SUSE-SU-2025:21080-1

Advisory lineage Upstream: 83 Downstream: 0
Published: 26 Nov 2025, 15:59
Last modified:23 Mar 2026, 04:51

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

26 Nov 2025, 15:59
Published
Vulnerability first disclosed
23 Mar 2026, 04:51
Last Modified
Vulnerability information updated

Description

Security update for the Linux Kernel The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-21816: hrtimers: Force migrate away hrtimers queued after (bsc#1238472). - CVE-2025-38653: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (bsc#1248630). - CVE-2025-38718: sctp: linearize cloned gso packets in sctp_rcv (bsc#1249161). - CVE-2025-39676: scsi: qla4xxx: Prevent a potential error pointer dereference (bsc#1249302). - CVE-2025-39702: ipv6: sr: Fix MAC comparison to be constant-time (bsc#1249317). - CVE-2025-39756: fs: Prevent file descriptor table allocations exceeding INT_MAX (bsc#1249512). - CVE-2025-39779: btrfs: subpage: keep TOWRITE tag until folio is cleaned (bsc#1249495). - CVE-2025-39812: sctp: initialize more fields in sctp_v6_from_sk() (bsc#1250202). - CVE-2025-39866: fs: writeback: fix use-after-free in __mark_inode_dirty() (bsc#1250455). - CVE-2025-39876: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (bsc#1250400). - CVE-2025-39881: kernfs: Fix UAF in polling when open file is released (bsc#1250379). - CVE-2025-39895: sched: Fix sched_numa_find_nth_cpu() if mask offline (bsc#1250721). - CVE-2025-39903: of_numa: fix uninitialized memory nodes causing kernel panic (bsc#1250749). - CVE-2025-39911: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (bsc#1250704). - CVE-2025-39947: net/mlx5e: Harden uplink netdev access against device unbind (bsc#1251232). - CVE-2025-39948: ice: fix Rx page leak on multi-buffer frames (bsc#1251233). - CVE-2025-39949: qed: Don't collect too many protection override GRC elements (bsc#1251177). - CVE-2025-39950: net/tcp: Fix a NULL pointer dereference when using TCP-AO with TCP_REPAIR (bsc#1251176). - CVE-2025-39955: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect() (bsc#1251804). - CVE-2025-39956: igc: don't fail igc_probe() on LED setup error (bsc#1251809). - CVE-2025-39963: io_uring: fix incorrect io_kiocb reference in io_link_skb (bsc#1251819). - CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047). - CVE-2025-39969: i40e: fix validation of VF state in get resources (bsc#1252044). - CVE-2025-39970: i40e: fix input validation logic for action_meta (bsc#1252051). - CVE-2025-39971: i40e: fix idx validation in config queues msg (bsc#1252052). - CVE-2025-39972: i40e: fix idx validation in i40e_validate_queue_map (bsc#1252039). - CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035). - CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069). - CVE-2025-39979: net/mlx5: fs, add API for sharing HWS action by refcount (bsc#1252067). - CVE-2025-39984: net: tun: Update napi->skb after XDP process (bsc#1252081). - CVE-2025-39992: mm: swap: check for stable address space before operating on the VMA (bsc#1252076). - CVE-2025-40000: wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() (bsc#1252062). - CVE-2025-40005: spi: cadence-quadspi: Implement refcount to handle unbind during busy (bsc#1252349). - CVE-2025-40012: net/smc: fix warning in smc_rx_splice() when calling get_page() (bsc#1252330). - CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688). - CVE-2025-40040: mm/ksm: fix flag-dropping behavior in ksm_madvise (bsc#1252780). - CVE-2025-40051: vhost: vringh: Modify the return value check (bsc#1252858). - CVE-2025-40056: vhost: vringh: Fix copy_to_iter return value check (bsc#1252826). - CVE-2025-40060: coresight: trbe: Return NULL pointer for allocation failures (bsc#1252848). - CVE-2025-40078: bpf: Explicitly check accesses to bpf_sock_addr (bsc#1252789). - CVE-2025-40080: nbd: restrict sockets to TCP and UDP (bsc#1252774). - CVE-2025-40100: btrfs: do not assert we found block group item when creating free space tree (bsc#1252918). The following non security issues were fixed: - add bug reference to existing hv_netvsc change (bsc#1252265) - amd-pstate-ut: Reset amd-pstate driver mode after running selftests (bsc#1249226). - cgroup/cpuset: Remove remote_partition_check() & make update_cpumasks_hier() handle remote partition (bsc#1241166). - cpuset: Use new excpus for nocpu error check when enabling root partition (bsc#1241166). - cpuset: fix failure to enable isolated partition when containing isolcpus (bsc#1241166). - doc/README.SUSE: Correct the character used for TAINT_NO_SUPPORT The character was previously 'N', but upstream used it for TAINT_TEST, which prompted the change of TAINT_NO_SUPPORT to 'n'. - dpll: zl3073x: Add firmware loading functionality (bsc#1252253). - dpll: zl3073x: Add functions to access hardware registers (bsc#1252253). - dpll: zl3073x: Add low-level flash functions (bsc#1252253). - dpll: zl3073x: Add support to get fractional frequency offset (bsc#1252253). - dpll: zl3073x: Add support to get phase offset on connected input pin (bsc#1252253). - dpll: zl3073x: Add support to get/set esync on pins (bsc#1252253). - dpll: zl3073x: Fix double free in zl3073x_devlink_flash_update() (bsc#1252253). - dpll: zl3073x: Handle missing or corrupted flash configuration (bsc#1252253). - dpll: zl3073x: Implement devlink flash callback (bsc#1252253). - dpll: zl3073x: Increase maximum size of flash utility (bsc#1252253). - dpll: zl3073x: Refactor DPLL initialization (bsc#1252253). - drm/amd/pm: fix smu table id bound check issue in smu_cmn_update_table() (git-fixes). - drm/xe/guc: Prepare GuC register list and update ADS size for error capture (stable-fixes). - ixgbe: handle IXGBE_VF_FEATURES_NEGOTIATE mbox cmd (bsc#1247222). - ixgbe: handle IXGBE_VF_GET_PF_LINK_STATE mailbox operation (bsc#1247222). - ixgbevf: fix getting link speed data for E610 devices (bsc#1247222). - ixgbevf: fix mailbox API compatibility by negotiating supported features (bsc#1247222). - kbuild/modfinal: Link livepatches with module-common.o (bsc#1218644, bsc#1252270). - kdb: Replace deprecated strcpy() with memmove() in vkdb_printf() (bsc#1252939). - kernel-subpackage-spec: Do not doubly-sign modules (bsc#1251930). - nvme-auth: update sc_c in host response (git-fixes bsc#1249397). - perf hwmon_pmu: Fix uninitialized variable warning (perf-sle16-v6.13-userspace-update, git-fixes). - phy: cadence: cdns-dphy: Update calibration wait time for startup state machine (git-fixes). - powerpc/fadump: skip parameter area allocation when fadump is disabled (jsc#PED-9891 git-fixes). - proc: fix missing pde_set_flags() for net proc files (bsc#1248630) - proc: fix type confusion in pde_set_flags() (bsc#1248630) - rpm/check-for-config-changes: ignore CONFIG_SCHED_PROXY_EXEC, too (bsc#1250946) - scsi: storvsc: Prefer returning channel with the same CPU as on the I/O issuing CPU (bsc#1252267). - x86/microcode/AMD: Limit Entrysign signature checking to known generations (bsc#1252725). - x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID (bsc#1252734). - x86/resctrl: Refactor resctrl_arch_rmid_read() (bsc#1252734). - x86/virt/tdx: Mark memory cache state incoherent when making SEAMCALL (jsc#PED-348).

Affected Systems

  • susekernel-64kb&distro=SUSE Linux Micro 6.2

    < 6.12.0-160000.7.1

  • susekernel-default-base&distro=SUSE Linux Micro 6.2

    < 6.12.0-160000.6.1.160000.2.4

  • susekernel-default&distro=SUSE Linux Micro 6.2

    < 6.12.0-160000.7.1

  • susekernel-rt&distro=SUSE Linux Micro 6.2

    < 6.12.0-160000.7.1

  • susekernel-source&distro=SUSE Linux Micro 6.2

    < 6.12.0-160000.7.1

References (185)