33-150400.4.48.1 * php7-ftp-7.4.33-150400.4.48.1 * php7-shmop-debuginfo-7.4.33-150400.4.48.1 * php7-sodium-debuginfo-7.4.33-150400.4.48.1 * php7-tidy-debuginfo-7.4.33-150400.4.48.1 * php7-soap-7.4.33-150400.4.48.1 * php7-zlib-debuginfo-7.4.33-150400.4.48.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11235.html * https://www.suse.com/security/cve/CVE-2025-1217.html * https://www.suse.com/security/cve/CVE-2025-1219.html * https://www.suse.com/security/cve/CVE-2025-1734.html * https://www.suse.com/security/cve/CVE-2025-1736.html * https://www.suse.com/security/cve/CVE-2025-1861.html * https://bugzilla.suse.com/show_bug.cgi?id=1239664 * https://bugzilla.suse.com/show_bug.cgi?id=1239666 * https://bugzilla.suse.com/show_bug.cgi?id=1239667 * https://bugzilla.suse.com/show_bug.cgi?id=1239668 * https://bugzilla.suse.com/show_bug.cgi?id=1239669 * https://bugzilla.suse.com/show_bug.cgi?id=1239670 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 26 12:30:21 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 26 Mar 2025 12:30:21 -0000 Subject: SUSE-SU-2025:1024-1: important: Security update for tomcat10 Message-ID: <174299222133.8820.6879728049391942093@smelt2.prg2.suse.org> # Security update for tomcat10 Announcement ID: SUSE-SU-2025:1024-1 Release Date: 2025-03-26T11:29:29Z Rating: important References: * bsc#1239302 * bsc#1239676 Cross-References: * CVE-2024-56337 * CVE-2025-24813 CVSS scores: * CVE-2024-56337 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56337 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-24813 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-24813 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-24813 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-24813 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * Web and Scripting Module 15-SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for tomcat10 fixes the following issues: * CVE-2025-24813: Fixed potential RCE and/or information disclosure/corruption with partial PUT (bsc#1239302) Other fixes: * Update to Tomcat 10.1.39 * Fixes: * launch with java 17 (bsc#1239676) * Catalina * Fix: 69602: Fix regression in releases from 12-2024 that were too strict and rejected weak etags in the If-Range header with a 400 response. Instead will consider it as a failed match since strong etags are required for If-Range. (remm) * Fix: When looking up class loader resources by resource name, the resource name should not start with '/'. If the resource name does start with '/', Tomcat is lenient and looks it up as if the '/' was not present. When the web application class loader was configured with external repositories and names starting with '/' were used for lookups, it was possible that cached 'not found' results could effectively hide lookup results using the correct resource name. (markt) * Fix: Enable the JNDIRealm to validate credentials provided to HttpServletRequest.login(String username, String password) when the realm is configured to use GSSAPI authentication. (markt) * Fix: Fix a bug in the JRE compatibility detection that incorrectly identified Java 19 and Java 20 as supporting Java 21 features. (markt) * Fix: Improve the checks for exposure to and protection against CVE-2024-56337 so that reflection is not used unless required. The checks for whether the file system is case sensitive or not have been removed. (markt) * Add: Add support for logging the connection ID (as returned by ServletRequest.getServletConnection().getConnectionId()) with the AccessLogValve and ExtendedAccessLogValve. Based on pull request #814 by Dmole. (markt) * Fix: Avoid scenarios where temporary files used for partial PUT would not be deleted. (remm) * Fix: 69576: Avoid possible failure initializing JreCompat due to uncaught exception introduced for the check for CVE-2024-56337. (remm) * Cluster * Add: 69598: Add detection of service account token changes to the KubernetesMembershipProvider implementation and reload the token if it changes. Based on a patch by Miroslav Jezbera. (markt) * Coyote * Fix: 69575: Avoid using compression if a response is already compressed using compress, deflate or zstd. (remm) * Update: Use Transfer-Encoding for compression rather than Content-Encoding if the client submits a TE header containing gzip. (remm) * Fix: Fix a race condition in the handling of HTTP/2 stream reset that could cause unexpected 500 responses. (markt) * Other * Add: Add makensis as an option for building the Installer for Windows on non-Windows platforms. (rjung/markt) * Update: Update Byte Buddy to 1.17.1. (markt) * Update: Update Checkstyle to 10.21.3. (markt) * Update: Update SpotBugs to 4.9.1. (markt) * Update: Update JSign to 7.1. (markt) * Add: Improvements to French translations. (remm) * Add: Improvements to Japanese translations by tak7iji. (markt) * Add: Add org.apache.juli.JsonFormatter to format log as one line JSON documents. (remm) * Update to Tomcat 10.1.35 * Catalina * Update: Add tableName configuration on the DataSourcePropertyStore that may be used by the WebDAV Servlet. (remm) * Update: Improve HTTP If headers processing according to RFC 9110. Based on pull request #796 by Chenjp. (remm/markt) * Update: Allow readOnly attribute configuration on the Resources element and allow configure the readOnly attribute value of the main resources. The attribute value will also be used by the default and WebDAV Servlets. (remm) * Fix: 69285: Optimise the creation of the parameter map for included requests. Based on sample code and test cases provided by John Engebretson. (markt) * Fix: 69527: Avoid rare cases where a cached resource could be set with 0 content length, or could be evicted immediately. (remm) * Fix: Fix possible edge cases (such as HTTP/1.0) with trying to detect requests without body for WebDAV LOCK and PROPFIND. (remm) * Fix: 69528: Add multi-release JAR support for the bloom archiveIndexStrategy of the Resources. (remm) * Fix: Improve checks for WEB-INF and META-INF in the WebDAV servlet. Based on a patch submitted by Chenjp. (remm) * Fix: Remove unused session to client map from CrawlerSessionManagerValve. Submitted by Brian Matzon. (remm) * Add: Add a check to ensure that, if one or more web applications are potentially vulnerable to CVE-2024-56337, the JVM has been configured to protect against the vulnerability and to configure the JVM correctly if not. Where one or more web applications are potentially vulnerable to CVE-2024-56337 and the JVM cannot be correctly configured or it cannot be confirmed that the JVM has been correctly configured, prevent the impacted web applications from starting. (markt) * Fix: When using the WebDAV servlet with serveSubpathOnly set to true, ensure that the destination for any requested WebDAV operation is also restricted to the sub-path. (markt) * Fix: Generate an appropriate Allow HTTP header when the Default servlet returns a 405 (method not allowed) response in response to a DELETE request because the target resource cannot be deleted. Pull request #802 provided by Chenjp. (markt) * Code: Refactor creation of RequestDispatcher instances so that the processing of the provided path is consistent with normal request processing. (markt) * Add: Add encodedReverseSolidusHandling and encodedSolidusHandling attributes to Context to provide control over the handling of the path used to created a RequestDispatcher. (markt) * Fix: Handle a potential NullPointerException after an IOException occurs on a non-container thread during asynchronous processing. (markt) * Fix: Enhance lifecycle of temporary files used by partial PUT. (remm) * Coyote * Fix: Don't log warnings for registered HTTP/2 settings that Tomcat does not support. These settings are now silently ignored. (markt) * Fix: Avoid a rare NullPointerException when recycling the Http11InputBuffer. (markt) * Fix: Lower the log level to debug for logging an invalid socket channel when processing poller events for the NIO Connector as this may occur in normal usage. (markt) * Code: Clean-up references to the HTTP/2 stream once request processing has completed to aid GC and reduce the size of the HTTP/2 recycled request and response cache. (markt) * Add: Add a new Connector configuration attribute, encodedReverseSolidusHandling, to control how %5c sequences in URLs are handled. The default behaviour is unchanged (decode) keeping in mind that the allowBackslash attribute determines how the decoded URI is processed. (markt) * Fix: 69545: Improve CRLF skipping for the available method of the ChunkedInputFilter. (remm) * Fix: Improve the performance of repeated calls to getHeader(). Pull request #813 provided by Adwait Kumar Singh. (markt) * Fix: 69559: Ensure that the Java 24 warning regarding the use of sun.misc.Unsafe::invokeCleaner is only reported by the JRE when the code will be used. (markt) * Jasper * Fix: 69508: Correct a regression in the fix for 69382 that broke JSP include actions if both the page attribute and the body contained parameters. Pull request #803 provided by Chenjp. (markt) * Fix: Update the identifier validation in the Expression Language parser to reflect that, as of Java 9, _ is also a Java keyword and may not be used as an identifier. (markt) * Fix: 69521: Update the EL Parser to allow the full range of valid characters in an EL identifier as defined by the Java Language Specification. (markt) * Fix: 69532: Optimise the creation of ExpressionFactory instances. Patch provided by John Engebretson. (markt) * Web applications * Add: Documentation. Expand the description of the security implications of setting mapperContextRootRedirectEnabled and/or mapperDirectoryRedirectEnabled to true. (markt) * Fix: Documentation. Better document the default for the truststoreProvider attribute of a SSLHostConfig element. (markt) * Other * Update: Update to Commons Daemon 1.4.1. (markt) * Update: Update the packaged version of the Tomcat Migration Tool for Jakarta EE to 1.0.9. (markt) * Update: Update the internal fork of Commons Pool to 2.12.1. (markt) * Update: Update Byte Buddy to 1.16.1. (markt) * Update: Update UnboundID to 7.0.2. (markt) * Update: Update Checkstyle to 10.21.2. (markt) * Update: Update SpotBugs to 4.9.0. (markt) * Add: Improvements to French translations. (remm) * Add: Improvements to Chinese translations by leeyazhou. (markt) * Add: Improvements to Japanese translations by tak7iji. (markt) * Add: Improvements to Japanese translations by tak7iji. (markt) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1024=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2025-1024=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1024=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1024=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1024=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1024=1 ## Package List: * openSUSE Leap 15.6 (noarch) * tomcat10-el-5_0-api-10.1.39-150200.5.36.1 * tomcat10-admin-webapps-10.1.39-150200.5.36.1 * tomcat10-jsp-3_1-api-10.1.39-150200.5.36.1 * tomcat10-jsvc-10.1.39-150200.5.36.1 * tomcat10-servlet-6_0-api-10.1.39-150200.5.36.1 * tomcat10-lib-10.1.39-150200.5.36.1 * tomcat10-embed-10.1.39-150200.5.36.1 * tomcat10-docs-webapp-10.1.39-150200.5.36.1 * tomcat10-10.1.39-150200.5.36.1 * tomcat10-doc-10.1.39-150200.5.36.1 * tomcat10-webapps-10.1.39-150200.5.36.1 * Web and Scripting Module 15-SP6 (noarch) * tomcat10-el-5_0-api-10.1.39-150200.5.36.1 * tomcat10-admin-webapps-10.1.39-150200.5.36.1 * tomcat10-jsp-3_1-api-10.1.39-150200.5.36.1 * tomcat10-servlet-6_0-api-10.1.39-150200.5.36.1 * tomcat10-lib-10.1.39-150200.5.36.1 * tomcat10-10.1.39-150200.5.36.1 * tomcat10-webapps-10.1.39-150200.5.36.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * tomcat10-el-5_0-api-10.1.39-150200.5.36.1 * tomcat10-admin-webapps-10.1.39-150200.5.36.1 * tomcat10-jsp-3_1-api-10.1.39-150200.5.36.1 * tomcat10-servlet-6_0-api-10.1.39-150200.5.36.1 * tomcat10-lib-10.1.39-150200.5.36.1 * tomcat10-10.1.39-150200.5.36.1 * tomcat10-webapps-10.1.39-150200.5.36.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * tomcat10-el-5_0-api-10.1.39-150200.5.36.1 * tomcat10-admin-webapps-10.1.39-150200.5.36.1 * tomcat10-jsp-3_1-api-10.1.39-150200.5.36.1 * tomcat10-servlet-6_0-api-10.1.39-150200.5.36.1 * tomcat10-lib-10.1.39-150200.5.36.1 * tomcat10-10.1.39-150200.5.36.1 * tomcat10-webapps-10.1.39-150200.5.36.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * tomcat10-el-5_0-api-10.1.39-150200.5.36.1 * tomcat10-admin-webapps-10.1.39-150200.5.36.1 * tomcat10-jsp-3_1-api-10.1.39-150200.5.36.1 * tomcat10-servlet-6_0-api-10.1.39-150200.5.36.1 * tomcat10-lib-10.1.39-150200.5.36.1 * tomcat10-10.1.39-150200.5.36.1 * tomcat10-webapps-10.1.39-150200.5.36.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * tomcat10-el-5_0-api-10.1.39-150200.5.36.1 * tomcat10-admin-webapps-10.1.39-150200.5.36.1 * tomcat10-jsp-3_1-api-10.1.39-150200.5.36.1 * tomcat10-servlet-6_0-api-10.1.39-150200.5.36.1 * tomcat10-lib-10.1.39-150200.5.36.1 * tomcat10-10.1.39-150200.5.36.1 * tomcat10-webapps-10.1.39-150200.5.36.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56337.html * https://www.suse.com/security/cve/CVE-2025-24813.html * https://bugzilla.suse.com/show_bug.cgi?id=1239302 * https://bugzilla.suse.com/show_bug.cgi?id=1239676 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 26 12:30:25 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 26 Mar 2025 12:30:25 -0000 Subject: SUSE-SU-2025:1023-1: important: Security update for webkit2gtk3 Message-ID: <174299222521.8820.7362690092616070546@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:1023-1 Release Date: 2025-03-26T11:28:49Z Rating: important References: * bsc#1239547 Cross-References: * CVE-2025-24201 CVSS scores: * CVE-2025-24201 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: * CVE-2025-24201: Fixed out-of-bounds write vulnerability due to that WebGL context primitive restart can be toggled from WebContent process (bsc#1239547). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1023=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-1023=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libjavascriptcoregtk-4_0-18-2.46.6-4.31.1 * webkit2gtk3-debugsource-2.46.6-4.31.1 * webkit2gtk-4_0-injected-bundles-2.46.6-4.31.1 * libwebkit2gtk-4_0-37-2.46.6-4.31.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-4.31.1 * typelib-1_0-JavaScriptCore-4_0-2.46.6-4.31.1 * typelib-1_0-WebKit2-4_0-2.46.6-4.31.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-4.31.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-4.31.1 * webkit2gtk3-devel-2.46.6-4.31.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-4.31.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * libwebkit2gtk3-lang-2.46.6-4.31.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-2.46.6-4.31.1 * webkit2gtk3-debugsource-2.46.6-4.31.1 * webkit2gtk-4_0-injected-bundles-2.46.6-4.31.1 * libwebkit2gtk-4_0-37-2.46.6-4.31.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-4.31.1 * typelib-1_0-JavaScriptCore-4_0-2.46.6-4.31.1 * typelib-1_0-WebKit2-4_0-2.46.6-4.31.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-4.31.1 * webkit2gtk3-devel-2.46.6-4.31.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-4.31.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * libwebkit2gtk3-lang-2.46.6-4.31.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-4.31.1 ## References: * https://www.suse.com/security/cve/CVE-2025-24201.html * https://bugzilla.suse.com/show_bug.cgi?id=1239547 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 26 12:30:29 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 26 Mar 2025 12:30:29 -0000 Subject: SUSE-SU-2025:1022-1: important: Security update for apache-commons-vfs2 Message-ID: <174299222945.8820.13225273747518345380@smelt2.prg2.suse.org> # Security update for apache-commons-vfs2 Announcement ID: SUSE-SU-2025:1022-1 Release Date: 2025-03-26T11:28:38Z Rating: important References: * bsc#1239973 * bsc#1239974 Cross-References: * CVE-2025-27553 * CVE-2025-30474 CVSS scores: * CVE-2025-27553 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-27553 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-30474 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.6 An update that solves two vulnerabilities can now be installed. ## Description: This update for apache-commons-vfs2 fixes the following issues: * CVE-2025-27553: Fixed possible path traversal issue when using NameScope.DESCENDENT (bsc#1239973) * CVE-2025-30474: Fixed information disclosure due to failing to find an FTP file reveal the URI's password in an error message (bsc#1239974) Other fixes: \- Upgrade to upstream version 2.10.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1022=1 ## Package List: * openSUSE Leap 15.6 (noarch) * apache-commons-vfs2-ant-2.10.0-150200.3.3.1 * apache-commons-vfs2-javadoc-2.10.0-150200.3.3.1 * apache-commons-vfs2-examples-2.10.0-150200.3.3.1 * apache-commons-vfs2-2.10.0-150200.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27553.html * https://www.suse.com/security/cve/CVE-2025-30474.html * https://bugzilla.suse.com/show_bug.cgi?id=1239973 * https://bugzilla.suse.com/show_bug.cgi?id=1239974 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 26 12:30:38 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 26 Mar 2025 12:30:38 -0000 Subject: SUSE-SU-2025:1019-1: important: Security update for azure-cli-core Message-ID: <174299223800.8820.1600808497412439444@smelt2.prg2.suse.org> # Security update for azure-cli-core Announcement ID: SUSE-SU-2025:1019-1 Release Date: 2025-03-26T10:27:44Z Rating: important References: * bsc#1239460 Cross-References: * CVE-2025-24049 CVSS scores: * CVE-2025-24049 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-24049 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-24049 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for azure-cli-core fixes the following issues: * CVE-2025-24049: Fixed improper neutralization of special elements used in a command allows an unauthorized attacker to elevate privileges locally (bsc#1239460). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1019=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1019=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-1019=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-1019=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1019=1 ## Package List: * openSUSE Leap 15.4 (noarch) * azure-cli-core-2.58.0-150400.14.6.1 * openSUSE Leap 15.6 (noarch) * azure-cli-core-2.58.0-150400.14.6.1 * Public Cloud Module 15-SP4 (noarch) * azure-cli-core-2.58.0-150400.14.6.1 * Public Cloud Module 15-SP5 (noarch) * azure-cli-core-2.58.0-150400.14.6.1 * Public Cloud Module 15-SP6 (noarch) * azure-cli-core-2.58.0-150400.14.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-24049.html * https://bugzilla.suse.com/show_bug.cgi?id=1239460 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 26 12:30:40 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 26 Mar 2025 12:30:40 -0000 Subject: SUSE-SU-2025:1018-1: important: Security update for buildah Message-ID: <174299224071.8820.12520536465190647848@smelt2.prg2.suse.org> # Security update for buildah Announcement ID: SUSE-SU-2025:1018-1 Release Date: 2025-03-26T09:03:18Z Rating: important References: * bsc#1239339 Cross-References: * CVE-2025-22869 * CVE-2025-27144 CVSS scores: * CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for buildah fixes the following issues: * CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239339). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1018=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1018=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-1018=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1018=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1018=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1018=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1018=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * buildah-1.35.5-150500.3.34.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * buildah-1.35.5-150500.3.34.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * buildah-1.35.5-150500.3.34.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * buildah-1.35.5-150500.3.34.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * buildah-1.35.5-150500.3.34.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * buildah-1.35.5-150500.3.34.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * buildah-1.35.5-150500.3.34.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22869.html * https://www.suse.com/security/cve/CVE-2025-27144.html * https://bugzilla.suse.com/show_bug.cgi?id=1239339 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 26 12:30:43 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 26 Mar 2025 12:30:43 -0000 Subject: SUSE-SU-2025:1017-1: important: Security update for buildah Message-ID: <174299224323.8820.4199987686867366230@smelt2.prg2.suse.org> # Security update for buildah Announcement ID: SUSE-SU-2025:1017-1 Release Date: 2025-03-26T09:02:56Z Rating: important References: * bsc#1239339 Cross-References: * CVE-2025-22869 * CVE-2025-27144 CVSS scores: * CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for buildah fixes the following issues: * CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239339). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1017=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1017=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1017=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1017=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1017=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * buildah-1.35.5-150300.8.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * buildah-1.35.5-150300.8.39.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * buildah-1.35.5-150300.8.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * buildah-1.35.5-150300.8.39.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * buildah-1.35.5-150300.8.39.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22869.html * https://www.suse.com/security/cve/CVE-2025-27144.html * https://bugzilla.suse.com/show_bug.cgi?id=1239339 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 26 16:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 26 Mar 2025 16:30:07 -0000 Subject: SUSE-SU-2025:1033-1: moderate: Security update for webkit2gtk3 Message-ID: <174300660730.6725.15111703155859205424@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:1033-1 Release Date: 2025-03-26T15:44:39Z Rating: moderate References: * bsc#1239863 * bsc#1239864 * bsc#1239950 Cross-References: * CVE-2024-44192 * CVE-2024-54467 * CVE-2025-24201 CVSS scores: * CVE-2024-44192 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44192 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44192 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44192 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54467 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-54467 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-54467 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-54467 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-24201 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 An update that solves three vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: * CVE-2024-44192: Fixed unexpected process crash due to processing maliciously crafted web content (bsc#1239863) * CVE-2024-54467: Fixed data exilfration cross-origin due to a cookie management issue via a malicious website (bsc#1239864) Other fixes: \- Update to version 2.48.0 \+ Move tiles rendering to worker threads when rendering with the GPU. \+ Fix preserve-3D intersection rendering. \+ Added new function for creating Promise objects to JavaScripotCore GLib API. \+ The MediaRecorder backend gained WebM support (requires at least GStreamer 1.24.9) and audio bitrate configuration support. \+ Fix invalid DPI-aware font size conversion. \+ Bring back support for OpenType-SVG fonts using Skia SVG module. \+ Add metadata (title and creation/modification date) to the PDF document generated for printing. \+ Propagate the font?s computed locale to HarfBuzz. \+ The GPU process build is now enabled for WebGL, but the web process is still used by default. The runtime flag UseGPUProcessForWebGL can be used to use the GPU process for WebGL. \- Add gcc13-PIE to BuildRequires (bsc#1239950). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1033=1 ## Package List: * openSUSE Leap 15.4 (noarch) * WebKitGTK-6.0-lang-2.48.0-150400.4.112.1 * WebKitGTK-4.0-lang-2.48.0-150400.4.112.1 * WebKitGTK-4.1-lang-2.48.0-150400.4.112.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * typelib-1_0-WebKit2-4_1-2.48.0-150400.4.112.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.0-150400.4.112.1 * typelib-1_0-WebKit-6_0-2.48.0-150400.4.112.1 * libjavascriptcoregtk-4_1-0-2.48.0-150400.4.112.1 * typelib-1_0-JavaScriptCore-6_0-2.48.0-150400.4.112.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.0-150400.4.112.1 * webkit2gtk4-minibrowser-2.48.0-150400.4.112.1 * libjavascriptcoregtk-6_0-1-2.48.0-150400.4.112.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.48.0-150400.4.112.1 * libwebkit2gtk-4_0-37-debuginfo-2.48.0-150400.4.112.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.0-150400.4.112.1 * webkit2gtk3-soup2-debugsource-2.48.0-150400.4.112.1 * webkit2gtk3-soup2-devel-2.48.0-150400.4.112.1 * typelib-1_0-JavaScriptCore-4_1-2.48.0-150400.4.112.1 * webkit-jsc-6.0-2.48.0-150400.4.112.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.0-150400.4.112.1 * webkit2gtk3-minibrowser-2.48.0-150400.4.112.1 * webkit-jsc-4-debuginfo-2.48.0-150400.4.112.1 * webkit-jsc-4-2.48.0-150400.4.112.1 * webkit-jsc-4.1-debuginfo-2.48.0-150400.4.112.1 * webkit-jsc-6.0-debuginfo-2.48.0-150400.4.112.1 * typelib-1_0-JavaScriptCore-4_0-2.48.0-150400.4.112.1 * webkit2gtk-4_0-injected-bundles-2.48.0-150400.4.112.1 * webkit2gtk3-soup2-minibrowser-2.48.0-150400.4.112.1 * libwebkitgtk-6_0-4-debuginfo-2.48.0-150400.4.112.1 * libjavascriptcoregtk-4_0-18-2.48.0-150400.4.112.1 * webkit2gtk4-debugsource-2.48.0-150400.4.112.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.48.0-150400.4.112.1 * webkit2gtk4-minibrowser-debuginfo-2.48.0-150400.4.112.1 * typelib-1_0-WebKit2WebExtension-4_1-2.48.0-150400.4.112.1 * webkit2gtk3-debugsource-2.48.0-150400.4.112.1 * webkit-jsc-4.1-2.48.0-150400.4.112.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.48.0-150400.4.112.1 * webkit2gtk3-devel-2.48.0-150400.4.112.1 * webkitgtk-6_0-injected-bundles-2.48.0-150400.4.112.1 * libwebkit2gtk-4_1-0-debuginfo-2.48.0-150400.4.112.1 * webkit2gtk-4_1-injected-bundles-2.48.0-150400.4.112.1 * webkit2gtk3-minibrowser-debuginfo-2.48.0-150400.4.112.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.0-150400.4.112.1 * typelib-1_0-WebKit2WebExtension-4_0-2.48.0-150400.4.112.1 * webkit2gtk4-devel-2.48.0-150400.4.112.1 * libwebkit2gtk-4_1-0-2.48.0-150400.4.112.1 * libwebkit2gtk-4_0-37-2.48.0-150400.4.112.1 * typelib-1_0-WebKit2-4_0-2.48.0-150400.4.112.1 * libwebkitgtk-6_0-4-2.48.0-150400.4.112.1 * openSUSE Leap 15.4 (x86_64) * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.48.0-150400.4.112.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.48.0-150400.4.112.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.48.0-150400.4.112.1 * libwebkit2gtk-4_1-0-32bit-2.48.0-150400.4.112.1 * libwebkit2gtk-4_0-37-32bit-2.48.0-150400.4.112.1 * libjavascriptcoregtk-4_0-18-32bit-2.48.0-150400.4.112.1 * libjavascriptcoregtk-4_1-0-32bit-2.48.0-150400.4.112.1 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.48.0-150400.4.112.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libwebkit2gtk-4_1-0-64bit-2.48.0-150400.4.112.1 * libwebkit2gtk-4_0-37-64bit-2.48.0-150400.4.112.1 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.48.0-150400.4.112.1 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.48.0-150400.4.112.1 * libjavascriptcoregtk-4_1-0-64bit-2.48.0-150400.4.112.1 * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.48.0-150400.4.112.1 * libjavascriptcoregtk-4_0-18-64bit-2.48.0-150400.4.112.1 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.48.0-150400.4.112.1 ## References: * https://www.suse.com/security/cve/CVE-2024-44192.html * https://www.suse.com/security/cve/CVE-2024-54467.html * https://www.suse.com/security/cve/CVE-2025-24201.html * https://bugzilla.suse.com/show_bug.cgi?id=1239863 * https://bugzilla.suse.com/show_bug.cgi?id=1239864 * https://bugzilla.suse.com/show_bug.cgi?id=1239950 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 26 16:30:16 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 26 Mar 2025 16:30:16 -0000 Subject: SUSE-SU-2025:1032-1: important: Security update for microcode_ctl Message-ID: <174300661653.6725.8749730459664362739@smelt2.prg2.suse.org> # Security update for microcode_ctl Announcement ID: SUSE-SU-2025:1032-1 Release Date: 2025-03-26T14:22:25Z Rating: important References: * bsc#1206418 * bsc#1211382 * bsc#1214099 * bsc#1215278 * bsc#1221323 * bsc#1224277 * bsc#1229129 * bsc#1230400 * bsc#1233313 * bsc#1237096 Cross-References: * CVE-2022-40982 * CVE-2022-41804 * CVE-2023-22655 * CVE-2023-23583 * CVE-2023-23908 * CVE-2023-28746 * CVE-2023-38575 * CVE-2023-39368 * CVE-2023-42667 * CVE-2023-43490 * CVE-2023-45733 * CVE-2023-45745 * CVE-2023-46103 * CVE-2023-47855 * CVE-2023-49141 * CVE-2024-21820 * CVE-2024-21853 * CVE-2024-23918 * CVE-2024-23984 * CVE-2024-24853 * CVE-2024-24968 * CVE-2024-24980 * CVE-2024-25939 * CVE-2024-31068 * CVE-2024-36293 * CVE-2024-37020 * CVE-2024-39355 CVSS scores: * CVE-2022-40982 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2022-40982 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2022-41804 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:H * CVE-2022-41804 ( NVD ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:H * CVE-2023-22655 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N * CVE-2023-23583 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2023-23583 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-23583 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2023-23908 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2023-23908 ( NVD ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-38575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-39368 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-42667 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-42667 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2023-43490 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2023-45733 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2023-45745 ( SUSE ): 7.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N * CVE-2023-46103 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-47855 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2023-49141 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-49141 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2023-49141 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2023-49141 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-21820 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N * CVE-2024-21820 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N * CVE-2024-21820 ( NVD ): 8.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-21820 ( NVD ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N * CVE-2024-21853 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-21853 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-21853 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-21853 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23918 ( SUSE ): 8.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-23918 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-23918 ( NVD ): 8.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-23918 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-23984 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-23984 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-23984 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-23984 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-24853 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-24853 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H * CVE-2024-24968 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-24968 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-24968 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-24968 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-24980 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N * CVE-2024-24980 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N * CVE-2024-25939 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-25939 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-31068 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-31068 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-31068 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-31068 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-36293 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-36293 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-36293 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-36293 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-37020 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-37020 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-37020 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-37020 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-37020 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-39355 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-39355 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-39355 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-39355 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 11 SP4 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE An update that solves 27 vulnerabilities can now be installed. ## Description: This update for microcode_ctl fixes the following issues: * CVE-2024-31068: Improper Finite State Machines (FSMs) in Hardware Logic for some Intel Processors may allow privileged user to potentially enable denial of service via local access. (bsc#1237096) * CVE-2024-36293: A potential security vulnerability in some Intel Software Guard Extensions (Intel SGX) Platforms may allow denial of service. Intel is releasing microcode updates to mitigate this potential vulnerability. (bsc#1237096) * CVE-2024-39355: A potential security vulnerability in some 13th and 14th Generation Intel Core Processors may allow denial of service. Intel is releasing microcode and UEFI reference code updates to mitigate this potential vulnerability. (bsc#1237096) * CVE-2024-37020: A potential security vulnerability in the Intel Data Streaming Accelerator (Intel DSA) for some Intel Xeon Processors may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability. (bsc#1237096) * CVE-2024-21853: Faulty finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel Xeon Processors may allow an authorized user to potentially enable denial of service via local access. (bsc#1233313) * CVE-2024-23918: Improper conditions check in some Intel Xeon processor memory controller configurations when using Intel SGX may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1233313) * CVE-2024-21820: Incorrect default permissions in some Intel Xeon processor memory controller configurations when using Intel SGX may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1233313) * CVE-2024-24968: Improper finite state machines (FSMs) in hardware logic in some Intel Processors may allow an privileged user to potentially enable a denial of service via local access. (bsc#1230400) * CVE-2024-23984: Observable discrepancy in RAPL interface for some Intel Processors may allow a privileged user to potentially enable information disclosure via local access. (bsc#1230400) * CVE-2024-24853: Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1229129) * CVE-2024-25939: Mirrored regions with different values in 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. (bsc#1229129) * CVE-2024-24980: Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1229129) * CVE-2023-42667: Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. (bsc#1229129) * CVE-2023-49141: Improper isolation in some Intel(R) Processors stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. (bsc#1229129) * CVE-2023-45733: Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access. (bsc#1224277) * CVE-2023-46103: Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local access. (bsc#1224277) * CVE-2023-45745: Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1224277) * CVE-2023-47855: Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1224277) * CVE-2023-39368: Protection mechanism failure of bus lock regulator for some Intel Processors may allow an unauthenticated user to potentially enable denial of service via network access. (bsc#1221323) * CVE-2023-38575: Non-transparent sharing of return predictor targets between contexts in some Intel Processors may allow an authorized user to potentially enable information disclosure via local access. (bsc#1221323) * CVE-2023-28746: Information exposure through microarchitectural state after transient execution from some register files for some Intel Atom Processors may allow an authenticated user to potentially enable information disclosure via local access. (bsc#1221323) * CVE-2023-22655: Protection mechanism failure in some 3rd and 4th Generation Intel Xeon Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1221323) * CVE-2023-43490: Incorrect calculation in microcode keying mechanism for some Intel Xeon D Processors with Intel SGX may allow a privileged user to potentially enable information disclosure via local access. (bsc#1221323) * CVE-2023-23583: Fixed potential CPU deadlocks or privilege escalation (bsc#1215278) * CVE-2022-40982: Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. (bsc#1206418) * CVE-2023-23908: Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access. * CVE-2022-41804: Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Other fixes: * Intel CPU Microcode was updated to the 20250211 release (bsc#1237096) * Security updates for INTEL-SA-01166 https://www.intel.com/content/www/us/en/security-center/advisory/intel- sa-01166.html * Security updates for INTEL-SA-01213 https://www.intel.com/content/www/us/en/security-center/advisory/intel- sa-01213.html * Security updates for INTEL-SA-01139 https://www.intel.com/content/www/us/en/security-center/advisory/intel- sa-01139.html * Security updates for INTEL-SA-01228 https://www.intel.com/content/www/us/en/security-center/advisory/intel- sa-01228.html * Security updates for INTEL-SA-01194 https://www.intel.com/content/www/us/en/security-center/advisory/intel- sa-01194.html * Update for functional issues. Refer to Intel Core Ultra Processor https://cdrdv2.intel.com/v1/dl/getContent/792254 for details. * Update for functional issues. Refer to 13th/14th Generation Intel Core Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/740518 for details. * Update for functional issues. Refer to 12th Generation Intel Core Processor Family https://cdrdv2.intel.com/v1/dl/getContent/682436 for details. * Update for functional issues. Refer to 11th Gen Intel Core Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/631123 for details. * Update for functional issues. Refer to 8th and 9th Generation Intel Core Processor Family Spec Update https://cdrdv2.intel.com/v1/dl/getContent/337346 for details. * Update for functional issues. Refer to 5th Gen Intel Xeon Scalable Processors Specification Update https://cdrdv2.intel.com/v1/dl/getContent/793902 for details. * Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors Specification Update https://cdrdv2.intel.com/v1/dl/getContent/772415 for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Processor Scalable Family Specification Update https://cdrdv2.intel.com/v1/dl/getContent/637780 for details. * Update for functional issues. Refer to Intel Xeon D-2700 Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/714071 for details. * Update for functional issues. Refer to Intel Xeon E-2300 Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/709192 for details. * Update for functional issues. Refer to Intel Xeon 6700-Series Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/820922 for details. * Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series https://cdrdv2.intel.com/v1/dl/getContent/764616 for details * Intel CPU Microcode was updated to the 20241112 release (bsc#1233313) * Security updates for INTEL-SA-01101. * Security updates for INTEL-SA-01079. * Security updates for INTEL-SA-01079. * Updated security updates for INTEL-SA-01097. * Updated security updates for INTEL-SA-01103. * Update for functional issues. Refer to Intel Core Ultra Processor for details. * Update for functional issues. Refer to 14th/13th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 12th Generation Intel Core Processor Family for details. * Update for functional issues. Refer to 5th Gen Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Processor Scalable Family Specification Update for details. * Update for functional issues. Refer to Intel Xeon D-2700 Processor Specification Update for details. * Update for functional issues. Refer to Intel Xeon D-1700 and D-1800 Processor Family Specification Update for details * Intel CPU Microcode was updated to the 20241029 release (bsc#1230400) * Update for functional issues. Refer to 14th/13th Generation Intel Core Processor Specification Update for details. * Intel CPU Microcode was updated to the 20240910 release (bsc#1230400) * Security updates for INTEL-SA-01103 * Security updates for INTEL-SA-01097 * Update for functional issues. Refer to Intel Core Ultra Processor for details. * Update for functional issues. Refer to 13th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 12th Generation Intel Core Processor Family for details. * Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series for details. * Intel CPU Microcode was updated to the 20240813 release (bsc#1229129) * Security updates for INTEL-SA-01083 * Security updates for INTEL-SA-01118 * Security updates for INTEL-SA-01100 * Security updates for INTEL-SA-01038 * Security updates for INTEL-SA-01046 * Update for functional issues. Refer to Intel Core Ultra Processor for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Processor Scalable Family Specification Update for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 2nd Generation Intel Xeon Processor Scalable Family Specification Update for details * Update for functional issues. Refer to Intel Xeon D-2700 Processor Specification Update for details. * Update for functional issues. Refer to Intel Xeon E-2300 Processor Specification Update for details. * Update for functional issues. Refer to 13th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 12th Generation Intel Core Processor Family for details. * Update for functional issues. Refer to 11th Gen Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 10th Gen Intel Core Processor Families Specification Update for details. * Update for functional issues. Refer to 10th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 8th and 9th Generation Intel Core Processor Family Spec Update for details. * Update for functional issues. Refer to 8th Generation Intel Core Processor Families Specification Update for details. * Update for functional issues. Refer to 7th and 8th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series for details. * Update for functional issues. Refer to Intel Atom x6000E Series, and Intel Pentium and Celeron N and J Series Processors for Internet of Things (IoT) Applications for details. * Intel CPU Microcode was updated to 20240531 release: * Update for functional issues. Refer to Intel Pentium Silver and Intel Celeron Processor Specification Update * Intel CPU Microcode was updated to the 20240514 release (bsc#1224277) * Security updates for INTEL-SA-01051 https://www.intel.com/content/www/us/en/security-center/advisory/intel- sa-01051.html * Security updates for INTEL-SA-01052 https://www.intel.com/content/www/us/en/security-center/advisory/intel- sa-01052.html * Security updates for INTEL-SA-01036 https://www.intel.com/content/www/us/en/security-center/advisory/intel- sa-01036.html * Update for functional issues. Refer to 5th Gen Intel Xeon Processor Scalable Family https://cdrdv2.intel.com/v1/dl/getContent/793902 for details. * Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors Specification Update https://cdrdv2.intel.com/v1/dl/getContent/772415 for details. * Update for functional issues. Refer to 14th 13th Generation Intel Core Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/740518 for details. * Update for functional issues. Refer to 12th Generation Intel Core Processor Family https://cdrdv2.intel.com/v1/dl/getContent/682436 for details. * Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series https://cdrdv2.intel.com/v1/dl/getContent/764616 for details. * * Intel CPU Microcode was updated to 20240312 release. (bsc#1221323) * Security updates for INTEL-SA-INTEL-SA-00972 https://www.intel.com/content/www/us/en/security-center/advisory/intel- sa-00972.html * Security updates for INTEL-SA-INTEL-SA-00982 https://www.intel.com/content/www/us/en/security-center/advisory/intel- sa-00982.html * Security updates for INTEL-SA-INTEL-SA-00898 https://www.intel.com/content/www/us/en/security-center/advisory/intel- sa-00898.html * Security updates for INTEL-SA-INTEL-SA-00960 https://www.intel.com/content/www/us/en/security-center/advisory/intel- sa-00960.html * Security updates for INTEL-SA-INTEL-SA-01045 https://www.intel.com/content/www/us/en/security-center/advisory/intel- sa-01045.html * Update for functional issues. Refer to Intel Core Ultra Processor https://cdrdv2.intel.com/v1/dl/getContent/792254 for details. * Update for functional issues. Refer to 13th Generation Intel Core Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/740518 for details. * Update for functional issues. Refer to 12th Generation Intel Core Processor Family https://cdrdv2.intel.com/v1/dl/getContent/682436 for details. * Update for functional issues. Refer to 11th Gen Intel Core Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/631123 for details. * Update for functional issues. Refer to 10th Gen Intel Core Processor Families Specification Update https://cdrdv2.intel.com/v1/dl/getContent/341079 for details. * Update for functional issues. Refer to 10th Generation Intel Core Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/615213 for details. * Update for functional issues. Refer to 8th and 9th Generation Intel Core Processor Family Spec Update https://cdrdv2.intel.com/v1/dl/getContent/337346 for details. * Update for functional issues. Refer to 8th Generation Intel Core Processor Families Specification Update https://cdrdv2.intel.com/v1/dl/getContent/338025 for details. * Update for functional issues. Refer to 7th and 8th Generation Intel Core Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/334663 for details. * Update for functional issues. Refer to 5th Gen Intel Xeon Scalable Processors Specification Update https://cdrdv2.intel.com/v1/dl/getContent/793902 for details. * Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors Specification Update https://cdrdv2.intel.com/v1/dl/getContent/772415 for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Scalable Processors Specification Update https://cdrdv2.intel.com/v1/dl/getContent/634897 for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Processor Scalable Family Specification Update https://cdrdv2.intel.com/v1/dl/getContent/637780 for details. * Update for functional issues. Refer to 2nd Generation Intel Xeon Processor Scalable Family Specification Update https://cdrdv2.intel.com/v1/dl/getContent/338848 for details. * Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series https://cdrdv2.intel.com/v1/dl/getContent/764616 for details. * Update for functional issues. Refer to Intel Xeon D-2700 Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/714071 for details. * Update for functional issues. Refer to Intel Xeon E-2300 Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/709192 for details. * Update for functional issues. Refer to Intel Xeon Processor Scalable Family Specification Update https://cdrdv2.intel.com/v1/dl/getContent/613537 for details. * Update for functional issues. Refer to Intel Atom C3000 Processor Product Family Specification Update https://cdrdv2.intel.com/v1/dl/getContent/336345 for details. * Update for functional issues. Refer to Intel Atom x6000E Series, and Intel Pentium and Celeron N and J Series Processors for Internet of Things (IoT) Applications https://cdrdv2.intel.com/v1/dl/getContent/636674 for details. * Update for functional issues. Refer to Intel Pentium Silver and Intel Celeron Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/336562 for details. * Update for functional issues. Refer to Intel Pentium Silver and Intel Celeron Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/634542 for details. * Intel CPU Microcode was updated to 20231114 release. (bsc#1215278) * Security updates for INTEL-SA-00950 * Update for functional issues. Refer to 13th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 12th Generation Intel Core Processor Family for details. * Update for functional issues. Refer to 11th Gen Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 10th Gen Intel Core Processor Families Specification Update for details. * Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series for details. * Update for functional issues. Refer to Intel Xeon D-2700 Processor Specification Update for details. * Update for functional issues. Refer to Intel Xeon E-2300 Processor Specification Update for details. * Intel CPU Microcode was updated to 20231114 pre-release (labeled 20231113). (bsc#1215278) * Intel CPU Microcode was updated to 20230808 release. (bsc#1214099) * Security updates for INTEL-SA-00828 (bsc#1206418) * Security updates for INTEL-SA-00836 * Security updates for INTEL-SA-00837 * Update for functional issues. Refer to 13th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 12th Generation Intel Core Processor Family for details. * Update for functional issues. Refer to 11th Gen Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 10th Gen Intel Core Processor Families Specification Update for details. * Update for functional issues. Refer to 8th and 9th Generation Intel Core Processor Family Spec Update for details. * Update for functional issues. Refer to 8th Generation Intel Core Processor Families Specification Update for details. * Update for functional issues. Refer to 7th and 8th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series for details. * Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 2nd Generation Intel Xeon Processor Scalable Family Specification Update for details. * Update for functional issues. Refer to Intel Xeon Processor Scalable Family Specification Update for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Processor Scalable Family Specification Update for details. * Update for functional issues. Refer to Intel Xeon E-2300 Processor Specification Update for details. * Update for functional issues. Refer to Intel Xeon D-2700 Processor Specification Update for details. * Update for functional issues. Refer to Intel Xeon D-2100 Processor Specification Update for details. * Intel CPU Microcode was updated to 20230613 release. * Intel CPU Microcode was updated to 20230512 release. * Intel CPU Microcode was updated to 20230512 release. (bsc#1211382) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-1032=1 * SUSE Linux Enterprise Server 11 SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-1032=1 ## Package List: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (x86_64) * microcode_ctl-1.17-102.83.81.1 * SUSE Linux Enterprise Server 11 SP4 (x86_64) * microcode_ctl-1.17-102.83.81.1 ## References: * https://www.suse.com/security/cve/CVE-2022-40982.html * https://www.suse.com/security/cve/CVE-2022-41804.html * https://www.suse.com/security/cve/CVE-2023-22655.html * https://www.suse.com/security/cve/CVE-2023-23583.html * https://www.suse.com/security/cve/CVE-2023-23908.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-38575.html * https://www.suse.com/security/cve/CVE-2023-39368.html * https://www.suse.com/security/cve/CVE-2023-42667.html * https://www.suse.com/security/cve/CVE-2023-43490.html * https://www.suse.com/security/cve/CVE-2023-45733.html * https://www.suse.com/security/cve/CVE-2023-45745.html * https://www.suse.com/security/cve/CVE-2023-46103.html * https://www.suse.com/security/cve/CVE-2023-47855.html * https://www.suse.com/security/cve/CVE-2023-49141.html * https://www.suse.com/security/cve/CVE-2024-21820.html * https://www.suse.com/security/cve/CVE-2024-21853.html * https://www.suse.com/security/cve/CVE-2024-23918.html * https://www.suse.com/security/cve/CVE-2024-23984.html * https://www.suse.com/security/cve/CVE-2024-24853.html * https://www.suse.com/security/cve/CVE-2024-24968.html * https://www.suse.com/security/cve/CVE-2024-24980.html * https://www.suse.com/security/cve/CVE-2024-25939.html * https://www.suse.com/security/cve/CVE-2024-31068.html * https://www.suse.com/security/cve/CVE-2024-36293.html * https://www.suse.com/security/cve/CVE-2024-37020.html * https://www.suse.com/security/cve/CVE-2024-39355.html * https://bugzilla.suse.com/show_bug.cgi?id=1206418 * https://bugzilla.suse.com/show_bug.cgi?id=1211382 * https://bugzilla.suse.com/show_bug.cgi?id=1214099 * https://bugzilla.suse.com/show_bug.cgi?id=1215278 * https://bugzilla.suse.com/show_bug.cgi?id=1221323 * https://bugzilla.suse.com/show_bug.cgi?id=1224277 * https://bugzilla.suse.com/show_bug.cgi?id=1229129 * https://bugzilla.suse.com/show_bug.cgi?id=1230400 * https://bugzilla.suse.com/show_bug.cgi?id=1233313 * https://bugzilla.suse.com/show_bug.cgi?id=1237096 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 26 16:30:22 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 26 Mar 2025 16:30:22 -0000 Subject: SUSE-SU-2025:1029-1: important: Security update for ed25519-java Message-ID: <174300662284.6725.7685002345846721037@smelt2.prg2.suse.org> # Security update for ed25519-java Announcement ID: SUSE-SU-2025:1029-1 Release Date: 2025-03-26T13:11:52Z Rating: important References: * bsc#1239551 Cross-References: * CVE-2020-36843 CVSS scores: * CVE-2020-36843 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2020-36843 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2020-36843 ( NVD ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for ed25519-java fixes the following issues: * CVE-2020-36843: Fixed no check performed on scalar to avoid signature malleability (bsc#1239551) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1029=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1029=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1029=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1029=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1029=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1029=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1029=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1029=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1029=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1029=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1029=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1029=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1029=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1029=1 ## Package List: * openSUSE Leap 15.6 (noarch) * ed25519-java-javadoc-0.3.0-150200.5.9.1 * ed25519-java-0.3.0-150200.5.9.1 * Development Tools Module 15-SP6 (noarch) * ed25519-java-0.3.0-150200.5.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * ed25519-java-0.3.0-150200.5.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * ed25519-java-0.3.0-150200.5.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * ed25519-java-0.3.0-150200.5.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * ed25519-java-0.3.0-150200.5.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * ed25519-java-0.3.0-150200.5.9.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * ed25519-java-0.3.0-150200.5.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * ed25519-java-0.3.0-150200.5.9.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * ed25519-java-0.3.0-150200.5.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * ed25519-java-0.3.0-150200.5.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * ed25519-java-0.3.0-150200.5.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * ed25519-java-0.3.0-150200.5.9.1 * SUSE Enterprise Storage 7.1 (noarch) * ed25519-java-0.3.0-150200.5.9.1 ## References: * https://www.suse.com/security/cve/CVE-2020-36843.html * https://bugzilla.suse.com/show_bug.cgi?id=1239551 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 26 16:30:28 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 26 Mar 2025 16:30:28 -0000 Subject: SUSE-SU-2025:1028-1: important: Security update for proftpd Message-ID: <174300662856.6725.8647586770367336651@smelt2.prg2.suse.org> # Security update for proftpd Announcement ID: SUSE-SU-2025:1028-1 Release Date: 2025-03-26T12:50:12Z Rating: important References: * bsc#1238141 * bsc#1238143 Cross-References: * CVE-2024-48651 * CVE-2024-57392 CVSS scores: * CVE-2024-48651 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-48651 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-48651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-57392 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57392 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57392 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for proftpd fixes the following issues: * CVE-2024-57392: Fixed null pointer dereference vulnerability by sending a maliciously crafted message (bsc#1238143). * CVE-2024-48651: Fixed supplemental group inheritance granting unintended access to GID 0 (bsc#1238141). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1028=1 openSUSE-SLE-15.6-2025-1028=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1028=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * proftpd-sqlite-1.3.8b-150600.13.6.1 * proftpd-devel-1.3.8b-150600.13.6.1 * proftpd-radius-debuginfo-1.3.8b-150600.13.6.1 * proftpd-doc-1.3.8b-150600.13.6.1 * proftpd-sqlite-debuginfo-1.3.8b-150600.13.6.1 * proftpd-pgsql-debuginfo-1.3.8b-150600.13.6.1 * proftpd-pgsql-1.3.8b-150600.13.6.1 * proftpd-debugsource-1.3.8b-150600.13.6.1 * proftpd-ldap-debuginfo-1.3.8b-150600.13.6.1 * proftpd-mysql-1.3.8b-150600.13.6.1 * proftpd-mysql-debuginfo-1.3.8b-150600.13.6.1 * proftpd-ldap-1.3.8b-150600.13.6.1 * proftpd-1.3.8b-150600.13.6.1 * proftpd-radius-1.3.8b-150600.13.6.1 * proftpd-debuginfo-1.3.8b-150600.13.6.1 * openSUSE Leap 15.6 (noarch) * proftpd-lang-1.3.8b-150600.13.6.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * proftpd-sqlite-1.3.8b-150600.13.6.1 * proftpd-devel-1.3.8b-150600.13.6.1 * proftpd-radius-debuginfo-1.3.8b-150600.13.6.1 * proftpd-doc-1.3.8b-150600.13.6.1 * proftpd-sqlite-debuginfo-1.3.8b-150600.13.6.1 * proftpd-pgsql-debuginfo-1.3.8b-150600.13.6.1 * proftpd-pgsql-1.3.8b-150600.13.6.1 * proftpd-debugsource-1.3.8b-150600.13.6.1 * proftpd-ldap-debuginfo-1.3.8b-150600.13.6.1 * proftpd-mysql-1.3.8b-150600.13.6.1 * proftpd-mysql-debuginfo-1.3.8b-150600.13.6.1 * proftpd-ldap-1.3.8b-150600.13.6.1 * proftpd-1.3.8b-150600.13.6.1 * proftpd-radius-1.3.8b-150600.13.6.1 * proftpd-debuginfo-1.3.8b-150600.13.6.1 * Server Applications Module 15-SP6 (noarch) * proftpd-lang-1.3.8b-150600.13.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-48651.html * https://www.suse.com/security/cve/CVE-2024-57392.html * https://bugzilla.suse.com/show_bug.cgi?id=1238141 * https://bugzilla.suse.com/show_bug.cgi?id=1238143 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 26 16:36:41 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 26 Mar 2025 16:36:41 -0000 Subject: SUSE-SU-2025:1027-1: important: Security update for the Linux Kernel Message-ID: <174300700126.6725.12424281620456019330@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:1027-1 Release Date: 2025-03-26T12:12:07Z Rating: important References: * bsc#1065729 * bsc#1180814 * bsc#1183682 * bsc#1190336 * bsc#1190768 * bsc#1190786 * bsc#1193629 * bsc#1194869 * bsc#1194904 * bsc#1195823 * bsc#1196444 * bsc#1197158 * bsc#1197174 * bsc#1197246 * bsc#1197302 * bsc#1197331 * bsc#1197472 * bsc#1197661 * bsc#1197926 * bsc#1198019 * bsc#1198021 * bsc#1198240 * bsc#1198577 * bsc#1198660 * bsc#1199657 * bsc#1200045 * bsc#1200571 * bsc#1200807 * bsc#1200809 * bsc#1200810 * bsc#1200824 * bsc#1200825 * bsc#1200871 * bsc#1200872 * bsc#1201193 * bsc#1201218 * bsc#1201323 * bsc#1201381 * bsc#1201610 * bsc#1202672 * bsc#1202711 * bsc#1202712 * bsc#1202771 * bsc#1202774 * bsc#1202778 * bsc#1202781 * bsc#1203699 * bsc#1203769 * bsc#1204171 * bsc#1206048 * bsc#1206049 * bsc#1207593 * bsc#1207640 * bsc#1210050 * bsc#1211263 * bsc#1217339 * bsc#1228483 * bsc#1228708 * bsc#1228779 * bsc#1228966 * bsc#1237521 * bsc#1237718 * bsc#1237721 * bsc#1237722 * bsc#1237723 * bsc#1237724 * bsc#1237725 * bsc#1237726 * bsc#1237727 * bsc#1237728 * bsc#1237729 * bsc#1237734 * bsc#1237735 * bsc#1237736 * bsc#1237737 * bsc#1237738 * bsc#1237739 * bsc#1237740 * bsc#1237742 * bsc#1237743 * bsc#1237745 * bsc#1237746 * bsc#1237748 * bsc#1237751 * bsc#1237752 * bsc#1237753 * bsc#1237755 * bsc#1237759 * bsc#1237761 * bsc#1237763 * bsc#1237766 * bsc#1237767 * bsc#1237768 * bsc#1237774 * bsc#1237775 * bsc#1237778 * bsc#1237779 * bsc#1237780 * bsc#1237782 * bsc#1237783 * bsc#1237784 * bsc#1237785 * bsc#1237786 * bsc#1237787 * bsc#1237788 * bsc#1237789 * bsc#1237795 * bsc#1237797 * bsc#1237798 * bsc#1237807 * bsc#1237808 * bsc#1237810 * bsc#1237812 * bsc#1237813 * bsc#1237814 * bsc#1237815 * bsc#1237817 * bsc#1237818 * bsc#1237821 * bsc#1237823 * bsc#1237824 * bsc#1237826 * bsc#1237827 * bsc#1237829 * bsc#1237831 * bsc#1237835 * bsc#1237836 * bsc#1237837 * bsc#1237839 * bsc#1237840 * bsc#1237845 * bsc#1237846 * bsc#1237868 * bsc#1237872 * bsc#1237892 * bsc#1237903 * bsc#1237904 * bsc#1237916 * bsc#1237922 * bsc#1237925 * bsc#1237926 * bsc#1237929 * bsc#1237931 * bsc#1237932 * bsc#1237933 * bsc#1237937 * bsc#1237939 * bsc#1237940 * bsc#1237941 * bsc#1237942 * bsc#1237946 * bsc#1237951 * bsc#1237952 * bsc#1237954 * bsc#1237955 * bsc#1237957 * bsc#1237958 * bsc#1237959 * bsc#1237960 * bsc#1237961 * bsc#1237963 * bsc#1237965 * bsc#1237966 * bsc#1237967 * bsc#1237968 * bsc#1237969 * bsc#1237970 * bsc#1237971 * bsc#1237973 * bsc#1237975 * bsc#1237976 * bsc#1237978 * bsc#1237979 * bsc#1237983 * bsc#1237984 * bsc#1237986 * bsc#1237987 * bsc#1237990 * bsc#1237996 * bsc#1237997 * bsc#1237998 * bsc#1237999 * bsc#1238000 * bsc#1238003 * bsc#1238006 * bsc#1238007 * bsc#1238010 * bsc#1238011 * bsc#1238012 * bsc#1238013 * bsc#1238014 * bsc#1238016 * bsc#1238017 * bsc#1238018 * bsc#1238019 * bsc#1238021 * bsc#1238022 * bsc#1238024 * bsc#1238030 * bsc#1238036 * bsc#1238037 * bsc#1238041 * bsc#1238046 * bsc#1238047 * bsc#1238071 * bsc#1238077 * bsc#1238079 * bsc#1238080 * bsc#1238089 * bsc#1238090 * bsc#1238091 * bsc#1238092 * bsc#1238096 * bsc#1238097 * bsc#1238099 * bsc#1238103 * bsc#1238105 * bsc#1238106 * bsc#1238108 * bsc#1238110 * bsc#1238111 * bsc#1238112 * bsc#1238113 * bsc#1238115 * bsc#1238116 * bsc#1238120 * bsc#1238123 * bsc#1238125 * bsc#1238126 * bsc#1238127 * bsc#1238131 * bsc#1238134 * bsc#1238135 * bsc#1238138 * bsc#1238139 * bsc#1238140 * bsc#1238142 * bsc#1238144 * bsc#1238146 * bsc#1238147 * bsc#1238149 * bsc#1238150 * bsc#1238155 * bsc#1238156 * bsc#1238157 * bsc#1238158 * bsc#1238162 * bsc#1238166 * bsc#1238167 * bsc#1238168 * bsc#1238169 * bsc#1238170 * bsc#1238171 * bsc#1238172 * bsc#1238175 * bsc#1238176 * bsc#1238177 * bsc#1238180 * bsc#1238181 * bsc#1238183 * bsc#1238184 * bsc#1238228 * bsc#1238229 * bsc#1238231 * bsc#1238234 * bsc#1238235 * bsc#1238236 * bsc#1238238 * bsc#1238239 * bsc#1238241 * bsc#1238242 * bsc#1238243 * bsc#1238244 * bsc#1238246 * bsc#1238247 * bsc#1238248 * bsc#1238249 * bsc#1238253 * bsc#1238255 * bsc#1238256 * bsc#1238257 * bsc#1238260 * bsc#1238262 * bsc#1238263 * bsc#1238264 * bsc#1238266 * bsc#1238267 * bsc#1238268 * bsc#1238269 * bsc#1238270 * bsc#1238271 * bsc#1238272 * bsc#1238274 * bsc#1238275 * bsc#1238276 * bsc#1238277 * bsc#1238278 * bsc#1238279 * bsc#1238281 * bsc#1238282 * bsc#1238283 * bsc#1238284 * bsc#1238286 * bsc#1238287 * bsc#1238288 * bsc#1238289 * bsc#1238292 * bsc#1238293 * bsc#1238295 * bsc#1238298 * bsc#1238301 * bsc#1238302 * bsc#1238306 * bsc#1238307 * bsc#1238308 * bsc#1238309 * bsc#1238311 * bsc#1238313 * bsc#1238326 * bsc#1238327 * bsc#1238328 * bsc#1238331 * bsc#1238333 * bsc#1238334 * bsc#1238336 * bsc#1238337 * bsc#1238338 * bsc#1238339 * bsc#1238343 * bsc#1238345 * bsc#1238372 * bsc#1238373 * bsc#1238374 * bsc#1238376 * bsc#1238377 * bsc#1238381 * bsc#1238382 * bsc#1238383 * bsc#1238386 * bsc#1238387 * bsc#1238388 * bsc#1238389 * bsc#1238390 * bsc#1238391 * bsc#1238392 * bsc#1238393 * bsc#1238394 * bsc#1238395 * bsc#1238396 * bsc#1238397 * bsc#1238400 * bsc#1238410 * bsc#1238411 * bsc#1238413 * bsc#1238415 * bsc#1238416 * bsc#1238417 * bsc#1238418 * bsc#1238419 * bsc#1238420 * bsc#1238423 * bsc#1238428 * bsc#1238429 * bsc#1238430 * bsc#1238431 * bsc#1238432 * bsc#1238433 * bsc#1238434 * bsc#1238435 * bsc#1238436 * bsc#1238437 * bsc#1238440 * bsc#1238441 * bsc#1238442 * bsc#1238443 * bsc#1238444 * bsc#1238445 * bsc#1238446 * bsc#1238447 * bsc#1238453 * bsc#1238454 * bsc#1238458 * bsc#1238459 * bsc#1238462 * bsc#1238463 * bsc#1238465 * bsc#1238467 * bsc#1238469 * bsc#1238533 * bsc#1238536 * bsc#1238538 * bsc#1238539 * bsc#1238540 * bsc#1238543 * bsc#1238545 * bsc#1238546 * bsc#1238556 * bsc#1238557 * bsc#1238599 * bsc#1238600 * bsc#1238601 * bsc#1238602 * bsc#1238605 * bsc#1238612 * bsc#1238615 * bsc#1238617 * bsc#1238618 * bsc#1238619 * bsc#1238621 * bsc#1238623 * bsc#1238625 * bsc#1238626 * bsc#1238630 * bsc#1238631 * bsc#1238632 * bsc#1238633 * bsc#1238635 * bsc#1238636 * bsc#1238638 * bsc#1238639 * bsc#1238640 * bsc#1238641 * bsc#1238642 * bsc#1238643 * bsc#1238645 * bsc#1238646 * bsc#1238647 * bsc#1238650 * bsc#1238653 * bsc#1238654 * bsc#1238655 * bsc#1238662 * bsc#1238663 * bsc#1238664 * bsc#1238666 * bsc#1238668 * bsc#1238705 * bsc#1238707 * bsc#1238710 * bsc#1238712 * bsc#1238718 * bsc#1238719 * bsc#1238721 * bsc#1238722 * bsc#1238727 * bsc#1238729 * bsc#1238750 * bsc#1238787 * bsc#1238789 * bsc#1238792 * bsc#1238799 * bsc#1238804 * bsc#1238805 * bsc#1238808 * bsc#1238809 * bsc#1238811 * bsc#1238814 * bsc#1238815 * bsc#1238816 * bsc#1238817 * bsc#1238818 * bsc#1238819 * bsc#1238821 * bsc#1238823 * bsc#1238825 * bsc#1238830 * bsc#1238834 * bsc#1238835 * bsc#1238836 * bsc#1238838 * bsc#1238867 * bsc#1238868 * bsc#1238869 * bsc#1238870 * bsc#1238871 * bsc#1238878 * bsc#1238889 * bsc#1238892 * bsc#1238893 * bsc#1238897 * bsc#1238898 * bsc#1238899 * bsc#1238902 * bsc#1238916 * bsc#1238925 * bsc#1238930 * bsc#1238933 * bsc#1238936 * bsc#1238937 * bsc#1238938 * bsc#1238939 * bsc#1238943 * bsc#1238945 * bsc#1238948 * bsc#1238949 * bsc#1238950 * bsc#1238951 * bsc#1238952 * bsc#1238954 * bsc#1238956 * bsc#1238957 * bsc#1239001 * bsc#1239004 * bsc#1239035 * bsc#1239040 * bsc#1239041 * bsc#1239051 * bsc#1239060 * bsc#1239070 * bsc#1239071 * bsc#1239073 * bsc#1239076 * bsc#1239109 * bsc#1239115 * jsc#PED-1073 * jsc#SLE-15442 * jsc#SLE-18377 * jsc#SLE-19249 * jsc#SLE-24682 Cross-References: * CVE-2021-4453 * CVE-2021-47631 * CVE-2021-47632 * CVE-2021-47633 * CVE-2021-47635 * CVE-2021-47636 * CVE-2021-47637 * CVE-2021-47638 * CVE-2021-47639 * CVE-2021-47641 * CVE-2021-47642 * CVE-2021-47643 * CVE-2021-47644 * CVE-2021-47645 * CVE-2021-47646 * CVE-2021-47647 * CVE-2021-47648 * CVE-2021-47649 * CVE-2021-47650 * CVE-2021-47651 * CVE-2021-47652 * CVE-2021-47653 * CVE-2021-47654 * CVE-2021-47656 * CVE-2021-47657 * CVE-2021-47659 * CVE-2022-0168 * CVE-2022-0995 * CVE-2022-1048 * CVE-2022-1184 * CVE-2022-2977 * CVE-2022-29900 * CVE-2022-29901 * CVE-2022-3303 * CVE-2022-3435 * CVE-2022-49044 * CVE-2022-49050 * CVE-2022-49051 * CVE-2022-49054 * CVE-2022-49055 * CVE-2022-49058 * CVE-2022-49059 * CVE-2022-49060 * CVE-2022-49061 * CVE-2022-49063 * CVE-2022-49065 * CVE-2022-49066 * CVE-2022-49073 * CVE-2022-49074 * CVE-2022-49076 * CVE-2022-49078 * CVE-2022-49082 * CVE-2022-49083 * CVE-2022-49084 * CVE-2022-49085 * CVE-2022-49086 * CVE-2022-49088 * CVE-2022-49089 * CVE-2022-49090 * CVE-2022-49091 * CVE-2022-49092 * CVE-2022-49093 * CVE-2022-49095 * CVE-2022-49096 * CVE-2022-49097 * CVE-2022-49098 * CVE-2022-49099 * CVE-2022-49100 * CVE-2022-49102 * CVE-2022-49103 * CVE-2022-49104 * CVE-2022-49105 * CVE-2022-49106 * CVE-2022-49107 * CVE-2022-49109 * CVE-2022-49111 * CVE-2022-49112 * CVE-2022-49113 * CVE-2022-49114 * CVE-2022-49115 * CVE-2022-49116 * CVE-2022-49118 * CVE-2022-49119 * CVE-2022-49120 * CVE-2022-49121 * CVE-2022-49122 * CVE-2022-49126 * CVE-2022-49128 * CVE-2022-49129 * CVE-2022-49130 * CVE-2022-49131 * CVE-2022-49132 * CVE-2022-49135 * CVE-2022-49137 * CVE-2022-49145 * CVE-2022-49147 * CVE-2022-49148 * CVE-2022-49151 * CVE-2022-49153 * CVE-2022-49154 * CVE-2022-49155 * CVE-2022-49156 * CVE-2022-49157 * CVE-2022-49158 * CVE-2022-49159 * CVE-2022-49160 * CVE-2022-49162 * CVE-2022-49163 * CVE-2022-49164 * CVE-2022-49165 * CVE-2022-49174 * CVE-2022-49175 * CVE-2022-49176 * CVE-2022-49177 * CVE-2022-49179 * CVE-2022-49180 * CVE-2022-49182 * CVE-2022-49185 * CVE-2022-49187 * CVE-2022-49188 * CVE-2022-49189 * CVE-2022-49193 * CVE-2022-49194 * CVE-2022-49196 * CVE-2022-49199 * CVE-2022-49200 * CVE-2022-49201 * CVE-2022-49206 * CVE-2022-49208 * CVE-2022-49212 * CVE-2022-49213 * CVE-2022-49214 * CVE-2022-49216 * CVE-2022-49217 * CVE-2022-49218 * CVE-2022-49221 * CVE-2022-49222 * CVE-2022-49224 * CVE-2022-49226 * CVE-2022-49227 * CVE-2022-49232 * CVE-2022-49235 * CVE-2022-49236 * CVE-2022-49239 * CVE-2022-49241 * CVE-2022-49242 * CVE-2022-49243 * CVE-2022-49244 * CVE-2022-49246 * CVE-2022-49247 * CVE-2022-49248 * CVE-2022-49249 * CVE-2022-49250 * CVE-2022-49251 * CVE-2022-49252 * CVE-2022-49253 * CVE-2022-49254 * CVE-2022-49256 * CVE-2022-49257 * CVE-2022-49258 * CVE-2022-49259 * CVE-2022-49260 * CVE-2022-49261 * CVE-2022-49262 * CVE-2022-49263 * CVE-2022-49264 * CVE-2022-49265 * CVE-2022-49266 * CVE-2022-49268 * CVE-2022-49269 * CVE-2022-49270 * CVE-2022-49271 * CVE-2022-49272 * CVE-2022-49273 * CVE-2022-49274 * CVE-2022-49275 * CVE-2022-49276 * CVE-2022-49277 * CVE-2022-49278 * CVE-2022-49279 * CVE-2022-49280 * CVE-2022-49281 * CVE-2022-49283 * CVE-2022-49285 * CVE-2022-49286 * CVE-2022-49287 * CVE-2022-49288 * CVE-2022-49290 * CVE-2022-49291 * CVE-2022-49292 * CVE-2022-49294 * CVE-2022-49295 * CVE-2022-49297 * CVE-2022-49298 * CVE-2022-49299 * CVE-2022-49300 * CVE-2022-49301 * CVE-2022-49302 * CVE-2022-49304 * CVE-2022-49305 * CVE-2022-49307 * CVE-2022-49308 * CVE-2022-49309 * CVE-2022-49310 * CVE-2022-49311 * CVE-2022-49312 * CVE-2022-49313 * CVE-2022-49314 * CVE-2022-49315 * CVE-2022-49316 * CVE-2022-49319 * CVE-2022-49320 * CVE-2022-49321 * CVE-2022-49322 * CVE-2022-49323 * CVE-2022-49326 * CVE-2022-49327 * CVE-2022-49328 * CVE-2022-49331 * CVE-2022-49332 * CVE-2022-49335 * CVE-2022-49336 * CVE-2022-49337 * CVE-2022-49339 * CVE-2022-49341 * CVE-2022-49342 * CVE-2022-49343 * CVE-2022-49345 * CVE-2022-49346 * CVE-2022-49347 * CVE-2022-49348 * CVE-2022-49349 * CVE-2022-49350 * CVE-2022-49351 * CVE-2022-49352 * CVE-2022-49354 * CVE-2022-49356 * CVE-2022-49357 * CVE-2022-49367 * CVE-2022-49368 * CVE-2022-49370 * CVE-2022-49371 * CVE-2022-49373 * CVE-2022-49375 * CVE-2022-49376 * CVE-2022-49377 * CVE-2022-49378 * CVE-2022-49379 * CVE-2022-49381 * CVE-2022-49382 * CVE-2022-49384 * CVE-2022-49385 * CVE-2022-49386 * CVE-2022-49389 * CVE-2022-49392 * CVE-2022-49394 * CVE-2022-49396 * CVE-2022-49397 * CVE-2022-49398 * CVE-2022-49399 * CVE-2022-49400 * CVE-2022-49402 * CVE-2022-49404 * CVE-2022-49407 * CVE-2022-49409 * CVE-2022-49410 * CVE-2022-49411 * CVE-2022-49412 * CVE-2022-49413 * CVE-2022-49414 * CVE-2022-49416 * CVE-2022-49418 * CVE-2022-49421 * CVE-2022-49422 * CVE-2022-49424 * CVE-2022-49426 * CVE-2022-49427 * CVE-2022-49429 * CVE-2022-49430 * CVE-2022-49431 * CVE-2022-49432 * CVE-2022-49433 * CVE-2022-49434 * CVE-2022-49435 * CVE-2022-49437 * CVE-2022-49438 * CVE-2022-49440 * CVE-2022-49441 * CVE-2022-49442 * CVE-2022-49443 * CVE-2022-49444 * CVE-2022-49445 * CVE-2022-49447 * CVE-2022-49448 * CVE-2022-49449 * CVE-2022-49451 * CVE-2022-49453 * CVE-2022-49455 * CVE-2022-49459 * CVE-2022-49460 * CVE-2022-49462 * CVE-2022-49463 * CVE-2022-49466 * CVE-2022-49467 * CVE-2022-49468 * CVE-2022-49472 * CVE-2022-49473 * CVE-2022-49474 * CVE-2022-49475 * CVE-2022-49477 * CVE-2022-49478 * CVE-2022-49480 * CVE-2022-49481 * CVE-2022-49482 * CVE-2022-49486 * CVE-2022-49487 * CVE-2022-49488 * CVE-2022-49489 * CVE-2022-49490 * CVE-2022-49491 * CVE-2022-49492 * CVE-2022-49493 * CVE-2022-49494 * CVE-2022-49495 * CVE-2022-49498 * CVE-2022-49501 * CVE-2022-49502 * CVE-2022-49503 * CVE-2022-49504 * CVE-2022-49505 * CVE-2022-49506 * CVE-2022-49507 * CVE-2022-49508 * CVE-2022-49509 * CVE-2022-49512 * CVE-2022-49514 * CVE-2022-49515 * CVE-2022-49517 * CVE-2022-49519 * CVE-2022-49520 * CVE-2022-49521 * CVE-2022-49522 * CVE-2022-49523 * CVE-2022-49524 * CVE-2022-49525 * CVE-2022-49526 * CVE-2022-49527 * CVE-2022-49532 * CVE-2022-49534 * CVE-2022-49535 * CVE-2022-49536 * CVE-2022-49537 * CVE-2022-49541 * CVE-2022-49542 * CVE-2022-49544 * CVE-2022-49545 * CVE-2022-49546 * CVE-2022-49549 * CVE-2022-49551 * CVE-2022-49555 * CVE-2022-49556 * CVE-2022-49559 * CVE-2022-49562 * CVE-2022-49563 * CVE-2022-49564 * CVE-2022-49566 * CVE-2022-49568 * CVE-2022-49569 * CVE-2022-49570 * CVE-2022-49579 * CVE-2022-49581 * CVE-2022-49583 * CVE-2022-49584 * CVE-2022-49591 * CVE-2022-49592 * CVE-2022-49603 * CVE-2022-49605 * CVE-2022-49606 * CVE-2022-49607 * CVE-2022-49609 * CVE-2022-49610 * CVE-2022-49611 * CVE-2022-49613 * CVE-2022-49615 * CVE-2022-49616 * CVE-2022-49617 * CVE-2022-49618 * CVE-2022-49621 * CVE-2022-49623 * CVE-2022-49625 * CVE-2022-49626 * CVE-2022-49627 * CVE-2022-49628 * CVE-2022-49631 * CVE-2022-49634 * CVE-2022-49640 * CVE-2022-49641 * CVE-2022-49642 * CVE-2022-49643 * CVE-2022-49644 * CVE-2022-49645 * CVE-2022-49646 * CVE-2022-49647 * CVE-2022-49648 * CVE-2022-49649 * CVE-2022-49652 * CVE-2022-49653 * CVE-2022-49656 * CVE-2022-49657 * CVE-2022-49661 * CVE-2022-49663 * CVE-2022-49665 * CVE-2022-49667 * CVE-2022-49668 * CVE-2022-49670 * CVE-2022-49671 * CVE-2022-49672 * CVE-2022-49673 * CVE-2022-49674 * CVE-2022-49675 * CVE-2022-49676 * CVE-2022-49677 * CVE-2022-49678 * CVE-2022-49679 * CVE-2022-49680 * CVE-2022-49683 * CVE-2022-49685 * CVE-2022-49687 * CVE-2022-49688 * CVE-2022-49693 * CVE-2022-49695 * CVE-2022-49699 * CVE-2022-49700 * CVE-2022-49701 * CVE-2022-49703 * CVE-2022-49704 * CVE-2022-49705 * CVE-2022-49707 * CVE-2022-49708 * CVE-2022-49710 * CVE-2022-49711 * CVE-2022-49712 * CVE-2022-49713 * CVE-2022-49714 * CVE-2022-49715 * CVE-2022-49716 * CVE-2022-49719 * CVE-2022-49720 * CVE-2022-49721 * CVE-2022-49722 * CVE-2022-49723 * CVE-2022-49724 * CVE-2022-49725 * CVE-2022-49726 * CVE-2022-49729 * CVE-2022-49730 * CVE-2022-49731 * CVE-2022-49733 * CVE-2023-28410 * CVE-2024-2201 * CVE-2024-41092 * CVE-2024-42098 * CVE-2024-42229 * CVE-2024-42240 * CVE-2024-57996 * CVE-2024-58014 * CVE-2025-21718 * CVE-2025-21780 CVSS scores: * CVE-2021-4453 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-4453 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-4453 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47631 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47631 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47632 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47632 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47632 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47633 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2021-47633 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2021-47635 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2021-47635 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47636 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47636 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47637 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47637 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47637 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47638 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2021-47638 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47638 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47639 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2021-47639 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47639 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47641 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47641 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47641 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47642 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2021-47642 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47643 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47643 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47644 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2021-47644 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47644 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47645 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47645 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47646 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2021-47646 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47646 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47647 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47647 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47648 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47648 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47649 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47649 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47650 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47650 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47651 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47651 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47651 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47652 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47652 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47652 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47653 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47653 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47653 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47654 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2021-47654 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47654 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47656 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2021-47656 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47656 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47657 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2021-47657 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47657 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47659 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2021-47659 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-0168 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-0168 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-0995 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-0995 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-1048 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-1048 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-1184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-1184 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-2977 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H * CVE-2022-2977 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-29900 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-29900 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2022-29901 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-29901 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2022-3303 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-3303 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-3435 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-3435 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-49044 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2022-49044 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-49050 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49050 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49051 ( SUSE ): 4.3 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2022-49051 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N * CVE-2022-49054 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2022-49054 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2022-49055 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49055 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49055 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49058 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49058 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49059 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49059 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49059 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49060 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49060 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49061 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49061 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49061 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49063 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49063 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49063 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49065 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49065 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49065 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49066 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49066 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49073 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49073 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49074 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49076 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49076 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49076 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49078 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49078 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49078 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49082 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49082 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49083 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49083 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49084 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49084 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49085 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49085 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49086 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49086 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49088 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49088 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49089 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49089 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-49090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49091 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49091 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49092 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49093 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49093 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49093 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49095 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49096 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49096 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2022-49096 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49097 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49097 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49098 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49098 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49099 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49099 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49100 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49100 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49102 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49102 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49103 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49103 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49103 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49105 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49105 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49105 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49106 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49106 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49107 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49107 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49107 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49109 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49111 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49111 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49111 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49112 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49112 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49113 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49113 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49114 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49114 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49114 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49115 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49115 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49116 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49116 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49116 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49118 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49119 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49119 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49120 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49121 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49121 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49122 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49126 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49126 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49126 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49128 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49128 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49128 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49129 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49129 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49129 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49130 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49130 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49130 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49131 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49131 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49132 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49132 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49135 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49135 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49135 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49137 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49137 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49137 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49145 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49145 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-49147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49148 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49153 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49153 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49153 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49154 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49154 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-49155 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49155 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49156 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49156 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49157 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49157 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49158 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2022-49158 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-49159 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49159 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49160 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49160 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49162 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49163 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49163 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49164 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49164 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49165 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49174 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49174 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49175 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49175 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49176 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49176 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49177 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49177 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49177 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49179 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49179 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49180 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49180 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49182 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49185 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49187 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49187 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49187 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49188 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49189 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2022-49189 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2022-49193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49194 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49196 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49196 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49199 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49200 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49201 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49206 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49206 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49206 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49208 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49208 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49208 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49212 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49212 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49212 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49213 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49213 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49213 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49214 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49216 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49216 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49216 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49218 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49218 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-49221 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49221 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49221 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49222 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49222 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49224 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49224 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49226 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49226 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49227 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49232 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49232 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49235 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49235 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49235 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49236 ( SUSE ): 7.5 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49236 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49236 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49239 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49239 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49239 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49241 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49241 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49241 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49242 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49242 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49243 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49243 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49244 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49247 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49248 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49249 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49249 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49250 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49250 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49251 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49252 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49253 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49254 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49254 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49256 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49257 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49258 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49258 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49259 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49260 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49260 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-49261 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49261 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49262 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49262 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49263 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49264 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49265 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49266 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49266 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49268 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49268 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49269 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2022-49269 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2022-49270 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49270 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49271 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49271 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49273 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49273 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49274 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49274 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49275 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49275 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49275 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49276 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49276 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49277 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49277 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49278 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49279 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49279 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49280 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49281 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49283 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49285 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49285 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49286 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49286 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49287 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49288 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49290 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49290 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2022-49291 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49291 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49291 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49292 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49292 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49294 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49294 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49295 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49295 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49297 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49297 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49298 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2022-49298 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-49299 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49299 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49300 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49300 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49301 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49301 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49302 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49302 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49304 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49305 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49307 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49307 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49307 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49308 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49309 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49309 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49309 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49310 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49310 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49310 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49311 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49311 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49311 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49312 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49312 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49312 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49313 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49314 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49314 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49315 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49315 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49316 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49316 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49316 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49319 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49319 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49320 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49320 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49321 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49321 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49321 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49322 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49322 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49323 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49323 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49323 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49326 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49326 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49326 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49327 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49327 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49327 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49328 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49328 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49328 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49331 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49331 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49332 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49335 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49335 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49335 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49336 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49336 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49337 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49337 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49339 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49339 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49341 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49341 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49342 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49342 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49342 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49343 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49343 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49345 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49346 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49346 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49347 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49347 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49348 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49348 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49349 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49349 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49349 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49350 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49350 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49352 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49352 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49354 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49354 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49356 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49357 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49357 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49367 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49370 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49370 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49371 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49373 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49375 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49376 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49376 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49377 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49377 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49378 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49379 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49381 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49381 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49382 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49384 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49385 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49385 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49386 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49389 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49392 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49392 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49394 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49394 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49396 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49397 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49398 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49399 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49400 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49402 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49407 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49409 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49410 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49411 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49411 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49412 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49412 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49413 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49413 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49413 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49414 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49416 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49416 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49418 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49421 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49422 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49424 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49426 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49426 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49427 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49429 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49429 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49430 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49431 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49431 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49432 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49432 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49433 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49434 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49434 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49435 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49437 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49438 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49438 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49440 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49440 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49442 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49443 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49444 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49445 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49447 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49447 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49448 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49449 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49451 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49453 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49453 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49455 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49459 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49459 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49460 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49460 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49462 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49466 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49467 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49468 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49468 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49472 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49472 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49473 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49474 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49475 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49478 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49480 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49481 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49482 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49487 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49487 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49488 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49489 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49489 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49490 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49491 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49492 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49492 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49493 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49493 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49493 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49494 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49495 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49498 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2022-49498 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-49501 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49501 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49501 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49502 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49502 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49503 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49504 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49504 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49505 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49506 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49507 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49508 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49509 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49512 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49514 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49517 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49519 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49520 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2022-49520 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2022-49521 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49521 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49522 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49522 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49523 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49524 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49524 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49525 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49525 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49526 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49526 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49527 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49527 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49527 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49532 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49532 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49534 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49534 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49534 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49535 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49535 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49535 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49536 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49536 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49536 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49537 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49537 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49541 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49541 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2022-49541 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49542 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49542 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49542 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49544 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49544 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49544 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49545 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49545 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49546 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49546 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49546 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49549 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49549 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49551 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49551 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-49555 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49556 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49559 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49562 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49563 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49563 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49563 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49564 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49564 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49564 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49566 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49566 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49568 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49568 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49568 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49569 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49570 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49570 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49579 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49579 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49581 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49583 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49584 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49591 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49591 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49592 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49603 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49605 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49606 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49607 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49609 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49609 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49610 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2022-49610 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L * CVE-2022-49611 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49613 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49615 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49615 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49615 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49616 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49616 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49617 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49617 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49618 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49618 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49618 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49621 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49621 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49621 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49623 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49623 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-49625 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49626 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49627 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49628 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49631 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49634 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49634 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49640 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49640 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49641 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49641 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49642 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49643 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49643 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49644 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49644 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49646 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49646 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49647 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49647 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49648 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49648 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49649 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49649 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49652 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49652 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49653 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49653 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49656 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49656 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49657 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49657 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49661 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49663 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49665 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49667 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49668 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49670 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49671 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49672 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49673 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49673 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49674 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49676 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49676 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49677 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49677 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49678 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49678 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49679 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49679 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49680 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49680 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49683 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49683 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49685 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49685 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49687 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49693 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49693 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49695 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49699 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49700 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49700 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49701 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49703 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49703 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49704 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49705 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49705 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49707 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49707 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49708 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49710 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49711 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49711 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49712 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49712 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49713 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49713 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49714 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49714 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49715 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49715 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49716 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49716 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49719 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49719 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49720 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49721 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49722 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49723 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49724 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49725 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49726 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49729 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49729 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49729 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49730 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49730 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49731 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49731 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49731 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49733 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28410 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-28410 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-2201 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-41092 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41092 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42229 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42229 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42240 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42240 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57996 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57996 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-58014 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-58014 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21718 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21718 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21718 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21780 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21780 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 468 vulnerabilities, contains five features and has 46 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). * CVE-2024-41092: drm/i915/gt: Fix potential UAF by revoke of fence registers (bsc#1228483). * CVE-2024-42098: crypto: ecdh - explicitly zeroize private_key (bsc#1228779). * CVE-2024-42229: crypto: aead,cipher - zeroize key buffer after use (bsc#1228708). * CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076). * CVE-2024-58014: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (bsc#1239109). * CVE-2025-21718: net: rose: fix timer races against user threads (bsc#1239073). * CVE-2025-21780: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (bsc#1239115). The following non-security bugs were fixed: * initcall_blacklist: Does not allow kernel_lockdown be blacklisted (bsc#1237521). * x86/bhi: Avoid warning in #DB handler due to BHI mitigation (git-fixes). * x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). * x86/bugs: Fix BHI documentation (git-fixes). * x86/bugs: Fix BHI handling of RRSBA (git-fixes). * x86/bugs: Fix BHI retpoline check (git-fixes). * x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). * x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git- fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1027=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1027=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1027=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1027=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1027=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1027=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-1027=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2025-1027=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1027=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1027=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1027=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1027=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1027=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1027=1 ## Package List: * SUSE Manager Server 4.3 (nosrc ppc64le s390x x86_64) * kernel-default-5.14.21-150400.24.158.1 * SUSE Manager Server 4.3 (ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.158.1.150400.24.78.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.158.1 * kernel-default-debuginfo-5.14.21-150400.24.158.1 * kernel-default-devel-5.14.21-150400.24.158.1 * kernel-default-debugsource-5.14.21-150400.24.158.1 * kernel-syms-5.14.21-150400.24.158.1 * SUSE Manager Server 4.3 (noarch) * kernel-devel-5.14.21-150400.24.158.1 * kernel-macros-5.14.21-150400.24.158.1 * kernel-source-5.14.21-150400.24.158.1 * SUSE Manager Server 4.3 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.158.1 * SUSE Manager Server 4.3 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.158.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.158.1 * openSUSE Leap 15.4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.158.1 * openSUSE Leap 15.4 (noarch) * kernel-devel-5.14.21-150400.24.158.1 * kernel-source-vanilla-5.14.21-150400.24.158.1 * kernel-macros-5.14.21-150400.24.158.1 * kernel-docs-html-5.14.21-150400.24.158.1 * kernel-source-5.14.21-150400.24.158.1 * openSUSE Leap 15.4 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150400.24.158.1 * openSUSE Leap 15.4 (ppc64le x86_64) * kernel-debug-debugsource-5.14.21-150400.24.158.1 * kernel-debug-devel-debuginfo-5.14.21-150400.24.158.1 * kernel-debug-debuginfo-5.14.21-150400.24.158.1 * kernel-debug-devel-5.14.21-150400.24.158.1 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * kernel-kvmsmall-devel-5.14.21-150400.24.158.1 * kernel-default-base-5.14.21-150400.24.158.1.150400.24.78.1 * kernel-default-base-rebuild-5.14.21-150400.24.158.1.150400.24.78.1 * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.158.1 * kernel-kvmsmall-debuginfo-5.14.21-150400.24.158.1 * kernel-kvmsmall-debugsource-5.14.21-150400.24.158.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kernel-default-optional-5.14.21-150400.24.158.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.158.1 * kernel-default-devel-5.14.21-150400.24.158.1 * ocfs2-kmp-default-5.14.21-150400.24.158.1 * kernel-default-optional-debuginfo-5.14.21-150400.24.158.1 * kernel-obs-build-5.14.21-150400.24.158.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.158.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.158.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.158.1 * kselftests-kmp-default-debuginfo-5.14.21-150400.24.158.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.158.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.158.1 * kernel-obs-qa-5.14.21-150400.24.158.1 * reiserfs-kmp-default-5.14.21-150400.24.158.1 * kselftests-kmp-default-5.14.21-150400.24.158.1 * gfs2-kmp-default-5.14.21-150400.24.158.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.158.1 * kernel-default-debugsource-5.14.21-150400.24.158.1 * dlm-kmp-default-5.14.21-150400.24.158.1 * kernel-syms-5.14.21-150400.24.158.1 * kernel-default-livepatch-5.14.21-150400.24.158.1 * kernel-default-extra-5.14.21-150400.24.158.1 * kernel-obs-build-debugsource-5.14.21-150400.24.158.1 * cluster-md-kmp-default-5.14.21-150400.24.158.1 * kernel-default-debuginfo-5.14.21-150400.24.158.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.158.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_38-debugsource-1-150400.9.3.1 * kernel-livepatch-5_14_21-150400_24_158-default-1-150400.9.3.1 * kernel-default-livepatch-devel-5.14.21-150400.24.158.1 * kernel-livepatch-5_14_21-150400_24_158-default-debuginfo-1-150400.9.3.1 * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150400.24.158.1 * openSUSE Leap 15.4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.158.1 * openSUSE Leap 15.4 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.158.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.158.1 * openSUSE Leap 15.4 (nosrc) * dtb-aarch64-5.14.21-150400.24.158.1 * openSUSE Leap 15.4 (aarch64) * dtb-lg-5.14.21-150400.24.158.1 * kernel-64kb-extra-5.14.21-150400.24.158.1 * reiserfs-kmp-64kb-5.14.21-150400.24.158.1 * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.158.1 * dtb-apm-5.14.21-150400.24.158.1 * dtb-apple-5.14.21-150400.24.158.1 * dtb-rockchip-5.14.21-150400.24.158.1 * kernel-64kb-extra-debuginfo-5.14.21-150400.24.158.1 * gfs2-kmp-64kb-5.14.21-150400.24.158.1 * kernel-64kb-optional-5.14.21-150400.24.158.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.158.1 * kernel-64kb-devel-5.14.21-150400.24.158.1 * dtb-cavium-5.14.21-150400.24.158.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.158.1 * dtb-nvidia-5.14.21-150400.24.158.1 * dtb-marvell-5.14.21-150400.24.158.1 * kselftests-kmp-64kb-5.14.21-150400.24.158.1 * dlm-kmp-64kb-5.14.21-150400.24.158.1 * dtb-arm-5.14.21-150400.24.158.1 * dtb-mediatek-5.14.21-150400.24.158.1 * kernel-64kb-debugsource-5.14.21-150400.24.158.1 * dtb-renesas-5.14.21-150400.24.158.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.158.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.158.1 * dtb-broadcom-5.14.21-150400.24.158.1 * dtb-qcom-5.14.21-150400.24.158.1 * dtb-exynos-5.14.21-150400.24.158.1 * dtb-xilinx-5.14.21-150400.24.158.1 * dtb-sprd-5.14.21-150400.24.158.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.158.1 * dtb-altera-5.14.21-150400.24.158.1 * kernel-64kb-optional-debuginfo-5.14.21-150400.24.158.1 * dtb-amd-5.14.21-150400.24.158.1 * ocfs2-kmp-64kb-5.14.21-150400.24.158.1 * dtb-socionext-5.14.21-150400.24.158.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.158.1 * cluster-md-kmp-64kb-5.14.21-150400.24.158.1 * dtb-allwinner-5.14.21-150400.24.158.1 * dtb-freescale-5.14.21-150400.24.158.1 * kernel-64kb-debuginfo-5.14.21-150400.24.158.1 * dtb-hisilicon-5.14.21-150400.24.158.1 * dtb-amlogic-5.14.21-150400.24.158.1 * dtb-amazon-5.14.21-150400.24.158.1 * openSUSE Leap 15.4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.158.1.150400.24.78.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.158.1 * kernel-default-debuginfo-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.158.1.150400.24.78.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.158.1 * kernel-default-debuginfo-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.158.1.150400.24.78.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.158.1 * kernel-default-debuginfo-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.158.1.150400.24.78.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.158.1 * kernel-default-debuginfo-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc) * kernel-default-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.158.1 * kernel-livepatch-5_14_21-150400_24_158-default-1-150400.9.3.1 * kernel-default-livepatch-devel-5.14.21-150400.24.158.1 * kernel-livepatch-5_14_21-150400_24_158-default-debuginfo-1-150400.9.3.1 * kernel-livepatch-SLE15-SP4_Update_38-debugsource-1-150400.9.3.1 * kernel-default-debuginfo-5.14.21-150400.24.158.1 * kernel-default-livepatch-5.14.21-150400.24.158.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * dlm-kmp-default-debuginfo-5.14.21-150400.24.158.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.158.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.158.1 * gfs2-kmp-default-5.14.21-150400.24.158.1 * kernel-default-debugsource-5.14.21-150400.24.158.1 * ocfs2-kmp-default-5.14.21-150400.24.158.1 * dlm-kmp-default-5.14.21-150400.24.158.1 * cluster-md-kmp-default-5.14.21-150400.24.158.1 * kernel-default-debuginfo-5.14.21-150400.24.158.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.158.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc) * kernel-default-5.14.21-150400.24.158.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.158.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * kernel-64kb-devel-5.14.21-150400.24.158.1 * kernel-64kb-debuginfo-5.14.21-150400.24.158.1 * kernel-64kb-debugsource-5.14.21-150400.24.158.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.158.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.158.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.158.1 * reiserfs-kmp-default-5.14.21-150400.24.158.1 * kernel-default-base-5.14.21-150400.24.158.1.150400.24.78.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.158.1 * kernel-obs-build-debugsource-5.14.21-150400.24.158.1 * kernel-syms-5.14.21-150400.24.158.1 * kernel-default-devel-5.14.21-150400.24.158.1 * kernel-default-debugsource-5.14.21-150400.24.158.1 * kernel-obs-build-5.14.21-150400.24.158.1 * kernel-default-debuginfo-5.14.21-150400.24.158.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * kernel-devel-5.14.21-150400.24.158.1 * kernel-macros-5.14.21-150400.24.158.1 * kernel-source-5.14.21-150400.24.158.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.158.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.158.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * kernel-64kb-devel-5.14.21-150400.24.158.1 * kernel-64kb-debuginfo-5.14.21-150400.24.158.1 * kernel-64kb-debugsource-5.14.21-150400.24.158.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.158.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.158.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.158.1 * reiserfs-kmp-default-5.14.21-150400.24.158.1 * kernel-default-base-5.14.21-150400.24.158.1.150400.24.78.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.158.1 * kernel-obs-build-debugsource-5.14.21-150400.24.158.1 * kernel-syms-5.14.21-150400.24.158.1 * kernel-default-devel-5.14.21-150400.24.158.1 * kernel-default-debugsource-5.14.21-150400.24.158.1 * kernel-obs-build-5.14.21-150400.24.158.1 * kernel-default-debuginfo-5.14.21-150400.24.158.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * kernel-devel-5.14.21-150400.24.158.1 * kernel-macros-5.14.21-150400.24.158.1 * kernel-source-5.14.21-150400.24.158.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64) * kernel-64kb-devel-5.14.21-150400.24.158.1 * kernel-64kb-debuginfo-5.14.21-150400.24.158.1 * kernel-64kb-debugsource-5.14.21-150400.24.158.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.158.1.150400.24.78.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.158.1 * reiserfs-kmp-default-5.14.21-150400.24.158.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.158.1 * kernel-obs-build-debugsource-5.14.21-150400.24.158.1 * kernel-syms-5.14.21-150400.24.158.1 * kernel-default-devel-5.14.21-150400.24.158.1 * kernel-default-debugsource-5.14.21-150400.24.158.1 * kernel-obs-build-5.14.21-150400.24.158.1 * kernel-default-debuginfo-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * kernel-devel-5.14.21-150400.24.158.1 * kernel-macros-5.14.21-150400.24.158.1 * kernel-source-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch nosrc) * kernel-docs-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.158.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.158.1 * reiserfs-kmp-default-5.14.21-150400.24.158.1 * kernel-default-base-5.14.21-150400.24.158.1.150400.24.78.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.158.1 * kernel-obs-build-debugsource-5.14.21-150400.24.158.1 * kernel-syms-5.14.21-150400.24.158.1 * kernel-default-devel-5.14.21-150400.24.158.1 * kernel-default-debugsource-5.14.21-150400.24.158.1 * kernel-obs-build-5.14.21-150400.24.158.1 * kernel-default-debuginfo-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * kernel-devel-5.14.21-150400.24.158.1 * kernel-macros-5.14.21-150400.24.158.1 * kernel-source-5.14.21-150400.24.158.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.158.1 * SUSE Manager Proxy 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.158.1 * SUSE Manager Proxy 4.3 (x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.158.1 * kernel-default-base-5.14.21-150400.24.158.1.150400.24.78.1 * kernel-syms-5.14.21-150400.24.158.1 * kernel-default-devel-5.14.21-150400.24.158.1 * kernel-default-debugsource-5.14.21-150400.24.158.1 * kernel-default-debuginfo-5.14.21-150400.24.158.1 * SUSE Manager Proxy 4.3 (noarch) * kernel-devel-5.14.21-150400.24.158.1 * kernel-macros-5.14.21-150400.24.158.1 * kernel-source-5.14.21-150400.24.158.1 * SUSE Manager Retail Branch Server 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.158.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.158.1 * kernel-default-base-5.14.21-150400.24.158.1.150400.24.78.1 * kernel-default-devel-5.14.21-150400.24.158.1 * kernel-default-debugsource-5.14.21-150400.24.158.1 * kernel-default-debuginfo-5.14.21-150400.24.158.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * kernel-devel-5.14.21-150400.24.158.1 * kernel-macros-5.14.21-150400.24.158.1 ## References: * https://www.suse.com/security/cve/CVE-2021-4453.html * https://www.suse.com/security/cve/CVE-2021-47631.html * https://www.suse.com/security/cve/CVE-2021-47632.html * https://www.suse.com/security/cve/CVE-2021-47633.html * https://www.suse.com/security/cve/CVE-2021-47635.html * https://www.suse.com/security/cve/CVE-2021-47636.html * https://www.suse.com/security/cve/CVE-2021-47637.html * https://www.suse.com/security/cve/CVE-2021-47638.html * https://www.suse.com/security/cve/CVE-2021-47639.html * https://www.suse.com/security/cve/CVE-2021-47641.html * https://www.suse.com/security/cve/CVE-2021-47642.html * https://www.suse.com/security/cve/CVE-2021-47643.html * https://www.suse.com/security/cve/CVE-2021-47644.html * https://www.suse.com/security/cve/CVE-2021-47645.html * https://www.suse.com/security/cve/CVE-2021-47646.html * https://www.suse.com/security/cve/CVE-2021-47647.html * https://www.suse.com/security/cve/CVE-2021-47648.html * https://www.suse.com/security/cve/CVE-2021-47649.html * https://www.suse.com/security/cve/CVE-2021-47650.html * https://www.suse.com/security/cve/CVE-2021-47651.html * https://www.suse.com/security/cve/CVE-2021-47652.html * https://www.suse.com/security/cve/CVE-2021-47653.html * https://www.suse.com/security/cve/CVE-2021-47654.html * https://www.suse.com/security/cve/CVE-2021-47656.html * https://www.suse.com/security/cve/CVE-2021-47657.html * https://www.suse.com/security/cve/CVE-2021-47659.html * https://www.suse.com/security/cve/CVE-2022-0168.html * https://www.suse.com/security/cve/CVE-2022-0995.html * https://www.suse.com/security/cve/CVE-2022-1048.html * https://www.suse.com/security/cve/CVE-2022-1184.html * https://www.suse.com/security/cve/CVE-2022-2977.html * https://www.suse.com/security/cve/CVE-2022-29900.html * https://www.suse.com/security/cve/CVE-2022-29901.html * https://www.suse.com/security/cve/CVE-2022-3303.html * https://www.suse.com/security/cve/CVE-2022-3435.html * https://www.suse.com/security/cve/CVE-2022-49044.html * https://www.suse.com/security/cve/CVE-2022-49050.html * https://www.suse.com/security/cve/CVE-2022-49051.html * https://www.suse.com/security/cve/CVE-2022-49054.html * https://www.suse.com/security/cve/CVE-2022-49055.html * https://www.suse.com/security/cve/CVE-2022-49058.html * https://www.suse.com/security/cve/CVE-2022-49059.html * https://www.suse.com/security/cve/CVE-2022-49060.html * https://www.suse.com/security/cve/CVE-2022-49061.html * https://www.suse.com/security/cve/CVE-2022-49063.html * https://www.suse.com/security/cve/CVE-2022-49065.html * https://www.suse.com/security/cve/CVE-2022-49066.html * https://www.suse.com/security/cve/CVE-2022-49073.html * https://www.suse.com/security/cve/CVE-2022-49074.html * https://www.suse.com/security/cve/CVE-2022-49076.html * https://www.suse.com/security/cve/CVE-2022-49078.html * https://www.suse.com/security/cve/CVE-2022-49082.html * https://www.suse.com/security/cve/CVE-2022-49083.html * https://www.suse.com/security/cve/CVE-2022-49084.html * https://www.suse.com/security/cve/CVE-2022-49085.html * https://www.suse.com/security/cve/CVE-2022-49086.html * https://www.suse.com/security/cve/CVE-2022-49088.html * https://www.suse.com/security/cve/CVE-2022-49089.html * https://www.suse.com/security/cve/CVE-2022-49090.html * https://www.suse.com/security/cve/CVE-2022-49091.html * https://www.suse.com/security/cve/CVE-2022-49092.html * https://www.suse.com/security/cve/CVE-2022-49093.html * https://www.suse.com/security/cve/CVE-2022-49095.html * https://www.suse.com/security/cve/CVE-2022-49096.html * https://www.suse.com/security/cve/CVE-2022-49097.html * https://www.suse.com/security/cve/CVE-2022-49098.html * https://www.suse.com/security/cve/CVE-2022-49099.html * https://www.suse.com/security/cve/CVE-2022-49100.html * https://www.suse.com/security/cve/CVE-2022-49102.html * https://www.suse.com/security/cve/CVE-2022-49103.html * https://www.suse.com/security/cve/CVE-2022-49104.html * https://www.suse.com/security/cve/CVE-2022-49105.html * https://www.suse.com/security/cve/CVE-2022-49106.html * https://www.suse.com/security/cve/CVE-2022-49107.html * https://www.suse.com/security/cve/CVE-2022-49109.html * https://www.suse.com/security/cve/CVE-2022-49111.html * https://www.suse.com/security/cve/CVE-2022-49112.html * https://www.suse.com/security/cve/CVE-2022-49113.html * https://www.suse.com/security/cve/CVE-2022-49114.html * https://www.suse.com/security/cve/CVE-2022-49115.html * https://www.suse.com/security/cve/CVE-2022-49116.html * https://www.suse.com/security/cve/CVE-2022-49118.html * https://www.suse.com/security/cve/CVE-2022-49119.html * https://www.suse.com/security/cve/CVE-2022-49120.html * https://www.suse.com/security/cve/CVE-2022-49121.html * https://www.suse.com/security/cve/CVE-2022-49122.html * https://www.suse.com/security/cve/CVE-2022-49126.html * https://www.suse.com/security/cve/CVE-2022-49128.html * https://www.suse.com/security/cve/CVE-2022-49129.html * https://www.suse.com/security/cve/CVE-2022-49130.html * https://www.suse.com/security/cve/CVE-2022-49131.html * https://www.suse.com/security/cve/CVE-2022-49132.html * https://www.suse.com/security/cve/CVE-2022-49135.html * https://www.suse.com/security/cve/CVE-2022-49137.html * https://www.suse.com/security/cve/CVE-2022-49145.html * https://www.suse.com/security/cve/CVE-2022-49147.html * https://www.suse.com/security/cve/CVE-2022-49148.html * https://www.suse.com/security/cve/CVE-2022-49151.html * https://www.suse.com/security/cve/CVE-2022-49153.html * https://www.suse.com/security/cve/CVE-2022-49154.html * https://www.suse.com/security/cve/CVE-2022-49155.html * https://www.suse.com/security/cve/CVE-2022-49156.html * https://www.suse.com/security/cve/CVE-2022-49157.html * https://www.suse.com/security/cve/CVE-2022-49158.html * https://www.suse.com/security/cve/CVE-2022-49159.html * https://www.suse.com/security/cve/CVE-2022-49160.html * https://www.suse.com/security/cve/CVE-2022-49162.html * https://www.suse.com/security/cve/CVE-2022-49163.html * https://www.suse.com/security/cve/CVE-2022-49164.html * https://www.suse.com/security/cve/CVE-2022-49165.html * https://www.suse.com/security/cve/CVE-2022-49174.html * https://www.suse.com/security/cve/CVE-2022-49175.html * https://www.suse.com/security/cve/CVE-2022-49176.html * https://www.suse.com/security/cve/CVE-2022-49177.html * https://www.suse.com/security/cve/CVE-2022-49179.html * https://www.suse.com/security/cve/CVE-2022-49180.html * https://www.suse.com/security/cve/CVE-2022-49182.html * https://www.suse.com/security/cve/CVE-2022-49185.html * https://www.suse.com/security/cve/CVE-2022-49187.html * https://www.suse.com/security/cve/CVE-2022-49188.html * https://www.suse.com/security/cve/CVE-2022-49189.html * https://www.suse.com/security/cve/CVE-2022-49193.html * https://www.suse.com/security/cve/CVE-2022-49194.html * https://www.suse.com/security/cve/CVE-2022-49196.html * https://www.suse.com/security/cve/CVE-2022-49199.html * https://www.suse.com/security/cve/CVE-2022-49200.html * https://www.suse.com/security/cve/CVE-2022-49201.html * https://www.suse.com/security/cve/CVE-2022-49206.html * https://www.suse.com/security/cve/CVE-2022-49208.html * https://www.suse.com/security/cve/CVE-2022-49212.html * https://www.suse.com/security/cve/CVE-2022-49213.html * https://www.suse.com/security/cve/CVE-2022-49214.html * https://www.suse.com/security/cve/CVE-2022-49216.html * https://www.suse.com/security/cve/CVE-2022-49217.html * https://www.suse.com/security/cve/CVE-2022-49218.html * https://www.suse.com/security/cve/CVE-2022-49221.html * https://www.suse.com/security/cve/CVE-2022-49222.html * https://www.suse.com/security/cve/CVE-2022-49224.html * https://www.suse.com/security/cve/CVE-2022-49226.html * https://www.suse.com/security/cve/CVE-2022-49227.html * https://www.suse.com/security/cve/CVE-2022-49232.html * https://www.suse.com/security/cve/CVE-2022-49235.html * https://www.suse.com/security/cve/CVE-2022-49236.html * https://www.suse.com/security/cve/CVE-2022-49239.html * https://www.suse.com/security/cve/CVE-2022-49241.html * https://www.suse.com/security/cve/CVE-2022-49242.html * https://www.suse.com/security/cve/CVE-2022-49243.html * https://www.suse.com/security/cve/CVE-2022-49244.html * https://www.suse.com/security/cve/CVE-2022-49246.html * https://www.suse.com/security/cve/CVE-2022-49247.html * https://www.suse.com/security/cve/CVE-2022-49248.html * https://www.suse.com/security/cve/CVE-2022-49249.html * https://www.suse.com/security/cve/CVE-2022-49250.html * https://www.suse.com/security/cve/CVE-2022-49251.html * https://www.suse.com/security/cve/CVE-2022-49252.html * https://www.suse.com/security/cve/CVE-2022-49253.html * https://www.suse.com/security/cve/CVE-2022-49254.html * https://www.suse.com/security/cve/CVE-2022-49256.html * https://www.suse.com/security/cve/CVE-2022-49257.html * https://www.suse.com/security/cve/CVE-2022-49258.html * https://www.suse.com/security/cve/CVE-2022-49259.html * https://www.suse.com/security/cve/CVE-2022-49260.html * https://www.suse.com/security/cve/CVE-2022-49261.html * https://www.suse.com/security/cve/CVE-2022-49262.html * https://www.suse.com/security/cve/CVE-2022-49263.html * https://www.suse.com/security/cve/CVE-2022-49264.html * https://www.suse.com/security/cve/CVE-2022-49265.html * https://www.suse.com/security/cve/CVE-2022-49266.html * https://www.suse.com/security/cve/CVE-2022-49268.html * https://www.suse.com/security/cve/CVE-2022-49269.html * https://www.suse.com/security/cve/CVE-2022-49270.html * https://www.suse.com/security/cve/CVE-2022-49271.html * https://www.suse.com/security/cve/CVE-2022-49272.html * https://www.suse.com/security/cve/CVE-2022-49273.html * https://www.suse.com/security/cve/CVE-2022-49274.html * https://www.suse.com/security/cve/CVE-2022-49275.html * https://www.suse.com/security/cve/CVE-2022-49276.html * https://www.suse.com/security/cve/CVE-2022-49277.html * https://www.suse.com/security/cve/CVE-2022-49278.html * https://www.suse.com/security/cve/CVE-2022-49279.html * https://www.suse.com/security/cve/CVE-2022-49280.html * https://www.suse.com/security/cve/CVE-2022-49281.html * https://www.suse.com/security/cve/CVE-2022-49283.html * https://www.suse.com/security/cve/CVE-2022-49285.html * https://www.suse.com/security/cve/CVE-2022-49286.html * https://www.suse.com/security/cve/CVE-2022-49287.html * https://www.suse.com/security/cve/CVE-2022-49288.html * https://www.suse.com/security/cve/CVE-2022-49290.html * https://www.suse.com/security/cve/CVE-2022-49291.html * https://www.suse.com/security/cve/CVE-2022-49292.html * https://www.suse.com/security/cve/CVE-2022-49294.html * https://www.suse.com/security/cve/CVE-2022-49295.html * https://www.suse.com/security/cve/CVE-2022-49297.html * https://www.suse.com/security/cve/CVE-2022-49298.html * https://www.suse.com/security/cve/CVE-2022-49299.html * https://www.suse.com/security/cve/CVE-2022-49300.html * https://www.suse.com/security/cve/CVE-2022-49301.html * https://www.suse.com/security/cve/CVE-2022-49302.html * https://www.suse.com/security/cve/CVE-2022-49304.html * https://www.suse.com/security/cve/CVE-2022-49305.html * https://www.suse.com/security/cve/CVE-2022-49307.html * https://www.suse.com/security/cve/CVE-2022-49308.html * https://www.suse.com/security/cve/CVE-2022-49309.html * https://www.suse.com/security/cve/CVE-2022-49310.html * https://www.suse.com/security/cve/CVE-2022-49311.html * https://www.suse.com/security/cve/CVE-2022-49312.html * https://www.suse.com/security/cve/CVE-2022-49313.html * https://www.suse.com/security/cve/CVE-2022-49314.html * https://www.suse.com/security/cve/CVE-2022-49315.html * https://www.suse.com/security/cve/CVE-2022-49316.html * https://www.suse.com/security/cve/CVE-2022-49319.html * https://www.suse.com/security/cve/CVE-2022-49320.html * https://www.suse.com/security/cve/CVE-2022-49321.html * https://www.suse.com/security/cve/CVE-2022-49322.html * https://www.suse.com/security/cve/CVE-2022-49323.html * https://www.suse.com/security/cve/CVE-2022-49326.html * https://www.suse.com/security/cve/CVE-2022-49327.html * https://www.suse.com/security/cve/CVE-2022-49328.html * https://www.suse.com/security/cve/CVE-2022-49331.html * https://www.suse.com/security/cve/CVE-2022-49332.html * https://www.suse.com/security/cve/CVE-2022-49335.html * https://www.suse.com/security/cve/CVE-2022-49336.html * https://www.suse.com/security/cve/CVE-2022-49337.html * https://www.suse.com/security/cve/CVE-2022-49339.html * https://www.suse.com/security/cve/CVE-2022-49341.html * https://www.suse.com/security/cve/CVE-2022-49342.html * https://www.suse.com/security/cve/CVE-2022-49343.html * https://www.suse.com/security/cve/CVE-2022-49345.html * https://www.suse.com/security/cve/CVE-2022-49346.html * https://www.suse.com/security/cve/CVE-2022-49347.html * https://www.suse.com/security/cve/CVE-2022-49348.html * https://www.suse.com/security/cve/CVE-2022-49349.html * https://www.suse.com/security/cve/CVE-2022-49350.html * https://www.suse.com/security/cve/CVE-2022-49351.html * https://www.suse.com/security/cve/CVE-2022-49352.html * https://www.suse.com/security/cve/CVE-2022-49354.html * https://www.suse.com/security/cve/CVE-2022-49356.html * https://www.suse.com/security/cve/CVE-2022-49357.html * https://www.suse.com/security/cve/CVE-2022-49367.html * https://www.suse.com/security/cve/CVE-2022-49368.html * https://www.suse.com/security/cve/CVE-2022-49370.html * https://www.suse.com/security/cve/CVE-2022-49371.html * https://www.suse.com/security/cve/CVE-2022-49373.html * https://www.suse.com/security/cve/CVE-2022-49375.html * https://www.suse.com/security/cve/CVE-2022-49376.html * https://www.suse.com/security/cve/CVE-2022-49377.html * https://www.suse.com/security/cve/CVE-2022-49378.html * https://www.suse.com/security/cve/CVE-2022-49379.html * https://www.suse.com/security/cve/CVE-2022-49381.html * https://www.suse.com/security/cve/CVE-2022-49382.html * https://www.suse.com/security/cve/CVE-2022-49384.html * https://www.suse.com/security/cve/CVE-2022-49385.html * https://www.suse.com/security/cve/CVE-2022-49386.html * https://www.suse.com/security/cve/CVE-2022-49389.html * https://www.suse.com/security/cve/CVE-2022-49392.html * https://www.suse.com/security/cve/CVE-2022-49394.html * https://www.suse.com/security/cve/CVE-2022-49396.html * https://www.suse.com/security/cve/CVE-2022-49397.html * https://www.suse.com/security/cve/CVE-2022-49398.html * https://www.suse.com/security/cve/CVE-2022-49399.html * https://www.suse.com/security/cve/CVE-2022-49400.html * https://www.suse.com/security/cve/CVE-2022-49402.html * https://www.suse.com/security/cve/CVE-2022-49404.html * https://www.suse.com/security/cve/CVE-2022-49407.html * https://www.suse.com/security/cve/CVE-2022-49409.html * https://www.suse.com/security/cve/CVE-2022-49410.html * https://www.suse.com/security/cve/CVE-2022-49411.html * https://www.suse.com/security/cve/CVE-2022-49412.html * https://www.suse.com/security/cve/CVE-2022-49413.html * https://www.suse.com/security/cve/CVE-2022-49414.html * https://www.suse.com/security/cve/CVE-2022-49416.html * https://www.suse.com/security/cve/CVE-2022-49418.html * https://www.suse.com/security/cve/CVE-2022-49421.html * https://www.suse.com/security/cve/CVE-2022-49422.html * https://www.suse.com/security/cve/CVE-2022-49424.html * https://www.suse.com/security/cve/CVE-2022-49426.html * https://www.suse.com/security/cve/CVE-2022-49427.html * https://www.suse.com/security/cve/CVE-2022-49429.html * https://www.suse.com/security/cve/CVE-2022-49430.html * https://www.suse.com/security/cve/CVE-2022-49431.html * https://www.suse.com/security/cve/CVE-2022-49432.html * https://www.suse.com/security/cve/CVE-2022-49433.html * https://www.suse.com/security/cve/CVE-2022-49434.html * https://www.suse.com/security/cve/CVE-2022-49435.html * https://www.suse.com/security/cve/CVE-2022-49437.html * https://www.suse.com/security/cve/CVE-2022-49438.html * https://www.suse.com/security/cve/CVE-2022-49440.html * https://www.suse.com/security/cve/CVE-2022-49441.html * https://www.suse.com/security/cve/CVE-2022-49442.html * https://www.suse.com/security/cve/CVE-2022-49443.html * https://www.suse.com/security/cve/CVE-2022-49444.html * https://www.suse.com/security/cve/CVE-2022-49445.html * https://www.suse.com/security/cve/CVE-2022-49447.html * https://www.suse.com/security/cve/CVE-2022-49448.html * https://www.suse.com/security/cve/CVE-2022-49449.html * https://www.suse.com/security/cve/CVE-2022-49451.html * https://www.suse.com/security/cve/CVE-2022-49453.html * https://www.suse.com/security/cve/CVE-2022-49455.html * https://www.suse.com/security/cve/CVE-2022-49459.html * https://www.suse.com/security/cve/CVE-2022-49460.html * https://www.suse.com/security/cve/CVE-2022-49462.html * https://www.suse.com/security/cve/CVE-2022-49463.html * https://www.suse.com/security/cve/CVE-2022-49466.html * https://www.suse.com/security/cve/CVE-2022-49467.html * https://www.suse.com/security/cve/CVE-2022-49468.html * https://www.suse.com/security/cve/CVE-2022-49472.html * https://www.suse.com/security/cve/CVE-2022-49473.html * https://www.suse.com/security/cve/CVE-2022-49474.html * https://www.suse.com/security/cve/CVE-2022-49475.html * https://www.suse.com/security/cve/CVE-2022-49477.html * https://www.suse.com/security/cve/CVE-2022-49478.html * https://www.suse.com/security/cve/CVE-2022-49480.html * https://www.suse.com/security/cve/CVE-2022-49481.html * https://www.suse.com/security/cve/CVE-2022-49482.html * https://www.suse.com/security/cve/CVE-2022-49486.html * https://www.suse.com/security/cve/CVE-2022-49487.html * https://www.suse.com/security/cve/CVE-2022-49488.html * https://www.suse.com/security/cve/CVE-2022-49489.html * https://www.suse.com/security/cve/CVE-2022-49490.html * https://www.suse.com/security/cve/CVE-2022-49491.html * https://www.suse.com/security/cve/CVE-2022-49492.html * https://www.suse.com/security/cve/CVE-2022-49493.html * https://www.suse.com/security/cve/CVE-2022-49494.html * https://www.suse.com/security/cve/CVE-2022-49495.html * https://www.suse.com/security/cve/CVE-2022-49498.html * https://www.suse.com/security/cve/CVE-2022-49501.html * https://www.suse.com/security/cve/CVE-2022-49502.html * https://www.suse.com/security/cve/CVE-2022-49503.html * https://www.suse.com/security/cve/CVE-2022-49504.html * https://www.suse.com/security/cve/CVE-2022-49505.html * https://www.suse.com/security/cve/CVE-2022-49506.html * https://www.suse.com/security/cve/CVE-2022-49507.html * https://www.suse.com/security/cve/CVE-2022-49508.html * https://www.suse.com/security/cve/CVE-2022-49509.html * https://www.suse.com/security/cve/CVE-2022-49512.html * https://www.suse.com/security/cve/CVE-2022-49514.html * https://www.suse.com/security/cve/CVE-2022-49515.html * https://www.suse.com/security/cve/CVE-2022-49517.html * https://www.suse.com/security/cve/CVE-2022-49519.html * https://www.suse.com/security/cve/CVE-2022-49520.html * https://www.suse.com/security/cve/CVE-2022-49521.html * https://www.suse.com/security/cve/CVE-2022-49522.html * https://www.suse.com/security/cve/CVE-2022-49523.html * https://www.suse.com/security/cve/CVE-2022-49524.html * https://www.suse.com/security/cve/CVE-2022-49525.html * https://www.suse.com/security/cve/CVE-2022-49526.html * https://www.suse.com/security/cve/CVE-2022-49527.html * https://www.suse.com/security/cve/CVE-2022-49532.html * https://www.suse.com/security/cve/CVE-2022-49534.html * https://www.suse.com/security/cve/CVE-2022-49535.html * https://www.suse.com/security/cve/CVE-2022-49536.html * https://www.suse.com/security/cve/CVE-2022-49537.html * https://www.suse.com/security/cve/CVE-2022-49541.html * https://www.suse.com/security/cve/CVE-2022-49542.html * https://www.suse.com/security/cve/CVE-2022-49544.html * https://www.suse.com/security/cve/CVE-2022-49545.html * https://www.suse.com/security/cve/CVE-2022-49546.html * https://www.suse.com/security/cve/CVE-2022-49549.html * https://www.suse.com/security/cve/CVE-2022-49551.html * https://www.suse.com/security/cve/CVE-2022-49555.html * https://www.suse.com/security/cve/CVE-2022-49556.html * https://www.suse.com/security/cve/CVE-2022-49559.html * https://www.suse.com/security/cve/CVE-2022-49562.html * https://www.suse.com/security/cve/CVE-2022-49563.html * https://www.suse.com/security/cve/CVE-2022-49564.html * https://www.suse.com/security/cve/CVE-2022-49566.html * https://www.suse.com/security/cve/CVE-2022-49568.html * https://www.suse.com/security/cve/CVE-2022-49569.html * https://www.suse.com/security/cve/CVE-2022-49570.html * https://www.suse.com/security/cve/CVE-2022-49579.html * https://www.suse.com/security/cve/CVE-2022-49581.html * https://www.suse.com/security/cve/CVE-2022-49583.html * https://www.suse.com/security/cve/CVE-2022-49584.html * https://www.suse.com/security/cve/CVE-2022-49591.html * https://www.suse.com/security/cve/CVE-2022-49592.html * https://www.suse.com/security/cve/CVE-2022-49603.html * https://www.suse.com/security/cve/CVE-2022-49605.html * https://www.suse.com/security/cve/CVE-2022-49606.html * https://www.suse.com/security/cve/CVE-2022-49607.html * https://www.suse.com/security/cve/CVE-2022-49609.html * https://www.suse.com/security/cve/CVE-2022-49610.html * https://www.suse.com/security/cve/CVE-2022-49611.html * https://www.suse.com/security/cve/CVE-2022-49613.html * https://www.suse.com/security/cve/CVE-2022-49615.html * https://www.suse.com/security/cve/CVE-2022-49616.html * https://www.suse.com/security/cve/CVE-2022-49617.html * https://www.suse.com/security/cve/CVE-2022-49618.html * https://www.suse.com/security/cve/CVE-2022-49621.html * https://www.suse.com/security/cve/CVE-2022-49623.html * https://www.suse.com/security/cve/CVE-2022-49625.html * https://www.suse.com/security/cve/CVE-2022-49626.html * https://www.suse.com/security/cve/CVE-2022-49627.html * https://www.suse.com/security/cve/CVE-2022-49628.html * https://www.suse.com/security/cve/CVE-2022-49631.html * https://www.suse.com/security/cve/CVE-2022-49634.html * https://www.suse.com/security/cve/CVE-2022-49640.html * https://www.suse.com/security/cve/CVE-2022-49641.html * https://www.suse.com/security/cve/CVE-2022-49642.html * https://www.suse.com/security/cve/CVE-2022-49643.html * https://www.suse.com/security/cve/CVE-2022-49644.html * https://www.suse.com/security/cve/CVE-2022-49645.html * https://www.suse.com/security/cve/CVE-2022-49646.html * https://www.suse.com/security/cve/CVE-2022-49647.html * https://www.suse.com/security/cve/CVE-2022-49648.html * https://www.suse.com/security/cve/CVE-2022-49649.html * https://www.suse.com/security/cve/CVE-2022-49652.html * https://www.suse.com/security/cve/CVE-2022-49653.html * https://www.suse.com/security/cve/CVE-2022-49656.html * https://www.suse.com/security/cve/CVE-2022-49657.html * https://www.suse.com/security/cve/CVE-2022-49661.html * https://www.suse.com/security/cve/CVE-2022-49663.html * https://www.suse.com/security/cve/CVE-2022-49665.html * https://www.suse.com/security/cve/CVE-2022-49667.html * https://www.suse.com/security/cve/CVE-2022-49668.html * https://www.suse.com/security/cve/CVE-2022-49670.html * https://www.suse.com/security/cve/CVE-2022-49671.html * https://www.suse.com/security/cve/CVE-2022-49672.html * https://www.suse.com/security/cve/CVE-2022-49673.html * https://www.suse.com/security/cve/CVE-2022-49674.html * https://www.suse.com/security/cve/CVE-2022-49675.html * https://www.suse.com/security/cve/CVE-2022-49676.html * https://www.suse.com/security/cve/CVE-2022-49677.html * https://www.suse.com/security/cve/CVE-2022-49678.html * https://www.suse.com/security/cve/CVE-2022-49679.html * https://www.suse.com/security/cve/CVE-2022-49680.html * https://www.suse.com/security/cve/CVE-2022-49683.html * https://www.suse.com/security/cve/CVE-2022-49685.html * https://www.suse.com/security/cve/CVE-2022-49687.html * https://www.suse.com/security/cve/CVE-2022-49688.html * https://www.suse.com/security/cve/CVE-2022-49693.html * https://www.suse.com/security/cve/CVE-2022-49695.html * https://www.suse.com/security/cve/CVE-2022-49699.html * https://www.suse.com/security/cve/CVE-2022-49700.html * https://www.suse.com/security/cve/CVE-2022-49701.html * https://www.suse.com/security/cve/CVE-2022-49703.html * https://www.suse.com/security/cve/CVE-2022-49704.html * https://www.suse.com/security/cve/CVE-2022-49705.html * https://www.suse.com/security/cve/CVE-2022-49707.html * https://www.suse.com/security/cve/CVE-2022-49708.html * https://www.suse.com/security/cve/CVE-2022-49710.html * https://www.suse.com/security/cve/CVE-2022-49711.html * https://www.suse.com/security/cve/CVE-2022-49712.html * https://www.suse.com/security/cve/CVE-2022-49713.html * https://www.suse.com/security/cve/CVE-2022-49714.html * https://www.suse.com/security/cve/CVE-2022-49715.html * https://www.suse.com/security/cve/CVE-2022-49716.html * https://www.suse.com/security/cve/CVE-2022-49719.html * https://www.suse.com/security/cve/CVE-2022-49720.html * https://www.suse.com/security/cve/CVE-2022-49721.html * https://www.suse.com/security/cve/CVE-2022-49722.html * https://www.suse.com/security/cve/CVE-2022-49723.html * https://www.suse.com/security/cve/CVE-2022-49724.html * https://www.suse.com/security/cve/CVE-2022-49725.html * https://www.suse.com/security/cve/CVE-2022-49726.html * https://www.suse.com/security/cve/CVE-2022-49729.html * https://www.suse.com/security/cve/CVE-2022-49730.html * https://www.suse.com/security/cve/CVE-2022-49731.html * https://www.suse.com/security/cve/CVE-2022-49733.html * https://www.suse.com/security/cve/CVE-2023-28410.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-41092.html * https://www.suse.com/security/cve/CVE-2024-42098.html * https://www.suse.com/security/cve/CVE-2024-42229.html * https://www.suse.com/security/cve/CVE-2024-42240.html * https://www.suse.com/security/cve/CVE-2024-57996.html * https://www.suse.com/security/cve/CVE-2024-58014.html * https://www.suse.com/security/cve/CVE-2025-21718.html * https://www.suse.com/security/cve/CVE-2025-21780.html * https://bugzilla.suse.com/show_bug.cgi?id=1065729 * https://bugzilla.suse.com/show_bug.cgi?id=1180814 * https://bugzilla.suse.com/show_bug.cgi?id=1183682 * https://bugzilla.suse.com/show_bug.cgi?id=1190336 * https://bugzilla.suse.com/show_bug.cgi?id=1190768 * https://bugzilla.suse.com/show_bug.cgi?id=1190786 * https://bugzilla.suse.com/show_bug.cgi?id=1193629 * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1194904 * https://bugzilla.suse.com/show_bug.cgi?id=1195823 * https://bugzilla.suse.com/show_bug.cgi?id=1196444 * https://bugzilla.suse.com/show_bug.cgi?id=1197158 * https://bugzilla.suse.com/show_bug.cgi?id=1197174 * https://bugzilla.suse.com/show_bug.cgi?id=1197246 * https://bugzilla.suse.com/show_bug.cgi?id=1197302 * https://bugzilla.suse.com/show_bug.cgi?id=1197331 * https://bugzilla.suse.com/show_bug.cgi?id=1197472 * https://bugzilla.suse.com/show_bug.cgi?id=1197661 * https://bugzilla.suse.com/show_bug.cgi?id=1197926 * https://bugzilla.suse.com/show_bug.cgi?id=1198019 * https://bugzilla.suse.com/show_bug.cgi?id=1198021 * https://bugzilla.suse.com/show_bug.cgi?id=1198240 * https://bugzilla.suse.com/show_bug.cgi?id=1198577 * https://bugzilla.suse.com/show_bug.cgi?id=1198660 * https://bugzilla.suse.com/show_bug.cgi?id=1199657 * https://bugzilla.suse.com/show_bug.cgi?id=1200045 * https://bugzilla.suse.com/show_bug.cgi?id=1200571 * https://bugzilla.suse.com/show_bug.cgi?id=1200807 * https://bugzilla.suse.com/show_bug.cgi?id=1200809 * https://bugzilla.suse.com/show_bug.cgi?id=1200810 * https://bugzilla.suse.com/show_bug.cgi?id=1200824 * https://bugzilla.suse.com/show_bug.cgi?id=1200825 * https://bugzilla.suse.com/show_bug.cgi?id=1200871 * https://bugzilla.suse.com/show_bug.cgi?id=1200872 * https://bugzilla.suse.com/show_bug.cgi?id=1201193 * https://bugzilla.suse.com/show_bug.cgi?id=1201218 * https://bugzilla.suse.com/show_bug.cgi?id=1201323 * https://bugzilla.suse.com/show_bug.cgi?id=1201381 * https://bugzilla.suse.com/show_bug.cgi?id=1201610 * https://bugzilla.suse.com/show_bug.cgi?id=1202672 * https://bugzilla.suse.com/show_bug.cgi?id=1202711 * https://bugzilla.suse.com/show_bug.cgi?id=1202712 * https://bugzilla.suse.com/show_bug.cgi?id=1202771 * https://bugzilla.suse.com/show_bug.cgi?id=1202774 * https://bugzilla.suse.com/show_bug.cgi?id=1202778 * https://bugzilla.suse.com/show_bug.cgi?id=1202781 * https://bugzilla.suse.com/show_bug.cgi?id=1203699 * https://bugzilla.suse.com/show_bug.cgi?id=1203769 * https://bugzilla.suse.com/show_bug.cgi?id=1204171 * https://bugzilla.suse.com/show_bug.cgi?id=1206048 * https://bugzilla.suse.com/show_bug.cgi?id=1206049 * https://bugzilla.suse.com/show_bug.cgi?id=1207593 * https://bugzilla.suse.com/show_bug.cgi?id=1207640 * https://bugzilla.suse.com/show_bug.cgi?id=1210050 * https://bugzilla.suse.com/show_bug.cgi?id=1211263 * https://bugzilla.suse.com/show_bug.cgi?id=1217339 * https://bugzilla.suse.com/show_bug.cgi?id=1228483 * https://bugzilla.suse.com/show_bug.cgi?id=1228708 * https://bugzilla.suse.com/show_bug.cgi?id=1228779 * https://bugzilla.suse.com/show_bug.cgi?id=1228966 * https://bugzilla.suse.com/show_bug.cgi?id=1237521 * https://bugzilla.suse.com/show_bug.cgi?id=1237718 * https://bugzilla.suse.com/show_bug.cgi?id=1237721 * https://bugzilla.suse.com/show_bug.cgi?id=1237722 * https://bugzilla.suse.com/show_bug.cgi?id=1237723 * https://bugzilla.suse.com/show_bug.cgi?id=1237724 * https://bugzilla.suse.com/show_bug.cgi?id=1237725 * https://bugzilla.suse.com/show_bug.cgi?id=1237726 * https://bugzilla.suse.com/show_bug.cgi?id=1237727 * https://bugzilla.suse.com/show_bug.cgi?id=1237728 * https://bugzilla.suse.com/show_bug.cgi?id=1237729 * https://bugzilla.suse.com/show_bug.cgi?id=1237734 * https://bugzilla.suse.com/show_bug.cgi?id=1237735 * https://bugzilla.suse.com/show_bug.cgi?id=1237736 * https://bugzilla.suse.com/show_bug.cgi?id=1237737 * https://bugzilla.suse.com/show_bug.cgi?id=1237738 * https://bugzilla.suse.com/show_bug.cgi?id=1237739 * https://bugzilla.suse.com/show_bug.cgi?id=1237740 * https://bugzilla.suse.com/show_bug.cgi?id=1237742 * https://bugzilla.suse.com/show_bug.cgi?id=1237743 * https://bugzilla.suse.com/show_bug.cgi?id=1237745 * https://bugzilla.suse.com/show_bug.cgi?id=1237746 * https://bugzilla.suse.com/show_bug.cgi?id=1237748 * https://bugzilla.suse.com/show_bug.cgi?id=1237751 * https://bugzilla.suse.com/show_bug.cgi?id=1237752 * https://bugzilla.suse.com/show_bug.cgi?id=1237753 * https://bugzilla.suse.com/show_bug.cgi?id=1237755 * https://bugzilla.suse.com/show_bug.cgi?id=1237759 * https://bugzilla.suse.com/show_bug.cgi?id=1237761 * https://bugzilla.suse.com/show_bug.cgi?id=1237763 * https://bugzilla.suse.com/show_bug.cgi?id=1237766 * https://bugzilla.suse.com/show_bug.cgi?id=1237767 * https://bugzilla.suse.com/show_bug.cgi?id=1237768 * https://bugzilla.suse.com/show_bug.cgi?id=1237774 * https://bugzilla.suse.com/show_bug.cgi?id=1237775 * https://bugzilla.suse.com/show_bug.cgi?id=1237778 * https://bugzilla.suse.com/show_bug.cgi?id=1237779 * https://bugzilla.suse.com/show_bug.cgi?id=1237780 * https://bugzilla.suse.com/show_bug.cgi?id=1237782 * https://bugzilla.suse.com/show_bug.cgi?id=1237783 * https://bugzilla.suse.com/show_bug.cgi?id=1237784 * https://bugzilla.suse.com/show_bug.cgi?id=1237785 * https://bugzilla.suse.com/show_bug.cgi?id=1237786 * https://bugzilla.suse.com/show_bug.cgi?id=1237787 * https://bugzilla.suse.com/show_bug.cgi?id=1237788 * https://bugzilla.suse.com/show_bug.cgi?id=1237789 * https://bugzilla.suse.com/show_bug.cgi?id=1237795 * https://bugzilla.suse.com/show_bug.cgi?id=1237797 * https://bugzilla.suse.com/show_bug.cgi?id=1237798 * https://bugzilla.suse.com/show_bug.cgi?id=1237807 * https://bugzilla.suse.com/show_bug.cgi?id=1237808 * https://bugzilla.suse.com/show_bug.cgi?id=1237810 * https://bugzilla.suse.com/show_bug.cgi?id=1237812 * https://bugzilla.suse.com/show_bug.cgi?id=1237813 * https://bugzilla.suse.com/show_bug.cgi?id=1237814 * https://bugzilla.suse.com/show_bug.cgi?id=1237815 * https://bugzilla.suse.com/show_bug.cgi?id=1237817 * https://bugzilla.suse.com/show_bug.cgi?id=1237818 * https://bugzilla.suse.com/show_bug.cgi?id=1237821 * https://bugzilla.suse.com/show_bug.cgi?id=1237823 * https://bugzilla.suse.com/show_bug.cgi?id=1237824 * https://bugzilla.suse.com/show_bug.cgi?id=1237826 * https://bugzilla.suse.com/show_bug.cgi?id=1237827 * https://bugzilla.suse.com/show_bug.cgi?id=1237829 * https://bugzilla.suse.com/show_bug.cgi?id=1237831 * https://bugzilla.suse.com/show_bug.cgi?id=1237835 * https://bugzilla.suse.com/show_bug.cgi?id=1237836 * https://bugzilla.suse.com/show_bug.cgi?id=1237837 * https://bugzilla.suse.com/show_bug.cgi?id=1237839 * https://bugzilla.suse.com/show_bug.cgi?id=1237840 * https://bugzilla.suse.com/show_bug.cgi?id=1237845 * https://bugzilla.suse.com/show_bug.cgi?id=1237846 * https://bugzilla.suse.com/show_bug.cgi?id=1237868 * https://bugzilla.suse.com/show_bug.cgi?id=1237872 * https://bugzilla.suse.com/show_bug.cgi?id=1237892 * https://bugzilla.suse.com/show_bug.cgi?id=1237903 * https://bugzilla.suse.com/show_bug.cgi?id=1237904 * https://bugzilla.suse.com/show_bug.cgi?id=1237916 * https://bugzilla.suse.com/show_bug.cgi?id=1237922 * https://bugzilla.suse.com/show_bug.cgi?id=1237925 * https://bugzilla.suse.com/show_bug.cgi?id=1237926 * https://bugzilla.suse.com/show_bug.cgi?id=1237929 * https://bugzilla.suse.com/show_bug.cgi?id=1237931 * https://bugzilla.suse.com/show_bug.cgi?id=1237932 * https://bugzilla.suse.com/show_bug.cgi?id=1237933 * https://bugzilla.suse.com/show_bug.cgi?id=1237937 * https://bugzilla.suse.com/show_bug.cgi?id=1237939 * https://bugzilla.suse.com/show_bug.cgi?id=1237940 * https://bugzilla.suse.com/show_bug.cgi?id=1237941 * https://bugzilla.suse.com/show_bug.cgi?id=1237942 * https://bugzilla.suse.com/show_bug.cgi?id=1237946 * https://bugzilla.suse.com/show_bug.cgi?id=1237951 * https://bugzilla.suse.com/show_bug.cgi?id=1237952 * https://bugzilla.suse.com/show_bug.cgi?id=1237954 * https://bugzilla.suse.com/show_bug.cgi?id=1237955 * https://bugzilla.suse.com/show_bug.cgi?id=1237957 * https://bugzilla.suse.com/show_bug.cgi?id=1237958 * https://bugzilla.suse.com/show_bug.cgi?id=1237959 * https://bugzilla.suse.com/show_bug.cgi?id=1237960 * https://bugzilla.suse.com/show_bug.cgi?id=1237961 * https://bugzilla.suse.com/show_bug.cgi?id=1237963 * https://bugzilla.suse.com/show_bug.cgi?id=1237965 * https://bugzilla.suse.com/show_bug.cgi?id=1237966 * https://bugzilla.suse.com/show_bug.cgi?id=1237967 * https://bugzilla.suse.com/show_bug.cgi?id=1237968 * https://bugzilla.suse.com/show_bug.cgi?id=1237969 * https://bugzilla.suse.com/show_bug.cgi?id=1237970 * https://bugzilla.suse.com/show_bug.cgi?id=1237971 * https://bugzilla.suse.com/show_bug.cgi?id=1237973 * https://bugzilla.suse.com/show_bug.cgi?id=1237975 * https://bugzilla.suse.com/show_bug.cgi?id=1237976 * https://bugzilla.suse.com/show_bug.cgi?id=1237978 * https://bugzilla.suse.com/show_bug.cgi?id=1237979 * https://bugzilla.suse.com/show_bug.cgi?id=1237983 * https://bugzilla.suse.com/show_bug.cgi?id=1237984 * https://bugzilla.suse.com/show_bug.cgi?id=1237986 * https://bugzilla.suse.com/show_bug.cgi?id=1237987 * https://bugzilla.suse.com/show_bug.cgi?id=1237990 * https://bugzilla.suse.com/show_bug.cgi?id=1237996 * https://bugzilla.suse.com/show_bug.cgi?id=1237997 * https://bugzilla.suse.com/show_bug.cgi?id=1237998 * https://bugzilla.suse.com/show_bug.cgi?id=1237999 * https://bugzilla.suse.com/show_bug.cgi?id=1238000 * https://bugzilla.suse.com/show_bug.cgi?id=1238003 * https://bugzilla.suse.com/show_bug.cgi?id=1238006 * https://bugzilla.suse.com/show_bug.cgi?id=1238007 * https://bugzilla.suse.com/show_bug.cgi?id=1238010 * https://bugzilla.suse.com/show_bug.cgi?id=1238011 * https://bugzilla.suse.com/show_bug.cgi?id=1238012 * https://bugzilla.suse.com/show_bug.cgi?id=1238013 * https://bugzilla.suse.com/show_bug.cgi?id=1238014 * https://bugzilla.suse.com/show_bug.cgi?id=1238016 * https://bugzilla.suse.com/show_bug.cgi?id=1238017 * https://bugzilla.suse.com/show_bug.cgi?id=1238018 * https://bugzilla.suse.com/show_bug.cgi?id=1238019 * https://bugzilla.suse.com/show_bug.cgi?id=1238021 * https://bugzilla.suse.com/show_bug.cgi?id=1238022 * https://bugzilla.suse.com/show_bug.cgi?id=1238024 * https://bugzilla.suse.com/show_bug.cgi?id=1238030 * https://bugzilla.suse.com/show_bug.cgi?id=1238036 * https://bugzilla.suse.com/show_bug.cgi?id=1238037 * https://bugzilla.suse.com/show_bug.cgi?id=1238041 * https://bugzilla.suse.com/show_bug.cgi?id=1238046 * https://bugzilla.suse.com/show_bug.cgi?id=1238047 * https://bugzilla.suse.com/show_bug.cgi?id=1238071 * https://bugzilla.suse.com/show_bug.cgi?id=1238077 * https://bugzilla.suse.com/show_bug.cgi?id=1238079 * https://bugzilla.suse.com/show_bug.cgi?id=1238080 * https://bugzilla.suse.com/show_bug.cgi?id=1238089 * https://bugzilla.suse.com/show_bug.cgi?id=1238090 * https://bugzilla.suse.com/show_bug.cgi?id=1238091 * https://bugzilla.suse.com/show_bug.cgi?id=1238092 * https://bugzilla.suse.com/show_bug.cgi?id=1238096 * https://bugzilla.suse.com/show_bug.cgi?id=1238097 * https://bugzilla.suse.com/show_bug.cgi?id=1238099 * https://bugzilla.suse.com/show_bug.cgi?id=1238103 * https://bugzilla.suse.com/show_bug.cgi?id=1238105 * https://bugzilla.suse.com/show_bug.cgi?id=1238106 * https://bugzilla.suse.com/show_bug.cgi?id=1238108 * https://bugzilla.suse.com/show_bug.cgi?id=1238110 * https://bugzilla.suse.com/show_bug.cgi?id=1238111 * https://bugzilla.suse.com/show_bug.cgi?id=1238112 * https://bugzilla.suse.com/show_bug.cgi?id=1238113 * https://bugzilla.suse.com/show_bug.cgi?id=1238115 * https://bugzilla.suse.com/show_bug.cgi?id=1238116 * https://bugzilla.suse.com/show_bug.cgi?id=1238120 * https://bugzilla.suse.com/show_bug.cgi?id=1238123 * https://bugzilla.suse.com/show_bug.cgi?id=1238125 * https://bugzilla.suse.com/show_bug.cgi?id=1238126 * https://bugzilla.suse.com/show_bug.cgi?id=1238127 * https://bugzilla.suse.com/show_bug.cgi?id=1238131 * https://bugzilla.suse.com/show_bug.cgi?id=1238134 * https://bugzilla.suse.com/show_bug.cgi?id=1238135 * https://bugzilla.suse.com/show_bug.cgi?id=1238138 * https://bugzilla.suse.com/show_bug.cgi?id=1238139 * https://bugzilla.suse.com/show_bug.cgi?id=1238140 * https://bugzilla.suse.com/show_bug.cgi?id=1238142 * https://bugzilla.suse.com/show_bug.cgi?id=1238144 * https://bugzilla.suse.com/show_bug.cgi?id=1238146 * https://bugzilla.suse.com/show_bug.cgi?id=1238147 * https://bugzilla.suse.com/show_bug.cgi?id=1238149 * https://bugzilla.suse.com/show_bug.cgi?id=1238150 * https://bugzilla.suse.com/show_bug.cgi?id=1238155 * https://bugzilla.suse.com/show_bug.cgi?id=1238156 * https://bugzilla.suse.com/show_bug.cgi?id=1238157 * https://bugzilla.suse.com/show_bug.cgi?id=1238158 * https://bugzilla.suse.com/show_bug.cgi?id=1238162 * https://bugzilla.suse.com/show_bug.cgi?id=1238166 * https://bugzilla.suse.com/show_bug.cgi?id=1238167 * https://bugzilla.suse.com/show_bug.cgi?id=1238168 * https://bugzilla.suse.com/show_bug.cgi?id=1238169 * https://bugzilla.suse.com/show_bug.cgi?id=1238170 * https://bugzilla.suse.com/show_bug.cgi?id=1238171 * https://bugzilla.suse.com/show_bug.cgi?id=1238172 * https://bugzilla.suse.com/show_bug.cgi?id=1238175 * https://bugzilla.suse.com/show_bug.cgi?id=1238176 * https://bugzilla.suse.com/show_bug.cgi?id=1238177 * https://bugzilla.suse.com/show_bug.cgi?id=1238180 * https://bugzilla.suse.com/show_bug.cgi?id=1238181 * https://bugzilla.suse.com/show_bug.cgi?id=1238183 * https://bugzilla.suse.com/show_bug.cgi?id=1238184 * https://bugzilla.suse.com/show_bug.cgi?id=1238228 * https://bugzilla.suse.com/show_bug.cgi?id=1238229 * https://bugzilla.suse.com/show_bug.cgi?id=1238231 * https://bugzilla.suse.com/show_bug.cgi?id=1238234 * https://bugzilla.suse.com/show_bug.cgi?id=1238235 * https://bugzilla.suse.com/show_bug.cgi?id=1238236 * https://bugzilla.suse.com/show_bug.cgi?id=1238238 * https://bugzilla.suse.com/show_bug.cgi?id=1238239 * https://bugzilla.suse.com/show_bug.cgi?id=1238241 * https://bugzilla.suse.com/show_bug.cgi?id=1238242 * https://bugzilla.suse.com/show_bug.cgi?id=1238243 * https://bugzilla.suse.com/show_bug.cgi?id=1238244 * https://bugzilla.suse.com/show_bug.cgi?id=1238246 * https://bugzilla.suse.com/show_bug.cgi?id=1238247 * https://bugzilla.suse.com/show_bug.cgi?id=1238248 * https://bugzilla.suse.com/show_bug.cgi?id=1238249 * https://bugzilla.suse.com/show_bug.cgi?id=1238253 * https://bugzilla.suse.com/show_bug.cgi?id=1238255 * https://bugzilla.suse.com/show_bug.cgi?id=1238256 * https://bugzilla.suse.com/show_bug.cgi?id=1238257 * https://bugzilla.suse.com/show_bug.cgi?id=1238260 * https://bugzilla.suse.com/show_bug.cgi?id=1238262 * https://bugzilla.suse.com/show_bug.cgi?id=1238263 * https://bugzilla.suse.com/show_bug.cgi?id=1238264 * https://bugzilla.suse.com/show_bug.cgi?id=1238266 * https://bugzilla.suse.com/show_bug.cgi?id=1238267 * https://bugzilla.suse.com/show_bug.cgi?id=1238268 * https://bugzilla.suse.com/show_bug.cgi?id=1238269 * https://bugzilla.suse.com/show_bug.cgi?id=1238270 * https://bugzilla.suse.com/show_bug.cgi?id=1238271 * https://bugzilla.suse.com/show_bug.cgi?id=1238272 * https://bugzilla.suse.com/show_bug.cgi?id=1238274 * https://bugzilla.suse.com/show_bug.cgi?id=1238275 * https://bugzilla.suse.com/show_bug.cgi?id=1238276 * https://bugzilla.suse.com/show_bug.cgi?id=1238277 * https://bugzilla.suse.com/show_bug.cgi?id=1238278 * https://bugzilla.suse.com/show_bug.cgi?id=1238279 * https://bugzilla.suse.com/show_bug.cgi?id=1238281 * https://bugzilla.suse.com/show_bug.cgi?id=1238282 * https://bugzilla.suse.com/show_bug.cgi?id=1238283 * https://bugzilla.suse.com/show_bug.cgi?id=1238284 * https://bugzilla.suse.com/show_bug.cgi?id=1238286 * https://bugzilla.suse.com/show_bug.cgi?id=1238287 * https://bugzilla.suse.com/show_bug.cgi?id=1238288 * https://bugzilla.suse.com/show_bug.cgi?id=1238289 * https://bugzilla.suse.com/show_bug.cgi?id=1238292 * https://bugzilla.suse.com/show_bug.cgi?id=1238293 * https://bugzilla.suse.com/show_bug.cgi?id=1238295 * https://bugzilla.suse.com/show_bug.cgi?id=1238298 * https://bugzilla.suse.com/show_bug.cgi?id=1238301 * https://bugzilla.suse.com/show_bug.cgi?id=1238302 * https://bugzilla.suse.com/show_bug.cgi?id=1238306 * https://bugzilla.suse.com/show_bug.cgi?id=1238307 * https://bugzilla.suse.com/show_bug.cgi?id=1238308 * https://bugzilla.suse.com/show_bug.cgi?id=1238309 * https://bugzilla.suse.com/show_bug.cgi?id=1238311 * https://bugzilla.suse.com/show_bug.cgi?id=1238313 * https://bugzilla.suse.com/show_bug.cgi?id=1238326 * https://bugzilla.suse.com/show_bug.cgi?id=1238327 * https://bugzilla.suse.com/show_bug.cgi?id=1238328 * https://bugzilla.suse.com/show_bug.cgi?id=1238331 * https://bugzilla.suse.com/show_bug.cgi?id=1238333 * https://bugzilla.suse.com/show_bug.cgi?id=1238334 * https://bugzilla.suse.com/show_bug.cgi?id=1238336 * https://bugzilla.suse.com/show_bug.cgi?id=1238337 * https://bugzilla.suse.com/show_bug.cgi?id=1238338 * https://bugzilla.suse.com/show_bug.cgi?id=1238339 * https://bugzilla.suse.com/show_bug.cgi?id=1238343 * https://bugzilla.suse.com/show_bug.cgi?id=1238345 * https://bugzilla.suse.com/show_bug.cgi?id=1238372 * https://bugzilla.suse.com/show_bug.cgi?id=1238373 * https://bugzilla.suse.com/show_bug.cgi?id=1238374 * https://bugzilla.suse.com/show_bug.cgi?id=1238376 * https://bugzilla.suse.com/show_bug.cgi?id=1238377 * https://bugzilla.suse.com/show_bug.cgi?id=1238381 * https://bugzilla.suse.com/show_bug.cgi?id=1238382 * https://bugzilla.suse.com/show_bug.cgi?id=1238383 * https://bugzilla.suse.com/show_bug.cgi?id=1238386 * https://bugzilla.suse.com/show_bug.cgi?id=1238387 * https://bugzilla.suse.com/show_bug.cgi?id=1238388 * https://bugzilla.suse.com/show_bug.cgi?id=1238389 * https://bugzilla.suse.com/show_bug.cgi?id=1238390 * https://bugzilla.suse.com/show_bug.cgi?id=1238391 * https://bugzilla.suse.com/show_bug.cgi?id=1238392 * https://bugzilla.suse.com/show_bug.cgi?id=1238393 * https://bugzilla.suse.com/show_bug.cgi?id=1238394 * https://bugzilla.suse.com/show_bug.cgi?id=1238395 * https://bugzilla.suse.com/show_bug.cgi?id=1238396 * https://bugzilla.suse.com/show_bug.cgi?id=1238397 * https://bugzilla.suse.com/show_bug.cgi?id=1238400 * https://bugzilla.suse.com/show_bug.cgi?id=1238410 * https://bugzilla.suse.com/show_bug.cgi?id=1238411 * https://bugzilla.suse.com/show_bug.cgi?id=1238413 * https://bugzilla.suse.com/show_bug.cgi?id=1238415 * https://bugzilla.suse.com/show_bug.cgi?id=1238416 * https://bugzilla.suse.com/show_bug.cgi?id=1238417 * https://bugzilla.suse.com/show_bug.cgi?id=1238418 * https://bugzilla.suse.com/show_bug.cgi?id=1238419 * https://bugzilla.suse.com/show_bug.cgi?id=1238420 * https://bugzilla.suse.com/show_bug.cgi?id=1238423 * https://bugzilla.suse.com/show_bug.cgi?id=1238428 * https://bugzilla.suse.com/show_bug.cgi?id=1238429 * https://bugzilla.suse.com/show_bug.cgi?id=1238430 * https://bugzilla.suse.com/show_bug.cgi?id=1238431 * https://bugzilla.suse.com/show_bug.cgi?id=1238432 * https://bugzilla.suse.com/show_bug.cgi?id=1238433 * https://bugzilla.suse.com/show_bug.cgi?id=1238434 * https://bugzilla.suse.com/show_bug.cgi?id=1238435 * https://bugzilla.suse.com/show_bug.cgi?id=1238436 * https://bugzilla.suse.com/show_bug.cgi?id=1238437 * https://bugzilla.suse.com/show_bug.cgi?id=1238440 * https://bugzilla.suse.com/show_bug.cgi?id=1238441 * https://bugzilla.suse.com/show_bug.cgi?id=1238442 * https://bugzilla.suse.com/show_bug.cgi?id=1238443 * https://bugzilla.suse.com/show_bug.cgi?id=1238444 * https://bugzilla.suse.com/show_bug.cgi?id=1238445 * https://bugzilla.suse.com/show_bug.cgi?id=1238446 * https://bugzilla.suse.com/show_bug.cgi?id=1238447 * https://bugzilla.suse.com/show_bug.cgi?id=1238453 * https://bugzilla.suse.com/show_bug.cgi?id=1238454 * https://bugzilla.suse.com/show_bug.cgi?id=1238458 * https://bugzilla.suse.com/show_bug.cgi?id=1238459 * https://bugzilla.suse.com/show_bug.cgi?id=1238462 * https://bugzilla.suse.com/show_bug.cgi?id=1238463 * https://bugzilla.suse.com/show_bug.cgi?id=1238465 * https://bugzilla.suse.com/show_bug.cgi?id=1238467 * https://bugzilla.suse.com/show_bug.cgi?id=1238469 * https://bugzilla.suse.com/show_bug.cgi?id=1238533 * https://bugzilla.suse.com/show_bug.cgi?id=1238536 * https://bugzilla.suse.com/show_bug.cgi?id=1238538 * https://bugzilla.suse.com/show_bug.cgi?id=1238539 * https://bugzilla.suse.com/show_bug.cgi?id=1238540 * https://bugzilla.suse.com/show_bug.cgi?id=1238543 * https://bugzilla.suse.com/show_bug.cgi?id=1238545 * https://bugzilla.suse.com/show_bug.cgi?id=1238546 * https://bugzilla.suse.com/show_bug.cgi?id=1238556 * https://bugzilla.suse.com/show_bug.cgi?id=1238557 * https://bugzilla.suse.com/show_bug.cgi?id=1238599 * https://bugzilla.suse.com/show_bug.cgi?id=1238600 * https://bugzilla.suse.com/show_bug.cgi?id=1238601 * https://bugzilla.suse.com/show_bug.cgi?id=1238602 * https://bugzilla.suse.com/show_bug.cgi?id=1238605 * https://bugzilla.suse.com/show_bug.cgi?id=1238612 * https://bugzilla.suse.com/show_bug.cgi?id=1238615 * https://bugzilla.suse.com/show_bug.cgi?id=1238617 * https://bugzilla.suse.com/show_bug.cgi?id=1238618 * https://bugzilla.suse.com/show_bug.cgi?id=1238619 * https://bugzilla.suse.com/show_bug.cgi?id=1238621 * https://bugzilla.suse.com/show_bug.cgi?id=1238623 * https://bugzilla.suse.com/show_bug.cgi?id=1238625 * https://bugzilla.suse.com/show_bug.cgi?id=1238626 * https://bugzilla.suse.com/show_bug.cgi?id=1238630 * https://bugzilla.suse.com/show_bug.cgi?id=1238631 * https://bugzilla.suse.com/show_bug.cgi?id=1238632 * https://bugzilla.suse.com/show_bug.cgi?id=1238633 * https://bugzilla.suse.com/show_bug.cgi?id=1238635 * https://bugzilla.suse.com/show_bug.cgi?id=1238636 * https://bugzilla.suse.com/show_bug.cgi?id=1238638 * https://bugzilla.suse.com/show_bug.cgi?id=1238639 * https://bugzilla.suse.com/show_bug.cgi?id=1238640 * https://bugzilla.suse.com/show_bug.cgi?id=1238641 * https://bugzilla.suse.com/show_bug.cgi?id=1238642 * https://bugzilla.suse.com/show_bug.cgi?id=1238643 * https://bugzilla.suse.com/show_bug.cgi?id=1238645 * https://bugzilla.suse.com/show_bug.cgi?id=1238646 * https://bugzilla.suse.com/show_bug.cgi?id=1238647 * https://bugzilla.suse.com/show_bug.cgi?id=1238650 * https://bugzilla.suse.com/show_bug.cgi?id=1238653 * https://bugzilla.suse.com/show_bug.cgi?id=1238654 * https://bugzilla.suse.com/show_bug.cgi?id=1238655 * https://bugzilla.suse.com/show_bug.cgi?id=1238662 * https://bugzilla.suse.com/show_bug.cgi?id=1238663 * https://bugzilla.suse.com/show_bug.cgi?id=1238664 * https://bugzilla.suse.com/show_bug.cgi?id=1238666 * https://bugzilla.suse.com/show_bug.cgi?id=1238668 * https://bugzilla.suse.com/show_bug.cgi?id=1238705 * https://bugzilla.suse.com/show_bug.cgi?id=1238707 * https://bugzilla.suse.com/show_bug.cgi?id=1238710 * https://bugzilla.suse.com/show_bug.cgi?id=1238712 * https://bugzilla.suse.com/show_bug.cgi?id=1238718 * https://bugzilla.suse.com/show_bug.cgi?id=1238719 * https://bugzilla.suse.com/show_bug.cgi?id=1238721 * https://bugzilla.suse.com/show_bug.cgi?id=1238722 * https://bugzilla.suse.com/show_bug.cgi?id=1238727 * https://bugzilla.suse.com/show_bug.cgi?id=1238729 * https://bugzilla.suse.com/show_bug.cgi?id=1238750 * https://bugzilla.suse.com/show_bug.cgi?id=1238787 * https://bugzilla.suse.com/show_bug.cgi?id=1238789 * https://bugzilla.suse.com/show_bug.cgi?id=1238792 * https://bugzilla.suse.com/show_bug.cgi?id=1238799 * https://bugzilla.suse.com/show_bug.cgi?id=1238804 * https://bugzilla.suse.com/show_bug.cgi?id=1238805 * https://bugzilla.suse.com/show_bug.cgi?id=1238808 * https://bugzilla.suse.com/show_bug.cgi?id=1238809 * https://bugzilla.suse.com/show_bug.cgi?id=1238811 * https://bugzilla.suse.com/show_bug.cgi?id=1238814 * https://bugzilla.suse.com/show_bug.cgi?id=1238815 * https://bugzilla.suse.com/show_bug.cgi?id=1238816 * https://bugzilla.suse.com/show_bug.cgi?id=1238817 * https://bugzilla.suse.com/show_bug.cgi?id=1238818 * https://bugzilla.suse.com/show_bug.cgi?id=1238819 * https://bugzilla.suse.com/show_bug.cgi?id=1238821 * https://bugzilla.suse.com/show_bug.cgi?id=1238823 * https://bugzilla.suse.com/show_bug.cgi?id=1238825 * https://bugzilla.suse.com/show_bug.cgi?id=1238830 * https://bugzilla.suse.com/show_bug.cgi?id=1238834 * https://bugzilla.suse.com/show_bug.cgi?id=1238835 * https://bugzilla.suse.com/show_bug.cgi?id=1238836 * https://bugzilla.suse.com/show_bug.cgi?id=1238838 * https://bugzilla.suse.com/show_bug.cgi?id=1238867 * https://bugzilla.suse.com/show_bug.cgi?id=1238868 * https://bugzilla.suse.com/show_bug.cgi?id=1238869 * https://bugzilla.suse.com/show_bug.cgi?id=1238870 * https://bugzilla.suse.com/show_bug.cgi?id=1238871 * https://bugzilla.suse.com/show_bug.cgi?id=1238878 * https://bugzilla.suse.com/show_bug.cgi?id=1238889 * https://bugzilla.suse.com/show_bug.cgi?id=1238892 * https://bugzilla.suse.com/show_bug.cgi?id=1238893 * https://bugzilla.suse.com/show_bug.cgi?id=1238897 * https://bugzilla.suse.com/show_bug.cgi?id=1238898 * https://bugzilla.suse.com/show_bug.cgi?id=1238899 * https://bugzilla.suse.com/show_bug.cgi?id=1238902 * https://bugzilla.suse.com/show_bug.cgi?id=1238916 * https://bugzilla.suse.com/show_bug.cgi?id=1238925 * https://bugzilla.suse.com/show_bug.cgi?id=1238930 * https://bugzilla.suse.com/show_bug.cgi?id=1238933 * https://bugzilla.suse.com/show_bug.cgi?id=1238936 * https://bugzilla.suse.com/show_bug.cgi?id=1238937 * https://bugzilla.suse.com/show_bug.cgi?id=1238938 * https://bugzilla.suse.com/show_bug.cgi?id=1238939 * https://bugzilla.suse.com/show_bug.cgi?id=1238943 * https://bugzilla.suse.com/show_bug.cgi?id=1238945 * https://bugzilla.suse.com/show_bug.cgi?id=1238948 * https://bugzilla.suse.com/show_bug.cgi?id=1238949 * https://bugzilla.suse.com/show_bug.cgi?id=1238950 * https://bugzilla.suse.com/show_bug.cgi?id=1238951 * https://bugzilla.suse.com/show_bug.cgi?id=1238952 * https://bugzilla.suse.com/show_bug.cgi?id=1238954 * https://bugzilla.suse.com/show_bug.cgi?id=1238956 * https://bugzilla.suse.com/show_bug.cgi?id=1238957 * https://bugzilla.suse.com/show_bug.cgi?id=1239001 * https://bugzilla.suse.com/show_bug.cgi?id=1239004 * https://bugzilla.suse.com/show_bug.cgi?id=1239035 * https://bugzilla.suse.com/show_bug.cgi?id=1239040 * https://bugzilla.suse.com/show_bug.cgi?id=1239041 * https://bugzilla.suse.com/show_bug.cgi?id=1239051 * https://bugzilla.suse.com/show_bug.cgi?id=1239060 * https://bugzilla.suse.com/show_bug.cgi?id=1239070 * https://bugzilla.suse.com/show_bug.cgi?id=1239071 * https://bugzilla.suse.com/show_bug.cgi?id=1239073 * https://bugzilla.suse.com/show_bug.cgi?id=1239076 * https://bugzilla.suse.com/show_bug.cgi?id=1239109 * https://bugzilla.suse.com/show_bug.cgi?id=1239115 * https://jira.suse.com/browse/PED-1073 * https://jira.suse.com/browse/SLE-15442 * https://jira.suse.com/browse/SLE-18377 * https://jira.suse.com/browse/SLE-19249 * https://jira.suse.com/browse/SLE-24682 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 27 12:30:08 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 27 Mar 2025 12:30:08 -0000 Subject: SUSE-SU-2025:1038-1: important: Security update for podman Message-ID: <174307860805.8841.15193592004488112314@smelt2.prg2.suse.org> # Security update for podman Announcement ID: SUSE-SU-2025:1038-1 Release Date: 2025-03-27T09:44:52Z Rating: important References: * bsc#1239330 Cross-References: * CVE-2024-6104 * CVE-2025-22869 * CVE-2025-27144 CVSS scores: * CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239330). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1038=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1038=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1038=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-1038=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1038=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1038=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1038=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1038=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * podman-debuginfo-4.9.5-150500.3.40.1 * podman-4.9.5-150500.3.40.1 * podman-remote-4.9.5-150500.3.40.1 * podman-remote-debuginfo-4.9.5-150500.3.40.1 * podmansh-4.9.5-150500.3.40.1 * openSUSE Leap 15.5 (noarch) * podman-docker-4.9.5-150500.3.40.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * podman-debuginfo-4.9.5-150500.3.40.1 * podman-4.9.5-150500.3.40.1 * podman-remote-4.9.5-150500.3.40.1 * podman-remote-debuginfo-4.9.5-150500.3.40.1 * podmansh-4.9.5-150500.3.40.1 * openSUSE Leap 15.6 (noarch) * podman-docker-4.9.5-150500.3.40.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * podman-debuginfo-4.9.5-150500.3.40.1 * podman-4.9.5-150500.3.40.1 * podman-remote-4.9.5-150500.3.40.1 * podman-remote-debuginfo-4.9.5-150500.3.40.1 * podmansh-4.9.5-150500.3.40.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * podman-docker-4.9.5-150500.3.40.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * podman-debuginfo-4.9.5-150500.3.40.1 * podman-4.9.5-150500.3.40.1 * podman-remote-4.9.5-150500.3.40.1 * podman-remote-debuginfo-4.9.5-150500.3.40.1 * podmansh-4.9.5-150500.3.40.1 * Containers Module 15-SP6 (noarch) * podman-docker-4.9.5-150500.3.40.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * podman-debuginfo-4.9.5-150500.3.40.1 * podman-4.9.5-150500.3.40.1 * podman-remote-4.9.5-150500.3.40.1 * podman-remote-debuginfo-4.9.5-150500.3.40.1 * podmansh-4.9.5-150500.3.40.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * podman-docker-4.9.5-150500.3.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * podman-debuginfo-4.9.5-150500.3.40.1 * podman-4.9.5-150500.3.40.1 * podman-remote-4.9.5-150500.3.40.1 * podman-remote-debuginfo-4.9.5-150500.3.40.1 * podmansh-4.9.5-150500.3.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * podman-docker-4.9.5-150500.3.40.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * podman-debuginfo-4.9.5-150500.3.40.1 * podman-4.9.5-150500.3.40.1 * podman-remote-4.9.5-150500.3.40.1 * podman-remote-debuginfo-4.9.5-150500.3.40.1 * podmansh-4.9.5-150500.3.40.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * podman-docker-4.9.5-150500.3.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * podman-debuginfo-4.9.5-150500.3.40.1 * podman-4.9.5-150500.3.40.1 * podman-remote-4.9.5-150500.3.40.1 * podman-remote-debuginfo-4.9.5-150500.3.40.1 * podmansh-4.9.5-150500.3.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * podman-docker-4.9.5-150500.3.40.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6104.html * https://www.suse.com/security/cve/CVE-2025-22869.html * https://www.suse.com/security/cve/CVE-2025-27144.html * https://bugzilla.suse.com/show_bug.cgi?id=1239330 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 27 12:30:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 27 Mar 2025 12:30:12 -0000 Subject: SUSE-SU-2025:1037-1: important: Security update for podman Message-ID: <174307861256.8841.13381453684247891213@smelt2.prg2.suse.org> # Security update for podman Announcement ID: SUSE-SU-2025:1037-1 Release Date: 2025-03-27T09:44:18Z Rating: important References: * bsc#1239330 Cross-References: * CVE-2024-6104 * CVE-2025-22869 * CVE-2025-27144 CVSS scores: * CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239330). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1037=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1037=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1037=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1037=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1037=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1037=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1037=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1037=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1037=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.44.1 * podman-4.9.5-150400.4.44.1 * podman-remote-debuginfo-4.9.5-150400.4.44.1 * podman-remote-4.9.5-150400.4.44.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.44.1 * podman-4.9.5-150400.4.44.1 * podman-remote-debuginfo-4.9.5-150400.4.44.1 * podman-remote-4.9.5-150400.4.44.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * podman-debuginfo-4.9.5-150400.4.44.1 * podman-4.9.5-150400.4.44.1 * podman-remote-debuginfo-4.9.5-150400.4.44.1 * podman-remote-4.9.5-150400.4.44.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.44.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * podman-debuginfo-4.9.5-150400.4.44.1 * podman-4.9.5-150400.4.44.1 * podman-remote-debuginfo-4.9.5-150400.4.44.1 * podman-remote-4.9.5-150400.4.44.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.44.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * podman-debuginfo-4.9.5-150400.4.44.1 * podman-4.9.5-150400.4.44.1 * podman-remote-debuginfo-4.9.5-150400.4.44.1 * podman-remote-4.9.5-150400.4.44.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * podman-docker-4.9.5-150400.4.44.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * podman-debuginfo-4.9.5-150400.4.44.1 * podman-4.9.5-150400.4.44.1 * podman-remote-debuginfo-4.9.5-150400.4.44.1 * podman-remote-4.9.5-150400.4.44.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.44.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * podman-4.9.5-150400.4.44.1 * podman-remote-debuginfo-4.9.5-150400.4.44.1 * podmansh-4.9.5-150400.4.44.1 * podman-debuginfo-4.9.5-150400.4.44.1 * podman-remote-4.9.5-150400.4.44.1 * openSUSE Leap 15.4 (noarch) * podman-docker-4.9.5-150400.4.44.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.44.1 * podman-4.9.5-150400.4.44.1 * podman-remote-debuginfo-4.9.5-150400.4.44.1 * podman-remote-4.9.5-150400.4.44.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.44.1 * podman-4.9.5-150400.4.44.1 * podman-remote-debuginfo-4.9.5-150400.4.44.1 * podman-remote-4.9.5-150400.4.44.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6104.html * https://www.suse.com/security/cve/CVE-2025-22869.html * https://www.suse.com/security/cve/CVE-2025-27144.html * https://bugzilla.suse.com/show_bug.cgi?id=1239330 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 27 12:30:18 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 27 Mar 2025 12:30:18 -0000 Subject: SUSE-SU-2025:1036-1: important: Security update for podman Message-ID: <174307861808.8841.17259024680576338068@smelt2.prg2.suse.org> # Security update for podman Announcement ID: SUSE-SU-2025:1036-1 Release Date: 2025-03-27T09:43:51Z Rating: important References: * bsc#1239330 Cross-References: * CVE-2024-6104 * CVE-2025-22869 * CVE-2025-27144 CVSS scores: * CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27144 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27144 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239330). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1036=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1036=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1036=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1036=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1036=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1036=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1036=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1036=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * podman-remote-debuginfo-4.9.5-150300.9.46.1 * podman-remote-4.9.5-150300.9.46.1 * podman-4.9.5-150300.9.46.1 * podmansh-4.9.5-150300.9.46.1 * podman-debuginfo-4.9.5-150300.9.46.1 * openSUSE Leap 15.3 (noarch) * podman-docker-4.9.5-150300.9.46.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * podman-remote-debuginfo-4.9.5-150300.9.46.1 * podman-4.9.5-150300.9.46.1 * podman-remote-4.9.5-150300.9.46.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * podman-remote-debuginfo-4.9.5-150300.9.46.1 * podman-4.9.5-150300.9.46.1 * podman-remote-4.9.5-150300.9.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * podman-remote-debuginfo-4.9.5-150300.9.46.1 * podman-4.9.5-150300.9.46.1 * podman-remote-4.9.5-150300.9.46.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * podman-remote-debuginfo-4.9.5-150300.9.46.1 * podman-4.9.5-150300.9.46.1 * podman-debuginfo-4.9.5-150300.9.46.1 * podman-remote-4.9.5-150300.9.46.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * podman-remote-debuginfo-4.9.5-150300.9.46.1 * podman-4.9.5-150300.9.46.1 * podman-remote-4.9.5-150300.9.46.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * podman-remote-4.9.5-150300.9.46.1 * podman-4.9.5-150300.9.46.1 * podman-debuginfo-4.9.5-150300.9.46.1 * podman-remote-debuginfo-4.9.5-150300.9.46.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * podman-remote-4.9.5-150300.9.46.1 * podman-4.9.5-150300.9.46.1 * podman-debuginfo-4.9.5-150300.9.46.1 * podman-remote-debuginfo-4.9.5-150300.9.46.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6104.html * https://www.suse.com/security/cve/CVE-2025-22869.html * https://www.suse.com/security/cve/CVE-2025-27144.html * https://bugzilla.suse.com/show_bug.cgi?id=1239330 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 27 16:30:07 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 27 Mar 2025 16:30:07 -0000 Subject: SUSE-SU-2025:1041-1: moderate: Security update for python3 Message-ID: <174309300731.8820.4121810706682984542@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2025:1041-1 Release Date: 2025-03-27T15:08:10Z Rating: moderate References: * bsc#1233307 Cross-References: * CVE-2024-11168 CVSS scores: * CVE-2024-11168 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-11168 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses (bsc#1233307). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1041=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * python3-base-debuginfo-3.4.10-25.151.1 * python3-base-3.4.10-25.151.1 * python3-devel-debuginfo-3.4.10-25.151.1 * python3-base-debuginfo-32bit-3.4.10-25.151.1 * libpython3_4m1_0-debuginfo-3.4.10-25.151.1 * python3-curses-debuginfo-3.4.10-25.151.1 * python3-tk-debuginfo-3.4.10-25.151.1 * python3-base-debugsource-3.4.10-25.151.1 * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.151.1 * libpython3_4m1_0-32bit-3.4.10-25.151.1 * python3-devel-3.4.10-25.151.1 * python3-curses-3.4.10-25.151.1 * python3-tk-3.4.10-25.151.1 * python3-debugsource-3.4.10-25.151.1 * libpython3_4m1_0-3.4.10-25.151.1 * python3-3.4.10-25.151.1 * python3-debuginfo-3.4.10-25.151.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11168.html * https://bugzilla.suse.com/show_bug.cgi?id=1233307 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 27 20:30:19 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 27 Mar 2025 20:30:19 -0000 Subject: SUSE-SU-2025:1043-1: moderate: Security update for python36 Message-ID: <174310741900.9147.3483896765604992207@smelt2.prg2.suse.org> # Security update for python36 Announcement ID: SUSE-SU-2025:1043-1 Release Date: 2025-03-27T16:27:44Z Rating: moderate References: * bsc#1233307 Cross-References: * CVE-2024-11168 CVSS scores: * CVE-2024-11168 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-11168 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python36 fixes the following issues: * CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses (bsc#1233307). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1043=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * python36-3.6.15-79.1 * python36-base-3.6.15-79.1 * libpython3_6m1_0-debuginfo-32bit-3.6.15-79.1 * python36-devel-3.6.15-79.1 * python36-debugsource-3.6.15-79.1 * libpython3_6m1_0-debuginfo-3.6.15-79.1 * python36-base-debuginfo-3.6.15-79.1 * python36-debuginfo-3.6.15-79.1 * libpython3_6m1_0-32bit-3.6.15-79.1 * libpython3_6m1_0-3.6.15-79.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11168.html * https://bugzilla.suse.com/show_bug.cgi?id=1233307 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 28 16:30:02 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 28 Mar 2025 16:30:02 -0000 Subject: SUSE-SU-2025:1052-1: moderate: Security update for govulncheck-vulndb Message-ID: <174317940260.9147.15267743492501280382@smelt2.prg2.suse.org> # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2025:1052-1 Release Date: 2025-03-28T15:49:36Z Rating: moderate References: * jsc#PED-11136 Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: * Update to version 0.0.20250326T201520 2025-03-26T20:15:20Z (jsc#PED-11136): * GO-2025-3520 * GO-2025-3521 * GO-2025-3522 * GO-2025-3533 * GO-2025-3534 * GO-2025-3536 * GO-2025-3537 * GO-2025-3538 * GO-2025-3539 * GO-2025-3540 * GO-2025-3542 * GO-2025-3543 * GO-2025-3545 * GO-2025-3546 * GO-2025-3547 * GO-2025-3549 * GO-2025-3550 * GO-2025-3551 * GO-2025-3552 * GO-2025-3553 * GO-2025-3554 * GO-2025-3555 * GO-2025-3556 * GO-2025-3560 * GO-2025-3561 * GO-2025-3562 * GO-2025-3564 * GO-2025-3565 * GO-2025-3566 * GO-2025-3567 * GO-2025-3568 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1052=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1052=1 ## Package List: * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20250326T201520-150000.1.46.1 * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20250326T201520-150000.1.46.1 ## References: * https://jira.suse.com/browse/PED-11136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 28 16:30:10 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 28 Mar 2025 16:30:10 -0000 Subject: SUSE-SU-2025:1051-1: important: Security update for erlang26 Message-ID: <174317941062.9147.14952020549700675558@smelt2.prg2.suse.org> # Security update for erlang26 Announcement ID: SUSE-SU-2025:1051-1 Release Date: 2025-03-28T14:50:28Z Rating: important References: * bsc#1237467 Cross-References: * CVE-2025-26618 CVSS scores: * CVE-2025-26618 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-26618 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-26618 ( NVD ): 7.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for erlang26 fixes the following issues: * CVE-2025-26618: Fixed incorrect verification of SSH SFTP packet size in Erlang OTP (bsc#1237467) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1051=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1051=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1051=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * erlang26-debugsource-26.2.1-150300.7.8.1 * erlang26-26.2.1-150300.7.8.1 * erlang26-debugger-26.2.1-150300.7.8.1 * erlang26-dialyzer-debuginfo-26.2.1-150300.7.8.1 * erlang26-epmd-26.2.1-150300.7.8.1 * erlang26-et-src-26.2.1-150300.7.8.1 * erlang26-et-26.2.1-150300.7.8.1 * erlang26-doc-26.2.1-150300.7.8.1 * erlang26-src-26.2.1-150300.7.8.1 * erlang26-observer-26.2.1-150300.7.8.1 * erlang26-wx-debuginfo-26.2.1-150300.7.8.1 * erlang26-dialyzer-src-26.2.1-150300.7.8.1 * erlang26-diameter-26.2.1-150300.7.8.1 * erlang26-diameter-src-26.2.1-150300.7.8.1 * erlang26-dialyzer-26.2.1-150300.7.8.1 * erlang26-observer-src-26.2.1-150300.7.8.1 * erlang26-reltool-src-26.2.1-150300.7.8.1 * erlang26-jinterface-26.2.1-150300.7.8.1 * erlang26-wx-src-26.2.1-150300.7.8.1 * erlang26-epmd-debuginfo-26.2.1-150300.7.8.1 * erlang26-jinterface-src-26.2.1-150300.7.8.1 * erlang26-debuginfo-26.2.1-150300.7.8.1 * erlang26-wx-26.2.1-150300.7.8.1 * erlang26-debugger-src-26.2.1-150300.7.8.1 * erlang26-reltool-26.2.1-150300.7.8.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * erlang26-debugsource-26.2.1-150300.7.8.1 * erlang26-26.2.1-150300.7.8.1 * erlang26-debugger-26.2.1-150300.7.8.1 * erlang26-dialyzer-debuginfo-26.2.1-150300.7.8.1 * erlang26-epmd-26.2.1-150300.7.8.1 * erlang26-et-src-26.2.1-150300.7.8.1 * erlang26-et-26.2.1-150300.7.8.1 * erlang26-doc-26.2.1-150300.7.8.1 * erlang26-src-26.2.1-150300.7.8.1 * erlang26-observer-26.2.1-150300.7.8.1 * erlang26-wx-debuginfo-26.2.1-150300.7.8.1 * erlang26-dialyzer-src-26.2.1-150300.7.8.1 * erlang26-diameter-26.2.1-150300.7.8.1 * erlang26-diameter-src-26.2.1-150300.7.8.1 * erlang26-dialyzer-26.2.1-150300.7.8.1 * erlang26-observer-src-26.2.1-150300.7.8.1 * erlang26-reltool-src-26.2.1-150300.7.8.1 * erlang26-jinterface-26.2.1-150300.7.8.1 * erlang26-wx-src-26.2.1-150300.7.8.1 * erlang26-epmd-debuginfo-26.2.1-150300.7.8.1 * erlang26-jinterface-src-26.2.1-150300.7.8.1 * erlang26-debuginfo-26.2.1-150300.7.8.1 * erlang26-wx-26.2.1-150300.7.8.1 * erlang26-debugger-src-26.2.1-150300.7.8.1 * erlang26-reltool-26.2.1-150300.7.8.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * erlang26-epmd-debuginfo-26.2.1-150300.7.8.1 * erlang26-debugsource-26.2.1-150300.7.8.1 * erlang26-26.2.1-150300.7.8.1 * erlang26-epmd-26.2.1-150300.7.8.1 * erlang26-debuginfo-26.2.1-150300.7.8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-26618.html * https://bugzilla.suse.com/show_bug.cgi?id=1237467 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 28 20:30:04 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 28 Mar 2025 20:30:04 -0000 Subject: SUSE-SU-2025:1059-1: important: Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6) Message-ID: <174319380446.8841.5042260578574319328@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:1059-1 Release Date: 2025-03-28T19:33:29Z Rating: important References: * bsc#1235916 Cross-References: * CVE-2024-57882 CVSS scores: * CVE-2024-57882 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57882 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-57882 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_23 fixes one issue. The following security issue was fixed: * CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235916). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1059=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-1060=1 SUSE-SLE-Module-Live- Patching-15-SP6-2025-1058=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource-7-150600.2.1 * kernel-livepatch-6_4_0-150600_10_20-rt-debuginfo-3-150600.2.1 * kernel-livepatch-6_4_0-150600_10_23-rt-debuginfo-3-150600.2.1 * kernel-livepatch-6_4_0-150600_10_8-rt-7-150600.2.1 * kernel-livepatch-6_4_0-150600_10_23-rt-3-150600.2.1 * kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo-7-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_7-debugsource-3-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_6-debugsource-3-150600.2.1 * kernel-livepatch-6_4_0-150600_10_20-rt-3-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-57882.html * https://bugzilla.suse.com/show_bug.cgi?id=1235916 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 28 20:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 28 Mar 2025 20:30:09 -0000 Subject: SUSE-SU-2025:1057-1: important: Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6) Message-ID: <174319380916.8841.17510227759664655774@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:1057-1 Release Date: 2025-03-28T19:03:41Z Rating: important References: * bsc#1228578 * bsc#1235916 Cross-References: * CVE-2024-41062 * CVE-2024-57882 CVSS scores: * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57882 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57882 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-57882 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_8 fixes several issues. The following security issues were fixed: * CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235916). * CVE-2024-41062: Sync sock recv cb and release (bsc#1228578). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1057=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-SLE15-SP6-RT_Update_0-debugsource-12-150600.3.1 * kernel-livepatch-6_4_0-150600_8-rt-12-150600.3.1 * kernel-livepatch-6_4_0-150600_8-rt-debuginfo-12-150600.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-57882.html * https://bugzilla.suse.com/show_bug.cgi?id=1228578 * https://bugzilla.suse.com/show_bug.cgi?id=1235916 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 28 20:30:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 28 Mar 2025 20:30:12 -0000 Subject: SUSE-SU-2025:1056-1: low: Security update for python3 Message-ID: <174319381275.8841.16838482481244760781@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2025:1056-1 Release Date: 2025-03-28T17:06:49Z Rating: low References: * bsc#1233307 Cross-References: * CVE-2024-11168 CVSS scores: * CVE-2024-11168 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-11168 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses (bsc#1233307). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1056=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1056=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1056=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1056=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1056=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1056=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1056=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1056=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1056=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1056=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1056=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python3-tk-debuginfo-3.6.15-150300.10.84.1 * python3-idle-3.6.15-150300.10.84.1 * python3-tk-3.6.15-150300.10.84.1 * python3-dbm-debuginfo-3.6.15-150300.10.84.1 * python3-curses-3.6.15-150300.10.84.1 * python3-devel-3.6.15-150300.10.84.1 * python3-tools-3.6.15-150300.10.84.1 * python3-base-3.6.15-150300.10.84.1 * python3-base-debuginfo-3.6.15-150300.10.84.1 * python3-doc-3.6.15-150300.10.84.1 * python3-debugsource-3.6.15-150300.10.84.1 * python3-core-debugsource-3.6.15-150300.10.84.1 * python3-testsuite-debuginfo-3.6.15-150300.10.84.1 * libpython3_6m1_0-3.6.15-150300.10.84.1 * python3-curses-debuginfo-3.6.15-150300.10.84.1 * python3-3.6.15-150300.10.84.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.84.1 * python3-devel-debuginfo-3.6.15-150300.10.84.1 * python3-debuginfo-3.6.15-150300.10.84.1 * python3-doc-devhelp-3.6.15-150300.10.84.1 * python3-dbm-3.6.15-150300.10.84.1 * python3-testsuite-3.6.15-150300.10.84.1 * openSUSE Leap 15.3 (x86_64) * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.84.1 * libpython3_6m1_0-32bit-3.6.15-150300.10.84.1 * openSUSE Leap 15.3 (aarch64_ilp32) * libpython3_6m1_0-64bit-debuginfo-3.6.15-150300.10.84.1 * libpython3_6m1_0-64bit-3.6.15-150300.10.84.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python3-tk-debuginfo-3.6.15-150300.10.84.1 * python3-idle-3.6.15-150300.10.84.1 * python3-tk-3.6.15-150300.10.84.1 * python3-dbm-debuginfo-3.6.15-150300.10.84.1 * python3-curses-3.6.15-150300.10.84.1 * python3-devel-3.6.15-150300.10.84.1 * python3-tools-3.6.15-150300.10.84.1 * python3-base-3.6.15-150300.10.84.1 * python3-base-debuginfo-3.6.15-150300.10.84.1 * python3-doc-3.6.15-150300.10.84.1 * python3-debugsource-3.6.15-150300.10.84.1 * python3-core-debugsource-3.6.15-150300.10.84.1 * python3-testsuite-debuginfo-3.6.15-150300.10.84.1 * libpython3_6m1_0-3.6.15-150300.10.84.1 * python3-curses-debuginfo-3.6.15-150300.10.84.1 * python3-3.6.15-150300.10.84.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.84.1 * python3-devel-debuginfo-3.6.15-150300.10.84.1 * python3-debuginfo-3.6.15-150300.10.84.1 * python3-doc-devhelp-3.6.15-150300.10.84.1 * python3-dbm-3.6.15-150300.10.84.1 * python3-testsuite-3.6.15-150300.10.84.1 * openSUSE Leap 15.6 (x86_64) * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.84.1 * libpython3_6m1_0-32bit-3.6.15-150300.10.84.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * python3-base-3.6.15-150300.10.84.1 * python3-base-debuginfo-3.6.15-150300.10.84.1 * python3-debugsource-3.6.15-150300.10.84.1 * python3-core-debugsource-3.6.15-150300.10.84.1 * libpython3_6m1_0-3.6.15-150300.10.84.1 * python3-3.6.15-150300.10.84.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.84.1 * python3-debuginfo-3.6.15-150300.10.84.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * python3-base-3.6.15-150300.10.84.1 * python3-base-debuginfo-3.6.15-150300.10.84.1 * python3-debugsource-3.6.15-150300.10.84.1 * python3-core-debugsource-3.6.15-150300.10.84.1 * libpython3_6m1_0-3.6.15-150300.10.84.1 * python3-3.6.15-150300.10.84.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.84.1 * python3-debuginfo-3.6.15-150300.10.84.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * python3-base-3.6.15-150300.10.84.1 * python3-base-debuginfo-3.6.15-150300.10.84.1 * python3-debugsource-3.6.15-150300.10.84.1 * python3-core-debugsource-3.6.15-150300.10.84.1 * libpython3_6m1_0-3.6.15-150300.10.84.1 * python3-3.6.15-150300.10.84.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.84.1 * python3-debuginfo-3.6.15-150300.10.84.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * python3-base-3.6.15-150300.10.84.1 * python3-base-debuginfo-3.6.15-150300.10.84.1 * python3-debugsource-3.6.15-150300.10.84.1 * python3-core-debugsource-3.6.15-150300.10.84.1 * libpython3_6m1_0-3.6.15-150300.10.84.1 * python3-3.6.15-150300.10.84.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.84.1 * python3-debuginfo-3.6.15-150300.10.84.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * python3-base-3.6.15-150300.10.84.1 * python3-base-debuginfo-3.6.15-150300.10.84.1 * python3-debugsource-3.6.15-150300.10.84.1 * python3-core-debugsource-3.6.15-150300.10.84.1 * libpython3_6m1_0-3.6.15-150300.10.84.1 * python3-3.6.15-150300.10.84.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.84.1 * python3-debuginfo-3.6.15-150300.10.84.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python3-tk-debuginfo-3.6.15-150300.10.84.1 * python3-base-3.6.15-150300.10.84.1 * python3-base-debuginfo-3.6.15-150300.10.84.1 * python3-dbm-3.6.15-150300.10.84.1 * python3-idle-3.6.15-150300.10.84.1 * python3-debugsource-3.6.15-150300.10.84.1 * python3-core-debugsource-3.6.15-150300.10.84.1 * libpython3_6m1_0-3.6.15-150300.10.84.1 * python3-curses-debuginfo-3.6.15-150300.10.84.1 * python3-3.6.15-150300.10.84.1 * python3-dbm-debuginfo-3.6.15-150300.10.84.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.84.1 * python3-curses-3.6.15-150300.10.84.1 * python3-devel-debuginfo-3.6.15-150300.10.84.1 * python3-debuginfo-3.6.15-150300.10.84.1 * python3-devel-3.6.15-150300.10.84.1 * python3-tk-3.6.15-150300.10.84.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.84.1 * python3-tools-3.6.15-150300.10.84.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * python3-base-3.6.15-150300.10.84.1 * python3-base-debuginfo-3.6.15-150300.10.84.1 * python3-debugsource-3.6.15-150300.10.84.1 * python3-core-debugsource-3.6.15-150300.10.84.1 * libpython3_6m1_0-3.6.15-150300.10.84.1 * python3-3.6.15-150300.10.84.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.84.1 * python3-debuginfo-3.6.15-150300.10.84.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * python3-base-3.6.15-150300.10.84.1 * python3-base-debuginfo-3.6.15-150300.10.84.1 * python3-debugsource-3.6.15-150300.10.84.1 * python3-core-debugsource-3.6.15-150300.10.84.1 * libpython3_6m1_0-3.6.15-150300.10.84.1 * python3-3.6.15-150300.10.84.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.84.1 * python3-debuginfo-3.6.15-150300.10.84.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11168.html * https://bugzilla.suse.com/show_bug.cgi?id=1233307 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 28 20:30:15 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 28 Mar 2025 20:30:15 -0000 Subject: SUSE-SU-2025:1055-1: moderate: Security update for skopeo Message-ID: <174319381533.8841.2951868377344396256@smelt2.prg2.suse.org> # Security update for skopeo Announcement ID: SUSE-SU-2025:1055-1 Release Date: 2025-03-28T16:55:59Z Rating: moderate References: * bsc#1238685 Cross-References: * CVE-2025-22870 CVSS scores: * CVE-2025-22870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22870 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-22870 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for skopeo fixes the following issues: * CVE-2025-22870: Fixed proxy bypass using IPv6 zone IDs (bsc#1238685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1055=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1055=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1055=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1055=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * skopeo-1.14.4-150300.11.22.1 * skopeo-debuginfo-1.14.4-150300.11.22.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * skopeo-1.14.4-150300.11.22.1 * skopeo-debuginfo-1.14.4-150300.11.22.1 * Basesystem Module 15-SP6 (noarch) * skopeo-zsh-completion-1.14.4-150300.11.22.1 * skopeo-bash-completion-1.14.4-150300.11.22.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * skopeo-1.14.4-150300.11.22.1 * skopeo-debuginfo-1.14.4-150300.11.22.1 * openSUSE Leap 15.3 (noarch) * skopeo-fish-completion-1.14.4-150300.11.22.1 * skopeo-zsh-completion-1.14.4-150300.11.22.1 * skopeo-bash-completion-1.14.4-150300.11.22.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * skopeo-1.14.4-150300.11.22.1 * skopeo-debuginfo-1.14.4-150300.11.22.1 * openSUSE Leap 15.6 (noarch) * skopeo-fish-completion-1.14.4-150300.11.22.1 * skopeo-zsh-completion-1.14.4-150300.11.22.1 * skopeo-bash-completion-1.14.4-150300.11.22.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22870.html * https://bugzilla.suse.com/show_bug.cgi?id=1238685 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 28 20:30:17 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 28 Mar 2025 20:30:17 -0000 Subject: SUSE-SU-2025:1054-1: important: Security update for mercurial Message-ID: <174319381792.8841.7717784635152894588@smelt2.prg2.suse.org> # Security update for mercurial Announcement ID: SUSE-SU-2025:1054-1 Release Date: 2025-03-28T16:55:02Z Rating: important References: * bsc#1239685 Cross-References: * CVE-2025-2361 CVSS scores: * CVE-2025-2361 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L * CVE-2025-2361 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L * CVE-2025-2361 ( NVD ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2361 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for mercurial fixes the following issues: * CVE-2025-2361: Fixed improper sanitization of user-controlled input passed via the cmd parameter in the Mercurial SCM Web Interface (bsc#1239685) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1054=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1054=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1054=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1054=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1054=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1054=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1054=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1054=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1054=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1054=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1054=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1054=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1054=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1054=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * mercurial-5.9.1-150400.3.6.1 * mercurial-tests-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * openSUSE Leap 15.4 (noarch) * mercurial-lang-5.9.1-150400.3.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-tests-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * openSUSE Leap 15.6 (noarch) * mercurial-lang-5.9.1-150400.3.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Manager Proxy 4.3 (x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2361.html * https://bugzilla.suse.com/show_bug.cgi?id=1239685 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 28 20:30:20 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 28 Mar 2025 20:30:20 -0000 Subject: SUSE-SU-2025:1053-1: important: Security update for openvpn Message-ID: <174319382046.8841.9947858090268169383@smelt2.prg2.suse.org> # Security update for openvpn Announcement ID: SUSE-SU-2025:1053-1 Release Date: 2025-03-28T16:46:40Z Rating: important References: * bsc#1235147 Cross-References: * CVE-2024-5594 CVSS scores: * CVE-2024-5594 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-5594 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2024-5594 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for openvpn fixes the following issues: * CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages (bsc#1235147). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1053=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * openvpn-2.3.8-16.35.1 * openvpn-auth-pam-plugin-2.3.8-16.35.1 * openvpn-debugsource-2.3.8-16.35.1 * openvpn-debuginfo-2.3.8-16.35.1 * openvpn-auth-pam-plugin-debuginfo-2.3.8-16.35.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5594.html * https://bugzilla.suse.com/show_bug.cgi?id=1235147 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 31 12:30:03 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 31 Mar 2025 12:30:03 -0000 Subject: SUSE-SU-2025:1063-1: moderate: Security update for apparmor Message-ID: <174342420347.28468.17014585541129785944@smelt2.prg2.suse.org> # Security update for apparmor Announcement ID: SUSE-SU-2025:1063-1 Release Date: 2025-03-31T09:04:56Z Rating: moderate References: * bsc#1234452 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one security fix can now be installed. ## Description: This update for apparmor fixes the following issues: * Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin (bsc#1234452). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1063=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1063=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1063=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1063=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1063=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1063=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * apparmor-parser-3.0.4-150500.11.12.2 * apache2-mod_apparmor-3.0.4-150500.11.12.2 * pam_apparmor-debuginfo-3.0.4-150500.11.12.2 * ruby-apparmor-debuginfo-3.0.4-150500.11.12.2 * apache2-mod_apparmor-debuginfo-3.0.4-150500.11.12.2 * python3-apparmor-debuginfo-3.0.4-150500.11.12.2 * python3-apparmor-3.0.4-150500.11.12.2 * apparmor-debugsource-3.0.4-150500.11.12.2 * pam_apparmor-3.0.4-150500.11.12.2 * ruby-apparmor-3.0.4-150500.11.12.2 * libapparmor-debugsource-3.0.4-150500.11.12.2 * libapparmor-devel-3.0.4-150500.11.12.2 * perl-apparmor-debuginfo-3.0.4-150500.11.12.2 * perl-apparmor-3.0.4-150500.11.12.2 * libapparmor1-3.0.4-150500.11.12.2 * libapparmor1-debuginfo-3.0.4-150500.11.12.2 * apparmor-parser-debuginfo-3.0.4-150500.11.12.2 * openSUSE Leap 15.5 (noarch) * apparmor-utils-3.0.4-150500.11.12.2 * apparmor-docs-3.0.4-150500.11.12.2 * apparmor-parser-lang-3.0.4-150500.11.12.2 * apparmor-utils-lang-3.0.4-150500.11.12.2 * apparmor-abstractions-3.0.4-150500.11.12.2 * apparmor-profiles-3.0.4-150500.11.12.2 * openSUSE Leap 15.5 (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150500.11.12.2 * libapparmor1-32bit-3.0.4-150500.11.12.2 * pam_apparmor-32bit-3.0.4-150500.11.12.2 * libapparmor1-32bit-debuginfo-3.0.4-150500.11.12.2 * openSUSE Leap 15.5 (aarch64_ilp32) * pam_apparmor-64bit-debuginfo-3.0.4-150500.11.12.2 * pam_apparmor-64bit-3.0.4-150500.11.12.2 * libapparmor1-64bit-debuginfo-3.0.4-150500.11.12.2 * libapparmor1-64bit-3.0.4-150500.11.12.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * apparmor-parser-3.0.4-150500.11.12.2 * pam_apparmor-debuginfo-3.0.4-150500.11.12.2 * libapparmor-debugsource-3.0.4-150500.11.12.2 * apparmor-debugsource-3.0.4-150500.11.12.2 * pam_apparmor-3.0.4-150500.11.12.2 * libapparmor1-3.0.4-150500.11.12.2 * libapparmor1-debuginfo-3.0.4-150500.11.12.2 * apparmor-parser-debuginfo-3.0.4-150500.11.12.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * apparmor-parser-3.0.4-150500.11.12.2 * apache2-mod_apparmor-3.0.4-150500.11.12.2 * pam_apparmor-debuginfo-3.0.4-150500.11.12.2 * apache2-mod_apparmor-debuginfo-3.0.4-150500.11.12.2 * python3-apparmor-debuginfo-3.0.4-150500.11.12.2 * libapparmor-debugsource-3.0.4-150500.11.12.2 * apparmor-debugsource-3.0.4-150500.11.12.2 * libapparmor-devel-3.0.4-150500.11.12.2 * pam_apparmor-3.0.4-150500.11.12.2 * python3-apparmor-3.0.4-150500.11.12.2 * perl-apparmor-debuginfo-3.0.4-150500.11.12.2 * perl-apparmor-3.0.4-150500.11.12.2 * libapparmor1-3.0.4-150500.11.12.2 * libapparmor1-debuginfo-3.0.4-150500.11.12.2 * apparmor-parser-debuginfo-3.0.4-150500.11.12.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * apparmor-utils-3.0.4-150500.11.12.2 * apparmor-docs-3.0.4-150500.11.12.2 * apparmor-parser-lang-3.0.4-150500.11.12.2 * apparmor-utils-lang-3.0.4-150500.11.12.2 * apparmor-abstractions-3.0.4-150500.11.12.2 * apparmor-profiles-3.0.4-150500.11.12.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150500.11.12.2 * libapparmor1-32bit-3.0.4-150500.11.12.2 * pam_apparmor-32bit-3.0.4-150500.11.12.2 * libapparmor1-32bit-debuginfo-3.0.4-150500.11.12.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * apparmor-parser-3.0.4-150500.11.12.2 * apache2-mod_apparmor-3.0.4-150500.11.12.2 * pam_apparmor-debuginfo-3.0.4-150500.11.12.2 * apache2-mod_apparmor-debuginfo-3.0.4-150500.11.12.2 * python3-apparmor-debuginfo-3.0.4-150500.11.12.2 * libapparmor-debugsource-3.0.4-150500.11.12.2 * apparmor-debugsource-3.0.4-150500.11.12.2 * libapparmor-devel-3.0.4-150500.11.12.2 * pam_apparmor-3.0.4-150500.11.12.2 * python3-apparmor-3.0.4-150500.11.12.2 * perl-apparmor-debuginfo-3.0.4-150500.11.12.2 * perl-apparmor-3.0.4-150500.11.12.2 * libapparmor1-3.0.4-150500.11.12.2 * libapparmor1-debuginfo-3.0.4-150500.11.12.2 * apparmor-parser-debuginfo-3.0.4-150500.11.12.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * apparmor-utils-3.0.4-150500.11.12.2 * apparmor-docs-3.0.4-150500.11.12.2 * apparmor-parser-lang-3.0.4-150500.11.12.2 * apparmor-utils-lang-3.0.4-150500.11.12.2 * apparmor-abstractions-3.0.4-150500.11.12.2 * apparmor-profiles-3.0.4-150500.11.12.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150500.11.12.2 * libapparmor1-32bit-3.0.4-150500.11.12.2 * pam_apparmor-32bit-3.0.4-150500.11.12.2 * libapparmor1-32bit-debuginfo-3.0.4-150500.11.12.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * apparmor-parser-3.0.4-150500.11.12.2 * apache2-mod_apparmor-3.0.4-150500.11.12.2 * pam_apparmor-debuginfo-3.0.4-150500.11.12.2 * apache2-mod_apparmor-debuginfo-3.0.4-150500.11.12.2 * python3-apparmor-debuginfo-3.0.4-150500.11.12.2 * libapparmor-debugsource-3.0.4-150500.11.12.2 * apparmor-debugsource-3.0.4-150500.11.12.2 * libapparmor-devel-3.0.4-150500.11.12.2 * pam_apparmor-3.0.4-150500.11.12.2 * python3-apparmor-3.0.4-150500.11.12.2 * perl-apparmor-debuginfo-3.0.4-150500.11.12.2 * perl-apparmor-3.0.4-150500.11.12.2 * libapparmor1-3.0.4-150500.11.12.2 * libapparmor1-debuginfo-3.0.4-150500.11.12.2 * apparmor-parser-debuginfo-3.0.4-150500.11.12.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * apparmor-utils-3.0.4-150500.11.12.2 * apparmor-docs-3.0.4-150500.11.12.2 * apparmor-parser-lang-3.0.4-150500.11.12.2 * apparmor-utils-lang-3.0.4-150500.11.12.2 * apparmor-abstractions-3.0.4-150500.11.12.2 * apparmor-profiles-3.0.4-150500.11.12.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150500.11.12.2 * libapparmor1-32bit-3.0.4-150500.11.12.2 * pam_apparmor-32bit-3.0.4-150500.11.12.2 * libapparmor1-32bit-debuginfo-3.0.4-150500.11.12.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * apparmor-parser-3.0.4-150500.11.12.2 * apache2-mod_apparmor-3.0.4-150500.11.12.2 * pam_apparmor-debuginfo-3.0.4-150500.11.12.2 * apache2-mod_apparmor-debuginfo-3.0.4-150500.11.12.2 * python3-apparmor-debuginfo-3.0.4-150500.11.12.2 * libapparmor-debugsource-3.0.4-150500.11.12.2 * apparmor-debugsource-3.0.4-150500.11.12.2 * libapparmor-devel-3.0.4-150500.11.12.2 * pam_apparmor-3.0.4-150500.11.12.2 * python3-apparmor-3.0.4-150500.11.12.2 * perl-apparmor-debuginfo-3.0.4-150500.11.12.2 * perl-apparmor-3.0.4-150500.11.12.2 * libapparmor1-3.0.4-150500.11.12.2 * libapparmor1-debuginfo-3.0.4-150500.11.12.2 * apparmor-parser-debuginfo-3.0.4-150500.11.12.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * apparmor-utils-3.0.4-150500.11.12.2 * apparmor-docs-3.0.4-150500.11.12.2 * apparmor-parser-lang-3.0.4-150500.11.12.2 * apparmor-utils-lang-3.0.4-150500.11.12.2 * apparmor-abstractions-3.0.4-150500.11.12.2 * apparmor-profiles-3.0.4-150500.11.12.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * pam_apparmor-32bit-debuginfo-3.0.4-150500.11.12.2 * libapparmor1-32bit-3.0.4-150500.11.12.2 * pam_apparmor-32bit-3.0.4-150500.11.12.2 * libapparmor1-32bit-debuginfo-3.0.4-150500.11.12.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1234452 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 31 12:30:12 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 31 Mar 2025 12:30:12 -0000 Subject: SUSE-SU-2025:1062-1: important: Security update for docker, docker-stable Message-ID: <174342421260.28468.17267912811575910791@smelt2.prg2.suse.org> # Security update for docker, docker-stable Announcement ID: SUSE-SU-2025:1062-1 Release Date: 2025-03-31T08:46:03Z Rating: important References: * bsc#1237367 * bsc#1239185 * bsc#1239322 Cross-References: * CVE-2024-2365 * CVE-2024-29018 * CVE-2024-41110 * CVE-2025-22868 * CVE-2025-22869 CVSS scores: * CVE-2024-29018 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-29018 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-41110 ( SUSE ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2025-22868 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for docker, docker-stable fixes the following issues: * CVE-2025-22868: Fixed unexpected memory consumption during token parsing in golang.org/x/oauth2 (bsc#1239185). * CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239322). Other fixes: \- Make container-selinux requirement conditional on selinux-policy (bsc#1237367) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1062=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-1062=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1062=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-1062=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1062=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1062=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1062=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1062=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1062=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1062=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1062=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1062=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1062=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1062=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1062=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1062=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-1062=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1062=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-1062=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1062=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1062=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-1062=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * docker-stable-24.0.9_ce-150000.1.15.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.15.1 * Containers Module 15-SP6 (noarch) * docker-stable-bash-completion-24.0.9_ce-150000.1.15.1 * docker-bash-completion-27.5.1_ce-150000.218.1 * docker-rootless-extras-27.5.1_ce-150000.218.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * docker-stable-24.0.9_ce-150000.1.15.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * docker-bash-completion-27.5.1_ce-150000.218.1 * docker-fish-completion-27.5.1_ce-150000.218.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.15.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * docker-stable-24.0.9_ce-150000.1.15.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.15.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * docker-stable-bash-completion-24.0.9_ce-150000.1.15.1 * docker-bash-completion-27.5.1_ce-150000.218.1 * docker-rootless-extras-27.5.1_ce-150000.218.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * docker-stable-24.0.9_ce-150000.1.15.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * docker-stable-bash-completion-24.0.9_ce-150000.1.15.1 * docker-bash-completion-27.5.1_ce-150000.218.1 * docker-rootless-extras-27.5.1_ce-150000.218.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * docker-stable-24.0.9_ce-150000.1.15.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.15.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * docker-stable-bash-completion-24.0.9_ce-150000.1.15.1 * docker-bash-completion-27.5.1_ce-150000.218.1 * docker-rootless-extras-27.5.1_ce-150000.218.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * docker-stable-24.0.9_ce-150000.1.15.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * docker-stable-bash-completion-24.0.9_ce-150000.1.15.1 * docker-bash-completion-27.5.1_ce-150000.218.1 * docker-rootless-extras-27.5.1_ce-150000.218.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * docker-stable-24.0.9_ce-150000.1.15.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.15.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * docker-bash-completion-27.5.1_ce-150000.218.1 * docker-fish-completion-27.5.1_ce-150000.218.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.15.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * docker-stable-24.0.9_ce-150000.1.15.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.15.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * docker-stable-bash-completion-24.0.9_ce-150000.1.15.1 * docker-bash-completion-27.5.1_ce-150000.218.1 * docker-rootless-extras-27.5.1_ce-150000.218.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * docker-stable-24.0.9_ce-150000.1.15.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.15.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * docker-stable-bash-completion-24.0.9_ce-150000.1.15.1 * docker-bash-completion-27.5.1_ce-150000.218.1 * docker-rootless-extras-27.5.1_ce-150000.218.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * docker-stable-24.0.9_ce-150000.1.15.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * docker-bash-completion-27.5.1_ce-150000.218.1 * docker-fish-completion-27.5.1_ce-150000.218.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * docker-stable-24.0.9_ce-150000.1.15.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * docker-stable-bash-completion-24.0.9_ce-150000.1.15.1 * docker-bash-completion-27.5.1_ce-150000.218.1 * docker-rootless-extras-27.5.1_ce-150000.218.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * docker-stable-24.0.9_ce-150000.1.15.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * docker-stable-bash-completion-24.0.9_ce-150000.1.15.1 * docker-bash-completion-27.5.1_ce-150000.218.1 * docker-rootless-extras-27.5.1_ce-150000.218.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * docker-stable-24.0.9_ce-150000.1.15.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.15.1 * SUSE Enterprise Storage 7.1 (noarch) * docker-bash-completion-27.5.1_ce-150000.218.1 * docker-fish-completion-27.5.1_ce-150000.218.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.15.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * docker-stable-24.0.9_ce-150000.1.15.1 * docker-stable-debuginfo-24.0.9_ce-150000.1.15.1 * openSUSE Leap 15.6 (noarch) * docker-bash-completion-27.5.1_ce-150000.218.1 * docker-stable-fish-completion-24.0.9_ce-150000.1.15.1 * docker-rootless-extras-27.5.1_ce-150000.218.1 * docker-stable-zsh-completion-24.0.9_ce-150000.1.15.1 * docker-zsh-completion-27.5.1_ce-150000.218.1 * docker-stable-rootless-extras-24.0.9_ce-150000.1.15.1 * docker-stable-bash-completion-24.0.9_ce-150000.1.15.1 * docker-fish-completion-27.5.1_ce-150000.218.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * docker-debuginfo-27.5.1_ce-150000.218.1 * docker-27.5.1_ce-150000.218.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2365.html * https://www.suse.com/security/cve/CVE-2024-29018.html * https://www.suse.com/security/cve/CVE-2024-41110.html * https://www.suse.com/security/cve/CVE-2025-22868.html * https://www.suse.com/security/cve/CVE-2025-22869.html * https://bugzilla.suse.com/show_bug.cgi?id=1237367 * https://bugzilla.suse.com/show_bug.cgi?id=1239185 * https://bugzilla.suse.com/show_bug.cgi?id=1239322 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 31 16:30:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 31 Mar 2025 16:30:05 -0000 Subject: SUSE-SU-2025:1066-1: important: Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6) Message-ID: <174343860508.4573.8792557986566014713@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:1066-1 Release Date: 2025-03-31T13:33:31Z Rating: important References: * bsc#1235916 Cross-References: * CVE-2024-57882 CVSS scores: * CVE-2024-57882 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57882 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-57882 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_17 fixes one issue. The following security issue was fixed: * CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235916). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1066=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-1065=1 SUSE-SLE-Module-Live- Patching-15-SP6-2025-1067=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource-5-150600.2.1 * kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo-6-150600.2.1 * kernel-livepatch-6_4_0-150600_10_14-rt-6-150600.2.1 * kernel-livepatch-6_4_0-150600_10_11-rt-debuginfo-7-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource-6-150600.2.1 * kernel-livepatch-6_4_0-150600_10_17-rt-5-150600.2.1 * kernel-livepatch-6_4_0-150600_10_11-rt-7-150600.2.1 * kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo-5-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_3-debugsource-7-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-57882.html * https://bugzilla.suse.com/show_bug.cgi?id=1235916 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 31 16:30:10 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 31 Mar 2025 16:30:10 -0000 Subject: SUSE-SU-2025:1064-1: important: Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6) Message-ID: <174343861014.4573.16374269274025071139@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:1064-1 Release Date: 2025-03-31T13:03:55Z Rating: important References: * bsc#1228578 * bsc#1235916 Cross-References: * CVE-2024-41062 * CVE-2024-57882 CVSS scores: * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57882 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57882 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-57882 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_5 fixes several issues. The following security issues were fixed: * CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235916). * CVE-2024-41062: Sync sock recv cb and release (bsc#1228578). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1064=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo-11-150600.2.1 * kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource-11-150600.2.1 * kernel-livepatch-6_4_0-150600_10_5-rt-11-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-57882.html * https://bugzilla.suse.com/show_bug.cgi?id=1228578 * https://bugzilla.suse.com/show_bug.cgi?id=1235916 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 31 20:30:05 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 31 Mar 2025 20:30:05 -0000 Subject: SUSE-SU-2025:1076-1: important: Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP6) Message-ID: <174345300575.16256.17325460847720004616@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:1076-1 Release Date: 2025-03-31T16:05:04Z Rating: important References: * bsc#1235916 Cross-References: * CVE-2024-57882 CVSS scores: * CVE-2024-57882 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57882 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-57882 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_33 fixes one issue. The following security issue was fixed: * CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235916). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1079=1 SUSE-2025-1076=1 SUSE-2025-1077=1 SUSE-2025-1078=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1079=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-1076=1 SUSE-SLE-Module-Live- Patching-15-SP6-2025-1077=1 SUSE-SLE-Module-Live-Patching-15-SP6-2025-1078=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_22-default-7-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_7-debugsource-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_30-default-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_30-default-debuginfo-3-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_4-debugsource-7-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_6-debugsource-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_33-default-debuginfo-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_33-default-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-6-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_5-debugsource-6-150600.2.1 * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-7-150600.2.1 * kernel-livepatch-6_4_0-150600_23_25-default-6-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_22-default-7-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_7-debugsource-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_30-default-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_30-default-debuginfo-3-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_4-debugsource-7-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_6-debugsource-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_33-default-debuginfo-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_33-default-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-6-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_5-debugsource-6-150600.2.1 * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-7-150600.2.1 * kernel-livepatch-6_4_0-150600_23_25-default-6-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-57882.html * https://bugzilla.suse.com/show_bug.cgi?id=1235916 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 31 20:30:09 2025 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 31 Mar 2025 20:30:09 -0000 Subject: SUSE-SU-2025:1072-1: important: Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6) Message-ID: <174345300917.16256.9299663798295804116@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6) Announcement ID: SUSE-SU-2025:1072-1 Release Date: 2025-03-31T16:04:28Z Rating: important References: * bsc#1228578 * bsc#1235916 Cross-References: * CVE-2024-41062 * CVE-2024-57882 CVSS scores: * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57882 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57882 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-57882 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_17 fixes several issues. The following security issues were fixed: * CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235916). * CVE-2024-41062: Sync sock recv cb and release (bsc#1228578). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1075=1 SUSE-2025-1072=1 SUSE-2025-1073=1 SUSE-2025-1074=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-1075=1 SUSE-SLE- Module-Live-Patching-15-SP6-2025-1072=1 SUSE-SLE-Module-Live- Patching-15-SP6-2025-1073=1 SUSE-SLE-Module-Live-Patching-15-SP6-2025-1074=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_2-debugsource-11-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_0-debugsource-13-150600.4.31.1 * kernel-livepatch-6_4_0-150600_23_17-default-11-150600.2.1 * kernel-livepatch-6_4_0-150600_21-default-debuginfo-13-150600.4.31.1 * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-11-150600.2.1 * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-11-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_3-debugsource-11-150600.2.1 * kernel-livepatch-6_4_0-150600_23_14-default-11-150600.2.1 * kernel-livepatch-6_4_0-150600_23_7-default-11-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_1-debugsource-11-150600.2.1 * kernel-livepatch-6_4_0-150600_21-default-13-150600.4.31.1 * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-11-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_2-debugsource-11-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_0-debugsource-13-150600.4.31.1 * kernel-livepatch-6_4_0-150600_23_17-default-11-150600.2.1 * kernel-livepatch-6_4_0-150600_21-default-debuginfo-13-150600.4.31.1 * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-11-150600.2.1 * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-11-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_3-debugsource-11-150600.2.1 * kernel-livepatch-6_4_0-150600_23_14-default-11-150600.2.1 * kernel-livepatch-6_4_0-150600_23_7-default-11-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_1-debugsource-11-150600.2.1 * kernel-livepatch-6_4_0-150600_21-default-13-150600.4.31.1 * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-11-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-57882.html * https://bugzilla.suse.com/show_bug.cgi?id=1228578 * https://bugzilla.suse.com/show_bug.cgi?id=1235916 -------------- next part -------------- An HTML attachment was scrubbed... URL: