SUSE-SU-2025:02390-1

Advisory lineage Upstream: 12 Downstream: 0
Published: 19 Jul 2025, 06:03
Last modified:23 Mar 2026, 04:46

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

19 Jul 2025, 06:03
Published
Vulnerability first disclosed
23 Mar 2026, 04:46
Last Modified
Vulnerability information updated

Description

Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6) This update for the Linux Kernel 6.4.0-150600_8 fixes several issues. The following security issues were fixed: - CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234854). - CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235005). - CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892). - CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages (bsc#1235921). - CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233227). - CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) - CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579). - CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912). - CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885). - CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors (bsc#1235769). - CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233118). - CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648).

Affected Systems

  • susekernel-livepatch-SLE15-SP6-RT_Update_0&distro=SUSE Linux Enterprise Live Patching 15 SP6

    < 18-150600.3.1

References (26)