SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2025:01951-1)

medium Nessus Plugin ID 240805

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01951-1 advisory.

The SUSE Linux Enterprise 15 SP7 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).
- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).
- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).
- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).
- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).
- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).
- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).
- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).
- CVE-2024-49570: drm/xe/tracing: Fix a potential TP_printk UAF (bsc#1238782).
- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).
- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).
- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).
- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).
- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).
- CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc (bsc#1234074).
- CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157).
- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).
- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).
- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).
- CVE-2024-56638: kABI fix for 'netfilter: nft_inner: incorrect percpu area handling under softirq' (bsc#1235524).
- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).
- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).
- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).
- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).
- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).
- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).
- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).
- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).
- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).
- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).
- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).
- CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990).
- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).
- CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961).
- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).
- CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970).
- CVE-2024-58074: drm/i915: Grab intel_display from the encoder to avoid potential (bsc#1238972).
- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).
- CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510).
- CVE-2024-58091: drm/fbdev-dma: Add shadow buffering for deferred I/O (bsc#1240174).
- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy (bsc#1236111).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).
- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).
- CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111).
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).
- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).
- CVE-2025-21717: net/mlx5e: add missing cpu_to_node to kvzalloc_node in mlx5e_open_xdpredirect_sq (bsc#1238866).
- CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874).
- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).
- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
- CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882).
- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).
- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).
- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).
- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).
- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).
- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).
- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).
- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).
- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745).
- CVE-2025-21800: net/mlx5: HWS, fix definer's HWS_SET32 macro for negative offset (bsc#1238743).
- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).
- CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742).
- CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108).
- CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066).
- CVE-2025-21837: io_uring/uring_cmd: unconditionally copy SQEs at prep time (bsc#1239064).
- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).
- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).
- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).
- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).
- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).
- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).
- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).
- CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475).
- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).
- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).
- CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181).
- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).
- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).
- CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184).
- CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168).
- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).
- CVE-2025-21882: net/mlx5: Fix vport QoS cleanup on error (bsc#1240187).
- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).
- CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171).
- CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176).
- CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167).
- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).
- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).
- CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581).
- CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585).
- CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576).
- CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587).
- CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600).
- CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591).
- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).
- CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639).
- CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error (bsc#1240720).
- CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713).
- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).
- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).
- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level > 2 (bsc#1240742).
- CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815).
- CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816).
- CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655).
- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).
- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).
- CVE-2025-21969: kABI workaround for l2cap_conn changes (bsc#1240784).
- CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819).
- CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813).
- CVE-2025-21973: eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx} (bsc#1240803).
- CVE-2025-21974: eth: bnxt: return fail if interface is down in bnxt_queue_mem_alloc() (bsc#1240800).
- CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812).
- CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809).
- CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612).
- CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811).
- CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (bsc#1240795).
- CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797).
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).
- CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944).
- CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934).
- CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936).
- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).
- CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426).
- CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433).
- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).
- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413).
- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
- CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416).
- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).
- CVE-2025-22094: powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu' (bsc#1241512).
- CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456).
- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).
- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).
- CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548).
- CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575).
- CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573).
- CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593).
- CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684).
- CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451).
- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).
- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23154: io_uring/net: fix io_req_post_cqe abuse by send bundle (bsc#1242533).
- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).
- CVE-2025-37747: kABI workaround for perf-Fix-hang-while-freeing-sigtrap-event (References: bsc#1242520).
- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).
- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).
- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37798: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414).
- CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283).
- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).
- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).
- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).
- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).
- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).
- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).
- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).
- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).
- CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: Medium

ID: 240805

File Name: suse_SU-2025-01951-1.nasl

Version: 1.1

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 6/27/2025

Updated: 6/27/2025

Supported Sensors: Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-37803

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS v4

Risk Factor: Medium

Base Score: 5.7

Threat Score: 1.9

Threat Vector: CVSS:4.0/E:U

Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

CVSS Score Source: CVE-2024-28956

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:kernel-64kb-devel, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default-extra, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-64kb, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 6/13/2025

Vulnerability Publication Date: 12/12/2023

Reference Information

CVE: CVE-2023-52927, CVE-2023-53034, CVE-2024-27018, CVE-2024-27415, CVE-2024-28956, CVE-2024-35840, CVE-2024-35910, CVE-2024-38606, CVE-2024-41005, CVE-2024-43820, CVE-2024-46713, CVE-2024-46763, CVE-2024-46782, CVE-2024-46865, CVE-2024-47408, CVE-2024-47794, CVE-2024-49570, CVE-2024-49571, CVE-2024-49924, CVE-2024-49994, CVE-2024-50038, CVE-2024-50056, CVE-2024-50083, CVE-2024-50106, CVE-2024-50126, CVE-2024-50140, CVE-2024-50223, CVE-2024-50290, CVE-2024-53057, CVE-2024-53063, CVE-2024-53124, CVE-2024-53139, CVE-2024-53140, CVE-2024-53163, CVE-2024-53680, CVE-2024-54458, CVE-2024-54683, CVE-2024-56638, CVE-2024-56640, CVE-2024-56641, CVE-2024-56702, CVE-2024-56703, CVE-2024-56718, CVE-2024-56719, CVE-2024-56751, CVE-2024-56758, CVE-2024-56770, CVE-2024-57900, CVE-2024-57924, CVE-2024-57947, CVE-2024-57974, CVE-2024-57998, CVE-2024-58001, CVE-2024-58018, CVE-2024-58019, CVE-2024-58020, CVE-2024-58068, CVE-2024-58070, CVE-2024-58071, CVE-2024-58074, CVE-2024-58083, CVE-2024-58088, CVE-2024-58091, CVE-2024-58093, CVE-2024-58094, CVE-2024-58095, CVE-2024-58096, CVE-2024-58097, CVE-2025-21635, CVE-2025-21648, CVE-2025-21659, CVE-2025-21683, CVE-2025-21696, CVE-2025-21701, CVE-2025-21702, CVE-2025-21703, CVE-2025-21706, CVE-2025-21707, CVE-2025-21717, CVE-2025-21729, CVE-2025-21739, CVE-2025-21753, CVE-2025-21755, CVE-2025-21758, CVE-2025-21759, CVE-2025-21760, CVE-2025-21761, CVE-2025-21762, CVE-2025-21763, CVE-2025-21764, CVE-2025-21765, CVE-2025-21766, CVE-2025-21768, CVE-2025-21772, CVE-2025-21782, CVE-2025-21787, CVE-2025-21792, CVE-2025-21796, CVE-2025-21800, CVE-2025-21806, CVE-2025-21808, CVE-2025-21812, CVE-2025-21814, CVE-2025-21821, CVE-2025-21832, CVE-2025-21833, CVE-2025-21836, CVE-2025-21837, CVE-2025-21844, CVE-2025-21846, CVE-2025-21847, CVE-2025-21848, CVE-2025-21850, CVE-2025-21852, CVE-2025-21853, CVE-2025-21854, CVE-2025-21855, CVE-2025-21856, CVE-2025-21857, CVE-2025-21858, CVE-2025-21859, CVE-2025-21861, CVE-2025-21862, CVE-2025-21863, CVE-2025-21864, CVE-2025-21865, CVE-2025-21866, CVE-2025-21867, CVE-2025-21869, CVE-2025-21870, CVE-2025-21871, CVE-2025-21873, CVE-2025-21875, CVE-2025-21876, CVE-2025-21877, CVE-2025-21878, CVE-2025-21881, CVE-2025-21882, CVE-2025-21883, CVE-2025-21884, CVE-2025-21885, CVE-2025-21886, CVE-2025-21887, CVE-2025-21888, CVE-2025-21889, CVE-2025-21890, CVE-2025-21891, CVE-2025-21892, CVE-2025-21893, CVE-2025-21894, CVE-2025-21895, CVE-2025-21904, CVE-2025-21905, CVE-2025-21906, CVE-2025-21908, CVE-2025-21909, CVE-2025-21910, CVE-2025-21912, CVE-2025-21913, CVE-2025-21914, CVE-2025-21915, CVE-2025-21916, CVE-2025-21917, CVE-2025-21918, CVE-2025-21919, CVE-2025-21922, CVE-2025-21923, CVE-2025-21924, CVE-2025-21925, CVE-2025-21926, CVE-2025-21927, CVE-2025-21928, CVE-2025-21929, CVE-2025-21930, CVE-2025-21931, CVE-2025-21934, CVE-2025-21935, CVE-2025-21936, CVE-2025-21937, CVE-2025-21941, CVE-2025-21943, CVE-2025-21948, CVE-2025-21950, CVE-2025-21951, CVE-2025-21953, CVE-2025-21956, CVE-2025-21957, CVE-2025-21960, CVE-2025-21961, CVE-2025-21962, CVE-2025-21963, CVE-2025-21964, CVE-2025-21966, CVE-2025-21968, CVE-2025-21969, CVE-2025-21970, CVE-2025-21971, CVE-2025-21972, CVE-2025-21973, CVE-2025-21974, CVE-2025-21975, CVE-2025-21978, CVE-2025-21979, CVE-2025-21980, CVE-2025-21981, CVE-2025-21985, CVE-2025-21989, CVE-2025-21990, CVE-2025-21991, CVE-2025-21992, CVE-2025-21993, CVE-2025-21995, CVE-2025-21996, CVE-2025-21999, CVE-2025-22001, CVE-2025-22003, CVE-2025-22007, CVE-2025-22008, CVE-2025-22009, CVE-2025-22010, CVE-2025-22013, CVE-2025-22014, CVE-2025-22015, CVE-2025-22016, CVE-2025-22017, CVE-2025-22018, CVE-2025-22020, CVE-2025-22021, CVE-2025-22025, CVE-2025-22027, CVE-2025-22030, CVE-2025-22033, CVE-2025-22036, CVE-2025-22044, CVE-2025-22045, CVE-2025-22050, CVE-2025-22053, CVE-2025-22056, CVE-2025-22057, CVE-2025-22058, CVE-2025-22060, CVE-2025-22062, CVE-2025-22063, CVE-2025-22064, CVE-2025-22065, CVE-2025-22070, CVE-2025-22075, CVE-2025-22080, CVE-2025-22085, CVE-2025-22086, CVE-2025-22088, CVE-2025-22090, CVE-2025-22091, CVE-2025-22093, CVE-2025-22094, CVE-2025-22097, CVE-2025-22102, CVE-2025-22103, CVE-2025-22104, CVE-2025-22105, CVE-2025-22106, CVE-2025-22107, CVE-2025-22108, CVE-2025-22109, CVE-2025-22112, CVE-2025-22116, CVE-2025-22121, CVE-2025-22125, CVE-2025-22126, CVE-2025-22128, CVE-2025-2312, CVE-2025-23129, CVE-2025-23131, CVE-2025-23133, CVE-2025-23134, CVE-2025-23136, CVE-2025-23138, CVE-2025-23140, CVE-2025-23145, CVE-2025-23150, CVE-2025-23154, CVE-2025-23160, CVE-2025-37747, CVE-2025-37748, CVE-2025-37749, CVE-2025-37750, CVE-2025-37755, CVE-2025-37773, CVE-2025-37780, CVE-2025-37785, CVE-2025-37787, CVE-2025-37789, CVE-2025-37790, CVE-2025-37797, CVE-2025-37798, CVE-2025-37799, CVE-2025-37803, CVE-2025-37804, CVE-2025-37809, CVE-2025-37820, CVE-2025-37823, CVE-2025-37824, CVE-2025-37829, CVE-2025-37830, CVE-2025-37831, CVE-2025-37833, CVE-2025-37842, CVE-2025-37860, CVE-2025-37870, CVE-2025-37879, CVE-2025-37886, CVE-2025-37887, CVE-2025-37949, CVE-2025-37957, CVE-2025-37958, CVE-2025-37960, CVE-2025-37974, CVE-2025-38152, CVE-2025-38637, CVE-2025-39728, CVE-2025-40325

SuSE: SUSE-SU-2025:01951-1

Detections

Analytics