SUSE-SU-2025:02403-1

Advisory lineage Upstream: 10 Downstream: 0
Published: 21 Jul 2025, 07:07
Last modified:04 Feb 2026, 04:04

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

21 Jul 2025, 07:07
Published
Vulnerability first disclosed
04 Feb 2026, 04:04
Last Modified
Vulnerability information updated

Description

Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5) This update for the Linux Kernel 5.14.21-150500_55_68 fixes several issues. The following security issues were fixed: - CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234854). - CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235005). - CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892). - CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages (bsc#1235921). - CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) - CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912). - CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885). - CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors (bsc#1235769). - CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233118). - CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648).

Affected Systems

  • susekernel-livepatch-SLE15-SP5_Update_15&distro=SUSE Linux Enterprise Live Patching 15 SP5

    < 18-150500.2.1

References (21)