SUSE-SU-2025:0180-1: important: Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)
SUSE-SU-2025:0185-1: important: Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4)
SUSE-SU-2025:0187-1: important: Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)
SUSE-SU-2025:0188-1: important: Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6)
SUSE-SU-2025:0181-1: important: Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)
SUSE-SU-2025:0184-1: important: Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)
openSUSE-SU-2025:0018-1: important: Security update for chromium
SUSE-SU-2025:0180-1: important: Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)
# Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)
Announcement ID: SUSE-SU-2025:0180-1
Release Date: 2025-01-17T21:13:45Z
Rating: important
References:
* bsc#1232637
* bsc#1233712
Cross-References:
* CVE-2022-48956
* CVE-2024-50264
CVSS scores:
* CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.3
* SUSE Linux Enterprise High Performance Computing 12 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise Live Patching 12-SP5
* SUSE Linux Enterprise Live Patching 15-SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Server 12 SP5
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 12 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
An update that solves two vulnerabilities can now be installed.
## Description:
This update for the Linux Kernel 5.3.18-150300_59_179 fixes several issues.
The following security issues were fixed:
* CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer
occurring in vsk->trans (bsc#1233712).
* CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Live Patching 12-SP5
zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-180=1
* openSUSE Leap 15.3
zypper in -t patch SUSE-2025-182=1 SUSE-2025-183=1
* SUSE Linux Enterprise Live Patching 15-SP3
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-182=1 SUSE-SLE-
Module-Live-Patching-15-SP3-2025-183=1
## Package List:
* SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
* kgraft-patch-4_12_14-122_231-default-2-8.6.1
* openSUSE Leap 15.3 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP3_Update_49-debugsource-2-150300.7.6.1
* kernel-livepatch-5_3_18-150300_59_174-default-debuginfo-2-150300.7.6.1
* kernel-livepatch-5_3_18-150300_59_179-default-2-150300.7.6.1
* kernel-livepatch-5_3_18-150300_59_174-default-2-150300.7.6.1
* kernel-livepatch-SLE15-SP3_Update_48-debugsource-2-150300.7.6.1
* kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-2-150300.7.6.1
* openSUSE Leap 15.3 (x86_64)
* kernel-livepatch-5_3_18-150300_59_174-preempt-debuginfo-2-150300.7.6.1
* kernel-livepatch-5_3_18-150300_59_179-preempt-2-150300.7.6.1
* kernel-livepatch-5_3_18-150300_59_174-preempt-2-150300.7.6.1
* kernel-livepatch-5_3_18-150300_59_179-preempt-debuginfo-2-150300.7.6.1
* SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
* kernel-livepatch-5_3_18-150300_59_174-default-2-150300.7.6.1
* kernel-livepatch-SLE15-SP3_Update_49-debugsource-2-150300.7.6.1
* kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-2-150300.7.6.1
* kernel-livepatch-5_3_18-150300_59_179-default-2-150300.7.6.1
## References:
* https://www.suse.com/security/cve/CVE-2022-48956.html
* https://www.suse.com/security/cve/CVE-2024-50264.html
* https://bugzilla.suse.com/show_bug.cgi?id=1232637
* https://bugzilla.suse.com/show_bug.cgi?id=1233712
SUSE-SU-2025:0185-1: important: Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4)
# Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4)
Announcement ID: SUSE-SU-2025:0185-1
Release Date: 2025-01-17T22:13:28Z
Rating: important
References:
* bsc#1231353
* bsc#1232637
* bsc#1233712
Cross-References:
* CVE-2022-48956
* CVE-2024-50264
CVSS scores:
* CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
An update that solves two vulnerabilities and has one security fix can now be
installed.
## Description:
This update for the Linux Kernel 5.14.21-150400_24_136 fixes several issues.
The following security issues were fixed:
* CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer
occurring in vsk->trans (bsc#1233712).
* CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-186=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2025-185=1
* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-185=1 SUSE-2025-186=1
## Package List:
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_133-default-2-150400.9.6.1
* kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-2-150400.9.6.1
* kernel-livepatch-SLE15-SP4_Update_31-debugsource-2-150400.9.6.1
* kernel-livepatch-SLE15-SP4_Update_32-debugsource-2-150400.9.6.1
* kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-2-150400.9.6.1
* kernel-livepatch-5_14_21-150400_24_136-default-2-150400.9.6.1
* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_133-default-2-150400.9.6.1
* kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-2-150400.9.6.1
* kernel-livepatch-SLE15-SP4_Update_31-debugsource-2-150400.9.6.1
* kernel-livepatch-SLE15-SP4_Update_32-debugsource-2-150400.9.6.1
* kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-2-150400.9.6.1
* kernel-livepatch-5_14_21-150400_24_136-default-2-150400.9.6.1
## References:
* https://www.suse.com/security/cve/CVE-2022-48956.html
* https://www.suse.com/security/cve/CVE-2024-50264.html
* https://bugzilla.suse.com/show_bug.cgi?id=1231353
* https://bugzilla.suse.com/show_bug.cgi?id=1232637
* https://bugzilla.suse.com/show_bug.cgi?id=1233712
SUSE-SU-2025:0187-1: important: Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)
# Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)
Announcement ID: SUSE-SU-2025:0187-1
Release Date: 2025-01-18T02:03:59Z
Rating: important
References:
* bsc#1225733
* bsc#1225739
* bsc#1225819
* bsc#1228786
* bsc#1229273
* bsc#1229553
* bsc#1231419
* bsc#1233712
Cross-References:
* CVE-2023-52752
* CVE-2024-35949
* CVE-2024-36899
* CVE-2024-36904
* CVE-2024-40954
* CVE-2024-42133
* CVE-2024-43861
* CVE-2024-50264
CVSS scores:
* CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-42133 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-42133 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-42133 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.6
* SUSE Linux Enterprise Live Patching 15-SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that solves eight vulnerabilities can now be installed.
## Description:
This update for the Linux Kernel 6.4.0-150600_23_7 fixes several issues.
The following security issues were fixed:
* CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer
occurring in vsk->trans (bsc#1233712).
* CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique()
(bsc#1225733).
* CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).
* CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG
(bsc#1231419).
* CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks
(bsc#1229273).
* CVE-2023-52752: smb: client: fix use-after-free bug in
cifs_debug_data_proc_show() (bsc#1225819).
* CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify
(bsc#1231353).
* CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify
(bsc#1225739).
* CVE-2024-40954: net: do not leave a dangling sk pointer, when socket
creation fails (bsc#1227808)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-187=1
* SUSE Linux Enterprise Live Patching 15-SP6
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-187=1
## Package List:
* openSUSE Leap 15.6 (ppc64le s390x x86_64)
* kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-6-150600.13.6.1
* kernel-livepatch-6_4_0-150600_23_7-default-6-150600.13.6.1
* kernel-livepatch-SLE15-SP6_Update_1-debugsource-6-150600.13.6.1
* SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
* kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-6-150600.13.6.1
* kernel-livepatch-6_4_0-150600_23_7-default-6-150600.13.6.1
* kernel-livepatch-SLE15-SP6_Update_1-debugsource-6-150600.13.6.1
## References:
* https://www.suse.com/security/cve/CVE-2023-52752.html
* https://www.suse.com/security/cve/CVE-2024-35949.html
* https://www.suse.com/security/cve/CVE-2024-36899.html
* https://www.suse.com/security/cve/CVE-2024-36904.html
* https://www.suse.com/security/cve/CVE-2024-40954.html
* https://www.suse.com/security/cve/CVE-2024-42133.html
* https://www.suse.com/security/cve/CVE-2024-43861.html
* https://www.suse.com/security/cve/CVE-2024-50264.html
* https://bugzilla.suse.com/show_bug.cgi?id=1225733
* https://bugzilla.suse.com/show_bug.cgi?id=1225739
* https://bugzilla.suse.com/show_bug.cgi?id=1225819
* https://bugzilla.suse.com/show_bug.cgi?id=1228786
* https://bugzilla.suse.com/show_bug.cgi?id=1229273
* https://bugzilla.suse.com/show_bug.cgi?id=1229553
* https://bugzilla.suse.com/show_bug.cgi?id=1231419
* https://bugzilla.suse.com/show_bug.cgi?id=1233712
SUSE-SU-2025:0188-1: important: Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6)
# Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6)
Announcement ID: SUSE-SU-2025:0188-1
Release Date: 2025-01-18T02:04:11Z
Rating: important
References:
* bsc#1225819
* bsc#1228349
* bsc#1228786
* bsc#1229273
* bsc#1229553
* bsc#1231419
* bsc#1233712
Cross-References:
* CVE-2023-52752
* CVE-2024-35949
* CVE-2024-40909
* CVE-2024-40954
* CVE-2024-42133
* CVE-2024-43861
* CVE-2024-50264
CVSS scores:
* CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-42133 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-42133 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-42133 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.6
* SUSE Linux Enterprise Live Patching 15-SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that solves seven vulnerabilities can now be installed.
## Description:
This update for the Linux Kernel 6.4.0-150600_23_14 fixes several issues.
The following security issues were fixed:
* CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer
occurring in vsk->trans (bsc#1233712).
* CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).
* CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG
(bsc#1231419).
* CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks
(bsc#1229273).
* CVE-2023-52752: smb: client: fix use-after-free bug in
cifs_debug_data_proc_show() (bsc#1225819).
* CVE-2024-40954: net: do not leave a dangling sk pointer, when socket
creation fails (bsc#1227808)
* CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free()
(bsc#1228349).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-188=1
* SUSE Linux Enterprise Live Patching 15-SP6
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-188=1
## Package List:
* openSUSE Leap 15.6 (ppc64le s390x x86_64)
* kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-6-150600.13.6.1
* kernel-livepatch-6_4_0-150600_23_14-default-6-150600.13.6.1
* kernel-livepatch-SLE15-SP6_Update_2-debugsource-6-150600.13.6.1
* SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
* kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-6-150600.13.6.1
* kernel-livepatch-6_4_0-150600_23_14-default-6-150600.13.6.1
* kernel-livepatch-SLE15-SP6_Update_2-debugsource-6-150600.13.6.1
## References:
* https://www.suse.com/security/cve/CVE-2023-52752.html
* https://www.suse.com/security/cve/CVE-2024-35949.html
* https://www.suse.com/security/cve/CVE-2024-40909.html
* https://www.suse.com/security/cve/CVE-2024-40954.html
* https://www.suse.com/security/cve/CVE-2024-42133.html
* https://www.suse.com/security/cve/CVE-2024-43861.html
* https://www.suse.com/security/cve/CVE-2024-50264.html
* https://bugzilla.suse.com/show_bug.cgi?id=1225819
* https://bugzilla.suse.com/show_bug.cgi?id=1228349
* https://bugzilla.suse.com/show_bug.cgi?id=1228786
* https://bugzilla.suse.com/show_bug.cgi?id=1229273
* https://bugzilla.suse.com/show_bug.cgi?id=1229553
* https://bugzilla.suse.com/show_bug.cgi?id=1231419
* https://bugzilla.suse.com/show_bug.cgi?id=1233712
SUSE-SU-2025:0181-1: important: Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)
# Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)
Announcement ID: SUSE-SU-2025:0181-1
Release Date: 2025-01-17T20:03:47Z
Rating: important
References:
* bsc#1225429
* bsc#1229553
* bsc#1232637
* bsc#1233712
Cross-References:
* CVE-2021-47517
* CVE-2022-48956
* CVE-2024-43861
* CVE-2024-50264
CVSS scores:
* CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H
* CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that solves four vulnerabilities can now be installed.
## Description:
This update for the Linux Kernel 5.14.21-150500_55_73 fixes several issues.
The following security issues were fixed:
* CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer
occurring in vsk->trans (bsc#1233712).
* CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).
* CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool
(bsc#1225429).
* CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2025-181=1
* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-181=1
## Package List:
* openSUSE Leap 15.5 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP5_Update_17-debugsource-3-150500.11.6.1
* kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-3-150500.11.6.1
* kernel-livepatch-5_14_21-150500_55_73-default-3-150500.11.6.1
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-3-150500.11.6.1
* kernel-livepatch-5_14_21-150500_55_73-default-3-150500.11.6.1
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le x86_64)
* kernel-livepatch-SLE15-SP5_Update_17-debugsource-3-150500.11.6.1
## References:
* https://www.suse.com/security/cve/CVE-2021-47517.html
* https://www.suse.com/security/cve/CVE-2022-48956.html
* https://www.suse.com/security/cve/CVE-2024-43861.html
* https://www.suse.com/security/cve/CVE-2024-50264.html
* https://bugzilla.suse.com/show_bug.cgi?id=1225429
* https://bugzilla.suse.com/show_bug.cgi?id=1229553
* https://bugzilla.suse.com/show_bug.cgi?id=1232637
* https://bugzilla.suse.com/show_bug.cgi?id=1233712
SUSE-SU-2025:0184-1: important: Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)
# Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)
Announcement ID: SUSE-SU-2025:0184-1
Release Date: 2025-01-18T13:04:03Z
Rating: important
References:
* bsc#1233712
Cross-References:
* CVE-2024-50264
CVSS scores:
* CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.3
* openSUSE Leap 15.4
* openSUSE Leap 15.6
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP3
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Live Patching 15-SP6
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that solves one vulnerability can now be installed.
## Description:
This update for the Linux Kernel 6.4.0-150600_23_25 fixes one issue.
The following security issue was fixed:
* CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer
occurring in vsk->trans (bsc#1233712).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.3
zypper in -t patch SUSE-2025-184=1
* SUSE Linux Enterprise Live Patching 15-SP3
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-184=1
* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-190=1
* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-190=1
* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-189=1
* SUSE Linux Enterprise Live Patching 15-SP6
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-189=1
## Package List:
* openSUSE Leap 15.3 (ppc64le s390x x86_64)
* kernel-livepatch-5_3_18-150300_59_182-default-2-150300.7.6.1
* kernel-livepatch-SLE15-SP3_Update_50-debugsource-2-150300.7.6.1
* kernel-livepatch-5_3_18-150300_59_182-default-debuginfo-2-150300.7.6.1
* openSUSE Leap 15.3 (x86_64)
* kernel-livepatch-5_3_18-150300_59_182-preempt-2-150300.7.6.1
* kernel-livepatch-5_3_18-150300_59_182-preempt-debuginfo-2-150300.7.6.1
* SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
* kernel-livepatch-5_3_18-150300_59_182-default-2-150300.7.6.1
* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-2-150400.9.8.1
* kernel-livepatch-SLE15-SP4_Update_33-debugsource-2-150400.9.8.1
* kernel-livepatch-5_14_21-150400_24_141-default-2-150400.9.8.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-2-150400.9.8.1
* kernel-livepatch-SLE15-SP4_Update_33-debugsource-2-150400.9.8.1
* kernel-livepatch-5_14_21-150400_24_141-default-2-150400.9.8.1
* openSUSE Leap 15.6 (ppc64le s390x x86_64)
* kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-2-150600.13.6.1
* kernel-livepatch-6_4_0-150600_23_25-default-2-150600.13.6.1
* kernel-livepatch-SLE15-SP6_Update_5-debugsource-2-150600.13.6.1
* SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
* kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-2-150600.13.6.1
* kernel-livepatch-6_4_0-150600_23_25-default-2-150600.13.6.1
* kernel-livepatch-SLE15-SP6_Update_5-debugsource-2-150600.13.6.1
## References:
* https://www.suse.com/security/cve/CVE-2024-50264.html
* https://bugzilla.suse.com/show_bug.cgi?id=1233712
openSUSE-SU-2025:0018-1: important: Security update for chromium
openSUSE Security Update: Security update for chromium
_______________________________
Announcement ID: openSUSE-SU-2025:0018-1
Rating: important
References: #1235892
Cross-References: CVE-2025-0434 CVE-2025-0435 CVE-2025-0436
CVE-2025-0437 CVE-2025-0438 CVE-2025-0439
CVE-2025-0440 CVE-2025-0441 CVE-2025-0442
CVE-2025-0443 CVE-2025-0446 CVE-2025-0447
CVE-2025-0448
Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________
An update that fixes 13 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
- Chromium 132.0.6834.83 (stable released 2024-01-14) (boo#1235892)
* CVE-2025-0434: Out of bounds memory access in V8
* CVE-2025-0435: Inappropriate implementation in Navigation
* CVE-2025-0436: Integer overflow in Skia
* CVE-2025-0437: Out of bounds read in Metrics
* CVE-2025-0438: Stack buffer overflow in Tracing
* CVE-2025-0439: Race in Frames
* CVE-2025-0440: Inappropriate implementation in Fullscreen
* CVE-2025-0441: Inappropriate implementation in Fenced Frames
* CVE-2025-0442: Inappropriate implementation in Payments
* CVE-2025-0443: Insufficient data validation in Extensions
* CVE-2025-0446: Inappropriate implementation in Extensions
* CVE-2025-0447: Inappropriate implementation in Navigation
* CVE-2025-0448: Inappropriate implementation in Compositing
- update esbuild to 0.24.0
- drop old tarball
- use upstream release tarball for 0.24.0
- add vendor tarball for golang.org/x/sys
- add to keeplibs: third_party/libtess2
third_party/devtools-frontend/src/node_modules/fast-glob
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP6:
zypper in -t patch openSUSE-2025-18=1
Package List:
- openSUSE Backports SLE-15-SP6 (aarch64 x86_64):
chromedriver-132.0.6834.83-bp156.2.69.1
chromium-132.0.6834.83-bp156.2.69.1
References:
https://www.suse.com/security/cve/CVE-2025-0434.html
https://www.suse.com/security/cve/CVE-2025-0435.html
https://www.suse.com/security/cve/CVE-2025-0436.html
https://www.suse.com/security/cve/CVE-2025-0437.html
https://www.suse.com/security/cve/CVE-2025-0438.html
https://www.suse.com/security/cve/CVE-2025-0439.html
https://www.suse.com/security/cve/CVE-2025-0440.html
https://www.suse.com/security/cve/CVE-2025-0441.html
https://www.suse.com/security/cve/CVE-2025-0442.html
https://www.suse.com/security/cve/CVE-2025-0443.html
https://www.suse.com/security/cve/CVE-2025-0446.html
https://www.suse.com/security/cve/CVE-2025-0447.html
https://www.suse.com/security/cve/CVE-2025-0448.html
https://bugzilla.suse.com/1235892