SUSE-SU-2025:03129-1
Advisory lineage Upstream: 6 Downstream: 0
Published: 10 Sept 2025, 10:04
Last modified:04 Feb 2026, 04:40
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
10 Sept 2025, 10:04
Published
Vulnerability first disclosed
04 Feb 2026, 04:40
Last Modified
Vulnerability information updated
Description
Security update for the Linux Kernel (Live Patch 54 for SLE 15 SP3) This update for the Linux Kernel 5.3.18-150300_59_195 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579). - CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF (bsc#1237930). - CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235). - CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775). - CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791). - CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030).
Affected Systems
- suse•kernel-livepatch-SLE15-SP3_Update_54&distro=SUSE Linux Enterprise Live Patching 15 SP3
< 7-150300.2.1
References (13)
- https://www.suse.com/support/update/announcement/2025/suse-su-202503129-1/
- https://bugzilla.suse.com/1237930
- https://bugzilla.suse.com/1242579
- https://bugzilla.suse.com/1244235
- https://bugzilla.suse.com/1245775
- https://bugzilla.suse.com/1245791
- https://bugzilla.suse.com/1246030
- https://www.suse.com/security/cve/CVE-2022-49053
- https://www.suse.com/security/cve/CVE-2025-21999
- https://www.suse.com/security/cve/CVE-2025-37890
- https://www.suse.com/security/cve/CVE-2025-38000
- https://www.suse.com/security/cve/CVE-2025-38001
- https://www.suse.com/security/cve/CVE-2025-38212