Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-40186 (GCVE-0-2025-40186)
Vulnerability from cvelistv5 – Published: 2025-11-12 21:56 – Updated: 2026-05-23 16:01
VLAI
EPSS
Title
tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request().
Summary
In the Linux kernel, the following vulnerability has been resolved:
tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request().
syzbot reported the splat below in tcp_conn_request(). [0]
If a listener is close()d while a TFO socket is being processed in
tcp_conn_request(), inet_csk_reqsk_queue_add() does not set reqsk->sk
and calls inet_child_forget(), which calls tcp_disconnect() for the
TFO socket.
After the cited commit, tcp_disconnect() calls reqsk_fastopen_remove(),
where reqsk_put() is called due to !reqsk->sk.
Then, reqsk_fastopen_remove() in tcp_conn_request() decrements the
last req->rsk_refcnt and frees reqsk, and __reqsk_free() at the
drop_and_free label causes the refcount underflow for the listener
and double-free of the reqsk.
Let's remove reqsk_fastopen_remove() in tcp_conn_request().
Note that other callers make sure tp->fastopen_rsk is not NULL.
[0]:
refcount_t: underflow; use-after-free.
WARNING: CPU: 12 PID: 5563 at lib/refcount.c:28 refcount_warn_saturate (lib/refcount.c:28)
Modules linked in:
CPU: 12 UID: 0 PID: 5563 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
RIP: 0010:refcount_warn_saturate (lib/refcount.c:28)
Code: ab e8 8e b4 98 ff 0f 0b c3 cc cc cc cc cc 80 3d a4 e4 d6 01 00 75 9c c6 05 9b e4 d6 01 01 48 c7 c7 e8 df fb ab e8 6a b4 98 ff <0f> 0b e9 03 5b 76 00 cc 80 3d 7d e4 d6 01 00 0f 85 74 ff ff ff c6
RSP: 0018:ffffa79fc0304a98 EFLAGS: 00010246
RAX: d83af4db1c6b3900 RBX: ffff9f65c7a69020 RCX: d83af4db1c6b3900
RDX: 0000000000000000 RSI: 00000000ffff7fff RDI: ffffffffac78a280
RBP: 000000009d781b60 R08: 0000000000007fff R09: ffffffffac6ca280
R10: 0000000000017ffd R11: 0000000000000004 R12: ffff9f65c7b4f100
R13: ffff9f65c7d23c00 R14: ffff9f65c7d26000 R15: ffff9f65c7a64ef8
FS: 00007f9f962176c0(0000) GS:ffff9f65fcf00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000200000000180 CR3: 000000000dbbe006 CR4: 0000000000372ef0
Call Trace:
<IRQ>
tcp_conn_request (./include/linux/refcount.h:400 ./include/linux/refcount.h:432 ./include/linux/refcount.h:450 ./include/net/sock.h:1965 ./include/net/request_sock.h:131 net/ipv4/tcp_input.c:7301)
tcp_rcv_state_process (net/ipv4/tcp_input.c:6708)
tcp_v6_do_rcv (net/ipv6/tcp_ipv6.c:1670)
tcp_v6_rcv (net/ipv6/tcp_ipv6.c:1906)
ip6_protocol_deliver_rcu (net/ipv6/ip6_input.c:438)
ip6_input (net/ipv6/ip6_input.c:500)
ipv6_rcv (net/ipv6/ip6_input.c:311)
__netif_receive_skb (net/core/dev.c:6104)
process_backlog (net/core/dev.c:6456)
__napi_poll (net/core/dev.c:7506)
net_rx_action (net/core/dev.c:7569 net/core/dev.c:7696)
handle_softirqs (kernel/softirq.c:579)
do_softirq (kernel/softirq.c:480)
</IRQ>
Severity
No CVSS data available.
Assigner
References
8 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
7ec092a91ff351dcde89c23e795b73a328274db6 , < e359b742eac1eac75cff4e38ee2e8cea492acd9b
(git)
Affected: a4378dedd6e07e62f2fccb17d78c9665718763d0 , < ff6a8883f96a5bc74241ce5b3d431a6dcfa2124d (git) Affected: 33a4fdf0b4a25f8ce65380c3b0136b407ca57609 , < eb85ad5f23268d64b037bfb545cbcba3752f90c7 (git) Affected: 17d699727577814198d744d6afe54735c6b54c99 , < 643a94b0cf767325e953591c212be2eb826b9d7f (git) Affected: dfd06131107e7b699ef1e2a24ed2f7d17c917753 , < 422c1c173c39bbbae1e0eaaf8aefe40b2596233b (git) Affected: fa4749c065644af4db496b338452a69a3e5147d9 , < c11ace909e873118295e9eb22dc8c58b0b50eb32 (git) Affected: 45c8a6cc2bcd780e634a6ba8e46bffbdf1fc5c01 , < 64dc47a13aa3d9daf7cec29b44dca8e22a6aea15 (git) Affected: 45c8a6cc2bcd780e634a6ba8e46bffbdf1fc5c01 , < 2e7cbbbe3d61c63606994b7ff73c72537afe2e1c (git) Affected: ae313d14b45eca7a6bb29cb9bf396d977e7d28fb (git) Affected: 5.4.300 , < 5.4.301 (semver) Affected: 5.10.245 , < 5.10.246 (semver) Affected: 5.15.194 , < 5.15.195 (semver) Affected: 6.1.154 , < 6.1.157 (semver) Affected: 6.6.108 , < 6.6.113 (semver) Affected: 6.12.49 , < 6.12.54 (semver) Affected: 6.16.9 , < 6.17 (semver) |
|
| Linux | Linux |
Affected:
6.17
Unaffected: 0 , < 6.17 (semver) Unaffected: 5.4.301 , ≤ 5.4.* (semver) Unaffected: 5.10.246 , ≤ 5.10.* (semver) Unaffected: 5.15.195 , ≤ 5.15.* (semver) Unaffected: 6.1.157 , ≤ 6.1.* (semver) Unaffected: 6.6.113 , ≤ 6.6.* (semver) Unaffected: 6.12.54 , ≤ 6.12.* (semver) Unaffected: 6.17.4 , ≤ 6.17.* (semver) Unaffected: 6.18 , ≤ * (original_commit_for_fix) |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/ipv4/tcp_input.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e359b742eac1eac75cff4e38ee2e8cea492acd9b",
"status": "affected",
"version": "7ec092a91ff351dcde89c23e795b73a328274db6",
"versionType": "git"
},
{
"lessThan": "ff6a8883f96a5bc74241ce5b3d431a6dcfa2124d",
"status": "affected",
"version": "a4378dedd6e07e62f2fccb17d78c9665718763d0",
"versionType": "git"
},
{
"lessThan": "eb85ad5f23268d64b037bfb545cbcba3752f90c7",
"status": "affected",
"version": "33a4fdf0b4a25f8ce65380c3b0136b407ca57609",
"versionType": "git"
},
{
"lessThan": "643a94b0cf767325e953591c212be2eb826b9d7f",
"status": "affected",
"version": "17d699727577814198d744d6afe54735c6b54c99",
"versionType": "git"
},
{
"lessThan": "422c1c173c39bbbae1e0eaaf8aefe40b2596233b",
"status": "affected",
"version": "dfd06131107e7b699ef1e2a24ed2f7d17c917753",
"versionType": "git"
},
{
"lessThan": "c11ace909e873118295e9eb22dc8c58b0b50eb32",
"status": "affected",
"version": "fa4749c065644af4db496b338452a69a3e5147d9",
"versionType": "git"
},
{
"lessThan": "64dc47a13aa3d9daf7cec29b44dca8e22a6aea15",
"status": "affected",
"version": "45c8a6cc2bcd780e634a6ba8e46bffbdf1fc5c01",
"versionType": "git"
},
{
"lessThan": "2e7cbbbe3d61c63606994b7ff73c72537afe2e1c",
"status": "affected",
"version": "45c8a6cc2bcd780e634a6ba8e46bffbdf1fc5c01",
"versionType": "git"
},
{
"status": "affected",
"version": "ae313d14b45eca7a6bb29cb9bf396d977e7d28fb",
"versionType": "git"
},
{
"lessThan": "5.4.301",
"status": "affected",
"version": "5.4.300",
"versionType": "semver"
},
{
"lessThan": "5.10.246",
"status": "affected",
"version": "5.10.245",
"versionType": "semver"
},
{
"lessThan": "5.15.195",
"status": "affected",
"version": "5.15.194",
"versionType": "semver"
},
{
"lessThan": "6.1.157",
"status": "affected",
"version": "6.1.154",
"versionType": "semver"
},
{
"lessThan": "6.6.113",
"status": "affected",
"version": "6.6.108",
"versionType": "semver"
},
{
"lessThan": "6.12.54",
"status": "affected",
"version": "6.12.49",
"versionType": "semver"
},
{
"lessThan": "6.17",
"status": "affected",
"version": "6.16.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/ipv4/tcp_input.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.17"
},
{
"lessThan": "6.17",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.301",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.246",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.195",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.157",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.113",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.54",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.17.*",
"status": "unaffected",
"version": "6.17.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.18",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.301",
"versionStartIncluding": "5.4.300",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.246",
"versionStartIncluding": "5.10.245",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.195",
"versionStartIncluding": "5.15.194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.157",
"versionStartIncluding": "6.1.154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.113",
"versionStartIncluding": "6.6.108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.54",
"versionStartIncluding": "6.12.49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.17.4",
"versionStartIncluding": "6.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.18",
"versionStartIncluding": "6.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.16.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request().\n\nsyzbot reported the splat below in tcp_conn_request(). [0]\n\nIf a listener is close()d while a TFO socket is being processed in\ntcp_conn_request(), inet_csk_reqsk_queue_add() does not set reqsk-\u003esk\nand calls inet_child_forget(), which calls tcp_disconnect() for the\nTFO socket.\n\nAfter the cited commit, tcp_disconnect() calls reqsk_fastopen_remove(),\nwhere reqsk_put() is called due to !reqsk-\u003esk.\n\nThen, reqsk_fastopen_remove() in tcp_conn_request() decrements the\nlast req-\u003ersk_refcnt and frees reqsk, and __reqsk_free() at the\ndrop_and_free label causes the refcount underflow for the listener\nand double-free of the reqsk.\n\nLet\u0027s remove reqsk_fastopen_remove() in tcp_conn_request().\n\nNote that other callers make sure tp-\u003efastopen_rsk is not NULL.\n\n[0]:\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 12 PID: 5563 at lib/refcount.c:28 refcount_warn_saturate (lib/refcount.c:28)\nModules linked in:\nCPU: 12 UID: 0 PID: 5563 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\nRIP: 0010:refcount_warn_saturate (lib/refcount.c:28)\nCode: ab e8 8e b4 98 ff 0f 0b c3 cc cc cc cc cc 80 3d a4 e4 d6 01 00 75 9c c6 05 9b e4 d6 01 01 48 c7 c7 e8 df fb ab e8 6a b4 98 ff \u003c0f\u003e 0b e9 03 5b 76 00 cc 80 3d 7d e4 d6 01 00 0f 85 74 ff ff ff c6\nRSP: 0018:ffffa79fc0304a98 EFLAGS: 00010246\nRAX: d83af4db1c6b3900 RBX: ffff9f65c7a69020 RCX: d83af4db1c6b3900\nRDX: 0000000000000000 RSI: 00000000ffff7fff RDI: ffffffffac78a280\nRBP: 000000009d781b60 R08: 0000000000007fff R09: ffffffffac6ca280\nR10: 0000000000017ffd R11: 0000000000000004 R12: ffff9f65c7b4f100\nR13: ffff9f65c7d23c00 R14: ffff9f65c7d26000 R15: ffff9f65c7a64ef8\nFS: 00007f9f962176c0(0000) GS:ffff9f65fcf00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000200000000180 CR3: 000000000dbbe006 CR4: 0000000000372ef0\nCall Trace:\n \u003cIRQ\u003e\n tcp_conn_request (./include/linux/refcount.h:400 ./include/linux/refcount.h:432 ./include/linux/refcount.h:450 ./include/net/sock.h:1965 ./include/net/request_sock.h:131 net/ipv4/tcp_input.c:7301)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6708)\n tcp_v6_do_rcv (net/ipv6/tcp_ipv6.c:1670)\n tcp_v6_rcv (net/ipv6/tcp_ipv6.c:1906)\n ip6_protocol_deliver_rcu (net/ipv6/ip6_input.c:438)\n ip6_input (net/ipv6/ip6_input.c:500)\n ipv6_rcv (net/ipv6/ip6_input.c:311)\n __netif_receive_skb (net/core/dev.c:6104)\n process_backlog (net/core/dev.c:6456)\n __napi_poll (net/core/dev.c:7506)\n net_rx_action (net/core/dev.c:7569 net/core/dev.c:7696)\n handle_softirqs (kernel/softirq.c:579)\n do_softirq (kernel/softirq.c:480)\n \u003c/IRQ\u003e"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-23T16:01:35.184Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e359b742eac1eac75cff4e38ee2e8cea492acd9b"
},
{
"url": "https://git.kernel.org/stable/c/ff6a8883f96a5bc74241ce5b3d431a6dcfa2124d"
},
{
"url": "https://git.kernel.org/stable/c/eb85ad5f23268d64b037bfb545cbcba3752f90c7"
},
{
"url": "https://git.kernel.org/stable/c/643a94b0cf767325e953591c212be2eb826b9d7f"
},
{
"url": "https://git.kernel.org/stable/c/422c1c173c39bbbae1e0eaaf8aefe40b2596233b"
},
{
"url": "https://git.kernel.org/stable/c/c11ace909e873118295e9eb22dc8c58b0b50eb32"
},
{
"url": "https://git.kernel.org/stable/c/64dc47a13aa3d9daf7cec29b44dca8e22a6aea15"
},
{
"url": "https://git.kernel.org/stable/c/2e7cbbbe3d61c63606994b7ff73c72537afe2e1c"
}
],
"title": "tcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request().",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-40186",
"datePublished": "2025-11-12T21:56:29.033Z",
"dateReserved": "2025-04-16T07:20:57.177Z",
"dateUpdated": "2026-05-23T16:01:35.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-40186",
"date": "2026-06-07",
"epss": "0.00058",
"percentile": "0.1844"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-40186\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-11-12T22:15:45.443\",\"lastModified\":\"2025-11-14T16:42:30.503\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ntcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request().\\n\\nsyzbot reported the splat below in tcp_conn_request(). [0]\\n\\nIf a listener is close()d while a TFO socket is being processed in\\ntcp_conn_request(), inet_csk_reqsk_queue_add() does not set reqsk-\u003esk\\nand calls inet_child_forget(), which calls tcp_disconnect() for the\\nTFO socket.\\n\\nAfter the cited commit, tcp_disconnect() calls reqsk_fastopen_remove(),\\nwhere reqsk_put() is called due to !reqsk-\u003esk.\\n\\nThen, reqsk_fastopen_remove() in tcp_conn_request() decrements the\\nlast req-\u003ersk_refcnt and frees reqsk, and __reqsk_free() at the\\ndrop_and_free label causes the refcount underflow for the listener\\nand double-free of the reqsk.\\n\\nLet\u0027s remove reqsk_fastopen_remove() in tcp_conn_request().\\n\\nNote that other callers make sure tp-\u003efastopen_rsk is not NULL.\\n\\n[0]:\\nrefcount_t: underflow; use-after-free.\\nWARNING: CPU: 12 PID: 5563 at lib/refcount.c:28 refcount_warn_saturate (lib/refcount.c:28)\\nModules linked in:\\nCPU: 12 UID: 0 PID: 5563 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)\\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\\nRIP: 0010:refcount_warn_saturate (lib/refcount.c:28)\\nCode: ab e8 8e b4 98 ff 0f 0b c3 cc cc cc cc cc 80 3d a4 e4 d6 01 00 75 9c c6 05 9b e4 d6 01 01 48 c7 c7 e8 df fb ab e8 6a b4 98 ff \u003c0f\u003e 0b e9 03 5b 76 00 cc 80 3d 7d e4 d6 01 00 0f 85 74 ff ff ff c6\\nRSP: 0018:ffffa79fc0304a98 EFLAGS: 00010246\\nRAX: d83af4db1c6b3900 RBX: ffff9f65c7a69020 RCX: d83af4db1c6b3900\\nRDX: 0000000000000000 RSI: 00000000ffff7fff RDI: ffffffffac78a280\\nRBP: 000000009d781b60 R08: 0000000000007fff R09: ffffffffac6ca280\\nR10: 0000000000017ffd R11: 0000000000000004 R12: ffff9f65c7b4f100\\nR13: ffff9f65c7d23c00 R14: ffff9f65c7d26000 R15: ffff9f65c7a64ef8\\nFS: 00007f9f962176c0(0000) GS:ffff9f65fcf00000(0000) knlGS:0000000000000000\\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\nCR2: 0000200000000180 CR3: 000000000dbbe006 CR4: 0000000000372ef0\\nCall Trace:\\n \u003cIRQ\u003e\\n tcp_conn_request (./include/linux/refcount.h:400 ./include/linux/refcount.h:432 ./include/linux/refcount.h:450 ./include/net/sock.h:1965 ./include/net/request_sock.h:131 net/ipv4/tcp_input.c:7301)\\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6708)\\n tcp_v6_do_rcv (net/ipv6/tcp_ipv6.c:1670)\\n tcp_v6_rcv (net/ipv6/tcp_ipv6.c:1906)\\n ip6_protocol_deliver_rcu (net/ipv6/ip6_input.c:438)\\n ip6_input (net/ipv6/ip6_input.c:500)\\n ipv6_rcv (net/ipv6/ip6_input.c:311)\\n __netif_receive_skb (net/core/dev.c:6104)\\n process_backlog (net/core/dev.c:6456)\\n __napi_poll (net/core/dev.c:7506)\\n net_rx_action (net/core/dev.c:7569 net/core/dev.c:7696)\\n handle_softirqs (kernel/softirq.c:579)\\n do_softirq (kernel/softirq.c:480)\\n \u003c/IRQ\u003e\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/2e7cbbbe3d61c63606994b7ff73c72537afe2e1c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/422c1c173c39bbbae1e0eaaf8aefe40b2596233b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/643a94b0cf767325e953591c212be2eb826b9d7f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/64dc47a13aa3d9daf7cec29b44dca8e22a6aea15\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c11ace909e873118295e9eb22dc8c58b0b50eb32\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/e359b742eac1eac75cff4e38ee2e8cea492acd9b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/eb85ad5f23268d64b037bfb545cbcba3752f90c7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/ff6a8883f96a5bc74241ce5b3d431a6dcfa2124d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
SUSE-SU-2026:20517-1
Vulnerability from csaf_suse - Published: 2026-02-19 09:19 - Updated: 2026-02-19 09:19Summary
Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 6.4.0-32.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
Patchnames: SUSE-SLE-Micro-6.1-kernel-268
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-6-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-6-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-6-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
21 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 6.4.0-32.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).\n- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).\n- CVE-2025-40186: tcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-268",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20517-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20517-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620517-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20517-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024458.html"
},
{
"category": "self",
"summary": "SUSE Bug 1249480",
"url": "https://bugzilla.suse.com/1249480"
},
{
"category": "self",
"summary": "SUSE Bug 1253439",
"url": "https://bugzilla.suse.com/1253439"
},
{
"category": "self",
"summary": "SUSE Bug 1253473",
"url": "https://bugzilla.suse.com/1253473"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40129 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40186 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40186/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)",
"tracking": {
"current_release_date": "2026-02-19T09:19:41Z",
"generator": {
"date": "2026-02-19T09:19:41Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20517-1",
"initial_release_date": "2026-02-19T09:19:41Z",
"revision_history": [
{
"date": "2026-02-19T09:19:41Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-35-rt-6-1.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-35-rt-6-1.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-35-rt-6-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-35-rt-6-1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-6-1.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-35-rt-6-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-39742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()\n\nThe function divides number of online CPUs by num_core_siblings, and\nlater checks the divider by zero. This implies a possibility to get\nand divide-by-zero runtime error. Fix it by moving the check prior to\ndivision. This also helps to save one indentation level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39742",
"url": "https://www.suse.com/security/cve/CVE-2025-39742"
},
{
"category": "external",
"summary": "SUSE Bug 1247374 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1247374"
},
{
"category": "external",
"summary": "SUSE Bug 1249479 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1249479"
},
{
"category": "external",
"summary": "SUSE Bug 1249480 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1249480"
},
{
"category": "external",
"summary": "SUSE Bug 1253291 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1253291"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-19T09:19:41Z",
"details": "important"
}
],
"title": "CVE-2025-39742"
},
{
"cve": "CVE-2025-40129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40129"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix null pointer dereference on zero-length checksum\n\nIn xdr_stream_decode_opaque_auth(), zero-length checksum.len causes\nchecksum.data to be set to NULL. This triggers a NPD when accessing\nchecksum.data in gss_krb5_verify_mic_v2(). This patch ensures that\nthe value of checksum.len is not less than XDR_UNIT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40129",
"url": "https://www.suse.com/security/cve/CVE-2025-40129"
},
{
"category": "external",
"summary": "SUSE Bug 1253472 for CVE-2025-40129",
"url": "https://bugzilla.suse.com/1253472"
},
{
"category": "external",
"summary": "SUSE Bug 1253473 for CVE-2025-40129",
"url": "https://bugzilla.suse.com/1253473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-19T09:19:41Z",
"details": "important"
}
],
"title": "CVE-2025-40129"
},
{
"cve": "CVE-2025-40186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40186"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request().\n\nsyzbot reported the splat below in tcp_conn_request(). [0]\n\nIf a listener is close()d while a TFO socket is being processed in\ntcp_conn_request(), inet_csk_reqsk_queue_add() does not set reqsk-\u003esk\nand calls inet_child_forget(), which calls tcp_disconnect() for the\nTFO socket.\n\nAfter the cited commit, tcp_disconnect() calls reqsk_fastopen_remove(),\nwhere reqsk_put() is called due to !reqsk-\u003esk.\n\nThen, reqsk_fastopen_remove() in tcp_conn_request() decrements the\nlast req-\u003ersk_refcnt and frees reqsk, and __reqsk_free() at the\ndrop_and_free label causes the refcount underflow for the listener\nand double-free of the reqsk.\n\nLet\u0027s remove reqsk_fastopen_remove() in tcp_conn_request().\n\nNote that other callers make sure tp-\u003efastopen_rsk is not NULL.\n\n[0]:\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 12 PID: 5563 at lib/refcount.c:28 refcount_warn_saturate (lib/refcount.c:28)\nModules linked in:\nCPU: 12 UID: 0 PID: 5563 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\nRIP: 0010:refcount_warn_saturate (lib/refcount.c:28)\nCode: ab e8 8e b4 98 ff 0f 0b c3 cc cc cc cc cc 80 3d a4 e4 d6 01 00 75 9c c6 05 9b e4 d6 01 01 48 c7 c7 e8 df fb ab e8 6a b4 98 ff \u003c0f\u003e 0b e9 03 5b 76 00 cc 80 3d 7d e4 d6 01 00 0f 85 74 ff ff ff c6\nRSP: 0018:ffffa79fc0304a98 EFLAGS: 00010246\nRAX: d83af4db1c6b3900 RBX: ffff9f65c7a69020 RCX: d83af4db1c6b3900\nRDX: 0000000000000000 RSI: 00000000ffff7fff RDI: ffffffffac78a280\nRBP: 000000009d781b60 R08: 0000000000007fff R09: ffffffffac6ca280\nR10: 0000000000017ffd R11: 0000000000000004 R12: ffff9f65c7b4f100\nR13: ffff9f65c7d23c00 R14: ffff9f65c7d26000 R15: ffff9f65c7a64ef8\nFS: 00007f9f962176c0(0000) GS:ffff9f65fcf00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000200000000180 CR3: 000000000dbbe006 CR4: 0000000000372ef0\nCall Trace:\n \u003cIRQ\u003e\n tcp_conn_request (./include/linux/refcount.h:400 ./include/linux/refcount.h:432 ./include/linux/refcount.h:450 ./include/net/sock.h:1965 ./include/net/request_sock.h:131 net/ipv4/tcp_input.c:7301)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6708)\n tcp_v6_do_rcv (net/ipv6/tcp_ipv6.c:1670)\n tcp_v6_rcv (net/ipv6/tcp_ipv6.c:1906)\n ip6_protocol_deliver_rcu (net/ipv6/ip6_input.c:438)\n ip6_input (net/ipv6/ip6_input.c:500)\n ipv6_rcv (net/ipv6/ip6_input.c:311)\n __netif_receive_skb (net/core/dev.c:6104)\n process_backlog (net/core/dev.c:6456)\n __napi_poll (net/core/dev.c:7506)\n net_rx_action (net/core/dev.c:7569 net/core/dev.c:7696)\n handle_softirqs (kernel/softirq.c:579)\n do_softirq (kernel/softirq.c:480)\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40186",
"url": "https://www.suse.com/security/cve/CVE-2025-40186"
},
{
"category": "external",
"summary": "SUSE Bug 1253438 for CVE-2025-40186",
"url": "https://bugzilla.suse.com/1253438"
},
{
"category": "external",
"summary": "SUSE Bug 1253439 for CVE-2025-40186",
"url": "https://bugzilla.suse.com/1253439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-35-rt-6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-19T09:19:41Z",
"details": "important"
}
],
"title": "CVE-2025-40186"
}
]
}
SUSE-SU-2026:20518-1
Vulnerability from csaf_suse - Published: 2026-02-19 09:19 - Updated: 2026-02-19 09:19Summary
Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 6.4.0-36.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
Patchnames: SUSE-SLE-Micro-6.1-kernel-269
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-36-rt-5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-36-rt-5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 6.4.0-36.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).\n- CVE-2025-40186: tcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-269",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20518-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20518-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620518-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20518-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024457.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253439",
"url": "https://bugzilla.suse.com/1253439"
},
{
"category": "self",
"summary": "SUSE Bug 1253473",
"url": "https://bugzilla.suse.com/1253473"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40129 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40186 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40186/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)",
"tracking": {
"current_release_date": "2026-02-19T09:19:41Z",
"generator": {
"date": "2026-02-19T09:19:41Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20518-1",
"initial_release_date": "2026-02-19T09:19:41Z",
"revision_history": [
{
"date": "2026-02-19T09:19:41Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-36-rt-5-1.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-36-rt-5-1.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-36-rt-5-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-36-rt-5-1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-36-rt-5-1.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-36-rt-5-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-40129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40129"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix null pointer dereference on zero-length checksum\n\nIn xdr_stream_decode_opaque_auth(), zero-length checksum.len causes\nchecksum.data to be set to NULL. This triggers a NPD when accessing\nchecksum.data in gss_krb5_verify_mic_v2(). This patch ensures that\nthe value of checksum.len is not less than XDR_UNIT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-36-rt-5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40129",
"url": "https://www.suse.com/security/cve/CVE-2025-40129"
},
{
"category": "external",
"summary": "SUSE Bug 1253472 for CVE-2025-40129",
"url": "https://bugzilla.suse.com/1253472"
},
{
"category": "external",
"summary": "SUSE Bug 1253473 for CVE-2025-40129",
"url": "https://bugzilla.suse.com/1253473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-36-rt-5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-36-rt-5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-19T09:19:41Z",
"details": "important"
}
],
"title": "CVE-2025-40129"
},
{
"cve": "CVE-2025-40186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40186"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request().\n\nsyzbot reported the splat below in tcp_conn_request(). [0]\n\nIf a listener is close()d while a TFO socket is being processed in\ntcp_conn_request(), inet_csk_reqsk_queue_add() does not set reqsk-\u003esk\nand calls inet_child_forget(), which calls tcp_disconnect() for the\nTFO socket.\n\nAfter the cited commit, tcp_disconnect() calls reqsk_fastopen_remove(),\nwhere reqsk_put() is called due to !reqsk-\u003esk.\n\nThen, reqsk_fastopen_remove() in tcp_conn_request() decrements the\nlast req-\u003ersk_refcnt and frees reqsk, and __reqsk_free() at the\ndrop_and_free label causes the refcount underflow for the listener\nand double-free of the reqsk.\n\nLet\u0027s remove reqsk_fastopen_remove() in tcp_conn_request().\n\nNote that other callers make sure tp-\u003efastopen_rsk is not NULL.\n\n[0]:\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 12 PID: 5563 at lib/refcount.c:28 refcount_warn_saturate (lib/refcount.c:28)\nModules linked in:\nCPU: 12 UID: 0 PID: 5563 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\nRIP: 0010:refcount_warn_saturate (lib/refcount.c:28)\nCode: ab e8 8e b4 98 ff 0f 0b c3 cc cc cc cc cc 80 3d a4 e4 d6 01 00 75 9c c6 05 9b e4 d6 01 01 48 c7 c7 e8 df fb ab e8 6a b4 98 ff \u003c0f\u003e 0b e9 03 5b 76 00 cc 80 3d 7d e4 d6 01 00 0f 85 74 ff ff ff c6\nRSP: 0018:ffffa79fc0304a98 EFLAGS: 00010246\nRAX: d83af4db1c6b3900 RBX: ffff9f65c7a69020 RCX: d83af4db1c6b3900\nRDX: 0000000000000000 RSI: 00000000ffff7fff RDI: ffffffffac78a280\nRBP: 000000009d781b60 R08: 0000000000007fff R09: ffffffffac6ca280\nR10: 0000000000017ffd R11: 0000000000000004 R12: ffff9f65c7b4f100\nR13: ffff9f65c7d23c00 R14: ffff9f65c7d26000 R15: ffff9f65c7a64ef8\nFS: 00007f9f962176c0(0000) GS:ffff9f65fcf00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000200000000180 CR3: 000000000dbbe006 CR4: 0000000000372ef0\nCall Trace:\n \u003cIRQ\u003e\n tcp_conn_request (./include/linux/refcount.h:400 ./include/linux/refcount.h:432 ./include/linux/refcount.h:450 ./include/net/sock.h:1965 ./include/net/request_sock.h:131 net/ipv4/tcp_input.c:7301)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6708)\n tcp_v6_do_rcv (net/ipv6/tcp_ipv6.c:1670)\n tcp_v6_rcv (net/ipv6/tcp_ipv6.c:1906)\n ip6_protocol_deliver_rcu (net/ipv6/ip6_input.c:438)\n ip6_input (net/ipv6/ip6_input.c:500)\n ipv6_rcv (net/ipv6/ip6_input.c:311)\n __netif_receive_skb (net/core/dev.c:6104)\n process_backlog (net/core/dev.c:6456)\n __napi_poll (net/core/dev.c:7506)\n net_rx_action (net/core/dev.c:7569 net/core/dev.c:7696)\n handle_softirqs (kernel/softirq.c:579)\n do_softirq (kernel/softirq.c:480)\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-36-rt-5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40186",
"url": "https://www.suse.com/security/cve/CVE-2025-40186"
},
{
"category": "external",
"summary": "SUSE Bug 1253438 for CVE-2025-40186",
"url": "https://bugzilla.suse.com/1253438"
},
{
"category": "external",
"summary": "SUSE Bug 1253439 for CVE-2025-40186",
"url": "https://bugzilla.suse.com/1253439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-36-rt-5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-36-rt-5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-19T09:19:41Z",
"details": "important"
}
],
"title": "CVE-2025-40186"
}
]
}
SUSE-SU-2026:20541-1
Vulnerability from csaf_suse - Published: 2026-02-18 16:14 - Updated: 2026-02-18 16:14Summary
Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.6.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
Patchnames: SUSE-SL-Micro-6.2-297
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 6.12.0-160000.6.1 fixes one security issue\n\nThe following security issue was fixed:\n\n- CVE-2025-40186: tcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-297",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20541-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20541-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620541-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20541-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024595.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253439",
"url": "https://bugzilla.suse.com/1253439"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40186 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40186/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16)",
"tracking": {
"current_release_date": "2026-02-18T16:14:15Z",
"generator": {
"date": "2026-02-18T16:14:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20541-1",
"initial_release_date": "2026-02-18T16:14:15Z",
"revision_history": [
{
"date": "2026-02-18T16:14:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le",
"product": {
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le",
"product_id": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x",
"product": {
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x",
"product_id": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64",
"product": {
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64",
"product_id": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:transactional"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le"
},
"product_reference": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x"
},
"product_reference": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-40186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40186"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request().\n\nsyzbot reported the splat below in tcp_conn_request(). [0]\n\nIf a listener is close()d while a TFO socket is being processed in\ntcp_conn_request(), inet_csk_reqsk_queue_add() does not set reqsk-\u003esk\nand calls inet_child_forget(), which calls tcp_disconnect() for the\nTFO socket.\n\nAfter the cited commit, tcp_disconnect() calls reqsk_fastopen_remove(),\nwhere reqsk_put() is called due to !reqsk-\u003esk.\n\nThen, reqsk_fastopen_remove() in tcp_conn_request() decrements the\nlast req-\u003ersk_refcnt and frees reqsk, and __reqsk_free() at the\ndrop_and_free label causes the refcount underflow for the listener\nand double-free of the reqsk.\n\nLet\u0027s remove reqsk_fastopen_remove() in tcp_conn_request().\n\nNote that other callers make sure tp-\u003efastopen_rsk is not NULL.\n\n[0]:\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 12 PID: 5563 at lib/refcount.c:28 refcount_warn_saturate (lib/refcount.c:28)\nModules linked in:\nCPU: 12 UID: 0 PID: 5563 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\nRIP: 0010:refcount_warn_saturate (lib/refcount.c:28)\nCode: ab e8 8e b4 98 ff 0f 0b c3 cc cc cc cc cc 80 3d a4 e4 d6 01 00 75 9c c6 05 9b e4 d6 01 01 48 c7 c7 e8 df fb ab e8 6a b4 98 ff \u003c0f\u003e 0b e9 03 5b 76 00 cc 80 3d 7d e4 d6 01 00 0f 85 74 ff ff ff c6\nRSP: 0018:ffffa79fc0304a98 EFLAGS: 00010246\nRAX: d83af4db1c6b3900 RBX: ffff9f65c7a69020 RCX: d83af4db1c6b3900\nRDX: 0000000000000000 RSI: 00000000ffff7fff RDI: ffffffffac78a280\nRBP: 000000009d781b60 R08: 0000000000007fff R09: ffffffffac6ca280\nR10: 0000000000017ffd R11: 0000000000000004 R12: ffff9f65c7b4f100\nR13: ffff9f65c7d23c00 R14: ffff9f65c7d26000 R15: ffff9f65c7a64ef8\nFS: 00007f9f962176c0(0000) GS:ffff9f65fcf00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000200000000180 CR3: 000000000dbbe006 CR4: 0000000000372ef0\nCall Trace:\n \u003cIRQ\u003e\n tcp_conn_request (./include/linux/refcount.h:400 ./include/linux/refcount.h:432 ./include/linux/refcount.h:450 ./include/net/sock.h:1965 ./include/net/request_sock.h:131 net/ipv4/tcp_input.c:7301)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6708)\n tcp_v6_do_rcv (net/ipv6/tcp_ipv6.c:1670)\n tcp_v6_rcv (net/ipv6/tcp_ipv6.c:1906)\n ip6_protocol_deliver_rcu (net/ipv6/ip6_input.c:438)\n ip6_input (net/ipv6/ip6_input.c:500)\n ipv6_rcv (net/ipv6/ip6_input.c:311)\n __netif_receive_skb (net/core/dev.c:6104)\n process_backlog (net/core/dev.c:6456)\n __napi_poll (net/core/dev.c:7506)\n net_rx_action (net/core/dev.c:7569 net/core/dev.c:7696)\n handle_softirqs (kernel/softirq.c:579)\n do_softirq (kernel/softirq.c:480)\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40186",
"url": "https://www.suse.com/security/cve/CVE-2025-40186"
},
{
"category": "external",
"summary": "SUSE Bug 1253438 for CVE-2025-40186",
"url": "https://bugzilla.suse.com/1253438"
},
{
"category": "external",
"summary": "SUSE Bug 1253439 for CVE-2025-40186",
"url": "https://bugzilla.suse.com/1253439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-18T16:14:15Z",
"details": "important"
}
],
"title": "CVE-2025-40186"
}
]
}
SUSE-SU-2026:20558-1
Vulnerability from csaf_suse - Published: 2026-03-02 10:01 - Updated: 2026-03-02 10:01Summary
Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 16)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 16)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.6.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
Patchnames: SUSE-SL-Micro-6.2-332
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-4-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 16)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 6.12.0-160000.6.1 fixes one security issue\n\nThe following security issue was fixed:\n\n- CVE-2025-40186: tcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-332",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20558-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20558-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620558-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20558-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024587.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253439",
"url": "https://bugzilla.suse.com/1253439"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40186 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40186/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 16)",
"tracking": {
"current_release_date": "2026-03-02T10:01:23Z",
"generator": {
"date": "2026-03-02T10:01:23Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20558-1",
"initial_release_date": "2026-03-02T10:01:23Z",
"revision_history": [
{
"date": "2026-03-02T10:01:23Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_6-rt-4-160000.1.1.x86_64",
"product": {
"name": "kernel-livepatch-6_12_0-160000_6-rt-4-160000.1.1.x86_64",
"product_id": "kernel-livepatch-6_12_0-160000_6-rt-4-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:transactional"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_6-rt-4-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-4-160000.1.1.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_6-rt-4-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-40186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40186"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request().\n\nsyzbot reported the splat below in tcp_conn_request(). [0]\n\nIf a listener is close()d while a TFO socket is being processed in\ntcp_conn_request(), inet_csk_reqsk_queue_add() does not set reqsk-\u003esk\nand calls inet_child_forget(), which calls tcp_disconnect() for the\nTFO socket.\n\nAfter the cited commit, tcp_disconnect() calls reqsk_fastopen_remove(),\nwhere reqsk_put() is called due to !reqsk-\u003esk.\n\nThen, reqsk_fastopen_remove() in tcp_conn_request() decrements the\nlast req-\u003ersk_refcnt and frees reqsk, and __reqsk_free() at the\ndrop_and_free label causes the refcount underflow for the listener\nand double-free of the reqsk.\n\nLet\u0027s remove reqsk_fastopen_remove() in tcp_conn_request().\n\nNote that other callers make sure tp-\u003efastopen_rsk is not NULL.\n\n[0]:\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 12 PID: 5563 at lib/refcount.c:28 refcount_warn_saturate (lib/refcount.c:28)\nModules linked in:\nCPU: 12 UID: 0 PID: 5563 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\nRIP: 0010:refcount_warn_saturate (lib/refcount.c:28)\nCode: ab e8 8e b4 98 ff 0f 0b c3 cc cc cc cc cc 80 3d a4 e4 d6 01 00 75 9c c6 05 9b e4 d6 01 01 48 c7 c7 e8 df fb ab e8 6a b4 98 ff \u003c0f\u003e 0b e9 03 5b 76 00 cc 80 3d 7d e4 d6 01 00 0f 85 74 ff ff ff c6\nRSP: 0018:ffffa79fc0304a98 EFLAGS: 00010246\nRAX: d83af4db1c6b3900 RBX: ffff9f65c7a69020 RCX: d83af4db1c6b3900\nRDX: 0000000000000000 RSI: 00000000ffff7fff RDI: ffffffffac78a280\nRBP: 000000009d781b60 R08: 0000000000007fff R09: ffffffffac6ca280\nR10: 0000000000017ffd R11: 0000000000000004 R12: ffff9f65c7b4f100\nR13: ffff9f65c7d23c00 R14: ffff9f65c7d26000 R15: ffff9f65c7a64ef8\nFS: 00007f9f962176c0(0000) GS:ffff9f65fcf00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000200000000180 CR3: 000000000dbbe006 CR4: 0000000000372ef0\nCall Trace:\n \u003cIRQ\u003e\n tcp_conn_request (./include/linux/refcount.h:400 ./include/linux/refcount.h:432 ./include/linux/refcount.h:450 ./include/net/sock.h:1965 ./include/net/request_sock.h:131 net/ipv4/tcp_input.c:7301)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6708)\n tcp_v6_do_rcv (net/ipv6/tcp_ipv6.c:1670)\n tcp_v6_rcv (net/ipv6/tcp_ipv6.c:1906)\n ip6_protocol_deliver_rcu (net/ipv6/ip6_input.c:438)\n ip6_input (net/ipv6/ip6_input.c:500)\n ipv6_rcv (net/ipv6/ip6_input.c:311)\n __netif_receive_skb (net/core/dev.c:6104)\n process_backlog (net/core/dev.c:6456)\n __napi_poll (net/core/dev.c:7506)\n net_rx_action (net/core/dev.c:7569 net/core/dev.c:7696)\n handle_softirqs (kernel/softirq.c:579)\n do_softirq (kernel/softirq.c:480)\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-4-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40186",
"url": "https://www.suse.com/security/cve/CVE-2025-40186"
},
{
"category": "external",
"summary": "SUSE Bug 1253438 for CVE-2025-40186",
"url": "https://bugzilla.suse.com/1253438"
},
{
"category": "external",
"summary": "SUSE Bug 1253439 for CVE-2025-40186",
"url": "https://bugzilla.suse.com/1253439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-4-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_6-rt-4-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-02T10:01:23Z",
"details": "important"
}
],
"title": "CVE-2025-40186"
}
]
}
SUSE-SU-2026:20606-1
Vulnerability from csaf_suse - Published: 2026-02-18 16:14 - Updated: 2026-02-18 16:14Summary
Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.6.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
Patchnames: SUSE-SLES-16.0-297
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 6.12.0-160000.6.1 fixes one security issue\n\nThe following security issue was fixed:\n\n- CVE-2025-40186: tcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-297",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20606-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20606-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620606-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20606-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024610.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253439",
"url": "https://bugzilla.suse.com/1253439"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40186 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40186/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16)",
"tracking": {
"current_release_date": "2026-02-18T16:14:15Z",
"generator": {
"date": "2026-02-18T16:14:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20606-1",
"initial_release_date": "2026-02-18T16:14:15Z",
"revision_history": [
{
"date": "2026-02-18T16:14:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le",
"product": {
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le",
"product_id": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x",
"product": {
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x",
"product_id": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64",
"product": {
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64",
"product_id": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le"
},
"product_reference": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x"
},
"product_reference": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le"
},
"product_reference": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x"
},
"product_reference": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-40186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40186"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request().\n\nsyzbot reported the splat below in tcp_conn_request(). [0]\n\nIf a listener is close()d while a TFO socket is being processed in\ntcp_conn_request(), inet_csk_reqsk_queue_add() does not set reqsk-\u003esk\nand calls inet_child_forget(), which calls tcp_disconnect() for the\nTFO socket.\n\nAfter the cited commit, tcp_disconnect() calls reqsk_fastopen_remove(),\nwhere reqsk_put() is called due to !reqsk-\u003esk.\n\nThen, reqsk_fastopen_remove() in tcp_conn_request() decrements the\nlast req-\u003ersk_refcnt and frees reqsk, and __reqsk_free() at the\ndrop_and_free label causes the refcount underflow for the listener\nand double-free of the reqsk.\n\nLet\u0027s remove reqsk_fastopen_remove() in tcp_conn_request().\n\nNote that other callers make sure tp-\u003efastopen_rsk is not NULL.\n\n[0]:\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 12 PID: 5563 at lib/refcount.c:28 refcount_warn_saturate (lib/refcount.c:28)\nModules linked in:\nCPU: 12 UID: 0 PID: 5563 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\nRIP: 0010:refcount_warn_saturate (lib/refcount.c:28)\nCode: ab e8 8e b4 98 ff 0f 0b c3 cc cc cc cc cc 80 3d a4 e4 d6 01 00 75 9c c6 05 9b e4 d6 01 01 48 c7 c7 e8 df fb ab e8 6a b4 98 ff \u003c0f\u003e 0b e9 03 5b 76 00 cc 80 3d 7d e4 d6 01 00 0f 85 74 ff ff ff c6\nRSP: 0018:ffffa79fc0304a98 EFLAGS: 00010246\nRAX: d83af4db1c6b3900 RBX: ffff9f65c7a69020 RCX: d83af4db1c6b3900\nRDX: 0000000000000000 RSI: 00000000ffff7fff RDI: ffffffffac78a280\nRBP: 000000009d781b60 R08: 0000000000007fff R09: ffffffffac6ca280\nR10: 0000000000017ffd R11: 0000000000000004 R12: ffff9f65c7b4f100\nR13: ffff9f65c7d23c00 R14: ffff9f65c7d26000 R15: ffff9f65c7a64ef8\nFS: 00007f9f962176c0(0000) GS:ffff9f65fcf00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000200000000180 CR3: 000000000dbbe006 CR4: 0000000000372ef0\nCall Trace:\n \u003cIRQ\u003e\n tcp_conn_request (./include/linux/refcount.h:400 ./include/linux/refcount.h:432 ./include/linux/refcount.h:450 ./include/net/sock.h:1965 ./include/net/request_sock.h:131 net/ipv4/tcp_input.c:7301)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6708)\n tcp_v6_do_rcv (net/ipv6/tcp_ipv6.c:1670)\n tcp_v6_rcv (net/ipv6/tcp_ipv6.c:1906)\n ip6_protocol_deliver_rcu (net/ipv6/ip6_input.c:438)\n ip6_input (net/ipv6/ip6_input.c:500)\n ipv6_rcv (net/ipv6/ip6_input.c:311)\n __netif_receive_skb (net/core/dev.c:6104)\n process_backlog (net/core/dev.c:6456)\n __napi_poll (net/core/dev.c:7506)\n net_rx_action (net/core/dev.c:7569 net/core/dev.c:7696)\n handle_softirqs (kernel/softirq.c:579)\n do_softirq (kernel/softirq.c:480)\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40186",
"url": "https://www.suse.com/security/cve/CVE-2025-40186"
},
{
"category": "external",
"summary": "SUSE Bug 1253438 for CVE-2025-40186",
"url": "https://bugzilla.suse.com/1253438"
},
{
"category": "external",
"summary": "SUSE Bug 1253439 for CVE-2025-40186",
"url": "https://bugzilla.suse.com/1253439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_6-default-4-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-18T16:14:15Z",
"details": "important"
}
],
"title": "CVE-2025-40186"
}
]
}
SUSE-SU-2026:20635-1
Vulnerability from csaf_suse - Published: 2026-03-04 09:41 - Updated: 2026-03-04 09:41Summary
Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.5.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39698: io_uring/futex: ensure io_futex_wait() cleans up properly on failure (bsc#1250190).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40130: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling (bsc#1253415).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
Patchnames: SUSE-SLES-16.0-350
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
36 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 6.12.0-160000.5.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).\n- CVE-2025-39698: io_uring/futex: ensure io_futex_wait() cleans up properly on failure (bsc#1250190).\n- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).\n- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).\n- CVE-2025-40130: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling (bsc#1253415).\n- CVE-2025-40186: tcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-350",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20635-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20635-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620635-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20635-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024643.html"
},
{
"category": "self",
"summary": "SUSE Bug 1249205",
"url": "https://bugzilla.suse.com/1249205"
},
{
"category": "self",
"summary": "SUSE Bug 1249480",
"url": "https://bugzilla.suse.com/1249480"
},
{
"category": "self",
"summary": "SUSE Bug 1250190",
"url": "https://bugzilla.suse.com/1250190"
},
{
"category": "self",
"summary": "SUSE Bug 1253415",
"url": "https://bugzilla.suse.com/1253415"
},
{
"category": "self",
"summary": "SUSE Bug 1253439",
"url": "https://bugzilla.suse.com/1253439"
},
{
"category": "self",
"summary": "SUSE Bug 1253473",
"url": "https://bugzilla.suse.com/1253473"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38352 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38352/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39698 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40129 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40130 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40186 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40186/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)",
"tracking": {
"current_release_date": "2026-03-04T09:41:19Z",
"generator": {
"date": "2026-03-04T09:41:19Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20635-1",
"initial_release_date": "2026-03-04T09:41:19Z",
"revision_history": [
{
"date": "2026-03-04T09:41:19Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"product": {
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"product_id": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"product": {
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"product_id": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"product": {
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"product_id": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-38352",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38352"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()\n\nIf an exiting non-autoreaping task has already passed exit_notify() and\ncalls handle_posix_cpu_timers() from IRQ, it can be reaped by its parent\nor debugger right after unlock_task_sighand().\n\nIf a concurrent posix_cpu_timer_del() runs at that moment, it won\u0027t be\nable to detect timer-\u003eit.cpu.firing != 0: cpu_timer_task_rcu() and/or\nlock_task_sighand() will fail.\n\nAdd the tsk-\u003eexit_state check into run_posix_cpu_timers() to fix this.\n\nThis fix is not needed if CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y, because\nexit_task_work() is called before exit_notify(). But the check still\nmakes sense, task_work_add(\u0026tsk-\u003eposix_cputimers_work.work) will fail\nanyway in this case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38352",
"url": "https://www.suse.com/security/cve/CVE-2025-38352"
},
{
"category": "external",
"summary": "SUSE Bug 1246911 for CVE-2025-38352",
"url": "https://bugzilla.suse.com/1246911"
},
{
"category": "external",
"summary": "SUSE Bug 1249205 for CVE-2025-38352",
"url": "https://bugzilla.suse.com/1249205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-04T09:41:19Z",
"details": "important"
}
],
"title": "CVE-2025-38352"
},
{
"cve": "CVE-2025-39698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/futex: ensure io_futex_wait() cleans up properly on failure\n\nThe io_futex_data is allocated upfront and assigned to the io_kiocb\nasync_data field, but the request isn\u0027t marked with REQ_F_ASYNC_DATA\nat that point. Those two should always go together, as the flag tells\nio_uring whether the field is valid or not.\n\nAdditionally, on failure cleanup, the futex handler frees the data but\ndoes not clear -\u003easync_data. Clear the data and the flag in the error\npath as well.\n\nThanks to Trend Micro Zero Day Initiative and particularly ReDress for\nreporting this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39698",
"url": "https://www.suse.com/security/cve/CVE-2025-39698"
},
{
"category": "external",
"summary": "SUSE Bug 1249322 for CVE-2025-39698",
"url": "https://bugzilla.suse.com/1249322"
},
{
"category": "external",
"summary": "SUSE Bug 1250190 for CVE-2025-39698",
"url": "https://bugzilla.suse.com/1250190"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-04T09:41:19Z",
"details": "important"
}
],
"title": "CVE-2025-39698"
},
{
"cve": "CVE-2025-39742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()\n\nThe function divides number of online CPUs by num_core_siblings, and\nlater checks the divider by zero. This implies a possibility to get\nand divide-by-zero runtime error. Fix it by moving the check prior to\ndivision. This also helps to save one indentation level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39742",
"url": "https://www.suse.com/security/cve/CVE-2025-39742"
},
{
"category": "external",
"summary": "SUSE Bug 1247374 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1247374"
},
{
"category": "external",
"summary": "SUSE Bug 1249479 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1249479"
},
{
"category": "external",
"summary": "SUSE Bug 1249480 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1249480"
},
{
"category": "external",
"summary": "SUSE Bug 1253291 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1253291"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-04T09:41:19Z",
"details": "important"
}
],
"title": "CVE-2025-39742"
},
{
"cve": "CVE-2025-40129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40129"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix null pointer dereference on zero-length checksum\n\nIn xdr_stream_decode_opaque_auth(), zero-length checksum.len causes\nchecksum.data to be set to NULL. This triggers a NPD when accessing\nchecksum.data in gss_krb5_verify_mic_v2(). This patch ensures that\nthe value of checksum.len is not less than XDR_UNIT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40129",
"url": "https://www.suse.com/security/cve/CVE-2025-40129"
},
{
"category": "external",
"summary": "SUSE Bug 1253472 for CVE-2025-40129",
"url": "https://bugzilla.suse.com/1253472"
},
{
"category": "external",
"summary": "SUSE Bug 1253473 for CVE-2025-40129",
"url": "https://bugzilla.suse.com/1253473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-04T09:41:19Z",
"details": "important"
}
],
"title": "CVE-2025-40129"
},
{
"cve": "CVE-2025-40130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40130"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix data race in CPU latency PM QoS request handling\n\nThe cpu_latency_qos_add/remove/update_request interfaces lack internal\nsynchronization by design, requiring the caller to ensure thread safety.\nThe current implementation relies on the \u0027pm_qos_enabled\u0027 flag, which is\ninsufficient to prevent concurrent access and cannot serve as a proper\nsynchronization mechanism. This has led to data races and list\ncorruption issues.\n\nA typical race condition call trace is:\n\n[Thread A]\nufshcd_pm_qos_exit()\n --\u003e cpu_latency_qos_remove_request()\n --\u003e cpu_latency_qos_apply();\n --\u003e pm_qos_update_target()\n --\u003e plist_del \u003c--(1) delete plist node\n --\u003e memset(req, 0, sizeof(*req));\n --\u003e hba-\u003epm_qos_enabled = false;\n\n[Thread B]\nufshcd_devfreq_target\n --\u003e ufshcd_devfreq_scale\n --\u003e ufshcd_scale_clks\n --\u003e ufshcd_pm_qos_update \u003c--(2) pm_qos_enabled is true\n --\u003e cpu_latency_qos_update_request\n --\u003e pm_qos_update_target\n --\u003e plist_del \u003c--(3) plist node use-after-free\n\nIntroduces a dedicated mutex to serialize PM QoS operations, preventing\ndata races and ensuring safe access to PM QoS resources, including sysfs\ninterface reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40130",
"url": "https://www.suse.com/security/cve/CVE-2025-40130"
},
{
"category": "external",
"summary": "SUSE Bug 1253414 for CVE-2025-40130",
"url": "https://bugzilla.suse.com/1253414"
},
{
"category": "external",
"summary": "SUSE Bug 1253415 for CVE-2025-40130",
"url": "https://bugzilla.suse.com/1253415"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-04T09:41:19Z",
"details": "important"
}
],
"title": "CVE-2025-40130"
},
{
"cve": "CVE-2025-40186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40186"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request().\n\nsyzbot reported the splat below in tcp_conn_request(). [0]\n\nIf a listener is close()d while a TFO socket is being processed in\ntcp_conn_request(), inet_csk_reqsk_queue_add() does not set reqsk-\u003esk\nand calls inet_child_forget(), which calls tcp_disconnect() for the\nTFO socket.\n\nAfter the cited commit, tcp_disconnect() calls reqsk_fastopen_remove(),\nwhere reqsk_put() is called due to !reqsk-\u003esk.\n\nThen, reqsk_fastopen_remove() in tcp_conn_request() decrements the\nlast req-\u003ersk_refcnt and frees reqsk, and __reqsk_free() at the\ndrop_and_free label causes the refcount underflow for the listener\nand double-free of the reqsk.\n\nLet\u0027s remove reqsk_fastopen_remove() in tcp_conn_request().\n\nNote that other callers make sure tp-\u003efastopen_rsk is not NULL.\n\n[0]:\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 12 PID: 5563 at lib/refcount.c:28 refcount_warn_saturate (lib/refcount.c:28)\nModules linked in:\nCPU: 12 UID: 0 PID: 5563 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\nRIP: 0010:refcount_warn_saturate (lib/refcount.c:28)\nCode: ab e8 8e b4 98 ff 0f 0b c3 cc cc cc cc cc 80 3d a4 e4 d6 01 00 75 9c c6 05 9b e4 d6 01 01 48 c7 c7 e8 df fb ab e8 6a b4 98 ff \u003c0f\u003e 0b e9 03 5b 76 00 cc 80 3d 7d e4 d6 01 00 0f 85 74 ff ff ff c6\nRSP: 0018:ffffa79fc0304a98 EFLAGS: 00010246\nRAX: d83af4db1c6b3900 RBX: ffff9f65c7a69020 RCX: d83af4db1c6b3900\nRDX: 0000000000000000 RSI: 00000000ffff7fff RDI: ffffffffac78a280\nRBP: 000000009d781b60 R08: 0000000000007fff R09: ffffffffac6ca280\nR10: 0000000000017ffd R11: 0000000000000004 R12: ffff9f65c7b4f100\nR13: ffff9f65c7d23c00 R14: ffff9f65c7d26000 R15: ffff9f65c7a64ef8\nFS: 00007f9f962176c0(0000) GS:ffff9f65fcf00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000200000000180 CR3: 000000000dbbe006 CR4: 0000000000372ef0\nCall Trace:\n \u003cIRQ\u003e\n tcp_conn_request (./include/linux/refcount.h:400 ./include/linux/refcount.h:432 ./include/linux/refcount.h:450 ./include/net/sock.h:1965 ./include/net/request_sock.h:131 net/ipv4/tcp_input.c:7301)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6708)\n tcp_v6_do_rcv (net/ipv6/tcp_ipv6.c:1670)\n tcp_v6_rcv (net/ipv6/tcp_ipv6.c:1906)\n ip6_protocol_deliver_rcu (net/ipv6/ip6_input.c:438)\n ip6_input (net/ipv6/ip6_input.c:500)\n ipv6_rcv (net/ipv6/ip6_input.c:311)\n __netif_receive_skb (net/core/dev.c:6104)\n process_backlog (net/core/dev.c:6456)\n __napi_poll (net/core/dev.c:7506)\n net_rx_action (net/core/dev.c:7569 net/core/dev.c:7696)\n handle_softirqs (kernel/softirq.c:579)\n do_softirq (kernel/softirq.c:480)\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40186",
"url": "https://www.suse.com/security/cve/CVE-2025-40186"
},
{
"category": "external",
"summary": "SUSE Bug 1253438 for CVE-2025-40186",
"url": "https://bugzilla.suse.com/1253438"
},
{
"category": "external",
"summary": "SUSE Bug 1253439 for CVE-2025-40186",
"url": "https://bugzilla.suse.com/1253439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-04T09:41:19Z",
"details": "important"
}
],
"title": "CVE-2025-40186"
}
]
}
SUSE-SU-2026:20644-1
Vulnerability from csaf_suse - Published: 2026-03-04 09:41 - Updated: 2026-03-04 09:41Summary
Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.5.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39698: io_uring/futex: ensure io_futex_wait() cleans up properly on failure (bsc#1250190).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40130: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling (bsc#1253415).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
Patchnames: SUSE-SL-Micro-6.2-350
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
36 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 6.12.0-160000.5.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).\n- CVE-2025-39698: io_uring/futex: ensure io_futex_wait() cleans up properly on failure (bsc#1250190).\n- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).\n- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).\n- CVE-2025-40130: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling (bsc#1253415).\n- CVE-2025-40186: tcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-350",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20644-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20644-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620644-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20644-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024656.html"
},
{
"category": "self",
"summary": "SUSE Bug 1249205",
"url": "https://bugzilla.suse.com/1249205"
},
{
"category": "self",
"summary": "SUSE Bug 1249480",
"url": "https://bugzilla.suse.com/1249480"
},
{
"category": "self",
"summary": "SUSE Bug 1250190",
"url": "https://bugzilla.suse.com/1250190"
},
{
"category": "self",
"summary": "SUSE Bug 1253415",
"url": "https://bugzilla.suse.com/1253415"
},
{
"category": "self",
"summary": "SUSE Bug 1253439",
"url": "https://bugzilla.suse.com/1253439"
},
{
"category": "self",
"summary": "SUSE Bug 1253473",
"url": "https://bugzilla.suse.com/1253473"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38352 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38352/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39698 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40129 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40130 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40186 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40186/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)",
"tracking": {
"current_release_date": "2026-03-04T09:41:19Z",
"generator": {
"date": "2026-03-04T09:41:19Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20644-1",
"initial_release_date": "2026-03-04T09:41:19Z",
"revision_history": [
{
"date": "2026-03-04T09:41:19Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"product": {
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"product_id": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"product": {
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"product_id": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"product": {
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"product_id": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:transactional"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-38352",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38352"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()\n\nIf an exiting non-autoreaping task has already passed exit_notify() and\ncalls handle_posix_cpu_timers() from IRQ, it can be reaped by its parent\nor debugger right after unlock_task_sighand().\n\nIf a concurrent posix_cpu_timer_del() runs at that moment, it won\u0027t be\nable to detect timer-\u003eit.cpu.firing != 0: cpu_timer_task_rcu() and/or\nlock_task_sighand() will fail.\n\nAdd the tsk-\u003eexit_state check into run_posix_cpu_timers() to fix this.\n\nThis fix is not needed if CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y, because\nexit_task_work() is called before exit_notify(). But the check still\nmakes sense, task_work_add(\u0026tsk-\u003eposix_cputimers_work.work) will fail\nanyway in this case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38352",
"url": "https://www.suse.com/security/cve/CVE-2025-38352"
},
{
"category": "external",
"summary": "SUSE Bug 1246911 for CVE-2025-38352",
"url": "https://bugzilla.suse.com/1246911"
},
{
"category": "external",
"summary": "SUSE Bug 1249205 for CVE-2025-38352",
"url": "https://bugzilla.suse.com/1249205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-04T09:41:19Z",
"details": "important"
}
],
"title": "CVE-2025-38352"
},
{
"cve": "CVE-2025-39698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/futex: ensure io_futex_wait() cleans up properly on failure\n\nThe io_futex_data is allocated upfront and assigned to the io_kiocb\nasync_data field, but the request isn\u0027t marked with REQ_F_ASYNC_DATA\nat that point. Those two should always go together, as the flag tells\nio_uring whether the field is valid or not.\n\nAdditionally, on failure cleanup, the futex handler frees the data but\ndoes not clear -\u003easync_data. Clear the data and the flag in the error\npath as well.\n\nThanks to Trend Micro Zero Day Initiative and particularly ReDress for\nreporting this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39698",
"url": "https://www.suse.com/security/cve/CVE-2025-39698"
},
{
"category": "external",
"summary": "SUSE Bug 1249322 for CVE-2025-39698",
"url": "https://bugzilla.suse.com/1249322"
},
{
"category": "external",
"summary": "SUSE Bug 1250190 for CVE-2025-39698",
"url": "https://bugzilla.suse.com/1250190"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-04T09:41:19Z",
"details": "important"
}
],
"title": "CVE-2025-39698"
},
{
"cve": "CVE-2025-39742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()\n\nThe function divides number of online CPUs by num_core_siblings, and\nlater checks the divider by zero. This implies a possibility to get\nand divide-by-zero runtime error. Fix it by moving the check prior to\ndivision. This also helps to save one indentation level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39742",
"url": "https://www.suse.com/security/cve/CVE-2025-39742"
},
{
"category": "external",
"summary": "SUSE Bug 1247374 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1247374"
},
{
"category": "external",
"summary": "SUSE Bug 1249479 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1249479"
},
{
"category": "external",
"summary": "SUSE Bug 1249480 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1249480"
},
{
"category": "external",
"summary": "SUSE Bug 1253291 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1253291"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-04T09:41:19Z",
"details": "important"
}
],
"title": "CVE-2025-39742"
},
{
"cve": "CVE-2025-40129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40129"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix null pointer dereference on zero-length checksum\n\nIn xdr_stream_decode_opaque_auth(), zero-length checksum.len causes\nchecksum.data to be set to NULL. This triggers a NPD when accessing\nchecksum.data in gss_krb5_verify_mic_v2(). This patch ensures that\nthe value of checksum.len is not less than XDR_UNIT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40129",
"url": "https://www.suse.com/security/cve/CVE-2025-40129"
},
{
"category": "external",
"summary": "SUSE Bug 1253472 for CVE-2025-40129",
"url": "https://bugzilla.suse.com/1253472"
},
{
"category": "external",
"summary": "SUSE Bug 1253473 for CVE-2025-40129",
"url": "https://bugzilla.suse.com/1253473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-04T09:41:19Z",
"details": "important"
}
],
"title": "CVE-2025-40129"
},
{
"cve": "CVE-2025-40130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40130"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix data race in CPU latency PM QoS request handling\n\nThe cpu_latency_qos_add/remove/update_request interfaces lack internal\nsynchronization by design, requiring the caller to ensure thread safety.\nThe current implementation relies on the \u0027pm_qos_enabled\u0027 flag, which is\ninsufficient to prevent concurrent access and cannot serve as a proper\nsynchronization mechanism. This has led to data races and list\ncorruption issues.\n\nA typical race condition call trace is:\n\n[Thread A]\nufshcd_pm_qos_exit()\n --\u003e cpu_latency_qos_remove_request()\n --\u003e cpu_latency_qos_apply();\n --\u003e pm_qos_update_target()\n --\u003e plist_del \u003c--(1) delete plist node\n --\u003e memset(req, 0, sizeof(*req));\n --\u003e hba-\u003epm_qos_enabled = false;\n\n[Thread B]\nufshcd_devfreq_target\n --\u003e ufshcd_devfreq_scale\n --\u003e ufshcd_scale_clks\n --\u003e ufshcd_pm_qos_update \u003c--(2) pm_qos_enabled is true\n --\u003e cpu_latency_qos_update_request\n --\u003e pm_qos_update_target\n --\u003e plist_del \u003c--(3) plist node use-after-free\n\nIntroduces a dedicated mutex to serialize PM QoS operations, preventing\ndata races and ensuring safe access to PM QoS resources, including sysfs\ninterface reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40130",
"url": "https://www.suse.com/security/cve/CVE-2025-40130"
},
{
"category": "external",
"summary": "SUSE Bug 1253414 for CVE-2025-40130",
"url": "https://bugzilla.suse.com/1253414"
},
{
"category": "external",
"summary": "SUSE Bug 1253415 for CVE-2025-40130",
"url": "https://bugzilla.suse.com/1253415"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-04T09:41:19Z",
"details": "important"
}
],
"title": "CVE-2025-40130"
},
{
"cve": "CVE-2025-40186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40186"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request().\n\nsyzbot reported the splat below in tcp_conn_request(). [0]\n\nIf a listener is close()d while a TFO socket is being processed in\ntcp_conn_request(), inet_csk_reqsk_queue_add() does not set reqsk-\u003esk\nand calls inet_child_forget(), which calls tcp_disconnect() for the\nTFO socket.\n\nAfter the cited commit, tcp_disconnect() calls reqsk_fastopen_remove(),\nwhere reqsk_put() is called due to !reqsk-\u003esk.\n\nThen, reqsk_fastopen_remove() in tcp_conn_request() decrements the\nlast req-\u003ersk_refcnt and frees reqsk, and __reqsk_free() at the\ndrop_and_free label causes the refcount underflow for the listener\nand double-free of the reqsk.\n\nLet\u0027s remove reqsk_fastopen_remove() in tcp_conn_request().\n\nNote that other callers make sure tp-\u003efastopen_rsk is not NULL.\n\n[0]:\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 12 PID: 5563 at lib/refcount.c:28 refcount_warn_saturate (lib/refcount.c:28)\nModules linked in:\nCPU: 12 UID: 0 PID: 5563 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\nRIP: 0010:refcount_warn_saturate (lib/refcount.c:28)\nCode: ab e8 8e b4 98 ff 0f 0b c3 cc cc cc cc cc 80 3d a4 e4 d6 01 00 75 9c c6 05 9b e4 d6 01 01 48 c7 c7 e8 df fb ab e8 6a b4 98 ff \u003c0f\u003e 0b e9 03 5b 76 00 cc 80 3d 7d e4 d6 01 00 0f 85 74 ff ff ff c6\nRSP: 0018:ffffa79fc0304a98 EFLAGS: 00010246\nRAX: d83af4db1c6b3900 RBX: ffff9f65c7a69020 RCX: d83af4db1c6b3900\nRDX: 0000000000000000 RSI: 00000000ffff7fff RDI: ffffffffac78a280\nRBP: 000000009d781b60 R08: 0000000000007fff R09: ffffffffac6ca280\nR10: 0000000000017ffd R11: 0000000000000004 R12: ffff9f65c7b4f100\nR13: ffff9f65c7d23c00 R14: ffff9f65c7d26000 R15: ffff9f65c7a64ef8\nFS: 00007f9f962176c0(0000) GS:ffff9f65fcf00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000200000000180 CR3: 000000000dbbe006 CR4: 0000000000372ef0\nCall Trace:\n \u003cIRQ\u003e\n tcp_conn_request (./include/linux/refcount.h:400 ./include/linux/refcount.h:432 ./include/linux/refcount.h:450 ./include/net/sock.h:1965 ./include/net/request_sock.h:131 net/ipv4/tcp_input.c:7301)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6708)\n tcp_v6_do_rcv (net/ipv6/tcp_ipv6.c:1670)\n tcp_v6_rcv (net/ipv6/tcp_ipv6.c:1906)\n ip6_protocol_deliver_rcu (net/ipv6/ip6_input.c:438)\n ip6_input (net/ipv6/ip6_input.c:500)\n ipv6_rcv (net/ipv6/ip6_input.c:311)\n __netif_receive_skb (net/core/dev.c:6104)\n process_backlog (net/core/dev.c:6456)\n __napi_poll (net/core/dev.c:7506)\n net_rx_action (net/core/dev.c:7569 net/core/dev.c:7696)\n handle_softirqs (kernel/softirq.c:579)\n do_softirq (kernel/softirq.c:480)\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40186",
"url": "https://www.suse.com/security/cve/CVE-2025-40186"
},
{
"category": "external",
"summary": "SUSE Bug 1253438 for CVE-2025-40186",
"url": "https://bugzilla.suse.com/1253438"
},
{
"category": "external",
"summary": "SUSE Bug 1253439 for CVE-2025-40186",
"url": "https://bugzilla.suse.com/1253439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.ppc64le",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.s390x",
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-default-7-160000.4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-04T09:41:19Z",
"details": "important"
}
],
"title": "CVE-2025-40186"
}
]
}
SUSE-SU-2026:20645-1
Vulnerability from csaf_suse - Published: 2026-03-04 10:13 - Updated: 2026-03-04 10:13Summary
Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 16)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 16)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.5.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39698: io_uring/futex: ensure io_futex_wait() cleans up properly on failure (bsc#1250190).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
The following non security issue was fixed:
- bsc#1249241: fix addr_bit_set() issue on big-endian machines BITOP_BE32_SWIZZLE ought to be defined depending on the target's endianess, but the livepatch includes only the little-endian variant. Fix that. (bsc#1249241 bsc#1256928).
Patchnames: SUSE-SL-Micro-6.2-351
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 16)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 6.12.0-160000.5.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).\n- CVE-2025-39698: io_uring/futex: ensure io_futex_wait() cleans up properly on failure (bsc#1250190).\n- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).\n- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).\n- CVE-2025-40186: tcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).\n\nThe following non security issue was fixed:\n\n- bsc#1249241: fix addr_bit_set() issue on big-endian machines BITOP_BE32_SWIZZLE ought to be defined depending on the target\u0027s endianess, but the livepatch includes only the little-endian variant. Fix that. (bsc#1249241 bsc#1256928).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-351",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20645-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20645-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620645-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20645-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024655.html"
},
{
"category": "self",
"summary": "SUSE Bug 1249205",
"url": "https://bugzilla.suse.com/1249205"
},
{
"category": "self",
"summary": "SUSE Bug 1249241",
"url": "https://bugzilla.suse.com/1249241"
},
{
"category": "self",
"summary": "SUSE Bug 1249480",
"url": "https://bugzilla.suse.com/1249480"
},
{
"category": "self",
"summary": "SUSE Bug 1250190",
"url": "https://bugzilla.suse.com/1250190"
},
{
"category": "self",
"summary": "SUSE Bug 1253439",
"url": "https://bugzilla.suse.com/1253439"
},
{
"category": "self",
"summary": "SUSE Bug 1253473",
"url": "https://bugzilla.suse.com/1253473"
},
{
"category": "self",
"summary": "SUSE Bug 1256928",
"url": "https://bugzilla.suse.com/1256928"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38352 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38352/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39698 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40129 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40186 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40186/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 16)",
"tracking": {
"current_release_date": "2026-03-04T10:13:56Z",
"generator": {
"date": "2026-03-04T10:13:56Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20645-1",
"initial_release_date": "2026-03-04T10:13:56Z",
"revision_history": [
{
"date": "2026-03-04T10:13:56Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64",
"product": {
"name": "kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64",
"product_id": "kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:transactional"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64"
},
"product_reference": "kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-38352",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38352"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()\n\nIf an exiting non-autoreaping task has already passed exit_notify() and\ncalls handle_posix_cpu_timers() from IRQ, it can be reaped by its parent\nor debugger right after unlock_task_sighand().\n\nIf a concurrent posix_cpu_timer_del() runs at that moment, it won\u0027t be\nable to detect timer-\u003eit.cpu.firing != 0: cpu_timer_task_rcu() and/or\nlock_task_sighand() will fail.\n\nAdd the tsk-\u003eexit_state check into run_posix_cpu_timers() to fix this.\n\nThis fix is not needed if CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y, because\nexit_task_work() is called before exit_notify(). But the check still\nmakes sense, task_work_add(\u0026tsk-\u003eposix_cputimers_work.work) will fail\nanyway in this case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38352",
"url": "https://www.suse.com/security/cve/CVE-2025-38352"
},
{
"category": "external",
"summary": "SUSE Bug 1246911 for CVE-2025-38352",
"url": "https://bugzilla.suse.com/1246911"
},
{
"category": "external",
"summary": "SUSE Bug 1249205 for CVE-2025-38352",
"url": "https://bugzilla.suse.com/1249205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-04T10:13:56Z",
"details": "important"
}
],
"title": "CVE-2025-38352"
},
{
"cve": "CVE-2025-39698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/futex: ensure io_futex_wait() cleans up properly on failure\n\nThe io_futex_data is allocated upfront and assigned to the io_kiocb\nasync_data field, but the request isn\u0027t marked with REQ_F_ASYNC_DATA\nat that point. Those two should always go together, as the flag tells\nio_uring whether the field is valid or not.\n\nAdditionally, on failure cleanup, the futex handler frees the data but\ndoes not clear -\u003easync_data. Clear the data and the flag in the error\npath as well.\n\nThanks to Trend Micro Zero Day Initiative and particularly ReDress for\nreporting this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39698",
"url": "https://www.suse.com/security/cve/CVE-2025-39698"
},
{
"category": "external",
"summary": "SUSE Bug 1249322 for CVE-2025-39698",
"url": "https://bugzilla.suse.com/1249322"
},
{
"category": "external",
"summary": "SUSE Bug 1250190 for CVE-2025-39698",
"url": "https://bugzilla.suse.com/1250190"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-04T10:13:56Z",
"details": "important"
}
],
"title": "CVE-2025-39698"
},
{
"cve": "CVE-2025-39742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()\n\nThe function divides number of online CPUs by num_core_siblings, and\nlater checks the divider by zero. This implies a possibility to get\nand divide-by-zero runtime error. Fix it by moving the check prior to\ndivision. This also helps to save one indentation level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39742",
"url": "https://www.suse.com/security/cve/CVE-2025-39742"
},
{
"category": "external",
"summary": "SUSE Bug 1247374 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1247374"
},
{
"category": "external",
"summary": "SUSE Bug 1249479 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1249479"
},
{
"category": "external",
"summary": "SUSE Bug 1249480 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1249480"
},
{
"category": "external",
"summary": "SUSE Bug 1253291 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1253291"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-04T10:13:56Z",
"details": "important"
}
],
"title": "CVE-2025-39742"
},
{
"cve": "CVE-2025-40129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40129"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix null pointer dereference on zero-length checksum\n\nIn xdr_stream_decode_opaque_auth(), zero-length checksum.len causes\nchecksum.data to be set to NULL. This triggers a NPD when accessing\nchecksum.data in gss_krb5_verify_mic_v2(). This patch ensures that\nthe value of checksum.len is not less than XDR_UNIT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40129",
"url": "https://www.suse.com/security/cve/CVE-2025-40129"
},
{
"category": "external",
"summary": "SUSE Bug 1253472 for CVE-2025-40129",
"url": "https://bugzilla.suse.com/1253472"
},
{
"category": "external",
"summary": "SUSE Bug 1253473 for CVE-2025-40129",
"url": "https://bugzilla.suse.com/1253473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-04T10:13:56Z",
"details": "important"
}
],
"title": "CVE-2025-40129"
},
{
"cve": "CVE-2025-40186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40186"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Don\u0027t call reqsk_fastopen_remove() in tcp_conn_request().\n\nsyzbot reported the splat below in tcp_conn_request(). [0]\n\nIf a listener is close()d while a TFO socket is being processed in\ntcp_conn_request(), inet_csk_reqsk_queue_add() does not set reqsk-\u003esk\nand calls inet_child_forget(), which calls tcp_disconnect() for the\nTFO socket.\n\nAfter the cited commit, tcp_disconnect() calls reqsk_fastopen_remove(),\nwhere reqsk_put() is called due to !reqsk-\u003esk.\n\nThen, reqsk_fastopen_remove() in tcp_conn_request() decrements the\nlast req-\u003ersk_refcnt and frees reqsk, and __reqsk_free() at the\ndrop_and_free label causes the refcount underflow for the listener\nand double-free of the reqsk.\n\nLet\u0027s remove reqsk_fastopen_remove() in tcp_conn_request().\n\nNote that other callers make sure tp-\u003efastopen_rsk is not NULL.\n\n[0]:\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 12 PID: 5563 at lib/refcount.c:28 refcount_warn_saturate (lib/refcount.c:28)\nModules linked in:\nCPU: 12 UID: 0 PID: 5563 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\nRIP: 0010:refcount_warn_saturate (lib/refcount.c:28)\nCode: ab e8 8e b4 98 ff 0f 0b c3 cc cc cc cc cc 80 3d a4 e4 d6 01 00 75 9c c6 05 9b e4 d6 01 01 48 c7 c7 e8 df fb ab e8 6a b4 98 ff \u003c0f\u003e 0b e9 03 5b 76 00 cc 80 3d 7d e4 d6 01 00 0f 85 74 ff ff ff c6\nRSP: 0018:ffffa79fc0304a98 EFLAGS: 00010246\nRAX: d83af4db1c6b3900 RBX: ffff9f65c7a69020 RCX: d83af4db1c6b3900\nRDX: 0000000000000000 RSI: 00000000ffff7fff RDI: ffffffffac78a280\nRBP: 000000009d781b60 R08: 0000000000007fff R09: ffffffffac6ca280\nR10: 0000000000017ffd R11: 0000000000000004 R12: ffff9f65c7b4f100\nR13: ffff9f65c7d23c00 R14: ffff9f65c7d26000 R15: ffff9f65c7a64ef8\nFS: 00007f9f962176c0(0000) GS:ffff9f65fcf00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000200000000180 CR3: 000000000dbbe006 CR4: 0000000000372ef0\nCall Trace:\n \u003cIRQ\u003e\n tcp_conn_request (./include/linux/refcount.h:400 ./include/linux/refcount.h:432 ./include/linux/refcount.h:450 ./include/net/sock.h:1965 ./include/net/request_sock.h:131 net/ipv4/tcp_input.c:7301)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6708)\n tcp_v6_do_rcv (net/ipv6/tcp_ipv6.c:1670)\n tcp_v6_rcv (net/ipv6/tcp_ipv6.c:1906)\n ip6_protocol_deliver_rcu (net/ipv6/ip6_input.c:438)\n ip6_input (net/ipv6/ip6_input.c:500)\n ipv6_rcv (net/ipv6/ip6_input.c:311)\n __netif_receive_skb (net/core/dev.c:6104)\n process_backlog (net/core/dev.c:6456)\n __napi_poll (net/core/dev.c:7506)\n net_rx_action (net/core/dev.c:7569 net/core/dev.c:7696)\n handle_softirqs (kernel/softirq.c:579)\n do_softirq (kernel/softirq.c:480)\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40186",
"url": "https://www.suse.com/security/cve/CVE-2025-40186"
},
{
"category": "external",
"summary": "SUSE Bug 1253438 for CVE-2025-40186",
"url": "https://bugzilla.suse.com/1253438"
},
{
"category": "external",
"summary": "SUSE Bug 1253439 for CVE-2025-40186",
"url": "https://bugzilla.suse.com/1253439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_5-rt-5-160000.3.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-04T10:13:56Z",
"details": "important"
}
],
"title": "CVE-2025-40186"
}
]
}
WID-SEC-W-2025-2595
Vulnerability from csaf_certbund - Published: 2025-11-12 23:00 - Updated: 2026-03-30 22:00Summary
Linux Kernel: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff: Ein Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um nicht näher spezifizierte Angriffe durchzuführen, die möglicherweise zu einer Denial-of-Service- Bedingung führen oder eine Speicherbeschädigung verursachen können.
Betroffene Betriebssysteme: - Linux
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:unspecified
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Dell NetWorker vProxy <19.13.0.3
Dell / NetWorker
|
vProxy <19.13.0.3 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
References
278 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren, die m\u00f6glicherweise zu einer Denial-of-Service- Bedingung f\u00fchren oder eine Speicherbesch\u00e4digung verursachen k\u00f6nnen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2595 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2595.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2595 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2595"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40178",
"url": "https://lore.kernel.org/linux-cve-announce/2025111240-CVE-2025-40178-8673@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40179",
"url": "https://lore.kernel.org/linux-cve-announce/2025111243-CVE-2025-40179-6d22@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40180",
"url": "https://lore.kernel.org/linux-cve-announce/2025111243-CVE-2025-40180-8258@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40181",
"url": "https://lore.kernel.org/linux-cve-announce/2025111243-CVE-2025-40181-f51c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40182",
"url": "https://lore.kernel.org/linux-cve-announce/2025111243-CVE-2025-40182-fa1b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40183",
"url": "https://lore.kernel.org/linux-cve-announce/2025111243-CVE-2025-40183-fb2f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40184",
"url": "https://lore.kernel.org/linux-cve-announce/2025111243-CVE-2025-40184-9760@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40185",
"url": "https://lore.kernel.org/linux-cve-announce/2025111244-CVE-2025-40185-0689@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40186",
"url": "https://lore.kernel.org/linux-cve-announce/2025111244-CVE-2025-40186-b204@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40187",
"url": "https://lore.kernel.org/linux-cve-announce/2025111244-CVE-2025-40187-7826@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40188",
"url": "https://lore.kernel.org/linux-cve-announce/2025111244-CVE-2025-40188-86c5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40189",
"url": "https://lore.kernel.org/linux-cve-announce/2025111244-CVE-2025-40189-c4ca@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40190",
"url": "https://lore.kernel.org/linux-cve-announce/2025111244-CVE-2025-40190-b6bc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40191",
"url": "https://lore.kernel.org/linux-cve-announce/2025111245-CVE-2025-40191-1ea5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40192",
"url": "https://lore.kernel.org/linux-cve-announce/2025111245-CVE-2025-40192-6344@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40193",
"url": "https://lore.kernel.org/linux-cve-announce/2025111245-CVE-2025-40193-6519@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40194",
"url": "https://lore.kernel.org/linux-cve-announce/2025111245-CVE-2025-40194-d959@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40195",
"url": "https://lore.kernel.org/linux-cve-announce/2025111245-CVE-2025-40195-f91e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40196",
"url": "https://lore.kernel.org/linux-cve-announce/2025111245-CVE-2025-40196-f1fa@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40197",
"url": "https://lore.kernel.org/linux-cve-announce/2025111246-CVE-2025-40197-e5de@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40198",
"url": "https://lore.kernel.org/linux-cve-announce/2025111246-CVE-2025-40198-7a99@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40199",
"url": "https://lore.kernel.org/linux-cve-announce/2025111246-CVE-2025-40199-054c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40200",
"url": "https://lore.kernel.org/linux-cve-announce/2025111246-CVE-2025-40200-c514@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40201",
"url": "https://lore.kernel.org/linux-cve-announce/2025111246-CVE-2025-40201-b8fe@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40202",
"url": "https://lore.kernel.org/linux-cve-announce/2025111246-CVE-2025-40202-f5ad@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40203",
"url": "https://lore.kernel.org/linux-cve-announce/2025111247-CVE-2025-40203-c83b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40204",
"url": "https://lore.kernel.org/linux-cve-announce/2025111247-CVE-2025-40204-0f06@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40205",
"url": "https://lore.kernel.org/linux-cve-announce/2025111247-CVE-2025-40205-ad43@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40206",
"url": "https://lore.kernel.org/linux-cve-announce/2025111247-CVE-2025-40206-b396@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40207",
"url": "https://lore.kernel.org/linux-cve-announce/2025111247-CVE-2025-40207-3528@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40208",
"url": "https://lore.kernel.org/linux-cve-announce/2025111247-CVE-2025-40208-ded6@gregkh/"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4379 vom 2025-11-25",
"url": "https://lists.debian.org/debian-lts-announce/2025/11/msg00022.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22392 vom 2025-12-01",
"url": "https://access.redhat.com/errata/RHSA-2025:22392"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22405 vom 2025-12-01",
"url": "https://access.redhat.com/errata/RHSA-2025:22405"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-22405 vom 2025-12-02",
"url": "https://linux.oracle.com/errata/ELSA-2025-22405.html"
},
{
"category": "external",
"summary": "Container-Optimized OS release notes vom 2025-12-03",
"url": "https://docs.cloud.google.com/container-optimized-os/docs/release-notes#December_02_2025"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:22405 vom 2025-12-04",
"url": "https://errata.build.resf.org/RLSA-2025:22405"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22854 vom 2025-12-08",
"url": "https://access.redhat.com/errata/RHSA-2025:22854"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-22854 vom 2025-12-09",
"url": "https://linux.oracle.com/errata/ELSA-2025-22854.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.15-2025-095 vom 2025-12-08",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.15-2025-095.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-28048 vom 2025-12-12",
"url": "https://linux.oracle.com/errata/ELSA-2025-28048.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-28049 vom 2025-12-15",
"url": "https://oss.oracle.com/pipermail/el-errata/2025-December/019260.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:22854 vom 2025-12-14",
"url": "https://errata.build.resf.org/RLSA-2025:22854"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4404 vom 2025-12-12",
"url": "https://lists.debian.org/debian-lts-announce/2025/12/msg00015.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-28049 vom 2025-12-15",
"url": "https://linux.oracle.com/errata/ELSA-2025-28049.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4393-1 vom 2025-12-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023538.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23424 vom 2025-12-17",
"url": "https://access.redhat.com/errata/RHSA-2025:23424"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23450 vom 2025-12-17",
"url": "https://access.redhat.com/errata/RHSA-2025:23450"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23422 vom 2025-12-17",
"url": "https://access.redhat.com/errata/RHSA-2025:23422"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23426 vom 2025-12-17",
"url": "https://access.redhat.com/errata/RHSA-2025:23426"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23423 vom 2025-12-17",
"url": "https://access.redhat.com/errata/RHSA-2025:23423"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23427 vom 2025-12-17",
"url": "https://access.redhat.com/errata/RHSA-2025:23427"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23425 vom 2025-12-17",
"url": "https://access.redhat.com/errata/RHSA-2025:23425"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4422-1 vom 2025-12-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023573.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23463 vom 2025-12-17",
"url": "https://access.redhat.com/errata/RHSA-2025:23463"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4506-1 vom 2025-12-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WTUJ36GACHYQN5EBFUNRPSW63S3SZXJ5/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4505-1 vom 2025-12-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3D5W2444LYTUJVXYGB63LTMU25GRLRJR/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4515-1 vom 2025-12-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023647.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4516-1 vom 2025-12-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023646.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4517-1 vom 2025-12-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023649.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4521-1 vom 2025-12-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023651.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4530-1 vom 2025-12-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023658.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4530-1 vom 2025-12-29",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3ZJXHV4TJM3LRAHWS7AE4LY344HKKW3D/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0029-1 vom 2026-01-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023679.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0033-1 vom 2026-01-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023686.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0034-1 vom 2026-01-06",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SD42TBT2POVOPEQIWTZDVKRXUBRUUL3W/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0032-1 vom 2026-01-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023687.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20021-1 vom 2026-01-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023723.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20015-1 vom 2026-01-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023727.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20012-1 vom 2026-01-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023715.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20059-1 vom 2026-01-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023751.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20039-1 vom 2026-01-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023767.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0144-1 vom 2026-01-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023788.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0146-1 vom 2026-01-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023786.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0145-1 vom 2026-01-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023787.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0148-1 vom 2026-01-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023784.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0154-1 vom 2026-01-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023797.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0166-1 vom 2026-01-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023794.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0163-1 vom 2026-01-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023795.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0155-1 vom 2026-01-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023796.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0176-1 vom 2026-01-20",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PSMTB6JYSBEU2CF3OD7SW3ZIJGKEKBZA/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0173-1 vom 2026-01-20",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/C7EZZMG5MOJB6A2OZ4KLGVN4SVE4LWEL/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0168-1 vom 2026-01-20",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DUZFNORTIL7FT4JAMWNYAWMBHYUP24BR/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0174-1 vom 2026-01-20",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EYNRLMEYZG4OCUWVVR7BLL22PT3MTAV7/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0169-1 vom 2026-01-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023802.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0171-1 vom 2026-01-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023801.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0180-1 vom 2026-01-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023805.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0185-1 vom 2026-01-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023821.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0186-1 vom 2026-01-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023825.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0184-1 vom 2026-01-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023822.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0188-1 vom 2026-01-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023823.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0187-1 vom 2026-01-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023824.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0202-1 vom 2026-01-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023839.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0191-1 vom 2026-01-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023827.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0206-1 vom 2026-01-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023836.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0200-1 vom 2026-01-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023840.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0204-1 vom 2026-01-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023837.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0203-1 vom 2026-01-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023838.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0209-1 vom 2026-01-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023841.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0246-1 vom 2026-01-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023844.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0247-1 vom 2026-01-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023843.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0262-1 vom 2026-01-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AWNTVMXJYTURBPUXSIOYGW72SXW3YMXY/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0269-1 vom 2026-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023901.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0278-1 vom 2026-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023906.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0270-1 vom 2026-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023900.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0274-1 vom 2026-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023907.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0281-1 vom 2026-01-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023914.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0283-1 vom 2026-01-26",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RL3G7CGUCYSV3BWUFT3T7JKBIRLXKROU/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0293-1 vom 2026-01-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023915.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50071 vom 2026-01-26",
"url": "https://linux.oracle.com/errata/ELSA-2026-50071.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20112-1 vom 2026-01-27",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VAR5E3K2CEDVGJPL4HSCKQYB2XQD7AYZ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20149-1 vom 2026-01-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023950.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0316-1 vom 2026-01-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023970.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0315-1 vom 2026-01-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023971.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20169-1 vom 2026-01-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023938.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20168-1 vom 2026-01-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023939.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20164-1 vom 2026-01-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023942.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20171-1 vom 2026-02-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024010.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20202-1 vom 2026-02-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024017.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20120-1 vom 2026-02-03",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PEJKNNWOBXY6QH746YIQRZDAHVNYS7TJ/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20145-1 vom 2026-02-03",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FIKVKDA42VXBWDNHA6WP345IDVA2E3XU/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20207-1 vom 2026-02-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024052.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20228-1 vom 2026-02-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024063.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20220-1 vom 2026-02-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024067.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50100 vom 2026-02-10",
"url": "http://linux.oracle.com/errata/ELSA-2026-50100.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0447-1 vom 2026-02-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024124.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-3 vom 2026-02-12",
"url": "https://ubuntu.com/security/notices/USN-8033-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8030-1 vom 2026-02-12",
"url": "https://ubuntu.com/security/notices/USN-8030-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-1 vom 2026-02-12",
"url": "https://ubuntu.com/security/notices/USN-8033-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-2 vom 2026-02-12",
"url": "https://ubuntu.com/security/notices/USN-8033-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8034-1 vom 2026-02-12",
"url": "https://ubuntu.com/security/notices/USN-8034-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0471-1 vom 2026-02-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024142.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0472-1 vom 2026-02-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024141.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0473-1 vom 2026-02-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024136.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-4 vom 2026-02-13",
"url": "https://ubuntu.com/security/notices/USN-8033-4"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20259-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024216.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0518-1 vom 2026-02-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024257.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0515-1 vom 2026-02-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024264.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20334-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024161.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0546-1 vom 2026-02-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024245.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20265-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024218.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20250-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024232.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20263-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024220.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20248-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024230.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20251-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024231.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20261-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024224.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0489-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024153.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0490-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024152.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0491-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024151.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20255-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024228.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20258-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024219.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20252-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024225.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20253-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024223.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20262-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024222.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20256-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024221.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20254-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024229.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0524-1 vom 2026-02-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024255.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0525-1 vom 2026-02-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024254.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20260-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024215.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0521-1 vom 2026-02-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024256.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0543-1 vom 2026-02-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024247.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20266-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024217.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20257-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024226.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20249-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024227.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0561-1 vom 2026-02-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024276.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0560-1 vom 2026-02-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024277.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0556-1 vom 2026-02-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024269.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0550-1 vom 2026-02-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024266.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0551-1 vom 2026-02-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024265.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0554-1 vom 2026-02-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024271.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0555-1 vom 2026-02-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024270.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0557-1 vom 2026-02-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024268.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0548-1 vom 2026-02-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024267.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20400-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024292.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20376-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024316.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20383-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024309.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20382-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024310.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8048-1 vom 2026-02-17",
"url": "https://ubuntu.com/security/notices/USN-8048-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20381-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024311.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20397-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024295.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20396-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024296.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20384-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024308.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20385-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024307.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-5 vom 2026-02-17",
"url": "https://ubuntu.com/security/notices/USN-8033-5"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20398-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024294.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8034-2 vom 2026-02-17",
"url": "https://ubuntu.com/security/notices/USN-8034-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20399-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024293.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20380-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024312.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8029-1 vom 2026-02-17",
"url": "https://ubuntu.com/security/notices/USN-8029-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20379-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024313.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20392-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024300.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20393-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024299.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20378-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024314.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20394-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024298.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-6 vom 2026-02-17",
"url": "https://ubuntu.com/security/notices/USN-8033-6"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20377-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024315.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8029-2 vom 2026-02-17",
"url": "https://ubuntu.com/security/notices/USN-8029-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20395-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024297.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-7 vom 2026-02-19",
"url": "https://ubuntu.com/security/notices/USN-8033-7"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2026-112 vom 2026-02-19",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2026-112.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8033-8 vom 2026-02-19",
"url": "https://ubuntu.com/security/notices/USN-8033-8"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0587-1 vom 2026-02-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024356.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8029-3 vom 2026-02-24",
"url": "https://ubuntu.com/security/notices/USN-8029-3"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20464-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024420.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20478-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024408.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20462-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024422.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20477-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024409.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20473-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024411.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20455-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024429.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20456-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024428.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20457-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024427.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20458-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024426.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20459-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024425.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20479-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024407.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20472-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024412.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20471-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024413.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20470-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024414.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20469-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024415.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20468-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024416.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20463-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024421.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20466-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024418.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20460-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024424.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20465-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024419.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20461-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024423.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20520-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024455.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20516-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024459.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20517-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024458.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20518-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024457.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20515-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024460.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20513-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024462.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20499-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024475.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20500-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024474.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20501-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024473.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20502-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024472.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20496-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024477.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20519-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024456.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20498-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024476.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20512-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024463.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20503-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024471.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20511-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024464.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20514-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024461.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20504-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024470.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20505-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024469.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20506-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024468.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20287-1 vom 2026-02-28",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/K7KIWX7XP3UMVFSHT47OOZ24TQQYNNHI/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20507-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024467.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20508-1 vom 2026-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024466.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20541-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024595.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20570-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024574.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20558-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024587.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20606-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024610.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20615-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024605.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20599-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024614.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20555-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024590.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20564-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024575.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20562-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024577.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20635-1 vom 2026-03-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024643.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20644-1 vom 2026-03-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024656.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20645-1 vom 2026-03-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024655.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8100-1 vom 2026-03-17",
"url": "https://ubuntu.com/security/notices/USN-8100-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8095-1 vom 2026-03-17",
"url": "https://ubuntu.com/security/notices/USN-8095-1"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2026-114 vom 2026-03-17",
"url": "https://www.dell.com/support/kbdoc/000436206"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8095-2 vom 2026-03-17",
"url": "https://ubuntu.com/security/notices/USN-8095-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8095-3 vom 2026-03-17",
"url": "https://ubuntu.com/security/notices/USN-8095-3"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0962-1 vom 2026-03-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024803.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8095-4 vom 2026-03-23",
"url": "https://ubuntu.com/security/notices/USN-8095-4"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20794-1 vom 2026-03-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024895.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20772-1 vom 2026-03-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024862.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20819-1 vom 2026-03-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024871.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8126-1 vom 2026-03-25",
"url": "https://ubuntu.com/security/notices/USN-8126-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8125-1 vom 2026-03-25",
"url": "https://ubuntu.com/security/notices/USN-8125-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1081-1 vom 2026-03-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024953.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20845-1 vom 2026-03-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024994.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20872-1 vom 2026-03-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024969.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20876-1 vom 2026-03-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/025054.html"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-30T22:00:00.000+00:00",
"generator": {
"date": "2026-03-31T08:55:58.753+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-2595",
"initial_release_date": "2025-11-12T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-11-12T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-11-25T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-11-30T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-12-02T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-12-03T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-12-08T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat, Oracle Linux und Amazon aufgenommen"
},
{
"date": "2025-12-14T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Oracle Linux, Rocky Enterprise Software Foundation und Debian aufgenommen"
},
{
"date": "2025-12-15T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-12-16T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-12-17T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat und SUSE aufgenommen"
},
{
"date": "2025-12-22T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-12-23T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-12-28T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-12-29T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-05T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-11T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-14T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-18T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-19T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-21T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-22T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-25T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-26T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
},
{
"date": "2026-01-27T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-01-28T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-02T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-03T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von SUSE und openSUSE aufgenommen"
},
{
"date": "2026-02-04T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-05T23:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-09T23:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-02-11T23:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-12T23:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-15T23:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-16T23:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-17T23:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
},
{
"date": "2026-02-18T23:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von Ubuntu und Amazon aufgenommen"
},
{
"date": "2026-02-19T23:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-02-22T23:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-23T23:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-02-26T23:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-01T23:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von SUSE und openSUSE aufgenommen"
},
{
"date": "2026-03-05T23:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-08T23:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-16T23:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von Ubuntu und Dell aufgenommen"
},
{
"date": "2026-03-17T23:00:00.000+00:00",
"number": "46",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-03-23T23:00:00.000+00:00",
"number": "47",
"summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
},
{
"date": "2026-03-24T23:00:00.000+00:00",
"number": "48",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-25T23:00:00.000+00:00",
"number": "49",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-03-26T23:00:00.000+00:00",
"number": "50",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-29T22:00:00.000+00:00",
"number": "51",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-30T22:00:00.000+00:00",
"number": "52",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "52"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vProxy \u003c19.13.0.3",
"product": {
"name": "Dell NetWorker vProxy \u003c19.13.0.3",
"product_id": "T051763"
}
},
{
"category": "product_version",
"name": "vProxy 19.13.0.3",
"product": {
"name": "Dell NetWorker vProxy 19.13.0.3",
"product_id": "T051763-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:vproxy__19.13.0.3"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Google Container-Optimized OS",
"product": {
"name": "Google Container-Optimized OS",
"product_id": "1607324",
"product_identification_helper": {
"cpe": "cpe:/o:google:container-optimized_os:-"
}
}
}
],
"category": "vendor",
"name": "Google"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T028462",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:unspecified"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-40178",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40178"
},
{
"cve": "CVE-2025-40179",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40179"
},
{
"cve": "CVE-2025-40180",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40180"
},
{
"cve": "CVE-2025-40181",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40181"
},
{
"cve": "CVE-2025-40182",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40182"
},
{
"cve": "CVE-2025-40183",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40183"
},
{
"cve": "CVE-2025-40184",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40184"
},
{
"cve": "CVE-2025-40185",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40185"
},
{
"cve": "CVE-2025-40186",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40186"
},
{
"cve": "CVE-2025-40187",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40187"
},
{
"cve": "CVE-2025-40188",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40188"
},
{
"cve": "CVE-2025-40189",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40189"
},
{
"cve": "CVE-2025-40190",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40190"
},
{
"cve": "CVE-2025-40191",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40191"
},
{
"cve": "CVE-2025-40192",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40192"
},
{
"cve": "CVE-2025-40193",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40193"
},
{
"cve": "CVE-2025-40194",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40194"
},
{
"cve": "CVE-2025-40195",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40195"
},
{
"cve": "CVE-2025-40196",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40196"
},
{
"cve": "CVE-2025-40197",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40197"
},
{
"cve": "CVE-2025-40198",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40198"
},
{
"cve": "CVE-2025-40199",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40199"
},
{
"cve": "CVE-2025-40200",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40200"
},
{
"cve": "CVE-2025-40201",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40201"
},
{
"cve": "CVE-2025-40202",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40202"
},
{
"cve": "CVE-2025-40203",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40203"
},
{
"cve": "CVE-2025-40204",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40204"
},
{
"cve": "CVE-2025-40205",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40205"
},
{
"cve": "CVE-2025-40206",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40206"
},
{
"cve": "CVE-2025-40207",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40207"
},
{
"cve": "CVE-2025-40208",
"product_status": {
"known_affected": [
"T028462",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T051763",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2025-11-12T23:00:00.000+00:00",
"title": "CVE-2025-40208"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…