Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-38608 (GCVE-0-2025-38608)
Vulnerability from cvelistv5 – Published: 2025-08-19 17:03 – Updated: 2026-05-11 21:31
VLAI
EPSS
Title
bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
Summary
In the Linux kernel, the following vulnerability has been resolved:
bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
When sending plaintext data, we initially calculated the corresponding
ciphertext length. However, if we later reduced the plaintext data length
via socket policy, we failed to recalculate the ciphertext length.
This results in transmitting buffers containing uninitialized data during
ciphertext transmission.
This causes uninitialized bytes to be appended after a complete
"Application Data" packet, leading to errors on the receiving end when
parsing TLS record.
Severity
5.5 (Medium)
Assigner
References
11 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
7246d8ed4dcce23f7509949a77be15fa9f0e3d28 , < 6ba20ff3cdb96a908b9dc93cf247d0b087672e7c
(git)
Affected: 7246d8ed4dcce23f7509949a77be15fa9f0e3d28 , < 849d24dc5aed45ebeb3490df429356739256ac40 (git) Affected: 7246d8ed4dcce23f7509949a77be15fa9f0e3d28 , < 73fc5d04009d3969ff8e8574f0fd769f04124e59 (git) Affected: 7246d8ed4dcce23f7509949a77be15fa9f0e3d28 , < 16aca8bb4ad0d8a13c8b6da4007f4e52d53035bb (git) Affected: 7246d8ed4dcce23f7509949a77be15fa9f0e3d28 , < 0e853c1464bcf61207f8b5c32d2ac5ee495e859d (git) Affected: 7246d8ed4dcce23f7509949a77be15fa9f0e3d28 , < ee03766d79de0f61ea29ffb6ab1c7b196ea1b02e (git) Affected: 7246d8ed4dcce23f7509949a77be15fa9f0e3d28 , < 90d6ef67440cec2a0aad71a0108c8f216437345c (git) Affected: 7246d8ed4dcce23f7509949a77be15fa9f0e3d28 , < 1e480387d4b42776f8957fb148af9d75ce93b96d (git) Affected: 7246d8ed4dcce23f7509949a77be15fa9f0e3d28 , < 178f6a5c8cb3b6be1602de0964cd440243f493c9 (git) |
|
| Linux | Linux |
Affected:
5.0
Unaffected: 0 , < 5.0 (semver) Unaffected: 5.4.297 , ≤ 5.4.* (semver) Unaffected: 5.10.241 , ≤ 5.10.* (semver) Unaffected: 5.15.190 , ≤ 5.15.* (semver) Unaffected: 6.1.148 , ≤ 6.1.* (semver) Unaffected: 6.6.102 , ≤ 6.6.* (semver) Unaffected: 6.12.42 , ≤ 6.12.* (semver) Unaffected: 6.15.10 , ≤ 6.15.* (semver) Unaffected: 6.16.1 , ≤ 6.16.* (semver) Unaffected: 6.17 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T17:40:21.692Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/tls/tls_sw.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6ba20ff3cdb96a908b9dc93cf247d0b087672e7c",
"status": "affected",
"version": "7246d8ed4dcce23f7509949a77be15fa9f0e3d28",
"versionType": "git"
},
{
"lessThan": "849d24dc5aed45ebeb3490df429356739256ac40",
"status": "affected",
"version": "7246d8ed4dcce23f7509949a77be15fa9f0e3d28",
"versionType": "git"
},
{
"lessThan": "73fc5d04009d3969ff8e8574f0fd769f04124e59",
"status": "affected",
"version": "7246d8ed4dcce23f7509949a77be15fa9f0e3d28",
"versionType": "git"
},
{
"lessThan": "16aca8bb4ad0d8a13c8b6da4007f4e52d53035bb",
"status": "affected",
"version": "7246d8ed4dcce23f7509949a77be15fa9f0e3d28",
"versionType": "git"
},
{
"lessThan": "0e853c1464bcf61207f8b5c32d2ac5ee495e859d",
"status": "affected",
"version": "7246d8ed4dcce23f7509949a77be15fa9f0e3d28",
"versionType": "git"
},
{
"lessThan": "ee03766d79de0f61ea29ffb6ab1c7b196ea1b02e",
"status": "affected",
"version": "7246d8ed4dcce23f7509949a77be15fa9f0e3d28",
"versionType": "git"
},
{
"lessThan": "90d6ef67440cec2a0aad71a0108c8f216437345c",
"status": "affected",
"version": "7246d8ed4dcce23f7509949a77be15fa9f0e3d28",
"versionType": "git"
},
{
"lessThan": "1e480387d4b42776f8957fb148af9d75ce93b96d",
"status": "affected",
"version": "7246d8ed4dcce23f7509949a77be15fa9f0e3d28",
"versionType": "git"
},
{
"lessThan": "178f6a5c8cb3b6be1602de0964cd440243f493c9",
"status": "affected",
"version": "7246d8ed4dcce23f7509949a77be15fa9f0e3d28",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/tls/tls_sw.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"lessThan": "5.0",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.297",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.241",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.190",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.148",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.102",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.42",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.15.*",
"status": "unaffected",
"version": "6.15.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.16.*",
"status": "unaffected",
"version": "6.16.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.297",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.241",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.190",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.148",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.102",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.42",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15.10",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.16.1",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.17",
"versionStartIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:31:31.289Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/6ba20ff3cdb96a908b9dc93cf247d0b087672e7c"
},
{
"url": "https://git.kernel.org/stable/c/849d24dc5aed45ebeb3490df429356739256ac40"
},
{
"url": "https://git.kernel.org/stable/c/73fc5d04009d3969ff8e8574f0fd769f04124e59"
},
{
"url": "https://git.kernel.org/stable/c/16aca8bb4ad0d8a13c8b6da4007f4e52d53035bb"
},
{
"url": "https://git.kernel.org/stable/c/0e853c1464bcf61207f8b5c32d2ac5ee495e859d"
},
{
"url": "https://git.kernel.org/stable/c/ee03766d79de0f61ea29ffb6ab1c7b196ea1b02e"
},
{
"url": "https://git.kernel.org/stable/c/90d6ef67440cec2a0aad71a0108c8f216437345c"
},
{
"url": "https://git.kernel.org/stable/c/1e480387d4b42776f8957fb148af9d75ce93b96d"
},
{
"url": "https://git.kernel.org/stable/c/178f6a5c8cb3b6be1602de0964cd440243f493c9"
}
],
"title": "bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-38608",
"datePublished": "2025-08-19T17:03:51.688Z",
"dateReserved": "2025-04-16T04:51:24.028Z",
"dateUpdated": "2026-05-11T21:31:31.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-38608",
"date": "2026-06-07",
"epss": "0.00024",
"percentile": "0.06968"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-38608\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-08-19T17:15:39.203\",\"lastModified\":\"2026-01-07T18:33:43.750\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\\n\\nWhen sending plaintext data, we initially calculated the corresponding\\nciphertext length. However, if we later reduced the plaintext data length\\nvia socket policy, we failed to recalculate the ciphertext length.\\n\\nThis results in transmitting buffers containing uninitialized data during\\nciphertext transmission.\\n\\nThis causes uninitialized bytes to be appended after a complete\\n\\\"Application Data\\\" packet, leading to errors on the receiving end when\\nparsing TLS record.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf, ktls: Se corrige la corrupci\u00f3n de datos al usar bpf_msg_pop_data() en ktls. Al enviar datos de texto plano, inicialmente se calculaba la longitud del texto cifrado correspondiente. Sin embargo, si posteriormente se reduc\u00eda la longitud de los datos de texto plano mediante la pol\u00edtica de socket, no se pod\u00eda recalcular la longitud del texto cifrado. Esto provoca que se transmitan b\u00faferes con datos sin inicializar durante la transmisi\u00f3n del texto cifrado. Esto provoca que se a\u00f1adan bytes sin inicializar despu\u00e9s de un paquete completo de \\\"Datos de Aplicaci\u00f3n\\\", lo que genera errores en el receptor al analizar el registro TLS.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-908\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0\",\"versionEndExcluding\":\"5.4.297\",\"matchCriteriaId\":\"01C836D1-3BFD-4D22-B8B0-B0033DFAC0F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.241\",\"matchCriteriaId\":\"D0D21C35-EB8A-488A-BBF9-403E4817E5DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.190\",\"matchCriteriaId\":\"AD9E597F-3DDE-4D7E-976C-463D0611F13F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.148\",\"matchCriteriaId\":\"3E5B1B93-C244-4B54-B3AB-12C2635A443B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.102\",\"matchCriteriaId\":\"DD6EDB96-08AC-49D8-A1A9-4D2140C49BC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.42\",\"matchCriteriaId\":\"EA7AA5E6-4376-4A85-A021-6ACC5FF801C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.15.10\",\"matchCriteriaId\":\"5890C690-B295-40C2-9121-FF5F987E5142\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.16\",\"versionEndExcluding\":\"6.16.1\",\"matchCriteriaId\":\"58182352-D7DF-4CC9-841E-03C1D852C3FB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/0e853c1464bcf61207f8b5c32d2ac5ee495e859d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/16aca8bb4ad0d8a13c8b6da4007f4e52d53035bb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/178f6a5c8cb3b6be1602de0964cd440243f493c9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/1e480387d4b42776f8957fb148af9d75ce93b96d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6ba20ff3cdb96a908b9dc93cf247d0b087672e7c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/73fc5d04009d3969ff8e8574f0fd769f04124e59\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/849d24dc5aed45ebeb3490df429356739256ac40\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/90d6ef67440cec2a0aad71a0108c8f216437345c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ee03766d79de0f61ea29ffb6ab1c7b196ea1b02e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
SUSE-SU-2026:20392-1
Vulnerability from csaf_suse - Published: 2026-01-19 15:28 - Updated: 2026-01-19 15:28Summary
Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
Patchnames: SUSE-SLE-Micro-6.1-kernel-233
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.1 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
39 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).\n- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).\n- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).\n- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).\n- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).\n- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-233",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20392-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20392-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620392-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20392-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024300.html"
},
{
"category": "self",
"summary": "SUSE Bug 1248400",
"url": "https://bugzilla.suse.com/1248400"
},
{
"category": "self",
"summary": "SUSE Bug 1248670",
"url": "https://bugzilla.suse.com/1248670"
},
{
"category": "self",
"summary": "SUSE Bug 1249241",
"url": "https://bugzilla.suse.com/1249241"
},
{
"category": "self",
"summary": "SUSE Bug 1250192",
"url": "https://bugzilla.suse.com/1250192"
},
{
"category": "self",
"summary": "SUSE Bug 1251203",
"url": "https://bugzilla.suse.com/1251203"
},
{
"category": "self",
"summary": "SUSE Bug 1251787",
"url": "https://bugzilla.suse.com/1251787"
},
{
"category": "self",
"summary": "SUSE Bug 1253437",
"url": "https://bugzilla.suse.com/1253437"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38476 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39682 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40204 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40204/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0)",
"tracking": {
"current_release_date": "2026-01-19T15:28:20Z",
"generator": {
"date": "2026-01-19T15:28:20Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20392-1",
"initial_release_date": "2026-01-19T15:28:20Z",
"revision_history": [
{
"date": "2026-01-19T15:28:20Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53676"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()\n\nThe function lio_target_nacl_info_show() uses sprintf() in a loop to print\ndetails for every iSCSI connection in a session without checking for the\nbuffer length. With enough iSCSI connections it\u0027s possible to overflow the\nbuffer provided by configfs and corrupt the memory.\n\nThis patch replaces sprintf() with sysfs_emit_at() that checks for buffer\nboundries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53676",
"url": "https://www.suse.com/security/cve/CVE-2023-53676"
},
{
"category": "external",
"summary": "SUSE Bug 1251786 for CVE-2023-53676",
"url": "https://bugzilla.suse.com/1251786"
},
{
"category": "external",
"summary": "SUSE Bug 1251787 for CVE-2023-53676",
"url": "https://bugzilla.suse.com/1251787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2023-53676"
},
{
"cve": "CVE-2025-38476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38476"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpl: Fix use-after-free in rpl_do_srh_inline().\n\nRunning lwt_dst_cache_ref_loop.sh in selftest with KASAN triggers\nthe splat below [0].\n\nrpl_do_srh_inline() fetches ipv6_hdr(skb) and accesses it after\nskb_cow_head(), which is illegal as the header could be freed then.\n\nLet\u0027s fix it by making oldhdr to a local struct instead of a pointer.\n\n[0]:\n[root@fedora net]# ./lwt_dst_cache_ref_loop.sh\n...\nTEST: rpl (input)\n[ 57.631529] ==================================================================\nBUG: KASAN: slab-use-after-free in rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174)\nRead of size 40 at addr ffff888122bf96d8 by task ping6/1543\n\nCPU: 50 UID: 0 PID: 1543 Comm: ping6 Not tainted 6.16.0-rc5-01302-gfadd1e6231b1 #23 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl (lib/dump_stack.c:122)\n print_report (mm/kasan/report.c:409 mm/kasan/report.c:521)\n kasan_report (mm/kasan/report.c:221 mm/kasan/report.c:636)\n kasan_check_range (mm/kasan/generic.c:175 (discriminator 1) mm/kasan/generic.c:189 (discriminator 1))\n __asan_memmove (mm/kasan/shadow.c:94 (discriminator 2))\n rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174)\n rpl_input (net/ipv6/rpl_iptunnel.c:201 net/ipv6/rpl_iptunnel.c:282)\n lwtunnel_input (net/core/lwtunnel.c:459)\n ipv6_rcv (./include/net/dst.h:471 (discriminator 1) ./include/net/dst.h:469 (discriminator 1) net/ipv6/ip6_input.c:79 (discriminator 1) ./include/linux/netfilter.h:317 (discriminator 1) ./include/linux/netfilter.h:311 (discriminator 1) net/ipv6/ip6_input.c:311 (discriminator 1))\n __netif_receive_skb_one_core (net/core/dev.c:5967)\n process_backlog (./include/linux/rcupdate.h:869 net/core/dev.c:6440)\n __napi_poll.constprop.0 (net/core/dev.c:7452)\n net_rx_action (net/core/dev.c:7518 net/core/dev.c:7643)\n handle_softirqs (kernel/softirq.c:579)\n do_softirq (kernel/softirq.c:480 (discriminator 20))\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip (kernel/softirq.c:407)\n __dev_queue_xmit (net/core/dev.c:4740)\n ip6_finish_output2 (./include/linux/netdevice.h:3358 ./include/net/neighbour.h:526 ./include/net/neighbour.h:540 net/ipv6/ip6_output.c:141)\n ip6_finish_output (net/ipv6/ip6_output.c:215 net/ipv6/ip6_output.c:226)\n ip6_output (./include/linux/netfilter.h:306 net/ipv6/ip6_output.c:248)\n ip6_send_skb (net/ipv6/ip6_output.c:1983)\n rawv6_sendmsg (net/ipv6/raw.c:588 net/ipv6/raw.c:918)\n __sys_sendto (net/socket.c:714 (discriminator 1) net/socket.c:729 (discriminator 1) net/socket.c:2228 (discriminator 1))\n __x64_sys_sendto (net/socket.c:2231)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\nRIP: 0033:0x7f68cffb2a06\nCode: 5d e8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 75 19 83 e2 39 83 fa 08 75 11 e8 26 ff ff ff 66 0f 1f 44 00 00 48 8b 45 10 0f 05 \u003c48\u003e 8b 5d f8 c9 c3 0f 1f 40 00 f3 0f 1e fa 55 48 89 e5 48 83 ec 08\nRSP: 002b:00007ffefb7c53d0 EFLAGS: 00000202 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 0000564cd69f10a0 RCX: 00007f68cffb2a06\nRDX: 0000000000000040 RSI: 0000564cd69f10a4 RDI: 0000000000000003\nRBP: 00007ffefb7c53f0 R08: 0000564cd6a032ac R09: 000000000000001c\nR10: 0000000000000000 R11: 0000000000000202 R12: 0000564cd69f10a4\nR13: 0000000000000040 R14: 00007ffefb7c66e0 R15: 0000564cd69f10a0\n \u003c/TASK\u003e\n\nAllocated by task 1543:\n kasan_save_stack (mm/kasan/common.c:48)\n kasan_save_track (mm/kasan/common.c:60 (discriminator 1) mm/kasan/common.c:69 (discriminator 1))\n __kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345)\n kmem_cache_alloc_node_noprof (./include/linux/kasan.h:250 mm/slub.c:4148 mm/slub.c:4197 mm/slub.c:4249)\n kmalloc_reserve (net/core/skbuff.c:581 (discriminator 88))\n __alloc_skb (net/core/skbuff.c:669)\n __ip6_append_data (net/ipv6/ip6_output.c:1672 (discriminator 1))\n ip6_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38476",
"url": "https://www.suse.com/security/cve/CVE-2025-38476"
},
{
"category": "external",
"summary": "SUSE Bug 1247317 for CVE-2025-38476",
"url": "https://bugzilla.suse.com/1247317"
},
{
"category": "external",
"summary": "SUSE Bug 1251203 for CVE-2025-38476",
"url": "https://bugzilla.suse.com/1251203"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38476"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent infinite loop in rt6_nlmsg_size()\n\nWhile testing prior patch, I was able to trigger\nan infinite loop in rt6_nlmsg_size() in the following place:\n\nlist_for_each_entry_rcu(sibling, \u0026f6i-\u003efib6_siblings,\n\t\t\tfib6_siblings) {\n\trt6_nh_nlmsg_size(sibling-\u003efib6_nh, \u0026nexthop_len);\n}\n\nThis is because fib6_del_route() and fib6_add_rt2node()\nuses list_del_rcu(), which can confuse rcu readers,\nbecause they might no longer see the head of the list.\n\nRestart the loop if f6i-\u003efib6_nsiblings is zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38588",
"url": "https://www.suse.com/security/cve/CVE-2025-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1248368 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "external",
"summary": "SUSE Bug 1249241 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1249241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-39682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39682"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix handling of zero-length records on the rx_list\n\nEach recvmsg() call must process either\n - only contiguous DATA records (any number of them)\n - one non-DATA record\n\nIf the next record has different type than what has already been\nprocessed we break out of the main processing loop. If the record\nhas already been decrypted (which may be the case for TLS 1.3 where\nwe don\u0027t know type until decryption) we queue the pending record\nto the rx_list. Next recvmsg() will pick it up from there.\n\nQueuing the skb to rx_list after zero-copy decrypt is not possible,\nsince in that case we decrypted directly to the user space buffer,\nand we don\u0027t have an skb to queue (darg.skb points to the ciphertext\nskb for access to metadata like length).\n\nOnly data records are allowed zero-copy, and we break the processing\nloop after each non-data record. So we should never zero-copy and\nthen find out that the record type has changed. The corner case\nwe missed is when the initial record comes from rx_list, and it\u0027s\nzero length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39682",
"url": "https://www.suse.com/security/cve/CVE-2025-39682"
},
{
"category": "external",
"summary": "SUSE Bug 1249284 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1249284"
},
{
"category": "external",
"summary": "SUSE Bug 1250192 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1250192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-39682"
},
{
"cve": "CVE-2025-40204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: Fix MAC comparison to be constant-time\n\nTo prevent timing attacks, MACs need to be compared in constant time.\nUse the appropriate helper function for this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40204",
"url": "https://www.suse.com/security/cve/CVE-2025-40204"
},
{
"category": "external",
"summary": "SUSE Bug 1253436 for CVE-2025-40204",
"url": "https://bugzilla.suse.com/1253436"
},
{
"category": "external",
"summary": "SUSE Bug 1253437 for CVE-2025-40204",
"url": "https://bugzilla.suse.com/1253437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-25-rt-13-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-40204"
}
]
}
SUSE-SU-2026:20393-1
Vulnerability from csaf_suse - Published: 2026-01-19 15:28 - Updated: 2026-01-19 15:28Summary
Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
Patchnames: SUSE-SLE-Micro-6.1-kernel-234
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.1 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
39 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).\n- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).\n- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).\n- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).\n- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).\n- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-234",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20393-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20393-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620393-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20393-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024299.html"
},
{
"category": "self",
"summary": "SUSE Bug 1248400",
"url": "https://bugzilla.suse.com/1248400"
},
{
"category": "self",
"summary": "SUSE Bug 1248670",
"url": "https://bugzilla.suse.com/1248670"
},
{
"category": "self",
"summary": "SUSE Bug 1249241",
"url": "https://bugzilla.suse.com/1249241"
},
{
"category": "self",
"summary": "SUSE Bug 1250192",
"url": "https://bugzilla.suse.com/1250192"
},
{
"category": "self",
"summary": "SUSE Bug 1251203",
"url": "https://bugzilla.suse.com/1251203"
},
{
"category": "self",
"summary": "SUSE Bug 1251787",
"url": "https://bugzilla.suse.com/1251787"
},
{
"category": "self",
"summary": "SUSE Bug 1253437",
"url": "https://bugzilla.suse.com/1253437"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38476 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39682 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40204 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40204/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0)",
"tracking": {
"current_release_date": "2026-01-19T15:28:20Z",
"generator": {
"date": "2026-01-19T15:28:20Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20393-1",
"initial_release_date": "2026-01-19T15:28:20Z",
"revision_history": [
{
"date": "2026-01-19T15:28:20Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53676"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()\n\nThe function lio_target_nacl_info_show() uses sprintf() in a loop to print\ndetails for every iSCSI connection in a session without checking for the\nbuffer length. With enough iSCSI connections it\u0027s possible to overflow the\nbuffer provided by configfs and corrupt the memory.\n\nThis patch replaces sprintf() with sysfs_emit_at() that checks for buffer\nboundries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53676",
"url": "https://www.suse.com/security/cve/CVE-2023-53676"
},
{
"category": "external",
"summary": "SUSE Bug 1251786 for CVE-2023-53676",
"url": "https://bugzilla.suse.com/1251786"
},
{
"category": "external",
"summary": "SUSE Bug 1251787 for CVE-2023-53676",
"url": "https://bugzilla.suse.com/1251787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2023-53676"
},
{
"cve": "CVE-2025-38476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38476"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpl: Fix use-after-free in rpl_do_srh_inline().\n\nRunning lwt_dst_cache_ref_loop.sh in selftest with KASAN triggers\nthe splat below [0].\n\nrpl_do_srh_inline() fetches ipv6_hdr(skb) and accesses it after\nskb_cow_head(), which is illegal as the header could be freed then.\n\nLet\u0027s fix it by making oldhdr to a local struct instead of a pointer.\n\n[0]:\n[root@fedora net]# ./lwt_dst_cache_ref_loop.sh\n...\nTEST: rpl (input)\n[ 57.631529] ==================================================================\nBUG: KASAN: slab-use-after-free in rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174)\nRead of size 40 at addr ffff888122bf96d8 by task ping6/1543\n\nCPU: 50 UID: 0 PID: 1543 Comm: ping6 Not tainted 6.16.0-rc5-01302-gfadd1e6231b1 #23 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl (lib/dump_stack.c:122)\n print_report (mm/kasan/report.c:409 mm/kasan/report.c:521)\n kasan_report (mm/kasan/report.c:221 mm/kasan/report.c:636)\n kasan_check_range (mm/kasan/generic.c:175 (discriminator 1) mm/kasan/generic.c:189 (discriminator 1))\n __asan_memmove (mm/kasan/shadow.c:94 (discriminator 2))\n rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174)\n rpl_input (net/ipv6/rpl_iptunnel.c:201 net/ipv6/rpl_iptunnel.c:282)\n lwtunnel_input (net/core/lwtunnel.c:459)\n ipv6_rcv (./include/net/dst.h:471 (discriminator 1) ./include/net/dst.h:469 (discriminator 1) net/ipv6/ip6_input.c:79 (discriminator 1) ./include/linux/netfilter.h:317 (discriminator 1) ./include/linux/netfilter.h:311 (discriminator 1) net/ipv6/ip6_input.c:311 (discriminator 1))\n __netif_receive_skb_one_core (net/core/dev.c:5967)\n process_backlog (./include/linux/rcupdate.h:869 net/core/dev.c:6440)\n __napi_poll.constprop.0 (net/core/dev.c:7452)\n net_rx_action (net/core/dev.c:7518 net/core/dev.c:7643)\n handle_softirqs (kernel/softirq.c:579)\n do_softirq (kernel/softirq.c:480 (discriminator 20))\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip (kernel/softirq.c:407)\n __dev_queue_xmit (net/core/dev.c:4740)\n ip6_finish_output2 (./include/linux/netdevice.h:3358 ./include/net/neighbour.h:526 ./include/net/neighbour.h:540 net/ipv6/ip6_output.c:141)\n ip6_finish_output (net/ipv6/ip6_output.c:215 net/ipv6/ip6_output.c:226)\n ip6_output (./include/linux/netfilter.h:306 net/ipv6/ip6_output.c:248)\n ip6_send_skb (net/ipv6/ip6_output.c:1983)\n rawv6_sendmsg (net/ipv6/raw.c:588 net/ipv6/raw.c:918)\n __sys_sendto (net/socket.c:714 (discriminator 1) net/socket.c:729 (discriminator 1) net/socket.c:2228 (discriminator 1))\n __x64_sys_sendto (net/socket.c:2231)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\nRIP: 0033:0x7f68cffb2a06\nCode: 5d e8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 75 19 83 e2 39 83 fa 08 75 11 e8 26 ff ff ff 66 0f 1f 44 00 00 48 8b 45 10 0f 05 \u003c48\u003e 8b 5d f8 c9 c3 0f 1f 40 00 f3 0f 1e fa 55 48 89 e5 48 83 ec 08\nRSP: 002b:00007ffefb7c53d0 EFLAGS: 00000202 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 0000564cd69f10a0 RCX: 00007f68cffb2a06\nRDX: 0000000000000040 RSI: 0000564cd69f10a4 RDI: 0000000000000003\nRBP: 00007ffefb7c53f0 R08: 0000564cd6a032ac R09: 000000000000001c\nR10: 0000000000000000 R11: 0000000000000202 R12: 0000564cd69f10a4\nR13: 0000000000000040 R14: 00007ffefb7c66e0 R15: 0000564cd69f10a0\n \u003c/TASK\u003e\n\nAllocated by task 1543:\n kasan_save_stack (mm/kasan/common.c:48)\n kasan_save_track (mm/kasan/common.c:60 (discriminator 1) mm/kasan/common.c:69 (discriminator 1))\n __kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345)\n kmem_cache_alloc_node_noprof (./include/linux/kasan.h:250 mm/slub.c:4148 mm/slub.c:4197 mm/slub.c:4249)\n kmalloc_reserve (net/core/skbuff.c:581 (discriminator 88))\n __alloc_skb (net/core/skbuff.c:669)\n __ip6_append_data (net/ipv6/ip6_output.c:1672 (discriminator 1))\n ip6_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38476",
"url": "https://www.suse.com/security/cve/CVE-2025-38476"
},
{
"category": "external",
"summary": "SUSE Bug 1247317 for CVE-2025-38476",
"url": "https://bugzilla.suse.com/1247317"
},
{
"category": "external",
"summary": "SUSE Bug 1251203 for CVE-2025-38476",
"url": "https://bugzilla.suse.com/1251203"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38476"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent infinite loop in rt6_nlmsg_size()\n\nWhile testing prior patch, I was able to trigger\nan infinite loop in rt6_nlmsg_size() in the following place:\n\nlist_for_each_entry_rcu(sibling, \u0026f6i-\u003efib6_siblings,\n\t\t\tfib6_siblings) {\n\trt6_nh_nlmsg_size(sibling-\u003efib6_nh, \u0026nexthop_len);\n}\n\nThis is because fib6_del_route() and fib6_add_rt2node()\nuses list_del_rcu(), which can confuse rcu readers,\nbecause they might no longer see the head of the list.\n\nRestart the loop if f6i-\u003efib6_nsiblings is zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38588",
"url": "https://www.suse.com/security/cve/CVE-2025-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1248368 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "external",
"summary": "SUSE Bug 1249241 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1249241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-39682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39682"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix handling of zero-length records on the rx_list\n\nEach recvmsg() call must process either\n - only contiguous DATA records (any number of them)\n - one non-DATA record\n\nIf the next record has different type than what has already been\nprocessed we break out of the main processing loop. If the record\nhas already been decrypted (which may be the case for TLS 1.3 where\nwe don\u0027t know type until decryption) we queue the pending record\nto the rx_list. Next recvmsg() will pick it up from there.\n\nQueuing the skb to rx_list after zero-copy decrypt is not possible,\nsince in that case we decrypted directly to the user space buffer,\nand we don\u0027t have an skb to queue (darg.skb points to the ciphertext\nskb for access to metadata like length).\n\nOnly data records are allowed zero-copy, and we break the processing\nloop after each non-data record. So we should never zero-copy and\nthen find out that the record type has changed. The corner case\nwe missed is when the initial record comes from rx_list, and it\u0027s\nzero length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39682",
"url": "https://www.suse.com/security/cve/CVE-2025-39682"
},
{
"category": "external",
"summary": "SUSE Bug 1249284 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1249284"
},
{
"category": "external",
"summary": "SUSE Bug 1250192 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1250192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-39682"
},
{
"cve": "CVE-2025-40204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: Fix MAC comparison to be constant-time\n\nTo prevent timing attacks, MACs need to be compared in constant time.\nUse the appropriate helper function for this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40204",
"url": "https://www.suse.com/security/cve/CVE-2025-40204"
},
{
"category": "external",
"summary": "SUSE Bug 1253436 for CVE-2025-40204",
"url": "https://bugzilla.suse.com/1253436"
},
{
"category": "external",
"summary": "SUSE Bug 1253437 for CVE-2025-40204",
"url": "https://bugzilla.suse.com/1253437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-11-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-40204"
}
]
}
SUSE-SU-2026:20394-1
Vulnerability from csaf_suse - Published: 2026-01-19 15:28 - Updated: 2026-01-19 15:28Summary
Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 6.4.0-30.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
Patchnames: SUSE-SLE-Micro-6.1-kernel-235
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.1 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
39 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 6.4.0-30.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).\n- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).\n- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).\n- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).\n- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).\n- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-235",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20394-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20394-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620394-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20394-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024298.html"
},
{
"category": "self",
"summary": "SUSE Bug 1248400",
"url": "https://bugzilla.suse.com/1248400"
},
{
"category": "self",
"summary": "SUSE Bug 1248670",
"url": "https://bugzilla.suse.com/1248670"
},
{
"category": "self",
"summary": "SUSE Bug 1249241",
"url": "https://bugzilla.suse.com/1249241"
},
{
"category": "self",
"summary": "SUSE Bug 1250192",
"url": "https://bugzilla.suse.com/1250192"
},
{
"category": "self",
"summary": "SUSE Bug 1251203",
"url": "https://bugzilla.suse.com/1251203"
},
{
"category": "self",
"summary": "SUSE Bug 1251787",
"url": "https://bugzilla.suse.com/1251787"
},
{
"category": "self",
"summary": "SUSE Bug 1253437",
"url": "https://bugzilla.suse.com/1253437"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38476 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39682 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40204 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40204/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0)",
"tracking": {
"current_release_date": "2026-01-19T15:28:20Z",
"generator": {
"date": "2026-01-19T15:28:20Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20394-1",
"initial_release_date": "2026-01-19T15:28:20Z",
"revision_history": [
{
"date": "2026-01-19T15:28:20Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64",
"product_id": "kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53676"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()\n\nThe function lio_target_nacl_info_show() uses sprintf() in a loop to print\ndetails for every iSCSI connection in a session without checking for the\nbuffer length. With enough iSCSI connections it\u0027s possible to overflow the\nbuffer provided by configfs and corrupt the memory.\n\nThis patch replaces sprintf() with sysfs_emit_at() that checks for buffer\nboundries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53676",
"url": "https://www.suse.com/security/cve/CVE-2023-53676"
},
{
"category": "external",
"summary": "SUSE Bug 1251786 for CVE-2023-53676",
"url": "https://bugzilla.suse.com/1251786"
},
{
"category": "external",
"summary": "SUSE Bug 1251787 for CVE-2023-53676",
"url": "https://bugzilla.suse.com/1251787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2023-53676"
},
{
"cve": "CVE-2025-38476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38476"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpl: Fix use-after-free in rpl_do_srh_inline().\n\nRunning lwt_dst_cache_ref_loop.sh in selftest with KASAN triggers\nthe splat below [0].\n\nrpl_do_srh_inline() fetches ipv6_hdr(skb) and accesses it after\nskb_cow_head(), which is illegal as the header could be freed then.\n\nLet\u0027s fix it by making oldhdr to a local struct instead of a pointer.\n\n[0]:\n[root@fedora net]# ./lwt_dst_cache_ref_loop.sh\n...\nTEST: rpl (input)\n[ 57.631529] ==================================================================\nBUG: KASAN: slab-use-after-free in rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174)\nRead of size 40 at addr ffff888122bf96d8 by task ping6/1543\n\nCPU: 50 UID: 0 PID: 1543 Comm: ping6 Not tainted 6.16.0-rc5-01302-gfadd1e6231b1 #23 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl (lib/dump_stack.c:122)\n print_report (mm/kasan/report.c:409 mm/kasan/report.c:521)\n kasan_report (mm/kasan/report.c:221 mm/kasan/report.c:636)\n kasan_check_range (mm/kasan/generic.c:175 (discriminator 1) mm/kasan/generic.c:189 (discriminator 1))\n __asan_memmove (mm/kasan/shadow.c:94 (discriminator 2))\n rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174)\n rpl_input (net/ipv6/rpl_iptunnel.c:201 net/ipv6/rpl_iptunnel.c:282)\n lwtunnel_input (net/core/lwtunnel.c:459)\n ipv6_rcv (./include/net/dst.h:471 (discriminator 1) ./include/net/dst.h:469 (discriminator 1) net/ipv6/ip6_input.c:79 (discriminator 1) ./include/linux/netfilter.h:317 (discriminator 1) ./include/linux/netfilter.h:311 (discriminator 1) net/ipv6/ip6_input.c:311 (discriminator 1))\n __netif_receive_skb_one_core (net/core/dev.c:5967)\n process_backlog (./include/linux/rcupdate.h:869 net/core/dev.c:6440)\n __napi_poll.constprop.0 (net/core/dev.c:7452)\n net_rx_action (net/core/dev.c:7518 net/core/dev.c:7643)\n handle_softirqs (kernel/softirq.c:579)\n do_softirq (kernel/softirq.c:480 (discriminator 20))\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip (kernel/softirq.c:407)\n __dev_queue_xmit (net/core/dev.c:4740)\n ip6_finish_output2 (./include/linux/netdevice.h:3358 ./include/net/neighbour.h:526 ./include/net/neighbour.h:540 net/ipv6/ip6_output.c:141)\n ip6_finish_output (net/ipv6/ip6_output.c:215 net/ipv6/ip6_output.c:226)\n ip6_output (./include/linux/netfilter.h:306 net/ipv6/ip6_output.c:248)\n ip6_send_skb (net/ipv6/ip6_output.c:1983)\n rawv6_sendmsg (net/ipv6/raw.c:588 net/ipv6/raw.c:918)\n __sys_sendto (net/socket.c:714 (discriminator 1) net/socket.c:729 (discriminator 1) net/socket.c:2228 (discriminator 1))\n __x64_sys_sendto (net/socket.c:2231)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\nRIP: 0033:0x7f68cffb2a06\nCode: 5d e8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 75 19 83 e2 39 83 fa 08 75 11 e8 26 ff ff ff 66 0f 1f 44 00 00 48 8b 45 10 0f 05 \u003c48\u003e 8b 5d f8 c9 c3 0f 1f 40 00 f3 0f 1e fa 55 48 89 e5 48 83 ec 08\nRSP: 002b:00007ffefb7c53d0 EFLAGS: 00000202 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 0000564cd69f10a0 RCX: 00007f68cffb2a06\nRDX: 0000000000000040 RSI: 0000564cd69f10a4 RDI: 0000000000000003\nRBP: 00007ffefb7c53f0 R08: 0000564cd6a032ac R09: 000000000000001c\nR10: 0000000000000000 R11: 0000000000000202 R12: 0000564cd69f10a4\nR13: 0000000000000040 R14: 00007ffefb7c66e0 R15: 0000564cd69f10a0\n \u003c/TASK\u003e\n\nAllocated by task 1543:\n kasan_save_stack (mm/kasan/common.c:48)\n kasan_save_track (mm/kasan/common.c:60 (discriminator 1) mm/kasan/common.c:69 (discriminator 1))\n __kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345)\n kmem_cache_alloc_node_noprof (./include/linux/kasan.h:250 mm/slub.c:4148 mm/slub.c:4197 mm/slub.c:4249)\n kmalloc_reserve (net/core/skbuff.c:581 (discriminator 88))\n __alloc_skb (net/core/skbuff.c:669)\n __ip6_append_data (net/ipv6/ip6_output.c:1672 (discriminator 1))\n ip6_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38476",
"url": "https://www.suse.com/security/cve/CVE-2025-38476"
},
{
"category": "external",
"summary": "SUSE Bug 1247317 for CVE-2025-38476",
"url": "https://bugzilla.suse.com/1247317"
},
{
"category": "external",
"summary": "SUSE Bug 1251203 for CVE-2025-38476",
"url": "https://bugzilla.suse.com/1251203"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38476"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent infinite loop in rt6_nlmsg_size()\n\nWhile testing prior patch, I was able to trigger\nan infinite loop in rt6_nlmsg_size() in the following place:\n\nlist_for_each_entry_rcu(sibling, \u0026f6i-\u003efib6_siblings,\n\t\t\tfib6_siblings) {\n\trt6_nh_nlmsg_size(sibling-\u003efib6_nh, \u0026nexthop_len);\n}\n\nThis is because fib6_del_route() and fib6_add_rt2node()\nuses list_del_rcu(), which can confuse rcu readers,\nbecause they might no longer see the head of the list.\n\nRestart the loop if f6i-\u003efib6_nsiblings is zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38588",
"url": "https://www.suse.com/security/cve/CVE-2025-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1248368 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "external",
"summary": "SUSE Bug 1249241 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1249241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-39682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39682"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix handling of zero-length records on the rx_list\n\nEach recvmsg() call must process either\n - only contiguous DATA records (any number of them)\n - one non-DATA record\n\nIf the next record has different type than what has already been\nprocessed we break out of the main processing loop. If the record\nhas already been decrypted (which may be the case for TLS 1.3 where\nwe don\u0027t know type until decryption) we queue the pending record\nto the rx_list. Next recvmsg() will pick it up from there.\n\nQueuing the skb to rx_list after zero-copy decrypt is not possible,\nsince in that case we decrypted directly to the user space buffer,\nand we don\u0027t have an skb to queue (darg.skb points to the ciphertext\nskb for access to metadata like length).\n\nOnly data records are allowed zero-copy, and we break the processing\nloop after each non-data record. So we should never zero-copy and\nthen find out that the record type has changed. The corner case\nwe missed is when the initial record comes from rx_list, and it\u0027s\nzero length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39682",
"url": "https://www.suse.com/security/cve/CVE-2025-39682"
},
{
"category": "external",
"summary": "SUSE Bug 1249284 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1249284"
},
{
"category": "external",
"summary": "SUSE Bug 1250192 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1250192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-39682"
},
{
"cve": "CVE-2025-40204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: Fix MAC comparison to be constant-time\n\nTo prevent timing attacks, MACs need to be compared in constant time.\nUse the appropriate helper function for this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40204",
"url": "https://www.suse.com/security/cve/CVE-2025-40204"
},
{
"category": "external",
"summary": "SUSE Bug 1253436 for CVE-2025-40204",
"url": "https://bugzilla.suse.com/1253436"
},
{
"category": "external",
"summary": "SUSE Bug 1253437 for CVE-2025-40204",
"url": "https://bugzilla.suse.com/1253437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-30-rt-11-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-40204"
}
]
}
SUSE-SU-2026:20395-1
Vulnerability from csaf_suse - Published: 2026-01-19 15:28 - Updated: 2026-01-19 15:28Summary
Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 6.4.0-31.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
Patchnames: SUSE-SLE-Micro-6.1-kernel-236
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.1 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
39 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 6.4.0-31.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).\n- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).\n- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).\n- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).\n- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).\n- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-236",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20395-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20395-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620395-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20395-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024297.html"
},
{
"category": "self",
"summary": "SUSE Bug 1248400",
"url": "https://bugzilla.suse.com/1248400"
},
{
"category": "self",
"summary": "SUSE Bug 1248670",
"url": "https://bugzilla.suse.com/1248670"
},
{
"category": "self",
"summary": "SUSE Bug 1249241",
"url": "https://bugzilla.suse.com/1249241"
},
{
"category": "self",
"summary": "SUSE Bug 1250192",
"url": "https://bugzilla.suse.com/1250192"
},
{
"category": "self",
"summary": "SUSE Bug 1251203",
"url": "https://bugzilla.suse.com/1251203"
},
{
"category": "self",
"summary": "SUSE Bug 1251787",
"url": "https://bugzilla.suse.com/1251787"
},
{
"category": "self",
"summary": "SUSE Bug 1253437",
"url": "https://bugzilla.suse.com/1253437"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38476 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39682 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40204 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40204/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0)",
"tracking": {
"current_release_date": "2026-01-19T15:28:20Z",
"generator": {
"date": "2026-01-19T15:28:20Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20395-1",
"initial_release_date": "2026-01-19T15:28:20Z",
"revision_history": [
{
"date": "2026-01-19T15:28:20Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64",
"product_id": "kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53676"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()\n\nThe function lio_target_nacl_info_show() uses sprintf() in a loop to print\ndetails for every iSCSI connection in a session without checking for the\nbuffer length. With enough iSCSI connections it\u0027s possible to overflow the\nbuffer provided by configfs and corrupt the memory.\n\nThis patch replaces sprintf() with sysfs_emit_at() that checks for buffer\nboundries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53676",
"url": "https://www.suse.com/security/cve/CVE-2023-53676"
},
{
"category": "external",
"summary": "SUSE Bug 1251786 for CVE-2023-53676",
"url": "https://bugzilla.suse.com/1251786"
},
{
"category": "external",
"summary": "SUSE Bug 1251787 for CVE-2023-53676",
"url": "https://bugzilla.suse.com/1251787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2023-53676"
},
{
"cve": "CVE-2025-38476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38476"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpl: Fix use-after-free in rpl_do_srh_inline().\n\nRunning lwt_dst_cache_ref_loop.sh in selftest with KASAN triggers\nthe splat below [0].\n\nrpl_do_srh_inline() fetches ipv6_hdr(skb) and accesses it after\nskb_cow_head(), which is illegal as the header could be freed then.\n\nLet\u0027s fix it by making oldhdr to a local struct instead of a pointer.\n\n[0]:\n[root@fedora net]# ./lwt_dst_cache_ref_loop.sh\n...\nTEST: rpl (input)\n[ 57.631529] ==================================================================\nBUG: KASAN: slab-use-after-free in rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174)\nRead of size 40 at addr ffff888122bf96d8 by task ping6/1543\n\nCPU: 50 UID: 0 PID: 1543 Comm: ping6 Not tainted 6.16.0-rc5-01302-gfadd1e6231b1 #23 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl (lib/dump_stack.c:122)\n print_report (mm/kasan/report.c:409 mm/kasan/report.c:521)\n kasan_report (mm/kasan/report.c:221 mm/kasan/report.c:636)\n kasan_check_range (mm/kasan/generic.c:175 (discriminator 1) mm/kasan/generic.c:189 (discriminator 1))\n __asan_memmove (mm/kasan/shadow.c:94 (discriminator 2))\n rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174)\n rpl_input (net/ipv6/rpl_iptunnel.c:201 net/ipv6/rpl_iptunnel.c:282)\n lwtunnel_input (net/core/lwtunnel.c:459)\n ipv6_rcv (./include/net/dst.h:471 (discriminator 1) ./include/net/dst.h:469 (discriminator 1) net/ipv6/ip6_input.c:79 (discriminator 1) ./include/linux/netfilter.h:317 (discriminator 1) ./include/linux/netfilter.h:311 (discriminator 1) net/ipv6/ip6_input.c:311 (discriminator 1))\n __netif_receive_skb_one_core (net/core/dev.c:5967)\n process_backlog (./include/linux/rcupdate.h:869 net/core/dev.c:6440)\n __napi_poll.constprop.0 (net/core/dev.c:7452)\n net_rx_action (net/core/dev.c:7518 net/core/dev.c:7643)\n handle_softirqs (kernel/softirq.c:579)\n do_softirq (kernel/softirq.c:480 (discriminator 20))\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip (kernel/softirq.c:407)\n __dev_queue_xmit (net/core/dev.c:4740)\n ip6_finish_output2 (./include/linux/netdevice.h:3358 ./include/net/neighbour.h:526 ./include/net/neighbour.h:540 net/ipv6/ip6_output.c:141)\n ip6_finish_output (net/ipv6/ip6_output.c:215 net/ipv6/ip6_output.c:226)\n ip6_output (./include/linux/netfilter.h:306 net/ipv6/ip6_output.c:248)\n ip6_send_skb (net/ipv6/ip6_output.c:1983)\n rawv6_sendmsg (net/ipv6/raw.c:588 net/ipv6/raw.c:918)\n __sys_sendto (net/socket.c:714 (discriminator 1) net/socket.c:729 (discriminator 1) net/socket.c:2228 (discriminator 1))\n __x64_sys_sendto (net/socket.c:2231)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\nRIP: 0033:0x7f68cffb2a06\nCode: 5d e8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 75 19 83 e2 39 83 fa 08 75 11 e8 26 ff ff ff 66 0f 1f 44 00 00 48 8b 45 10 0f 05 \u003c48\u003e 8b 5d f8 c9 c3 0f 1f 40 00 f3 0f 1e fa 55 48 89 e5 48 83 ec 08\nRSP: 002b:00007ffefb7c53d0 EFLAGS: 00000202 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 0000564cd69f10a0 RCX: 00007f68cffb2a06\nRDX: 0000000000000040 RSI: 0000564cd69f10a4 RDI: 0000000000000003\nRBP: 00007ffefb7c53f0 R08: 0000564cd6a032ac R09: 000000000000001c\nR10: 0000000000000000 R11: 0000000000000202 R12: 0000564cd69f10a4\nR13: 0000000000000040 R14: 00007ffefb7c66e0 R15: 0000564cd69f10a0\n \u003c/TASK\u003e\n\nAllocated by task 1543:\n kasan_save_stack (mm/kasan/common.c:48)\n kasan_save_track (mm/kasan/common.c:60 (discriminator 1) mm/kasan/common.c:69 (discriminator 1))\n __kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345)\n kmem_cache_alloc_node_noprof (./include/linux/kasan.h:250 mm/slub.c:4148 mm/slub.c:4197 mm/slub.c:4249)\n kmalloc_reserve (net/core/skbuff.c:581 (discriminator 88))\n __alloc_skb (net/core/skbuff.c:669)\n __ip6_append_data (net/ipv6/ip6_output.c:1672 (discriminator 1))\n ip6_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38476",
"url": "https://www.suse.com/security/cve/CVE-2025-38476"
},
{
"category": "external",
"summary": "SUSE Bug 1247317 for CVE-2025-38476",
"url": "https://bugzilla.suse.com/1247317"
},
{
"category": "external",
"summary": "SUSE Bug 1251203 for CVE-2025-38476",
"url": "https://bugzilla.suse.com/1251203"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38476"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent infinite loop in rt6_nlmsg_size()\n\nWhile testing prior patch, I was able to trigger\nan infinite loop in rt6_nlmsg_size() in the following place:\n\nlist_for_each_entry_rcu(sibling, \u0026f6i-\u003efib6_siblings,\n\t\t\tfib6_siblings) {\n\trt6_nh_nlmsg_size(sibling-\u003efib6_nh, \u0026nexthop_len);\n}\n\nThis is because fib6_del_route() and fib6_add_rt2node()\nuses list_del_rcu(), which can confuse rcu readers,\nbecause they might no longer see the head of the list.\n\nRestart the loop if f6i-\u003efib6_nsiblings is zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38588",
"url": "https://www.suse.com/security/cve/CVE-2025-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1248368 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "external",
"summary": "SUSE Bug 1249241 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1249241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-39682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39682"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix handling of zero-length records on the rx_list\n\nEach recvmsg() call must process either\n - only contiguous DATA records (any number of them)\n - one non-DATA record\n\nIf the next record has different type than what has already been\nprocessed we break out of the main processing loop. If the record\nhas already been decrypted (which may be the case for TLS 1.3 where\nwe don\u0027t know type until decryption) we queue the pending record\nto the rx_list. Next recvmsg() will pick it up from there.\n\nQueuing the skb to rx_list after zero-copy decrypt is not possible,\nsince in that case we decrypted directly to the user space buffer,\nand we don\u0027t have an skb to queue (darg.skb points to the ciphertext\nskb for access to metadata like length).\n\nOnly data records are allowed zero-copy, and we break the processing\nloop after each non-data record. So we should never zero-copy and\nthen find out that the record type has changed. The corner case\nwe missed is when the initial record comes from rx_list, and it\u0027s\nzero length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39682",
"url": "https://www.suse.com/security/cve/CVE-2025-39682"
},
{
"category": "external",
"summary": "SUSE Bug 1249284 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1249284"
},
{
"category": "external",
"summary": "SUSE Bug 1250192 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1250192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-39682"
},
{
"cve": "CVE-2025-40204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: Fix MAC comparison to be constant-time\n\nTo prevent timing attacks, MACs need to be compared in constant time.\nUse the appropriate helper function for this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40204",
"url": "https://www.suse.com/security/cve/CVE-2025-40204"
},
{
"category": "external",
"summary": "SUSE Bug 1253436 for CVE-2025-40204",
"url": "https://bugzilla.suse.com/1253436"
},
{
"category": "external",
"summary": "SUSE Bug 1253437 for CVE-2025-40204",
"url": "https://bugzilla.suse.com/1253437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-10-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-40204"
}
]
}
SUSE-SU-2026:20396-1
Vulnerability from csaf_suse - Published: 2026-01-19 15:28 - Updated: 2026-01-19 15:28Summary
Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 6.4.0-33.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
Patchnames: SUSE-SLE-Micro-6.1-kernel-237
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.1 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
39 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 6.4.0-33.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).\n- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).\n- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).\n- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).\n- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).\n- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-237",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20396-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20396-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620396-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20396-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024296.html"
},
{
"category": "self",
"summary": "SUSE Bug 1248400",
"url": "https://bugzilla.suse.com/1248400"
},
{
"category": "self",
"summary": "SUSE Bug 1248670",
"url": "https://bugzilla.suse.com/1248670"
},
{
"category": "self",
"summary": "SUSE Bug 1249241",
"url": "https://bugzilla.suse.com/1249241"
},
{
"category": "self",
"summary": "SUSE Bug 1250192",
"url": "https://bugzilla.suse.com/1250192"
},
{
"category": "self",
"summary": "SUSE Bug 1251203",
"url": "https://bugzilla.suse.com/1251203"
},
{
"category": "self",
"summary": "SUSE Bug 1251787",
"url": "https://bugzilla.suse.com/1251787"
},
{
"category": "self",
"summary": "SUSE Bug 1253437",
"url": "https://bugzilla.suse.com/1253437"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38476 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39682 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40204 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40204/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)",
"tracking": {
"current_release_date": "2026-01-19T15:28:20Z",
"generator": {
"date": "2026-01-19T15:28:20Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20396-1",
"initial_release_date": "2026-01-19T15:28:20Z",
"revision_history": [
{
"date": "2026-01-19T15:28:20Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64",
"product_id": "kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53676"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()\n\nThe function lio_target_nacl_info_show() uses sprintf() in a loop to print\ndetails for every iSCSI connection in a session without checking for the\nbuffer length. With enough iSCSI connections it\u0027s possible to overflow the\nbuffer provided by configfs and corrupt the memory.\n\nThis patch replaces sprintf() with sysfs_emit_at() that checks for buffer\nboundries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53676",
"url": "https://www.suse.com/security/cve/CVE-2023-53676"
},
{
"category": "external",
"summary": "SUSE Bug 1251786 for CVE-2023-53676",
"url": "https://bugzilla.suse.com/1251786"
},
{
"category": "external",
"summary": "SUSE Bug 1251787 for CVE-2023-53676",
"url": "https://bugzilla.suse.com/1251787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2023-53676"
},
{
"cve": "CVE-2025-38476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38476"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpl: Fix use-after-free in rpl_do_srh_inline().\n\nRunning lwt_dst_cache_ref_loop.sh in selftest with KASAN triggers\nthe splat below [0].\n\nrpl_do_srh_inline() fetches ipv6_hdr(skb) and accesses it after\nskb_cow_head(), which is illegal as the header could be freed then.\n\nLet\u0027s fix it by making oldhdr to a local struct instead of a pointer.\n\n[0]:\n[root@fedora net]# ./lwt_dst_cache_ref_loop.sh\n...\nTEST: rpl (input)\n[ 57.631529] ==================================================================\nBUG: KASAN: slab-use-after-free in rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174)\nRead of size 40 at addr ffff888122bf96d8 by task ping6/1543\n\nCPU: 50 UID: 0 PID: 1543 Comm: ping6 Not tainted 6.16.0-rc5-01302-gfadd1e6231b1 #23 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl (lib/dump_stack.c:122)\n print_report (mm/kasan/report.c:409 mm/kasan/report.c:521)\n kasan_report (mm/kasan/report.c:221 mm/kasan/report.c:636)\n kasan_check_range (mm/kasan/generic.c:175 (discriminator 1) mm/kasan/generic.c:189 (discriminator 1))\n __asan_memmove (mm/kasan/shadow.c:94 (discriminator 2))\n rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174)\n rpl_input (net/ipv6/rpl_iptunnel.c:201 net/ipv6/rpl_iptunnel.c:282)\n lwtunnel_input (net/core/lwtunnel.c:459)\n ipv6_rcv (./include/net/dst.h:471 (discriminator 1) ./include/net/dst.h:469 (discriminator 1) net/ipv6/ip6_input.c:79 (discriminator 1) ./include/linux/netfilter.h:317 (discriminator 1) ./include/linux/netfilter.h:311 (discriminator 1) net/ipv6/ip6_input.c:311 (discriminator 1))\n __netif_receive_skb_one_core (net/core/dev.c:5967)\n process_backlog (./include/linux/rcupdate.h:869 net/core/dev.c:6440)\n __napi_poll.constprop.0 (net/core/dev.c:7452)\n net_rx_action (net/core/dev.c:7518 net/core/dev.c:7643)\n handle_softirqs (kernel/softirq.c:579)\n do_softirq (kernel/softirq.c:480 (discriminator 20))\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip (kernel/softirq.c:407)\n __dev_queue_xmit (net/core/dev.c:4740)\n ip6_finish_output2 (./include/linux/netdevice.h:3358 ./include/net/neighbour.h:526 ./include/net/neighbour.h:540 net/ipv6/ip6_output.c:141)\n ip6_finish_output (net/ipv6/ip6_output.c:215 net/ipv6/ip6_output.c:226)\n ip6_output (./include/linux/netfilter.h:306 net/ipv6/ip6_output.c:248)\n ip6_send_skb (net/ipv6/ip6_output.c:1983)\n rawv6_sendmsg (net/ipv6/raw.c:588 net/ipv6/raw.c:918)\n __sys_sendto (net/socket.c:714 (discriminator 1) net/socket.c:729 (discriminator 1) net/socket.c:2228 (discriminator 1))\n __x64_sys_sendto (net/socket.c:2231)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\nRIP: 0033:0x7f68cffb2a06\nCode: 5d e8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 75 19 83 e2 39 83 fa 08 75 11 e8 26 ff ff ff 66 0f 1f 44 00 00 48 8b 45 10 0f 05 \u003c48\u003e 8b 5d f8 c9 c3 0f 1f 40 00 f3 0f 1e fa 55 48 89 e5 48 83 ec 08\nRSP: 002b:00007ffefb7c53d0 EFLAGS: 00000202 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 0000564cd69f10a0 RCX: 00007f68cffb2a06\nRDX: 0000000000000040 RSI: 0000564cd69f10a4 RDI: 0000000000000003\nRBP: 00007ffefb7c53f0 R08: 0000564cd6a032ac R09: 000000000000001c\nR10: 0000000000000000 R11: 0000000000000202 R12: 0000564cd69f10a4\nR13: 0000000000000040 R14: 00007ffefb7c66e0 R15: 0000564cd69f10a0\n \u003c/TASK\u003e\n\nAllocated by task 1543:\n kasan_save_stack (mm/kasan/common.c:48)\n kasan_save_track (mm/kasan/common.c:60 (discriminator 1) mm/kasan/common.c:69 (discriminator 1))\n __kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345)\n kmem_cache_alloc_node_noprof (./include/linux/kasan.h:250 mm/slub.c:4148 mm/slub.c:4197 mm/slub.c:4249)\n kmalloc_reserve (net/core/skbuff.c:581 (discriminator 88))\n __alloc_skb (net/core/skbuff.c:669)\n __ip6_append_data (net/ipv6/ip6_output.c:1672 (discriminator 1))\n ip6_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38476",
"url": "https://www.suse.com/security/cve/CVE-2025-38476"
},
{
"category": "external",
"summary": "SUSE Bug 1247317 for CVE-2025-38476",
"url": "https://bugzilla.suse.com/1247317"
},
{
"category": "external",
"summary": "SUSE Bug 1251203 for CVE-2025-38476",
"url": "https://bugzilla.suse.com/1251203"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38476"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent infinite loop in rt6_nlmsg_size()\n\nWhile testing prior patch, I was able to trigger\nan infinite loop in rt6_nlmsg_size() in the following place:\n\nlist_for_each_entry_rcu(sibling, \u0026f6i-\u003efib6_siblings,\n\t\t\tfib6_siblings) {\n\trt6_nh_nlmsg_size(sibling-\u003efib6_nh, \u0026nexthop_len);\n}\n\nThis is because fib6_del_route() and fib6_add_rt2node()\nuses list_del_rcu(), which can confuse rcu readers,\nbecause they might no longer see the head of the list.\n\nRestart the loop if f6i-\u003efib6_nsiblings is zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38588",
"url": "https://www.suse.com/security/cve/CVE-2025-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1248368 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "external",
"summary": "SUSE Bug 1249241 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1249241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-39682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39682"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix handling of zero-length records on the rx_list\n\nEach recvmsg() call must process either\n - only contiguous DATA records (any number of them)\n - one non-DATA record\n\nIf the next record has different type than what has already been\nprocessed we break out of the main processing loop. If the record\nhas already been decrypted (which may be the case for TLS 1.3 where\nwe don\u0027t know type until decryption) we queue the pending record\nto the rx_list. Next recvmsg() will pick it up from there.\n\nQueuing the skb to rx_list after zero-copy decrypt is not possible,\nsince in that case we decrypted directly to the user space buffer,\nand we don\u0027t have an skb to queue (darg.skb points to the ciphertext\nskb for access to metadata like length).\n\nOnly data records are allowed zero-copy, and we break the processing\nloop after each non-data record. So we should never zero-copy and\nthen find out that the record type has changed. The corner case\nwe missed is when the initial record comes from rx_list, and it\u0027s\nzero length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39682",
"url": "https://www.suse.com/security/cve/CVE-2025-39682"
},
{
"category": "external",
"summary": "SUSE Bug 1249284 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1249284"
},
{
"category": "external",
"summary": "SUSE Bug 1250192 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1250192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-39682"
},
{
"cve": "CVE-2025-40204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: Fix MAC comparison to be constant-time\n\nTo prevent timing attacks, MACs need to be compared in constant time.\nUse the appropriate helper function for this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40204",
"url": "https://www.suse.com/security/cve/CVE-2025-40204"
},
{
"category": "external",
"summary": "SUSE Bug 1253436 for CVE-2025-40204",
"url": "https://bugzilla.suse.com/1253436"
},
{
"category": "external",
"summary": "SUSE Bug 1253437 for CVE-2025-40204",
"url": "https://bugzilla.suse.com/1253437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-33-rt-9-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-40204"
}
]
}
SUSE-SU-2026:20397-1
Vulnerability from csaf_suse - Published: 2026-01-19 15:28 - Updated: 2026-01-19 15:28Summary
Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 6.4.0-34.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
Patchnames: SUSE-SLE-Micro-6.1-kernel-238
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.1 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
39 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 6.4.0-34.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).\n- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).\n- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).\n- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).\n- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).\n- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-238",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20397-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20397-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620397-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20397-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024295.html"
},
{
"category": "self",
"summary": "SUSE Bug 1248400",
"url": "https://bugzilla.suse.com/1248400"
},
{
"category": "self",
"summary": "SUSE Bug 1248670",
"url": "https://bugzilla.suse.com/1248670"
},
{
"category": "self",
"summary": "SUSE Bug 1249241",
"url": "https://bugzilla.suse.com/1249241"
},
{
"category": "self",
"summary": "SUSE Bug 1250192",
"url": "https://bugzilla.suse.com/1250192"
},
{
"category": "self",
"summary": "SUSE Bug 1251203",
"url": "https://bugzilla.suse.com/1251203"
},
{
"category": "self",
"summary": "SUSE Bug 1251787",
"url": "https://bugzilla.suse.com/1251787"
},
{
"category": "self",
"summary": "SUSE Bug 1253437",
"url": "https://bugzilla.suse.com/1253437"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38476 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39682 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40204 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40204/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)",
"tracking": {
"current_release_date": "2026-01-19T15:28:20Z",
"generator": {
"date": "2026-01-19T15:28:20Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20397-1",
"initial_release_date": "2026-01-19T15:28:20Z",
"revision_history": [
{
"date": "2026-01-19T15:28:20Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53676"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()\n\nThe function lio_target_nacl_info_show() uses sprintf() in a loop to print\ndetails for every iSCSI connection in a session without checking for the\nbuffer length. With enough iSCSI connections it\u0027s possible to overflow the\nbuffer provided by configfs and corrupt the memory.\n\nThis patch replaces sprintf() with sysfs_emit_at() that checks for buffer\nboundries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53676",
"url": "https://www.suse.com/security/cve/CVE-2023-53676"
},
{
"category": "external",
"summary": "SUSE Bug 1251786 for CVE-2023-53676",
"url": "https://bugzilla.suse.com/1251786"
},
{
"category": "external",
"summary": "SUSE Bug 1251787 for CVE-2023-53676",
"url": "https://bugzilla.suse.com/1251787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2023-53676"
},
{
"cve": "CVE-2025-38476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38476"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpl: Fix use-after-free in rpl_do_srh_inline().\n\nRunning lwt_dst_cache_ref_loop.sh in selftest with KASAN triggers\nthe splat below [0].\n\nrpl_do_srh_inline() fetches ipv6_hdr(skb) and accesses it after\nskb_cow_head(), which is illegal as the header could be freed then.\n\nLet\u0027s fix it by making oldhdr to a local struct instead of a pointer.\n\n[0]:\n[root@fedora net]# ./lwt_dst_cache_ref_loop.sh\n...\nTEST: rpl (input)\n[ 57.631529] ==================================================================\nBUG: KASAN: slab-use-after-free in rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174)\nRead of size 40 at addr ffff888122bf96d8 by task ping6/1543\n\nCPU: 50 UID: 0 PID: 1543 Comm: ping6 Not tainted 6.16.0-rc5-01302-gfadd1e6231b1 #23 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl (lib/dump_stack.c:122)\n print_report (mm/kasan/report.c:409 mm/kasan/report.c:521)\n kasan_report (mm/kasan/report.c:221 mm/kasan/report.c:636)\n kasan_check_range (mm/kasan/generic.c:175 (discriminator 1) mm/kasan/generic.c:189 (discriminator 1))\n __asan_memmove (mm/kasan/shadow.c:94 (discriminator 2))\n rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174)\n rpl_input (net/ipv6/rpl_iptunnel.c:201 net/ipv6/rpl_iptunnel.c:282)\n lwtunnel_input (net/core/lwtunnel.c:459)\n ipv6_rcv (./include/net/dst.h:471 (discriminator 1) ./include/net/dst.h:469 (discriminator 1) net/ipv6/ip6_input.c:79 (discriminator 1) ./include/linux/netfilter.h:317 (discriminator 1) ./include/linux/netfilter.h:311 (discriminator 1) net/ipv6/ip6_input.c:311 (discriminator 1))\n __netif_receive_skb_one_core (net/core/dev.c:5967)\n process_backlog (./include/linux/rcupdate.h:869 net/core/dev.c:6440)\n __napi_poll.constprop.0 (net/core/dev.c:7452)\n net_rx_action (net/core/dev.c:7518 net/core/dev.c:7643)\n handle_softirqs (kernel/softirq.c:579)\n do_softirq (kernel/softirq.c:480 (discriminator 20))\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip (kernel/softirq.c:407)\n __dev_queue_xmit (net/core/dev.c:4740)\n ip6_finish_output2 (./include/linux/netdevice.h:3358 ./include/net/neighbour.h:526 ./include/net/neighbour.h:540 net/ipv6/ip6_output.c:141)\n ip6_finish_output (net/ipv6/ip6_output.c:215 net/ipv6/ip6_output.c:226)\n ip6_output (./include/linux/netfilter.h:306 net/ipv6/ip6_output.c:248)\n ip6_send_skb (net/ipv6/ip6_output.c:1983)\n rawv6_sendmsg (net/ipv6/raw.c:588 net/ipv6/raw.c:918)\n __sys_sendto (net/socket.c:714 (discriminator 1) net/socket.c:729 (discriminator 1) net/socket.c:2228 (discriminator 1))\n __x64_sys_sendto (net/socket.c:2231)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\nRIP: 0033:0x7f68cffb2a06\nCode: 5d e8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 75 19 83 e2 39 83 fa 08 75 11 e8 26 ff ff ff 66 0f 1f 44 00 00 48 8b 45 10 0f 05 \u003c48\u003e 8b 5d f8 c9 c3 0f 1f 40 00 f3 0f 1e fa 55 48 89 e5 48 83 ec 08\nRSP: 002b:00007ffefb7c53d0 EFLAGS: 00000202 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 0000564cd69f10a0 RCX: 00007f68cffb2a06\nRDX: 0000000000000040 RSI: 0000564cd69f10a4 RDI: 0000000000000003\nRBP: 00007ffefb7c53f0 R08: 0000564cd6a032ac R09: 000000000000001c\nR10: 0000000000000000 R11: 0000000000000202 R12: 0000564cd69f10a4\nR13: 0000000000000040 R14: 00007ffefb7c66e0 R15: 0000564cd69f10a0\n \u003c/TASK\u003e\n\nAllocated by task 1543:\n kasan_save_stack (mm/kasan/common.c:48)\n kasan_save_track (mm/kasan/common.c:60 (discriminator 1) mm/kasan/common.c:69 (discriminator 1))\n __kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345)\n kmem_cache_alloc_node_noprof (./include/linux/kasan.h:250 mm/slub.c:4148 mm/slub.c:4197 mm/slub.c:4249)\n kmalloc_reserve (net/core/skbuff.c:581 (discriminator 88))\n __alloc_skb (net/core/skbuff.c:669)\n __ip6_append_data (net/ipv6/ip6_output.c:1672 (discriminator 1))\n ip6_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38476",
"url": "https://www.suse.com/security/cve/CVE-2025-38476"
},
{
"category": "external",
"summary": "SUSE Bug 1247317 for CVE-2025-38476",
"url": "https://bugzilla.suse.com/1247317"
},
{
"category": "external",
"summary": "SUSE Bug 1251203 for CVE-2025-38476",
"url": "https://bugzilla.suse.com/1251203"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38476"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent infinite loop in rt6_nlmsg_size()\n\nWhile testing prior patch, I was able to trigger\nan infinite loop in rt6_nlmsg_size() in the following place:\n\nlist_for_each_entry_rcu(sibling, \u0026f6i-\u003efib6_siblings,\n\t\t\tfib6_siblings) {\n\trt6_nh_nlmsg_size(sibling-\u003efib6_nh, \u0026nexthop_len);\n}\n\nThis is because fib6_del_route() and fib6_add_rt2node()\nuses list_del_rcu(), which can confuse rcu readers,\nbecause they might no longer see the head of the list.\n\nRestart the loop if f6i-\u003efib6_nsiblings is zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38588",
"url": "https://www.suse.com/security/cve/CVE-2025-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1248368 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "external",
"summary": "SUSE Bug 1249241 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1249241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-39682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39682"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix handling of zero-length records on the rx_list\n\nEach recvmsg() call must process either\n - only contiguous DATA records (any number of them)\n - one non-DATA record\n\nIf the next record has different type than what has already been\nprocessed we break out of the main processing loop. If the record\nhas already been decrypted (which may be the case for TLS 1.3 where\nwe don\u0027t know type until decryption) we queue the pending record\nto the rx_list. Next recvmsg() will pick it up from there.\n\nQueuing the skb to rx_list after zero-copy decrypt is not possible,\nsince in that case we decrypted directly to the user space buffer,\nand we don\u0027t have an skb to queue (darg.skb points to the ciphertext\nskb for access to metadata like length).\n\nOnly data records are allowed zero-copy, and we break the processing\nloop after each non-data record. So we should never zero-copy and\nthen find out that the record type has changed. The corner case\nwe missed is when the initial record comes from rx_list, and it\u0027s\nzero length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39682",
"url": "https://www.suse.com/security/cve/CVE-2025-39682"
},
{
"category": "external",
"summary": "SUSE Bug 1249284 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1249284"
},
{
"category": "external",
"summary": "SUSE Bug 1250192 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1250192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-39682"
},
{
"cve": "CVE-2025-40204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: Fix MAC comparison to be constant-time\n\nTo prevent timing attacks, MACs need to be compared in constant time.\nUse the appropriate helper function for this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40204",
"url": "https://www.suse.com/security/cve/CVE-2025-40204"
},
{
"category": "external",
"summary": "SUSE Bug 1253436 for CVE-2025-40204",
"url": "https://bugzilla.suse.com/1253436"
},
{
"category": "external",
"summary": "SUSE Bug 1253437 for CVE-2025-40204",
"url": "https://bugzilla.suse.com/1253437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:28:20Z",
"details": "important"
}
],
"title": "CVE-2025-40204"
}
]
}
SUSE-SU-2026:20398-1
Vulnerability from csaf_suse - Published: 2026-01-19 15:31 - Updated: 2026-01-19 15:31Summary
Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 6.4.0-32.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
Patchnames: SUSE-SLE-Micro-6.1-kernel-239
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.1 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 6.4.0-32.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).\n- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).\n- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-239",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20398-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20398-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620398-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20398-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024294.html"
},
{
"category": "self",
"summary": "SUSE Bug 1248670",
"url": "https://bugzilla.suse.com/1248670"
},
{
"category": "self",
"summary": "SUSE Bug 1250192",
"url": "https://bugzilla.suse.com/1250192"
},
{
"category": "self",
"summary": "SUSE Bug 1251787",
"url": "https://bugzilla.suse.com/1251787"
},
{
"category": "self",
"summary": "SUSE Bug 1253437",
"url": "https://bugzilla.suse.com/1253437"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39682 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40204 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40204/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)",
"tracking": {
"current_release_date": "2026-01-19T15:31:57Z",
"generator": {
"date": "2026-01-19T15:31:57Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20398-1",
"initial_release_date": "2026-01-19T15:31:57Z",
"revision_history": [
{
"date": "2026-01-19T15:31:57Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53676"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()\n\nThe function lio_target_nacl_info_show() uses sprintf() in a loop to print\ndetails for every iSCSI connection in a session without checking for the\nbuffer length. With enough iSCSI connections it\u0027s possible to overflow the\nbuffer provided by configfs and corrupt the memory.\n\nThis patch replaces sprintf() with sysfs_emit_at() that checks for buffer\nboundries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53676",
"url": "https://www.suse.com/security/cve/CVE-2023-53676"
},
{
"category": "external",
"summary": "SUSE Bug 1251786 for CVE-2023-53676",
"url": "https://bugzilla.suse.com/1251786"
},
{
"category": "external",
"summary": "SUSE Bug 1251787 for CVE-2023-53676",
"url": "https://bugzilla.suse.com/1251787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:31:57Z",
"details": "important"
}
],
"title": "CVE-2023-53676"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:31:57Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-39682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39682"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix handling of zero-length records on the rx_list\n\nEach recvmsg() call must process either\n - only contiguous DATA records (any number of them)\n - one non-DATA record\n\nIf the next record has different type than what has already been\nprocessed we break out of the main processing loop. If the record\nhas already been decrypted (which may be the case for TLS 1.3 where\nwe don\u0027t know type until decryption) we queue the pending record\nto the rx_list. Next recvmsg() will pick it up from there.\n\nQueuing the skb to rx_list after zero-copy decrypt is not possible,\nsince in that case we decrypted directly to the user space buffer,\nand we don\u0027t have an skb to queue (darg.skb points to the ciphertext\nskb for access to metadata like length).\n\nOnly data records are allowed zero-copy, and we break the processing\nloop after each non-data record. So we should never zero-copy and\nthen find out that the record type has changed. The corner case\nwe missed is when the initial record comes from rx_list, and it\u0027s\nzero length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39682",
"url": "https://www.suse.com/security/cve/CVE-2025-39682"
},
{
"category": "external",
"summary": "SUSE Bug 1249284 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1249284"
},
{
"category": "external",
"summary": "SUSE Bug 1250192 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1250192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:31:57Z",
"details": "important"
}
],
"title": "CVE-2025-39682"
},
{
"cve": "CVE-2025-40204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: Fix MAC comparison to be constant-time\n\nTo prevent timing attacks, MACs need to be compared in constant time.\nUse the appropriate helper function for this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40204",
"url": "https://www.suse.com/security/cve/CVE-2025-40204"
},
{
"category": "external",
"summary": "SUSE Bug 1253436 for CVE-2025-40204",
"url": "https://bugzilla.suse.com/1253436"
},
{
"category": "external",
"summary": "SUSE Bug 1253437 for CVE-2025-40204",
"url": "https://bugzilla.suse.com/1253437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:31:57Z",
"details": "important"
}
],
"title": "CVE-2025-40204"
}
]
}
SUSE-SU-2026:20400-1
Vulnerability from csaf_suse - Published: 2026-01-19 15:33 - Updated: 2026-01-19 15:33Summary
Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise Micro 6.0)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise Micro 6.0)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 6.4.0-22.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
Patchnames: SUSE-SLE-Micro-6.1-kernel-249
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.1 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
39 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise Micro 6.0)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 6.4.0-22.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).\n- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).\n- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).\n- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).\n- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).\n- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-249",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20400-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20400-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620400-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20400-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024292.html"
},
{
"category": "self",
"summary": "SUSE Bug 1248400",
"url": "https://bugzilla.suse.com/1248400"
},
{
"category": "self",
"summary": "SUSE Bug 1248670",
"url": "https://bugzilla.suse.com/1248670"
},
{
"category": "self",
"summary": "SUSE Bug 1249241",
"url": "https://bugzilla.suse.com/1249241"
},
{
"category": "self",
"summary": "SUSE Bug 1250192",
"url": "https://bugzilla.suse.com/1250192"
},
{
"category": "self",
"summary": "SUSE Bug 1251203",
"url": "https://bugzilla.suse.com/1251203"
},
{
"category": "self",
"summary": "SUSE Bug 1251787",
"url": "https://bugzilla.suse.com/1251787"
},
{
"category": "self",
"summary": "SUSE Bug 1253437",
"url": "https://bugzilla.suse.com/1253437"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38476 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39682 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40204 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40204/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise Micro 6.0)",
"tracking": {
"current_release_date": "2026-01-19T15:33:57Z",
"generator": {
"date": "2026-01-19T15:33:57Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20400-1",
"initial_release_date": "2026-01-19T15:33:57Z",
"revision_history": [
{
"date": "2026-01-19T15:33:57Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53676"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()\n\nThe function lio_target_nacl_info_show() uses sprintf() in a loop to print\ndetails for every iSCSI connection in a session without checking for the\nbuffer length. With enough iSCSI connections it\u0027s possible to overflow the\nbuffer provided by configfs and corrupt the memory.\n\nThis patch replaces sprintf() with sysfs_emit_at() that checks for buffer\nboundries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53676",
"url": "https://www.suse.com/security/cve/CVE-2023-53676"
},
{
"category": "external",
"summary": "SUSE Bug 1251786 for CVE-2023-53676",
"url": "https://bugzilla.suse.com/1251786"
},
{
"category": "external",
"summary": "SUSE Bug 1251787 for CVE-2023-53676",
"url": "https://bugzilla.suse.com/1251787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:33:57Z",
"details": "important"
}
],
"title": "CVE-2023-53676"
},
{
"cve": "CVE-2025-38476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38476"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpl: Fix use-after-free in rpl_do_srh_inline().\n\nRunning lwt_dst_cache_ref_loop.sh in selftest with KASAN triggers\nthe splat below [0].\n\nrpl_do_srh_inline() fetches ipv6_hdr(skb) and accesses it after\nskb_cow_head(), which is illegal as the header could be freed then.\n\nLet\u0027s fix it by making oldhdr to a local struct instead of a pointer.\n\n[0]:\n[root@fedora net]# ./lwt_dst_cache_ref_loop.sh\n...\nTEST: rpl (input)\n[ 57.631529] ==================================================================\nBUG: KASAN: slab-use-after-free in rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174)\nRead of size 40 at addr ffff888122bf96d8 by task ping6/1543\n\nCPU: 50 UID: 0 PID: 1543 Comm: ping6 Not tainted 6.16.0-rc5-01302-gfadd1e6231b1 #23 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl (lib/dump_stack.c:122)\n print_report (mm/kasan/report.c:409 mm/kasan/report.c:521)\n kasan_report (mm/kasan/report.c:221 mm/kasan/report.c:636)\n kasan_check_range (mm/kasan/generic.c:175 (discriminator 1) mm/kasan/generic.c:189 (discriminator 1))\n __asan_memmove (mm/kasan/shadow.c:94 (discriminator 2))\n rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174)\n rpl_input (net/ipv6/rpl_iptunnel.c:201 net/ipv6/rpl_iptunnel.c:282)\n lwtunnel_input (net/core/lwtunnel.c:459)\n ipv6_rcv (./include/net/dst.h:471 (discriminator 1) ./include/net/dst.h:469 (discriminator 1) net/ipv6/ip6_input.c:79 (discriminator 1) ./include/linux/netfilter.h:317 (discriminator 1) ./include/linux/netfilter.h:311 (discriminator 1) net/ipv6/ip6_input.c:311 (discriminator 1))\n __netif_receive_skb_one_core (net/core/dev.c:5967)\n process_backlog (./include/linux/rcupdate.h:869 net/core/dev.c:6440)\n __napi_poll.constprop.0 (net/core/dev.c:7452)\n net_rx_action (net/core/dev.c:7518 net/core/dev.c:7643)\n handle_softirqs (kernel/softirq.c:579)\n do_softirq (kernel/softirq.c:480 (discriminator 20))\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip (kernel/softirq.c:407)\n __dev_queue_xmit (net/core/dev.c:4740)\n ip6_finish_output2 (./include/linux/netdevice.h:3358 ./include/net/neighbour.h:526 ./include/net/neighbour.h:540 net/ipv6/ip6_output.c:141)\n ip6_finish_output (net/ipv6/ip6_output.c:215 net/ipv6/ip6_output.c:226)\n ip6_output (./include/linux/netfilter.h:306 net/ipv6/ip6_output.c:248)\n ip6_send_skb (net/ipv6/ip6_output.c:1983)\n rawv6_sendmsg (net/ipv6/raw.c:588 net/ipv6/raw.c:918)\n __sys_sendto (net/socket.c:714 (discriminator 1) net/socket.c:729 (discriminator 1) net/socket.c:2228 (discriminator 1))\n __x64_sys_sendto (net/socket.c:2231)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\nRIP: 0033:0x7f68cffb2a06\nCode: 5d e8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 75 19 83 e2 39 83 fa 08 75 11 e8 26 ff ff ff 66 0f 1f 44 00 00 48 8b 45 10 0f 05 \u003c48\u003e 8b 5d f8 c9 c3 0f 1f 40 00 f3 0f 1e fa 55 48 89 e5 48 83 ec 08\nRSP: 002b:00007ffefb7c53d0 EFLAGS: 00000202 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 0000564cd69f10a0 RCX: 00007f68cffb2a06\nRDX: 0000000000000040 RSI: 0000564cd69f10a4 RDI: 0000000000000003\nRBP: 00007ffefb7c53f0 R08: 0000564cd6a032ac R09: 000000000000001c\nR10: 0000000000000000 R11: 0000000000000202 R12: 0000564cd69f10a4\nR13: 0000000000000040 R14: 00007ffefb7c66e0 R15: 0000564cd69f10a0\n \u003c/TASK\u003e\n\nAllocated by task 1543:\n kasan_save_stack (mm/kasan/common.c:48)\n kasan_save_track (mm/kasan/common.c:60 (discriminator 1) mm/kasan/common.c:69 (discriminator 1))\n __kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345)\n kmem_cache_alloc_node_noprof (./include/linux/kasan.h:250 mm/slub.c:4148 mm/slub.c:4197 mm/slub.c:4249)\n kmalloc_reserve (net/core/skbuff.c:581 (discriminator 88))\n __alloc_skb (net/core/skbuff.c:669)\n __ip6_append_data (net/ipv6/ip6_output.c:1672 (discriminator 1))\n ip6_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38476",
"url": "https://www.suse.com/security/cve/CVE-2025-38476"
},
{
"category": "external",
"summary": "SUSE Bug 1247317 for CVE-2025-38476",
"url": "https://bugzilla.suse.com/1247317"
},
{
"category": "external",
"summary": "SUSE Bug 1251203 for CVE-2025-38476",
"url": "https://bugzilla.suse.com/1251203"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:33:57Z",
"details": "important"
}
],
"title": "CVE-2025-38476"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:33:57Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent infinite loop in rt6_nlmsg_size()\n\nWhile testing prior patch, I was able to trigger\nan infinite loop in rt6_nlmsg_size() in the following place:\n\nlist_for_each_entry_rcu(sibling, \u0026f6i-\u003efib6_siblings,\n\t\t\tfib6_siblings) {\n\trt6_nh_nlmsg_size(sibling-\u003efib6_nh, \u0026nexthop_len);\n}\n\nThis is because fib6_del_route() and fib6_add_rt2node()\nuses list_del_rcu(), which can confuse rcu readers,\nbecause they might no longer see the head of the list.\n\nRestart the loop if f6i-\u003efib6_nsiblings is zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38588",
"url": "https://www.suse.com/security/cve/CVE-2025-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1248368 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "external",
"summary": "SUSE Bug 1249241 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1249241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:33:57Z",
"details": "important"
}
],
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:33:57Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-39682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39682"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix handling of zero-length records on the rx_list\n\nEach recvmsg() call must process either\n - only contiguous DATA records (any number of them)\n - one non-DATA record\n\nIf the next record has different type than what has already been\nprocessed we break out of the main processing loop. If the record\nhas already been decrypted (which may be the case for TLS 1.3 where\nwe don\u0027t know type until decryption) we queue the pending record\nto the rx_list. Next recvmsg() will pick it up from there.\n\nQueuing the skb to rx_list after zero-copy decrypt is not possible,\nsince in that case we decrypted directly to the user space buffer,\nand we don\u0027t have an skb to queue (darg.skb points to the ciphertext\nskb for access to metadata like length).\n\nOnly data records are allowed zero-copy, and we break the processing\nloop after each non-data record. So we should never zero-copy and\nthen find out that the record type has changed. The corner case\nwe missed is when the initial record comes from rx_list, and it\u0027s\nzero length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39682",
"url": "https://www.suse.com/security/cve/CVE-2025-39682"
},
{
"category": "external",
"summary": "SUSE Bug 1249284 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1249284"
},
{
"category": "external",
"summary": "SUSE Bug 1250192 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1250192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:33:57Z",
"details": "important"
}
],
"title": "CVE-2025-39682"
},
{
"cve": "CVE-2025-40204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: Fix MAC comparison to be constant-time\n\nTo prevent timing attacks, MACs need to be compared in constant time.\nUse the appropriate helper function for this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40204",
"url": "https://www.suse.com/security/cve/CVE-2025-40204"
},
{
"category": "external",
"summary": "SUSE Bug 1253436 for CVE-2025-40204",
"url": "https://bugzilla.suse.com/1253436"
},
{
"category": "external",
"summary": "SUSE Bug 1253437 for CVE-2025-40204",
"url": "https://bugzilla.suse.com/1253437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-14-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T15:33:57Z",
"details": "important"
}
],
"title": "CVE-2025-40204"
}
]
}
WID-SEC-W-2025-1869
Vulnerability from csaf_certbund - Published: 2025-08-19 22:00 - Updated: 2026-05-20 22:00Summary
Linux Kernel: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff: Ein Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder andere nicht spezifizierte Angriffe durchzuführen.
Betroffene Betriebssysteme: - Linux
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker vProxy <19.14
Dell / NetWorker
|
vProxy <19.14 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Dell Avamar
Dell
|
cpe:/a:dell:avamar:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Dell NetWorker Virtual Edition
Dell / NetWorker
|
cpe:/a:dell:networker:virtual_edition
|
Virtual Edition | |
|
IBM QRadar SIEM <7.5.0 UP14 IF01
IBM / QRadar SIEM
|
<7.5.0 UP14 IF01 | ||
|
Dell Secure Connect Gateway Appliance <5.32.00.18
Dell / Secure Connect Gateway
|
Appliance <5.32.00.18 |
References
472 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder andere nicht spezifizierte Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1869 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1869.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1869 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1869"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7933-1 vom 2025-12-15",
"url": "https://ubuntu.com/security/notices/USN-7933-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7909-5 vom 2025-12-15",
"url": "https://ubuntu.com/security/notices/USN-7909-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7934-1 vom 2025-12-15",
"url": "https://ubuntu.com/security/notices/USN-7934-1"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38554",
"url": "https://lore.kernel.org/linux-cve-announce/2025081902-CVE-2025-38554-b161@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38555",
"url": "https://lore.kernel.org/linux-cve-announce/2025081905-CVE-2025-38555-e81a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38556",
"url": "https://lore.kernel.org/linux-cve-announce/2025081905-CVE-2025-38556-521e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38557",
"url": "https://lore.kernel.org/linux-cve-announce/2025081905-CVE-2025-38557-4b79@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38558",
"url": "https://lore.kernel.org/linux-cve-announce/2025081906-CVE-2025-38558-86a7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38559",
"url": "https://lore.kernel.org/linux-cve-announce/2025081906-CVE-2025-38559-9fa1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38560",
"url": "https://lore.kernel.org/linux-cve-announce/2025081906-CVE-2025-38560-d265@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38561",
"url": "https://lore.kernel.org/linux-cve-announce/2025081907-CVE-2025-38561-0f75@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38562",
"url": "https://lore.kernel.org/linux-cve-announce/2025081907-CVE-2025-38562-1418@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38563",
"url": "https://lore.kernel.org/linux-cve-announce/2025081907-CVE-2025-38563-81e4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38564",
"url": "https://lore.kernel.org/linux-cve-announce/2025081908-CVE-2025-38564-efa3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38565",
"url": "https://lore.kernel.org/linux-cve-announce/2025081908-CVE-2025-38565-0f60@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38566",
"url": "https://lore.kernel.org/linux-cve-announce/2025081908-CVE-2025-38566-edef@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38567",
"url": "https://lore.kernel.org/linux-cve-announce/2025081909-CVE-2025-38567-3597@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38568",
"url": "https://lore.kernel.org/linux-cve-announce/2025081909-CVE-2025-38568-7cd9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38569",
"url": "https://lore.kernel.org/linux-cve-announce/2025081909-CVE-2025-38569-7ad5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38570",
"url": "https://lore.kernel.org/linux-cve-announce/2025081910-CVE-2025-38570-b790@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38571",
"url": "https://lore.kernel.org/linux-cve-announce/2025081910-CVE-2025-38571-ba2a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38572",
"url": "https://lore.kernel.org/linux-cve-announce/2025081910-CVE-2025-38572-200b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38573",
"url": "https://lore.kernel.org/linux-cve-announce/2025081911-CVE-2025-38573-f7c4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38574",
"url": "https://lore.kernel.org/linux-cve-announce/2025081911-CVE-2025-38574-6c50@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38576",
"url": "https://lore.kernel.org/linux-cve-announce/2025081912-CVE-2025-38576-d1a7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38577",
"url": "https://lore.kernel.org/linux-cve-announce/2025081912-CVE-2025-38577-f225@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38578",
"url": "https://lore.kernel.org/linux-cve-announce/2025081912-CVE-2025-38578-d58a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38579",
"url": "https://lore.kernel.org/linux-cve-announce/2025081913-CVE-2025-38579-db94@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38580",
"url": "https://lore.kernel.org/linux-cve-announce/2025081913-CVE-2025-38580-554b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38581",
"url": "https://lore.kernel.org/linux-cve-announce/2025081913-CVE-2025-38581-04e8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38582",
"url": "https://lore.kernel.org/linux-cve-announce/2025081914-CVE-2025-38582-7eca@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38583",
"url": "https://lore.kernel.org/linux-cve-announce/2025081914-CVE-2025-38583-ca53@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38584",
"url": "https://lore.kernel.org/linux-cve-announce/2025081914-CVE-2025-38584-2648@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38585",
"url": "https://lore.kernel.org/linux-cve-announce/2025081915-CVE-2025-38585-e14e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38586",
"url": "https://lore.kernel.org/linux-cve-announce/2025081915-CVE-2025-38586-789b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38587",
"url": "https://lore.kernel.org/linux-cve-announce/2025081915-CVE-2025-38587-6da9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38588",
"url": "https://lore.kernel.org/linux-cve-announce/2025081916-CVE-2025-38588-cb2d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38589",
"url": "https://lore.kernel.org/linux-cve-announce/2025081916-CVE-2025-38589-52ae@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38590",
"url": "https://lore.kernel.org/linux-cve-announce/2025081917-CVE-2025-38590-6e67@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38591",
"url": "https://lore.kernel.org/linux-cve-announce/2025081917-CVE-2025-38591-2a4d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38592",
"url": "https://lore.kernel.org/linux-cve-announce/2025081917-CVE-2025-38592-9905@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38593",
"url": "https://lore.kernel.org/linux-cve-announce/2025081918-CVE-2025-38593-22c2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38594",
"url": "https://lore.kernel.org/linux-cve-announce/2025081918-CVE-2025-38594-d686@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38595",
"url": "https://lore.kernel.org/linux-cve-announce/2025081918-CVE-2025-38595-9676@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38596",
"url": "https://lore.kernel.org/linux-cve-announce/2025081919-CVE-2025-38596-9c29@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38597",
"url": "https://lore.kernel.org/linux-cve-announce/2025081919-CVE-2025-38597-82d6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38598",
"url": "https://lore.kernel.org/linux-cve-announce/2025081919-CVE-2025-38598-4eab@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38599",
"url": "https://lore.kernel.org/linux-cve-announce/2025081920-CVE-2025-38599-734a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38600",
"url": "https://lore.kernel.org/linux-cve-announce/2025081920-CVE-2025-38600-dddc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38601",
"url": "https://lore.kernel.org/linux-cve-announce/2025081920-CVE-2025-38601-1ab2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38602",
"url": "https://lore.kernel.org/linux-cve-announce/2025081921-CVE-2025-38602-d52f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38603",
"url": "https://lore.kernel.org/linux-cve-announce/2025081921-CVE-2025-38603-6dc3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38604",
"url": "https://lore.kernel.org/linux-cve-announce/2025081921-CVE-2025-38604-fd5d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38605",
"url": "https://lore.kernel.org/linux-cve-announce/2025081922-CVE-2025-38605-32f2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38606",
"url": "https://lore.kernel.org/linux-cve-announce/2025081922-CVE-2025-38606-0026@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38607",
"url": "https://lore.kernel.org/linux-cve-announce/2025081922-CVE-2025-38607-c6ce@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38608",
"url": "https://lore.kernel.org/linux-cve-announce/2025081923-CVE-2025-38608-e829@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38609",
"url": "https://lore.kernel.org/linux-cve-announce/2025081923-CVE-2025-38609-9c6a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38610",
"url": "https://lore.kernel.org/linux-cve-announce/2025081923-CVE-2025-38610-9b4f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38611",
"url": "https://lore.kernel.org/linux-cve-announce/2025081923-CVE-2025-38611-e9f6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38612",
"url": "https://lore.kernel.org/linux-cve-announce/2025081924-CVE-2025-38612-2888@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38613",
"url": "https://lore.kernel.org/linux-cve-announce/2025081924-CVE-2025-38613-8505@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38614",
"url": "https://lore.kernel.org/linux-cve-announce/2025081924-CVE-2025-38614-883c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38615",
"url": "https://lore.kernel.org/linux-cve-announce/2025081925-CVE-2025-38615-5f57@gregkh/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20669-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022482.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20653-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022432.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03204-1 vom 2025-09-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022522.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2025-104 vom 2025-09-16",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2025-104.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.4-2025-109 vom 2025-09-16",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.4-2025-109.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03272-1 vom 2025-09-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022589.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03283-1 vom 2025-09-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022596.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:16354 vom 2025-09-22",
"url": "https://access.redhat.com/errata/RHSA-2025:16354"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03290-1 vom 2025-09-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022602.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:16372 vom 2025-09-22",
"url": "https://access.redhat.com/errata/RHSA-2025:16372"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6009 vom 2025-09-23",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00173.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6008 vom 2025-09-23",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00172.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20608 vom 2025-09-23",
"url": "https://linux.oracle.com/errata/ELSA-2025-20608.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03310-1 vom 2025-09-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022610.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03314-1 vom 2025-09-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022615.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03301-1 vom 2025-09-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022605.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-16372 vom 2025-09-23",
"url": "https://linux.oracle.com/errata/ELSA-2025-16372.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7764-1 vom 2025-09-24",
"url": "https://ubuntu.com/security/notices/USN-7764-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7765-1 vom 2025-09-24",
"url": "https://ubuntu.com/security/notices/USN-7765-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03315-1 vom 2025-09-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022621.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03319-1 vom 2025-09-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022620.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03317-1 vom 2025-09-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022619.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03318-1 vom 2025-09-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022618.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03321-1 vom 2025-09-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022617.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03343-1 vom 2025-09-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022628.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03341-1 vom 2025-09-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022629.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03344-1 vom 2025-09-24",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GKXOSPRZJUZDU6VCQLCJK56ZS5CAS3IE/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-16354 vom 2025-09-25",
"url": "https://linux.oracle.com/errata/ELSA-2025-16354.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7764-2 vom 2025-09-26",
"url": "https://ubuntu.com/security/notices/USN-7764-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7779-1 vom 2025-09-25",
"url": "https://ubuntu.com/security/notices/USN-7779-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20791-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022649.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20722-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022683.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20724-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022682.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20770-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022672.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20769-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022673.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20768-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022674.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20725-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022681.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20772-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022671.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20774-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022668.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20773-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022670.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20771-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022669.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20790-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022651.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20727-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022691.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03384-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022723.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03383-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022724.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03370-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022642.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20789-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022652.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03381-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022722.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20788-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022653.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20784-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022713.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20729-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022714.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20737-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022718.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20786-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022654.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20732-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022719.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20730-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022720.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20787-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022660.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03382-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022721.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20785-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022655.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20756-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022703.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20735-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022709.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20731-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022710.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20739-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022711.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20736-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022712.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20726-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022692.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03375-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022693.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03374-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022694.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20733-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022698.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20738-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022697.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20734-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022699.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20723-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022689.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20728-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022690.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03418-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022726.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03391-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022743.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03408-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022734.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03403-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022735.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03400-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022737.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03395-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022739.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03392-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022741.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03396-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022738.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03389-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022744.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03413-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022728.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03412-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022730.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03411-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022731.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03393-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022740.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03419-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022725.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03410-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022733.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03387-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022742.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03397-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022736.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03406-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022732.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-3013 vom 2025-09-29",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3013.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:17776 vom 2025-10-13",
"url": "https://access.redhat.com/errata/RHSA-2025:17776"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:17760 vom 2025-10-13",
"url": "https://access.redhat.com/errata/RHSA-2025:17760"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4328 vom 2025-10-13",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4327 vom 2025-10-13",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20663 vom 2025-10-13",
"url": "https://linux.oracle.com/errata/ELSA-2025-20663.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:17958 vom 2025-10-14",
"url": "https://access.redhat.com/errata/RHSA-2025:17958"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-17776 vom 2025-10-14",
"url": "http://linux.oracle.com/errata/ELSA-2025-17776.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-17776 vom 2025-10-14",
"url": "https://linux.oracle.com/errata/ELSA-2025-17776.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-17776 vom 2025-10-14",
"url": "https://oss.oracle.com/pipermail/el-errata/2025-October/018777.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-17760 vom 2025-10-14",
"url": "https://linux.oracle.com/errata/ELSA-2025-17760.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20662 vom 2025-10-15",
"url": "https://linux.oracle.com/errata/ELSA-2025-20662.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20716 vom 2025-10-15",
"url": "https://linux.oracle.com/errata/ELSA-2025-20716.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03600-1 vom 2025-10-15",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VHWHH7ZSMFJ6PQZ3CBDGGCWHNBCWD26Z/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03602-1 vom 2025-10-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022908.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03615-1 vom 2025-10-16",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BVPLWRQN6MVKFQDJSEKN2JP6PMSGIO4Q/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03613-1 vom 2025-10-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022915.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03601-1 vom 2025-10-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022903.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03614-1 vom 2025-10-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022911.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03626-1 vom 2025-10-17",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Z3DYHRRLY43MYRNEEU5SFR4ZRMSPITED/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03633-1 vom 2025-10-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022926.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18281 vom 2025-10-20",
"url": "https://access.redhat.com/errata/RHSA-2025:18281"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:17760 vom 2025-10-18",
"url": "https://errata.build.resf.org/RLSA-2025:17760"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:17776 vom 2025-10-18",
"url": "https://errata.build.resf.org/RLSA-2025:17776"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03634-1 vom 2025-10-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022925.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03628-1 vom 2025-10-17",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/O6BEPQBC4GULLYP5G3VVU4ZS37B7I6EV/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03650-1 vom 2025-10-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022941.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03638-1 vom 2025-10-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022942.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03643-1 vom 2025-10-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022940.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03636-1 vom 2025-10-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022943.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03646-1 vom 2025-10-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022939.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18318 vom 2025-10-20",
"url": "https://access.redhat.com/errata/RHSA-2025:18318"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-18281 vom 2025-10-20",
"url": "https://linux.oracle.com/errata/ELSA-2025-18281.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-18318 vom 2025-10-21",
"url": "https://linux.oracle.com/errata/ELSA-2025-18318.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18932 vom 2025-10-22",
"url": "https://access.redhat.com/errata/RHSA-2025:18932"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3716-1 vom 2025-10-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022962.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3742-1 vom 2025-10-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022975.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3742-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/V7WMM33D7UTTQM25T2XCVZHFJKIMM3TO/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3761-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MLTPAKCOQABZPEY7O35CI42PHK5WNIUQ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3762-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/L5PU3QBFUI54V4YM7FX4AIWKDVDLIFMV/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3751-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NMB6RXALFYMRMM4UK7R54RAQRCZJEBH4/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3748-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BYXC2NBEEGHSFXWCA3DVT5LVZMZ5RRNP/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3764-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SP6KY7ONJTFGDWCHVV7CO7D4KUEJ27DA/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3755-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZFR7CE7W5U4CT7EDERPCHLWSGEIHWJLA/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3765-1 vom 2025-10-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022991.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3770-1 vom 2025-10-24",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QHIMU24TIFKTCM2IY2WS7H3JE4SF3BKG/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3768-1 vom 2025-10-24",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JX5Y5NWCULMT7SH5C6ZUDMMTVZPLLOJC/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3771-1 vom 2025-10-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022995.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3772-1 vom 2025-10-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022994.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20851-1 vom 2025-10-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023025.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20861-1 vom 2025-10-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023019.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:18318 vom 2025-10-26",
"url": "https://errata.build.resf.org/RLSA-2025:18318"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20875-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023055.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19104 vom 2025-10-27",
"url": "https://access.redhat.com/errata/RHSA-2025:19104"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20891-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023039.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20890-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023040.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20889-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023041.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20888-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023042.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20887-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023043.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20886-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023044.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20885-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023045.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20883-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023047.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20884-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023046.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20882-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023048.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20881-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023049.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20880-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023050.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20879-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023051.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20878-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023052.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20877-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023053.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20876-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023054.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20874-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023056.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20873-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023057.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20870-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023060.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19224 vom 2025-10-29",
"url": "https://access.redhat.com/errata/RHSA-2025:19224"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19223 vom 2025-10-29",
"url": "https://access.redhat.com/errata/RHSA-2025:19223"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19222 vom 2025-10-29",
"url": "https://access.redhat.com/errata/RHSA-2025:19222"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19268 vom 2025-10-29",
"url": "https://access.redhat.com/errata/RHSA-2025:19268"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20909-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023106.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20920-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023095.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20903-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023112.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20914-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023101.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20917-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023098.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20919-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023096.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-404 vom 2025-10-31",
"url": "https://www.dell.com/support/kbdoc/000385435"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20904-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023111.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20918-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023097.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20916-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023099.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20905-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023110.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20907-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023108.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20898-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023116.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20913-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023102.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20908-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023107.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20915-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023100.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20906-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023109.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20902-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023113.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20912-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023103.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19492 vom 2025-11-03",
"url": "https://access.redhat.com/errata/RHSA-2025:19492"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-390 vom 2025-11-05",
"url": "https://www.dell.com/support/kbdoc/000385230"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-25754 vom 2025-11-10",
"url": "https://linux.oracle.com/errata/ELSA-2025-25754.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21051 vom 2025-11-12",
"url": "https://access.redhat.com/errata/RHSA-2025:21051"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21082 vom 2025-11-12",
"url": "https://access.redhat.com/errata/RHSA-2025:21082"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21063 vom 2025-11-12",
"url": "https://access.redhat.com/errata/RHSA-2025:21063"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-25757 vom 2025-11-12",
"url": "https://linux.oracle.com/errata/ELSA-2025-25757.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21112 vom 2025-11-12",
"url": "https://access.redhat.com/errata/RHSA-2025:21112"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20994-1 vom 2025-11-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023276.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21128 vom 2025-11-12",
"url": "https://access.redhat.com/errata/RHSA-2025:21128"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20996-1 vom 2025-11-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023275.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7250971 vom 2025-11-12",
"url": "https://www.ibm.com/support/pages/node/7250971"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21463 vom 2025-11-17",
"url": "https://access.redhat.com/errata/RHSA-2025:21463"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21667 vom 2025-11-18",
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7879-1 vom 2025-11-21",
"url": "https://ubuntu.com/security/notices/USN-7879-1"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20518 vom 2025-11-25",
"url": "https://linux.oracle.com/errata/ELSA-2025-20518-0.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025-20081-1 vom 2025-11-26",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/J4KLZE7HUQJ2N6IQEI3G2KJZ5VB36YBI/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7879-3 vom 2025-11-26",
"url": "https://ubuntu.com/security/notices/USN-7879-3"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-21926 vom 2025-11-26",
"url": "http://linux.oracle.com/errata/ELSA-2025-21926.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-21112 vom 2025-11-27",
"url": "https://linux.oracle.com/errata/ELSA-2025-21112.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-21469 vom 2025-11-27",
"url": "https://linux.oracle.com/errata/ELSA-2025-21469.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21074-1 vom 2025-11-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023431.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-21118 vom 2025-12-04",
"url": "https://linux.oracle.com/errata/ELSA-2025-21118.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7909-1 vom 2025-12-04",
"url": "https://ubuntu.com/security/notices/USN-7909-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7909-2 vom 2025-12-04",
"url": "https://ubuntu.com/security/notices/USN-7909-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7909-3 vom 2025-12-04",
"url": "https://ubuntu.com/security/notices/USN-7909-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7910-1 vom 2025-12-04",
"url": "https://ubuntu.com/security/notices/USN-7910-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22752 vom 2025-12-04",
"url": "https://access.redhat.com/errata/RHSA-2025:22752"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-21463 vom 2025-12-05",
"url": "https://linux.oracle.com/errata/ELSA-2025-21463.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7909-4 vom 2025-12-05",
"url": "https://ubuntu.com/security/notices/USN-7909-4"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-21931 vom 2025-12-05",
"url": "https://linux.oracle.com/errata/ELSA-2025-21931.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21179-1 vom 2025-12-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023499.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21139-1 vom 2025-12-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023515.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-28049 vom 2025-12-15",
"url": "https://linux.oracle.com/errata/ELSA-2025-28049.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7938-1 vom 2025-12-16",
"url": "https://ubuntu.com/security/notices/USN-7938-1"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-21063 vom 2025-12-17",
"url": "https://linux.oracle.com/errata/ELSA-2025-21063.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4436 vom 2026-01-14",
"url": "https://lists.debian.org/debian-lts-announce/2026/01/msg00007.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0148-1 vom 2026-01-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023784.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0146-1 vom 2026-01-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023786.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0163-1 vom 2026-01-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023795.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0166-1 vom 2026-01-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023794.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0155-1 vom 2026-01-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023796.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0154-1 vom 2026-01-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023797.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0168-1 vom 2026-01-20",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DUZFNORTIL7FT4JAMWNYAWMBHYUP24BR/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0176-1 vom 2026-01-20",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PSMTB6JYSBEU2CF3OD7SW3ZIJGKEKBZA/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0174-1 vom 2026-01-20",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EYNRLMEYZG4OCUWVVR7BLL22PT3MTAV7/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0173-1 vom 2026-01-20",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/C7EZZMG5MOJB6A2OZ4KLGVN4SVE4LWEL/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0171-1 vom 2026-01-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023801.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0186-1 vom 2026-01-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023825.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0184-1 vom 2026-01-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023822.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0187-1 vom 2026-01-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023824.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0180-1 vom 2026-01-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023805.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0202-1 vom 2026-01-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023839.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0206-1 vom 2026-01-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023836.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0191-1 vom 2026-01-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023827.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0246-1 vom 2026-01-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023844.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0262-1 vom 2026-01-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AWNTVMXJYTURBPUXSIOYGW72SXW3YMXY/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0269-1 vom 2026-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023901.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0274-1 vom 2026-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023907.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0270-1 vom 2026-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023900.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0283-1 vom 2026-01-26",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RL3G7CGUCYSV3BWUFT3T7JKBIRLXKROU/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0284-1 vom 2026-01-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023910.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20164-1 vom 2026-01-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023942.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20169-1 vom 2026-01-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023938.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20149-1 vom 2026-01-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023950.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-22910 vom 2026-01-29",
"url": "https://linux.oracle.com/errata/ELSA-2025-22910.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2026-030 vom 2026-01-30",
"url": "https://www.dell.com/support/kbdoc/de-de/000421570/dsa-2026-030-security-update-for-dell-networker-vproxy-multiple-third-party-component-vulnerabilities"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-23947 vom 2026-01-30",
"url": "https://linux.oracle.com/errata/ELSA-2025-23947.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1617 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1617"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1690 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1690"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1727 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1727"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-1690 vom 2026-02-03",
"url": "http://linux.oracle.com/errata/ELSA-2026-1690.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-1617 vom 2026-02-03",
"url": "http://linux.oracle.com/errata/ELSA-2026-1617.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8013-1 vom 2026-02-04",
"url": "https://ubuntu.com/security/notices/USN-8013-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8013-2 vom 2026-02-04",
"url": "https://ubuntu.com/security/notices/USN-8013-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8016-1 vom 2026-02-04",
"url": "https://ubuntu.com/security/notices/USN-8016-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8013-3 vom 2026-02-04",
"url": "https://ubuntu.com/security/notices/USN-8013-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8015-1 vom 2026-02-04",
"url": "https://ubuntu.com/security/notices/USN-8015-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8015-2 vom 2026-02-04",
"url": "https://ubuntu.com/security/notices/USN-8015-2"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:1617 vom 2026-02-08",
"url": "https://errata.build.resf.org/RLSA-2026:1617"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:1690 vom 2026-02-08",
"url": "https://errata.build.resf.org/RLSA-2026:1690"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8015-3 vom 2026-02-06",
"url": "https://ubuntu.com/security/notices/USN-8015-3"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50095 vom 2026-02-06",
"url": "https://linux.oracle.com/errata/ELSA-2026-50095.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:2352 vom 2026-02-09",
"url": "https://access.redhat.com/errata/RHSA-2026:2352"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6126 vom 2026-02-09",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00035.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6127 vom 2026-02-10",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00036.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4476 vom 2026-02-11",
"url": "https://lists.debian.org/debian-lts-announce/2026/02/msg00017.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4475 vom 2026-02-11",
"url": "https://lists.debian.org/debian-lts-announce/2026/02/msg00016.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8013-4 vom 2026-02-11",
"url": "https://ubuntu.com/security/notices/USN-8013-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8015-4 vom 2026-02-11",
"url": "https://ubuntu.com/security/notices/USN-8015-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8028-1 vom 2026-02-11",
"url": "https://ubuntu.com/security/notices/USN-8028-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-1 vom 2026-02-12",
"url": "https://ubuntu.com/security/notices/USN-8033-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-3 vom 2026-02-12",
"url": "https://ubuntu.com/security/notices/USN-8033-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-2 vom 2026-02-12",
"url": "https://ubuntu.com/security/notices/USN-8033-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8028-2 vom 2026-02-12",
"url": "https://ubuntu.com/security/notices/USN-8028-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0474-1 vom 2026-02-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024140.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0475-1 vom 2026-02-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024139.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0473-1 vom 2026-02-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024136.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:2594 vom 2026-02-12",
"url": "https://access.redhat.com/errata/RHSA-2026:2594"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-4 vom 2026-02-13",
"url": "https://ubuntu.com/security/notices/USN-8033-4"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20331-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024164.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20256-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024221.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20250-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024232.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20254-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024229.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20276-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024205.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0496-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024158.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20255-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024228.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20273-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024210.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20316-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024178.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20272-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024212.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20265-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024218.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20249-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024227.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20266-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024217.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20275-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024206.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20259-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024216.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20252-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024225.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20251-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024231.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20257-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024226.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20332-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024163.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20274-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024208.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0495-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024159.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20271-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024207.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20258-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024219.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20248-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024230.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20310-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024183.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20260-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024215.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20377-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024315.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8028-3 vom 2026-02-17",
"url": "https://ubuntu.com/security/notices/USN-8028-3"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20400-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024292.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8028-5 vom 2026-02-17",
"url": "https://ubuntu.com/security/notices/USN-8028-5"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20397-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024295.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20398-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024294.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20387-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024305.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20388-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024304.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20389-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024303.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20390-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024302.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20391-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024301.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20392-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024300.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20395-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024297.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20393-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024299.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20394-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024298.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20386-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024306.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20396-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024296.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20378-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024314.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20379-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024313.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8028-4 vom 2026-02-17",
"url": "https://ubuntu.com/security/notices/USN-8028-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-6 vom 2026-02-17",
"url": "https://ubuntu.com/security/notices/USN-8033-6"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20380-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024312.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20381-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024311.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20385-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024307.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20376-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024316.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8034-2 vom 2026-02-17",
"url": "https://ubuntu.com/security/notices/USN-8034-2"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50113 vom 2026-02-17",
"url": "https://linux.oracle.com/errata/ELSA-2026-50113.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-5 vom 2026-02-17",
"url": "https://ubuntu.com/security/notices/USN-8033-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8031-2 vom 2026-02-18",
"url": "https://ubuntu.com/security/notices/USN-8031-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-7 vom 2026-02-19",
"url": "https://ubuntu.com/security/notices/USN-8033-7"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8031-3 vom 2026-02-19",
"url": "https://ubuntu.com/security/notices/USN-8031-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8028-6 vom 2026-02-19",
"url": "https://ubuntu.com/security/notices/USN-8028-6"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0755 vom 2026-02-18",
"url": "https://linux.oracle.com/errata/ELSA-2026-0755.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2026-113 vom 2026-02-19",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2026-113.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8052-1 vom 2026-02-19",
"url": "https://ubuntu.com/security/notices/USN-8052-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8028-7 vom 2026-02-19",
"url": "https://ubuntu.com/security/notices/USN-8028-7"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-8 vom 2026-02-19",
"url": "https://ubuntu.com/security/notices/USN-8033-8"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8015-5 vom 2026-02-20",
"url": "https://ubuntu.com/security/notices/USN-8015-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8052-2 vom 2026-02-24",
"url": "https://ubuntu.com/security/notices/USN-8052-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8028-8 vom 2026-02-24",
"url": "https://ubuntu.com/security/notices/USN-8028-8"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0617-1 vom 2026-02-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024378.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20287-1 vom 2026-02-28",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/K7KIWX7XP3UMVFSHT47OOZ24TQQYNNHI/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50133 vom 2026-03-02",
"url": "https://linux.oracle.com/errata/ELSA-2026-50133.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8074-2 vom 2026-03-04",
"url": "https://ubuntu.com/security/notices/USN-8074-2"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-1581 vom 2026-03-04",
"url": "https://linux.oracle.com/errata/ELSA-2026-1581.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8074-1 vom 2026-03-04",
"url": "https://ubuntu.com/security/notices/USN-8074-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice LSN-0118-1 vom 2026-03-04",
"url": "https://ubuntu.com/security/notices/LSN-0118-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20615-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024605.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20560-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024586.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20570-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024574.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20599-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024614.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20555-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024590.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.15-2026-098 vom 2026-03-06",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.15-2026-098.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50145 vom 2026-03-12",
"url": "https://linux.oracle.com/errata/ELSA-2026-50145.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50144 vom 2026-03-11",
"url": "https://linux.oracle.com/errata/ELSA-2026-50144.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8100-1 vom 2026-03-17",
"url": "https://ubuntu.com/security/notices/USN-8100-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8096-2 vom 2026-03-17",
"url": "https://ubuntu.com/security/notices/USN-8096-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8095-2 vom 2026-03-17",
"url": "https://ubuntu.com/security/notices/USN-8095-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8096-1 vom 2026-03-17",
"url": "https://ubuntu.com/security/notices/USN-8096-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8095-1 vom 2026-03-17",
"url": "https://ubuntu.com/security/notices/USN-8095-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8095-3 vom 2026-03-17",
"url": "https://ubuntu.com/security/notices/USN-8095-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8096-4 vom 2026-03-17",
"url": "https://ubuntu.com/security/notices/USN-8096-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8096-3 vom 2026-03-17",
"url": "https://ubuntu.com/security/notices/USN-8096-3"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.15-2026-099 vom 2026-03-19",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.15-2026-099.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2026-114 vom 2026-03-19",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2026-114.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8095-4 vom 2026-03-23",
"url": "https://ubuntu.com/security/notices/USN-8095-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8116-1 vom 2026-03-23",
"url": "https://ubuntu.com/security/notices/USN-8116-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8096-5 vom 2026-03-23",
"url": "https://ubuntu.com/security/notices/USN-8096-5"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-3685 vom 2026-03-25",
"url": "https://linux.oracle.com/errata/ELSA-2026-3685.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8125-1 vom 2026-03-25",
"url": "https://ubuntu.com/security/notices/USN-8125-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8126-1 vom 2026-03-25",
"url": "https://ubuntu.com/security/notices/USN-8126-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1131-1 vom 2026-03-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/025031.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50171 vom 2026-03-31",
"url": "https://oss.oracle.com/pipermail/el-errata/2026-March/020110.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8141-1 vom 2026-04-01",
"url": "https://ubuntu.com/security/notices/USN-8141-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8095-5 vom 2026-04-01",
"url": "https://ubuntu.com/security/notices/USN-8095-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8165-1 vom 2026-04-10",
"url": "https://ubuntu.com/security/notices/USN-8165-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8162-1 vom 2026-04-10",
"url": "https://ubuntu.com/security/notices/USN-8162-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8163-1 vom 2026-04-10",
"url": "https://ubuntu.com/security/notices/USN-8163-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8163-2 vom 2026-04-14",
"url": "https://ubuntu.com/security/notices/USN-8163-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8180-1 vom 2026-04-16",
"url": "https://ubuntu.com/security/notices/USN-8180-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8180-2 vom 2026-04-17",
"url": "https://ubuntu.com/security/notices/USN-8180-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8186-1 vom 2026-04-17",
"url": "https://ubuntu.com/security/notices/USN-8186-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8187-1 vom 2026-04-17",
"url": "https://ubuntu.com/security/notices/USN-8187-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8188-1 vom 2026-04-17",
"url": "https://ubuntu.com/security/notices/USN-8188-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8180-3 vom 2026-04-24",
"url": "https://ubuntu.com/security/notices/USN-8180-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8180-4 vom 2026-04-24",
"url": "https://ubuntu.com/security/notices/USN-8180-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8180-5 vom 2026-04-24",
"url": "https://ubuntu.com/security/notices/USN-8180-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8243-1 vom 2026-05-07",
"url": "https://ubuntu.com/security/notices/USN-8243-1"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6253 vom 2026-05-08",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00164.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8180-6 vom 2026-05-11",
"url": "https://ubuntu.com/security/notices/USN-8180-6"
},
{
"category": "external",
"summary": "Dell Security Advisory",
"url": "https://www.dell.com/support/kbdoc/en-us/000462117/dsa-2026-047-security-update-for-dell-ecs-and-objectscale-multiple-vulnerabilities-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8275-1 vom 2026-05-19",
"url": "https://ubuntu.com/security/notices/USN-8275-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8278-1 vom 2026-05-20",
"url": "https://ubuntu.com/security/notices/USN-8278-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8289-1 vom 2026-05-21",
"url": "https://ubuntu.com/security/notices/USN-8289-1"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-20T22:00:00.000+00:00",
"generator": {
"date": "2026-05-21T07:56:51.472+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2025-1869",
"initial_release_date": "2025-08-19T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-08-19T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-08-20T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2025-25367"
},
{
"date": "2025-09-10T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-14T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-16T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-09-18T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-21T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-22T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE, Red Hat und Debian aufgenommen"
},
{
"date": "2025-09-23T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
},
{
"date": "2025-09-24T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-25T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-09-28T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-29T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-10-12T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-10-13T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-10-14T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-10-15T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-16T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-19T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von SUSE, Red Hat und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-10-20T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-10-21T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-10-22T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-23T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-26T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von SUSE und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-10-27T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2025-10-28T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-10-29T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-10-30T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von SUSE und Dell aufgenommen"
},
{
"date": "2025-11-03T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-04T23:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-11-10T23:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-11-11T23:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-12T23:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Red Hat, SUSE und IBM aufgenommen"
},
{
"date": "2025-11-16T23:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-17T23:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-23T23:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-11-24T23:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-11-25T23:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von openSUSE und Ubuntu aufgenommen"
},
{
"date": "2025-11-26T23:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-11-30T23:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-12-03T23:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-12-04T23:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2025-12-07T23:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-12-10T23:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-12-14T23:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-12-15T23:00:00.000+00:00",
"number": "46",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-12-16T23:00:00.000+00:00",
"number": "47",
"summary": "Neue Updates von Ubuntu und Oracle Linux aufgenommen"
},
{
"date": "2026-01-14T23:00:00.000+00:00",
"number": "48",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2026-01-18T23:00:00.000+00:00",
"number": "49",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-19T23:00:00.000+00:00",
"number": "50",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "51",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-21T23:00:00.000+00:00",
"number": "52",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-22T23:00:00.000+00:00",
"number": "53",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-25T23:00:00.000+00:00",
"number": "54",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-28T23:00:00.000+00:00",
"number": "55",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-29T23:00:00.000+00:00",
"number": "56",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-02-01T23:00:00.000+00:00",
"number": "57",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2026-02-02T23:00:00.000+00:00",
"number": "58",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-03T23:00:00.000+00:00",
"number": "59",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-02-04T23:00:00.000+00:00",
"number": "60",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-02-08T23:00:00.000+00:00",
"number": "61",
"summary": "Neue Updates von Rocky Enterprise Software Foundation, Ubuntu und Oracle Linux aufgenommen"
},
{
"date": "2026-02-09T23:00:00.000+00:00",
"number": "62",
"summary": "Neue Updates von Red Hat und Debian aufgenommen"
},
{
"date": "2026-02-11T23:00:00.000+00:00",
"number": "63",
"summary": "Neue Updates von Debian und Ubuntu aufgenommen"
},
{
"date": "2026-02-12T23:00:00.000+00:00",
"number": "64",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2026-02-15T23:00:00.000+00:00",
"number": "65",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-17T23:00:00.000+00:00",
"number": "66",
"summary": "Neue Updates von SUSE, Ubuntu und Oracle Linux aufgenommen"
},
{
"date": "2026-02-18T23:00:00.000+00:00",
"number": "67",
"summary": "Neue Updates von Ubuntu, Oracle Linux und Amazon aufgenommen"
},
{
"date": "2026-02-19T23:00:00.000+00:00",
"number": "68",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-02-22T23:00:00.000+00:00",
"number": "69",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-02-24T23:00:00.000+00:00",
"number": "70",
"summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
},
{
"date": "2026-03-01T23:00:00.000+00:00",
"number": "71",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-03-02T23:00:00.000+00:00",
"number": "72",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-03-04T23:00:00.000+00:00",
"number": "73",
"summary": "Neue Updates von Ubuntu und Oracle Linux aufgenommen"
},
{
"date": "2026-03-05T23:00:00.000+00:00",
"number": "74",
"summary": "Neue Updates von SUSE und Amazon aufgenommen"
},
{
"date": "2026-03-11T23:00:00.000+00:00",
"number": "75",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-03-16T23:00:00.000+00:00",
"number": "76",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-03-17T23:00:00.000+00:00",
"number": "77",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-03-19T23:00:00.000+00:00",
"number": "78",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2026-03-23T23:00:00.000+00:00",
"number": "79",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-03-24T23:00:00.000+00:00",
"number": "80",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-03-25T23:00:00.000+00:00",
"number": "81",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-03-29T22:00:00.000+00:00",
"number": "82",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-31T22:00:00.000+00:00",
"number": "83",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-04-01T22:00:00.000+00:00",
"number": "84",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-04-09T22:00:00.000+00:00",
"number": "85",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-04-13T22:00:00.000+00:00",
"number": "86",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-04-16T22:00:00.000+00:00",
"number": "87",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-04-23T22:00:00.000+00:00",
"number": "88",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-05-06T22:00:00.000+00:00",
"number": "89",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-05-10T22:00:00.000+00:00",
"number": "90",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2026-05-11T22:00:00.000+00:00",
"number": "91",
"summary": "Neue Updates von Ubuntu und Dell aufgenommen"
},
{
"date": "2026-05-18T22:00:00.000+00:00",
"number": "92",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-05-19T22:00:00.000+00:00",
"number": "93",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-05-20T22:00:00.000+00:00",
"number": "94",
"summary": "Neue Updates von Ubuntu aufgenommen"
}
],
"status": "final",
"version": "94"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Dell Avamar",
"product": {
"name": "Dell Avamar",
"product_id": "T039664",
"product_identification_helper": {
"cpe": "cpe:/a:dell:avamar:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "3.8.1.0-3.8.1.7",
"product": {
"name": "Dell ECS 3.8.1.0-3.8.1.7",
"product_id": "T053778",
"product_identification_helper": {
"cpe": "cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7"
}
}
}
],
"category": "product_name",
"name": "ECS"
},
{
"branches": [
{
"category": "product_version",
"name": "Virtual Edition",
"product": {
"name": "Dell NetWorker Virtual Edition",
"product_id": "T048226",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:virtual_edition"
}
}
},
{
"category": "product_version_range",
"name": "vProxy \u003c19.14",
"product": {
"name": "Dell NetWorker vProxy \u003c19.14",
"product_id": "T050451"
}
},
{
"category": "product_version",
"name": "vProxy 19.14",
"product": {
"name": "Dell NetWorker vProxy 19.14",
"product_id": "T050451-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:vproxy__19.14"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Appliance \u003c5.32.00.18",
"product": {
"name": "Dell Secure Connect Gateway Appliance \u003c5.32.00.18",
"product_id": "T048301"
}
},
{
"category": "product_version",
"name": "Appliance 5.32.00.18",
"product": {
"name": "Dell Secure Connect Gateway Appliance 5.32.00.18",
"product_id": "T048301-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:secure_connect_gateway:appliance__5.32.00.18"
}
}
}
],
"category": "product_name",
"name": "Secure Connect Gateway"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP14 IF01",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP14 IF01",
"product_id": "T048556"
}
},
{
"category": "product_version",
"name": "7.5.0 UP14 IF01",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP14 IF01",
"product_id": "T048556-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up14_if01"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T046361",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-38554",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38554"
},
{
"cve": "CVE-2025-38555",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38555"
},
{
"cve": "CVE-2025-38556",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38556"
},
{
"cve": "CVE-2025-38557",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38557"
},
{
"cve": "CVE-2025-38558",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38558"
},
{
"cve": "CVE-2025-38559",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38559"
},
{
"cve": "CVE-2025-38560",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38560"
},
{
"cve": "CVE-2025-38561",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38561"
},
{
"cve": "CVE-2025-38562",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38562"
},
{
"cve": "CVE-2025-38563",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38563"
},
{
"cve": "CVE-2025-38564",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38564"
},
{
"cve": "CVE-2025-38565",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38565"
},
{
"cve": "CVE-2025-38566",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38566"
},
{
"cve": "CVE-2025-38567",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38567"
},
{
"cve": "CVE-2025-38568",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38568"
},
{
"cve": "CVE-2025-38569",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38569"
},
{
"cve": "CVE-2025-38570",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38570"
},
{
"cve": "CVE-2025-38571",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38571"
},
{
"cve": "CVE-2025-38572",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38573",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38573"
},
{
"cve": "CVE-2025-38574",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38574"
},
{
"cve": "CVE-2025-38576",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38576"
},
{
"cve": "CVE-2025-38577",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38577"
},
{
"cve": "CVE-2025-38578",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38578"
},
{
"cve": "CVE-2025-38579",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38579"
},
{
"cve": "CVE-2025-38580",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38580"
},
{
"cve": "CVE-2025-38581",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38581"
},
{
"cve": "CVE-2025-38582",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38582"
},
{
"cve": "CVE-2025-38583",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38583"
},
{
"cve": "CVE-2025-38584",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38584"
},
{
"cve": "CVE-2025-38585",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38585"
},
{
"cve": "CVE-2025-38586",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38586"
},
{
"cve": "CVE-2025-38587",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38587"
},
{
"cve": "CVE-2025-38588",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38589",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38589"
},
{
"cve": "CVE-2025-38590",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38590"
},
{
"cve": "CVE-2025-38591",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38591"
},
{
"cve": "CVE-2025-38592",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38592"
},
{
"cve": "CVE-2025-38593",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38593"
},
{
"cve": "CVE-2025-38594",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38594"
},
{
"cve": "CVE-2025-38595",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38595"
},
{
"cve": "CVE-2025-38596",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38596"
},
{
"cve": "CVE-2025-38597",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38597"
},
{
"cve": "CVE-2025-38598",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38598"
},
{
"cve": "CVE-2025-38599",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38599"
},
{
"cve": "CVE-2025-38600",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38600"
},
{
"cve": "CVE-2025-38601",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38601"
},
{
"cve": "CVE-2025-38602",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38602"
},
{
"cve": "CVE-2025-38603",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38603"
},
{
"cve": "CVE-2025-38604",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38604"
},
{
"cve": "CVE-2025-38605",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38605"
},
{
"cve": "CVE-2025-38606",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38606"
},
{
"cve": "CVE-2025-38607",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38607"
},
{
"cve": "CVE-2025-38608",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-38609",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38609"
},
{
"cve": "CVE-2025-38610",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38610"
},
{
"cve": "CVE-2025-38611",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38611"
},
{
"cve": "CVE-2025-38612",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38612"
},
{
"cve": "CVE-2025-38613",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38613"
},
{
"cve": "CVE-2025-38614",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38614"
},
{
"cve": "CVE-2025-38615",
"product_status": {
"known_affected": [
"67646",
"T053778",
"T004914",
"T050451",
"T032255",
"T039664",
"2951",
"T002207",
"T000126",
"T027843",
"398363",
"T046361",
"T048226",
"T048556",
"T048301"
]
},
"release_date": "2025-08-19T22:00:00.000+00:00",
"title": "CVE-2025-38615"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…