Security updates have been released for various SUSE Linux packages, including the Linux Kernel and several third-party applications. Important security updates have been issued for Mozilla Firefox, sssd, podman, nvidia-container-toolkit, and other critical components. In addition to the important updates, moderate updates have also been released for elfutils and grub2. A total of 21 security updates are listed, including updates for the Linux Kernel, third-party applications, and several openSUSE packages.

SUSE-SU-2025:4171-1: important: Security update for the Linux Kernel (Live Patch 51 for SUSE Linux Enterprise 15 SP3)
SUSE-SU-2025:4173-1: important: Security update for MozillaFirefox
SUSE-SU-2025:4181-1: important: Security update for sssd
SUSE-SU-2025:4182-1: important: Security update for sssd
SUSE-SU-2025:4185-1: important: Security update for podman
SUSE-SU-2025:4172-1: important: Security update for the Linux Kernel (Live Patch 60 for SUSE Linux Enterprise 15 SP3)
SUSE-SU-2025:4187-1: critical: Security update for nvidia-container-toolkit
SUSE-SU-2025:4092-1: moderate: Security update for elfutils
SUSE-SU-2025:4188-1: important: Security update for the Linux Kernel
SUSE-SU-2025:4190-1: important: Security update for helm
SUSE-SU-2025:4191-1: important: Security update for amazon-ssm-agent
SUSE-SU-2025:4195-1: important: Security update for MozillaThunderbird
SUSE-SU-2025:4196-1: moderate: Security update for grub2
SUSE-SU-2025:4199-1: important: Security update for the Linux Kernel (Live Patch 33 for SUSE Linux Enterprise 15 SP4)
openSUSE-SU-2025:0439-1: important: Security update for tcpreplay
SUSE-SU-2025:4203-1: important: Security update for the Linux Kernel (Live Patch 58 for SUSE Linux Enterprise 15 SP3)
SUSE-SU-2025:4213-1: important: Security update for the Linux Kernel (Live Patch 61 for SUSE Linux Enterprise 15 SP3)
SUSE-SU-2025:4215-1: important: Security update for the Linux Kernel (Live Patch 35 for SUSE Linux Enterprise 15 SP4)
openSUSE-SU-2025:0437-1: important: Security update for act
openSUSE-SU-2025:0438-1: important: Security update for libebml

SUSE-SU-2025:4171-1: important: Security update for the Linux Kernel (Live Patch 51 for SUSE Linux Enterprise 15 SP3)

# Security update for the Linux Kernel (Live Patch 51 for SUSE Linux Enterprise
15 SP3)

Announcement ID: SUSE-SU-2025:4171-1
Release Date: 2025-11-23T13:34:34Z
Rating: important
References:

* bsc#1245778
* bsc#1250295
* bsc#1251228
* bsc#1251983

Cross-References:

* CVE-2022-50388
* CVE-2022-50432
* CVE-2023-53673
* CVE-2024-53141

CVSS scores:

* CVE-2022-50388 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50388 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50432 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50432 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53673 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53673 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53141 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-53141 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53141 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.3
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise Live Patching 15-SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP3

An update that solves four vulnerabilities can now be installed.

## Description:

This update for the SUSE Linux Enterprise kernel 5.3.18-150300.59.185 fixes
various security issues

The following security issues were fixed:

* CVE-2022-50388: nvme: fix multipath crash caused by flush request when
blktrace is enabled (bsc#1250295).
* CVE-2022-50432: kernfs: fix use-after-free in __kernfs_remove (bsc#1251228).
* CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before
deleting conn (bsc#1251983).
* CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt
(bsc#1245778).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2025-4171=1

* SUSE Linux Enterprise Live Patching 15-SP3
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-4171=1

## Package List:

* openSUSE Leap 15.3 (ppc64le s390x x86_64)
* kernel-livepatch-5_3_18-150300_59_185-default-debuginfo-16-150300.2.1
* kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1
* kernel-livepatch-SLE15-SP3_Update_51-debugsource-16-150300.2.1
* openSUSE Leap 15.3 (x86_64)
* kernel-livepatch-5_3_18-150300_59_185-preempt-debuginfo-16-150300.2.1
* kernel-livepatch-5_3_18-150300_59_185-preempt-16-150300.2.1
* SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
* kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1

## References:

* https://www.suse.com/security/cve/CVE-2022-50388.html
* https://www.suse.com/security/cve/CVE-2022-50432.html
* https://www.suse.com/security/cve/CVE-2023-53673.html
* https://www.suse.com/security/cve/CVE-2024-53141.html
* https://bugzilla.suse.com/show_bug.cgi?id=1245778
* https://bugzilla.suse.com/show_bug.cgi?id=1250295
* https://bugzilla.suse.com/show_bug.cgi?id=1251228
* https://bugzilla.suse.com/show_bug.cgi?id=1251983

SUSE-SU-2025:4173-1: important: Security update for MozillaFirefox

# Security update for MozillaFirefox

Announcement ID: SUSE-SU-2025:4173-1
Release Date: 2025-11-24T02:50:57Z
Rating: important
References:

* bsc#1253188

Cross-References:

* CVE-2025-11708
* CVE-2025-11709
* CVE-2025-11710
* CVE-2025-11711
* CVE-2025-11712
* CVE-2025-11713
* CVE-2025-11714
* CVE-2025-11715
* CVE-2025-13012
* CVE-2025-13013
* CVE-2025-13014
* CVE-2025-13015
* CVE-2025-13016
* CVE-2025-13017
* CVE-2025-13018
* CVE-2025-13019
* CVE-2025-13020

CVSS scores:

* CVE-2025-11708 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-11709 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-11710 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-11711 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
* CVE-2025-11712 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-11713 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
* CVE-2025-11714 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-11715 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-13012 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-13012 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-13013 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-13013 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-13014 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-13014 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-13015 ( SUSE ): 3.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
* CVE-2025-13015 ( NVD ): 3.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
* CVE-2025-13016 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-13016 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-13017 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-13017 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
* CVE-2025-13018 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-13018 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
* CVE-2025-13019 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-13019 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
* CVE-2025-13020 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-13020 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* Desktop Applications Module 15-SP6
* Desktop Applications Module 15-SP7
* openSUSE Leap 15.6
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves 17 vulnerabilities can now be installed.

## Description:

This update for MozillaFirefox fixes the following issues:

* Update to Firefox Extended Support Release 140.5.0 ESR (bsc#1253188)
* CVE-2025-13012: Race condition in the Graphics component.
* CVE-2025-13016: Incorrect boundary conditions in the JavaScript: WebAssembly
component.
* CVE-2025-13017: Same-origin policy bypass in the DOM: Notifications
component.
* CVE-2025-13018: Mitigation bypass in the DOM: Security component.
* CVE-2025-13019: Same-origin policy bypass in the DOM: Workers component.
* CVE-2025-13013: Mitigation bypass in the DOM: Core & HTML component.
* CVE-2025-13020: Use-after-free in the WebRTC: Audio/Video component.
* CVE-2025-13014: Use-after-free in the Audio/Video component.
* CVE-2025-13015: Spoofing issue in Firefox.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4173=1

* SUSE Linux Enterprise Server 15 SP3 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4173=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4173=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4173=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4173=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4173=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4173=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2025-4173=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-4173=1

* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-4173=1

* Desktop Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-4173=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4173=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4173=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4173=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4173=1

## Package List:

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* MozillaFirefox-translations-other-140.5.0-150200.152.210.1
* MozillaFirefox-translations-common-140.5.0-150200.152.210.1
* MozillaFirefox-debugsource-140.5.0-150200.152.210.1
* MozillaFirefox-140.5.0-150200.152.210.1
* MozillaFirefox-debuginfo-140.5.0-150200.152.210.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* MozillaFirefox-devel-140.5.0-150200.152.210.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-translations-other-140.5.0-150200.152.210.1
* MozillaFirefox-translations-common-140.5.0-150200.152.210.1
* MozillaFirefox-debugsource-140.5.0-150200.152.210.1
* MozillaFirefox-140.5.0-150200.152.210.1
* MozillaFirefox-debuginfo-140.5.0-150200.152.210.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
* MozillaFirefox-devel-140.5.0-150200.152.210.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-translations-other-140.5.0-150200.152.210.1
* MozillaFirefox-translations-common-140.5.0-150200.152.210.1
* MozillaFirefox-debugsource-140.5.0-150200.152.210.1
* MozillaFirefox-140.5.0-150200.152.210.1
* MozillaFirefox-debuginfo-140.5.0-150200.152.210.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* MozillaFirefox-devel-140.5.0-150200.152.210.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-translations-other-140.5.0-150200.152.210.1
* MozillaFirefox-translations-common-140.5.0-150200.152.210.1
* MozillaFirefox-debugsource-140.5.0-150200.152.210.1
* MozillaFirefox-140.5.0-150200.152.210.1
* MozillaFirefox-debuginfo-140.5.0-150200.152.210.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* MozillaFirefox-devel-140.5.0-150200.152.210.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* MozillaFirefox-translations-other-140.5.0-150200.152.210.1
* MozillaFirefox-translations-common-140.5.0-150200.152.210.1
* MozillaFirefox-debugsource-140.5.0-150200.152.210.1
* MozillaFirefox-140.5.0-150200.152.210.1
* MozillaFirefox-debuginfo-140.5.0-150200.152.210.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* MozillaFirefox-devel-140.5.0-150200.152.210.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* MozillaFirefox-translations-other-140.5.0-150200.152.210.1
* MozillaFirefox-translations-common-140.5.0-150200.152.210.1
* MozillaFirefox-debugsource-140.5.0-150200.152.210.1
* MozillaFirefox-140.5.0-150200.152.210.1
* MozillaFirefox-debuginfo-140.5.0-150200.152.210.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* MozillaFirefox-devel-140.5.0-150200.152.210.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* MozillaFirefox-translations-other-140.5.0-150200.152.210.1
* MozillaFirefox-translations-common-140.5.0-150200.152.210.1
* MozillaFirefox-debugsource-140.5.0-150200.152.210.1
* MozillaFirefox-140.5.0-150200.152.210.1
* MozillaFirefox-debuginfo-140.5.0-150200.152.210.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* MozillaFirefox-devel-140.5.0-150200.152.210.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* MozillaFirefox-translations-other-140.5.0-150200.152.210.1
* MozillaFirefox-translations-common-140.5.0-150200.152.210.1
* MozillaFirefox-debugsource-140.5.0-150200.152.210.1
* MozillaFirefox-140.5.0-150200.152.210.1
* MozillaFirefox-debuginfo-140.5.0-150200.152.210.1
* SUSE Enterprise Storage 7.1 (noarch)
* MozillaFirefox-devel-140.5.0-150200.152.210.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-translations-other-140.5.0-150200.152.210.1
* MozillaFirefox-translations-common-140.5.0-150200.152.210.1
* MozillaFirefox-debugsource-140.5.0-150200.152.210.1
* MozillaFirefox-140.5.0-150200.152.210.1
* MozillaFirefox-branding-upstream-140.5.0-150200.152.210.1
* MozillaFirefox-debuginfo-140.5.0-150200.152.210.1
* openSUSE Leap 15.6 (noarch)
* MozillaFirefox-devel-140.5.0-150200.152.210.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-translations-other-140.5.0-150200.152.210.1
* MozillaFirefox-translations-common-140.5.0-150200.152.210.1
* MozillaFirefox-debugsource-140.5.0-150200.152.210.1
* MozillaFirefox-140.5.0-150200.152.210.1
* MozillaFirefox-debuginfo-140.5.0-150200.152.210.1
* Desktop Applications Module 15-SP6 (noarch)
* MozillaFirefox-devel-140.5.0-150200.152.210.1
* Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-translations-other-140.5.0-150200.152.210.1
* MozillaFirefox-translations-common-140.5.0-150200.152.210.1
* MozillaFirefox-debugsource-140.5.0-150200.152.210.1
* MozillaFirefox-140.5.0-150200.152.210.1
* MozillaFirefox-debuginfo-140.5.0-150200.152.210.1
* Desktop Applications Module 15-SP7 (noarch)
* MozillaFirefox-devel-140.5.0-150200.152.210.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* MozillaFirefox-translations-other-140.5.0-150200.152.210.1
* MozillaFirefox-translations-common-140.5.0-150200.152.210.1
* MozillaFirefox-debugsource-140.5.0-150200.152.210.1
* MozillaFirefox-140.5.0-150200.152.210.1
* MozillaFirefox-debuginfo-140.5.0-150200.152.210.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* MozillaFirefox-devel-140.5.0-150200.152.210.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* MozillaFirefox-translations-other-140.5.0-150200.152.210.1
* MozillaFirefox-translations-common-140.5.0-150200.152.210.1
* MozillaFirefox-debugsource-140.5.0-150200.152.210.1
* MozillaFirefox-140.5.0-150200.152.210.1
* MozillaFirefox-debuginfo-140.5.0-150200.152.210.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* MozillaFirefox-devel-140.5.0-150200.152.210.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* MozillaFirefox-translations-other-140.5.0-150200.152.210.1
* MozillaFirefox-translations-common-140.5.0-150200.152.210.1
* MozillaFirefox-debugsource-140.5.0-150200.152.210.1
* MozillaFirefox-140.5.0-150200.152.210.1
* MozillaFirefox-debuginfo-140.5.0-150200.152.210.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* MozillaFirefox-devel-140.5.0-150200.152.210.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* MozillaFirefox-translations-other-140.5.0-150200.152.210.1
* MozillaFirefox-translations-common-140.5.0-150200.152.210.1
* MozillaFirefox-debugsource-140.5.0-150200.152.210.1
* MozillaFirefox-140.5.0-150200.152.210.1
* MozillaFirefox-debuginfo-140.5.0-150200.152.210.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* MozillaFirefox-devel-140.5.0-150200.152.210.1

## References:

* https://www.suse.com/security/cve/CVE-2025-11708.html
* https://www.suse.com/security/cve/CVE-2025-11709.html
* https://www.suse.com/security/cve/CVE-2025-11710.html
* https://www.suse.com/security/cve/CVE-2025-11711.html
* https://www.suse.com/security/cve/CVE-2025-11712.html
* https://www.suse.com/security/cve/CVE-2025-11713.html
* https://www.suse.com/security/cve/CVE-2025-11714.html
* https://www.suse.com/security/cve/CVE-2025-11715.html
* https://www.suse.com/security/cve/CVE-2025-13012.html
* https://www.suse.com/security/cve/CVE-2025-13013.html
* https://www.suse.com/security/cve/CVE-2025-13014.html
* https://www.suse.com/security/cve/CVE-2025-13015.html
* https://www.suse.com/security/cve/CVE-2025-13016.html
* https://www.suse.com/security/cve/CVE-2025-13017.html
* https://www.suse.com/security/cve/CVE-2025-13018.html
* https://www.suse.com/security/cve/CVE-2025-13019.html
* https://www.suse.com/security/cve/CVE-2025-13020.html
* https://bugzilla.suse.com/show_bug.cgi?id=1253188

SUSE-SU-2025:4181-1: important: Security update for sssd

# Security update for sssd

Announcement ID: SUSE-SU-2025:4181-1
Release Date: 2025-11-24T07:55:47Z
Rating: important
References:

* bsc#1244325
* bsc#1251827

Cross-References:

* CVE-2025-11561

CVSS scores:

* CVE-2025-11561 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-11561 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-11561 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Proxy 4.3 LTS
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Retail Branch Server 4.3 LTS
* SUSE Manager Server 4.3
* SUSE Manager Server 4.3 LTS

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for sssd fixes the following issues:

* CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to
default Kerberos configuration disabling localauth an2ln plugin
(bsc#1251827)

Other fixes:

* Install file in krb5.conf.d to include sssd krb5 config snippets
(bsc#1244325)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Manager Retail Branch Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-LTS-2025-4181=1

* SUSE Manager Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-4181=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-4181=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-4181=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-4181=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-4181=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-4181=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4181=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4181=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4181=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4181=1

* SUSE Manager Proxy 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-4181=1

## Package List:

* SUSE Manager Retail Branch Server 4.3 LTS (x86_64)
* sssd-ldap-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_idmap0-2.5.2-150400.4.40.1
* libipa_hbac-devel-2.5.2-150400.4.40.1
* sssd-proxy-debuginfo-2.5.2-150400.4.40.1
* sssd-proxy-2.5.2-150400.4.40.1
* sssd-winbind-idmap-2.5.2-150400.4.40.1
* sssd-krb5-2.5.2-150400.4.40.1
* sssd-ipa-2.5.2-150400.4.40.1
* sssd-tools-debuginfo-2.5.2-150400.4.40.1
* sssd-tools-2.5.2-150400.4.40.1
* libsss_idmap-devel-2.5.2-150400.4.40.1
* sssd-kcm-debuginfo-2.5.2-150400.4.40.1
* sssd-ad-debuginfo-2.5.2-150400.4.40.1
* sssd-winbind-idmap-debuginfo-2.5.2-150400.4.40.1
* libsss_simpleifp-devel-2.5.2-150400.4.40.1
* sssd-dbus-2.5.2-150400.4.40.1
* libipa_hbac0-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-common-2.5.2-150400.4.40.1
* sssd-common-debuginfo-2.5.2-150400.4.40.1
* libsss_certmap-devel-2.5.2-150400.4.40.1
* python3-sssd-config-2.5.2-150400.4.40.1
* sssd-dbus-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap-devel-2.5.2-150400.4.40.1
* sssd-ad-2.5.2-150400.4.40.1
* sssd-ipa-debuginfo-2.5.2-150400.4.40.1
* sssd-ldap-2.5.2-150400.4.40.1
* libsss_certmap0-2.5.2-150400.4.40.1
* libipa_hbac0-2.5.2-150400.4.40.1
* libsss_simpleifp0-2.5.2-150400.4.40.1
* libsss_simpleifp0-debuginfo-2.5.2-150400.4.40.1
* libsss_idmap0-debuginfo-2.5.2-150400.4.40.1
* sssd-2.5.2-150400.4.40.1
* sssd-debugsource-2.5.2-150400.4.40.1
* sssd-common-2.5.2-150400.4.40.1
* sssd-krb5-common-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-debuginfo-2.5.2-150400.4.40.1
* sssd-common-32bit-debuginfo-2.5.2-150400.4.40.1
* sssd-kcm-2.5.2-150400.4.40.1
* libsss_certmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-2.5.2-150400.4.40.1
* sssd-common-32bit-2.5.2-150400.4.40.1
* python3-sssd-config-debuginfo-2.5.2-150400.4.40.1
* SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64)
* sssd-ldap-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_idmap0-2.5.2-150400.4.40.1
* libipa_hbac-devel-2.5.2-150400.4.40.1
* sssd-proxy-debuginfo-2.5.2-150400.4.40.1
* sssd-proxy-2.5.2-150400.4.40.1
* sssd-winbind-idmap-2.5.2-150400.4.40.1
* sssd-krb5-2.5.2-150400.4.40.1
* sssd-ipa-2.5.2-150400.4.40.1
* sssd-tools-debuginfo-2.5.2-150400.4.40.1
* sssd-tools-2.5.2-150400.4.40.1
* libsss_idmap-devel-2.5.2-150400.4.40.1
* sssd-kcm-debuginfo-2.5.2-150400.4.40.1
* sssd-ad-debuginfo-2.5.2-150400.4.40.1
* sssd-winbind-idmap-debuginfo-2.5.2-150400.4.40.1
* libsss_simpleifp-devel-2.5.2-150400.4.40.1
* sssd-dbus-2.5.2-150400.4.40.1
* libipa_hbac0-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-common-2.5.2-150400.4.40.1
* sssd-common-debuginfo-2.5.2-150400.4.40.1
* libsss_certmap-devel-2.5.2-150400.4.40.1
* python3-sssd-config-2.5.2-150400.4.40.1
* sssd-dbus-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap-devel-2.5.2-150400.4.40.1
* sssd-ad-2.5.2-150400.4.40.1
* sssd-ipa-debuginfo-2.5.2-150400.4.40.1
* sssd-ldap-2.5.2-150400.4.40.1
* libsss_certmap0-2.5.2-150400.4.40.1
* libipa_hbac0-2.5.2-150400.4.40.1
* libsss_simpleifp0-2.5.2-150400.4.40.1
* libsss_simpleifp0-debuginfo-2.5.2-150400.4.40.1
* libsss_idmap0-debuginfo-2.5.2-150400.4.40.1
* sssd-2.5.2-150400.4.40.1
* sssd-debugsource-2.5.2-150400.4.40.1
* sssd-common-2.5.2-150400.4.40.1
* sssd-krb5-common-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-debuginfo-2.5.2-150400.4.40.1
* sssd-kcm-2.5.2-150400.4.40.1
* libsss_certmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-2.5.2-150400.4.40.1
* python3-sssd-config-debuginfo-2.5.2-150400.4.40.1
* SUSE Manager Server 4.3 LTS (x86_64)
* sssd-common-32bit-debuginfo-2.5.2-150400.4.40.1
* sssd-common-32bit-2.5.2-150400.4.40.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* sssd-ldap-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-debuginfo-2.5.2-150400.4.40.1
* python3-ipa_hbac-2.5.2-150400.4.40.1
* libsss_idmap0-2.5.2-150400.4.40.1
* libipa_hbac-devel-2.5.2-150400.4.40.1
* sssd-proxy-debuginfo-2.5.2-150400.4.40.1
* sssd-proxy-2.5.2-150400.4.40.1
* sssd-winbind-idmap-2.5.2-150400.4.40.1
* sssd-krb5-2.5.2-150400.4.40.1
* libnfsidmap-sss-2.5.2-150400.4.40.1
* sssd-ipa-2.5.2-150400.4.40.1
* sssd-tools-debuginfo-2.5.2-150400.4.40.1
* sssd-tools-2.5.2-150400.4.40.1
* sssd-kcm-debuginfo-2.5.2-150400.4.40.1
* sssd-ad-debuginfo-2.5.2-150400.4.40.1
* python3-sssd-config-debuginfo-2.5.2-150400.4.40.1
* sssd-winbind-idmap-debuginfo-2.5.2-150400.4.40.1
* libsss_simpleifp-devel-2.5.2-150400.4.40.1
* sssd-dbus-2.5.2-150400.4.40.1
* libipa_hbac0-debuginfo-2.5.2-150400.4.40.1
* python3-sss-murmur-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-common-2.5.2-150400.4.40.1
* sssd-common-debuginfo-2.5.2-150400.4.40.1
* libsss_certmap-devel-2.5.2-150400.4.40.1
* python3-sssd-config-2.5.2-150400.4.40.1
* python3-sss_nss_idmap-debuginfo-2.5.2-150400.4.40.1
* python3-sss-murmur-2.5.2-150400.4.40.1
* python3-sss_nss_idmap-2.5.2-150400.4.40.1
* sssd-dbus-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap-devel-2.5.2-150400.4.40.1
* python3-ipa_hbac-debuginfo-2.5.2-150400.4.40.1
* sssd-ad-2.5.2-150400.4.40.1
* sssd-ipa-debuginfo-2.5.2-150400.4.40.1
* sssd-ldap-2.5.2-150400.4.40.1
* libsss_certmap0-2.5.2-150400.4.40.1
* libipa_hbac0-2.5.2-150400.4.40.1
* libsss_simpleifp0-2.5.2-150400.4.40.1
* libsss_simpleifp0-debuginfo-2.5.2-150400.4.40.1
* libnfsidmap-sss-debuginfo-2.5.2-150400.4.40.1
* libsss_idmap0-debuginfo-2.5.2-150400.4.40.1
* sssd-2.5.2-150400.4.40.1
* sssd-debugsource-2.5.2-150400.4.40.1
* sssd-common-2.5.2-150400.4.40.1
* sssd-krb5-common-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-debuginfo-2.5.2-150400.4.40.1
* sssd-kcm-2.5.2-150400.4.40.1
* libsss_certmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-2.5.2-150400.4.40.1
* libsss_idmap-devel-2.5.2-150400.4.40.1
* openSUSE Leap 15.4 (x86_64)
* sssd-common-32bit-debuginfo-2.5.2-150400.4.40.1
* sssd-common-32bit-2.5.2-150400.4.40.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* sssd-common-64bit-debuginfo-2.5.2-150400.4.40.1
* sssd-common-64bit-2.5.2-150400.4.40.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* sssd-2.5.2-150400.4.40.1
* sssd-ldap-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-common-2.5.2-150400.4.40.1
* sssd-ldap-2.5.2-150400.4.40.1
* libsss_idmap0-2.5.2-150400.4.40.1
* sssd-common-debuginfo-2.5.2-150400.4.40.1
* libsss_certmap0-2.5.2-150400.4.40.1
* sssd-debugsource-2.5.2-150400.4.40.1
* sssd-common-2.5.2-150400.4.40.1
* sssd-krb5-common-debuginfo-2.5.2-150400.4.40.1
* libsss_certmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-2.5.2-150400.4.40.1
* libsss_idmap0-debuginfo-2.5.2-150400.4.40.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* sssd-2.5.2-150400.4.40.1
* sssd-ldap-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-common-2.5.2-150400.4.40.1
* sssd-ldap-2.5.2-150400.4.40.1
* libsss_idmap0-2.5.2-150400.4.40.1
* sssd-common-debuginfo-2.5.2-150400.4.40.1
* libsss_certmap0-2.5.2-150400.4.40.1
* sssd-debugsource-2.5.2-150400.4.40.1
* sssd-common-2.5.2-150400.4.40.1
* sssd-krb5-common-debuginfo-2.5.2-150400.4.40.1
* libsss_certmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-2.5.2-150400.4.40.1
* libsss_idmap0-debuginfo-2.5.2-150400.4.40.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* sssd-2.5.2-150400.4.40.1
* sssd-ldap-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-common-2.5.2-150400.4.40.1
* sssd-ldap-2.5.2-150400.4.40.1
* libsss_idmap0-2.5.2-150400.4.40.1
* sssd-common-debuginfo-2.5.2-150400.4.40.1
* libsss_certmap0-2.5.2-150400.4.40.1
* sssd-debugsource-2.5.2-150400.4.40.1
* sssd-common-2.5.2-150400.4.40.1
* sssd-krb5-common-debuginfo-2.5.2-150400.4.40.1
* libsss_certmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-2.5.2-150400.4.40.1
* libsss_idmap0-debuginfo-2.5.2-150400.4.40.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* sssd-2.5.2-150400.4.40.1
* sssd-ldap-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-common-2.5.2-150400.4.40.1
* sssd-ldap-2.5.2-150400.4.40.1
* libsss_idmap0-2.5.2-150400.4.40.1
* sssd-common-debuginfo-2.5.2-150400.4.40.1
* libsss_certmap0-2.5.2-150400.4.40.1
* sssd-debugsource-2.5.2-150400.4.40.1
* sssd-common-2.5.2-150400.4.40.1
* sssd-krb5-common-debuginfo-2.5.2-150400.4.40.1
* libsss_certmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-2.5.2-150400.4.40.1
* libsss_idmap0-debuginfo-2.5.2-150400.4.40.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* sssd-ldap-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_idmap0-2.5.2-150400.4.40.1
* libipa_hbac-devel-2.5.2-150400.4.40.1
* sssd-proxy-debuginfo-2.5.2-150400.4.40.1
* sssd-proxy-2.5.2-150400.4.40.1
* sssd-winbind-idmap-2.5.2-150400.4.40.1
* sssd-krb5-2.5.2-150400.4.40.1
* sssd-ipa-2.5.2-150400.4.40.1
* sssd-tools-debuginfo-2.5.2-150400.4.40.1
* sssd-tools-2.5.2-150400.4.40.1
* libsss_idmap-devel-2.5.2-150400.4.40.1
* sssd-kcm-debuginfo-2.5.2-150400.4.40.1
* sssd-ad-debuginfo-2.5.2-150400.4.40.1
* sssd-winbind-idmap-debuginfo-2.5.2-150400.4.40.1
* libsss_simpleifp-devel-2.5.2-150400.4.40.1
* sssd-dbus-2.5.2-150400.4.40.1
* libipa_hbac0-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-common-2.5.2-150400.4.40.1
* sssd-common-debuginfo-2.5.2-150400.4.40.1
* libsss_certmap-devel-2.5.2-150400.4.40.1
* python3-sssd-config-2.5.2-150400.4.40.1
* sssd-dbus-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap-devel-2.5.2-150400.4.40.1
* sssd-ad-2.5.2-150400.4.40.1
* sssd-ipa-debuginfo-2.5.2-150400.4.40.1
* sssd-ldap-2.5.2-150400.4.40.1
* libsss_certmap0-2.5.2-150400.4.40.1
* libipa_hbac0-2.5.2-150400.4.40.1
* libsss_simpleifp0-2.5.2-150400.4.40.1
* libsss_simpleifp0-debuginfo-2.5.2-150400.4.40.1
* libsss_idmap0-debuginfo-2.5.2-150400.4.40.1
* sssd-2.5.2-150400.4.40.1
* sssd-debugsource-2.5.2-150400.4.40.1
* sssd-common-2.5.2-150400.4.40.1
* sssd-krb5-common-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-debuginfo-2.5.2-150400.4.40.1
* sssd-kcm-2.5.2-150400.4.40.1
* libsss_certmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-2.5.2-150400.4.40.1
* python3-sssd-config-debuginfo-2.5.2-150400.4.40.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* sssd-common-32bit-debuginfo-2.5.2-150400.4.40.1
* sssd-common-32bit-2.5.2-150400.4.40.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* sssd-ldap-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_idmap0-2.5.2-150400.4.40.1
* libipa_hbac-devel-2.5.2-150400.4.40.1
* sssd-proxy-debuginfo-2.5.2-150400.4.40.1
* sssd-proxy-2.5.2-150400.4.40.1
* sssd-winbind-idmap-2.5.2-150400.4.40.1
* sssd-krb5-2.5.2-150400.4.40.1
* sssd-ipa-2.5.2-150400.4.40.1
* sssd-tools-debuginfo-2.5.2-150400.4.40.1
* sssd-tools-2.5.2-150400.4.40.1
* libsss_idmap-devel-2.5.2-150400.4.40.1
* sssd-kcm-debuginfo-2.5.2-150400.4.40.1
* sssd-ad-debuginfo-2.5.2-150400.4.40.1
* sssd-winbind-idmap-debuginfo-2.5.2-150400.4.40.1
* libsss_simpleifp-devel-2.5.2-150400.4.40.1
* sssd-dbus-2.5.2-150400.4.40.1
* libipa_hbac0-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-common-2.5.2-150400.4.40.1
* sssd-common-debuginfo-2.5.2-150400.4.40.1
* libsss_certmap-devel-2.5.2-150400.4.40.1
* python3-sssd-config-2.5.2-150400.4.40.1
* sssd-dbus-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap-devel-2.5.2-150400.4.40.1
* sssd-ad-2.5.2-150400.4.40.1
* sssd-ipa-debuginfo-2.5.2-150400.4.40.1
* sssd-ldap-2.5.2-150400.4.40.1
* libsss_certmap0-2.5.2-150400.4.40.1
* libipa_hbac0-2.5.2-150400.4.40.1
* libsss_simpleifp0-2.5.2-150400.4.40.1
* libsss_simpleifp0-debuginfo-2.5.2-150400.4.40.1
* libsss_idmap0-debuginfo-2.5.2-150400.4.40.1
* sssd-2.5.2-150400.4.40.1
* sssd-debugsource-2.5.2-150400.4.40.1
* sssd-common-2.5.2-150400.4.40.1
* sssd-krb5-common-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-debuginfo-2.5.2-150400.4.40.1
* sssd-kcm-2.5.2-150400.4.40.1
* libsss_certmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-2.5.2-150400.4.40.1
* python3-sssd-config-debuginfo-2.5.2-150400.4.40.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* sssd-common-32bit-debuginfo-2.5.2-150400.4.40.1
* sssd-common-32bit-2.5.2-150400.4.40.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* sssd-ldap-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_idmap0-2.5.2-150400.4.40.1
* libipa_hbac-devel-2.5.2-150400.4.40.1
* sssd-proxy-debuginfo-2.5.2-150400.4.40.1
* sssd-proxy-2.5.2-150400.4.40.1
* sssd-winbind-idmap-2.5.2-150400.4.40.1
* sssd-krb5-2.5.2-150400.4.40.1
* sssd-ipa-2.5.2-150400.4.40.1
* sssd-tools-debuginfo-2.5.2-150400.4.40.1
* sssd-tools-2.5.2-150400.4.40.1
* libsss_idmap-devel-2.5.2-150400.4.40.1
* sssd-kcm-debuginfo-2.5.2-150400.4.40.1
* sssd-ad-debuginfo-2.5.2-150400.4.40.1
* sssd-winbind-idmap-debuginfo-2.5.2-150400.4.40.1
* libsss_simpleifp-devel-2.5.2-150400.4.40.1
* sssd-dbus-2.5.2-150400.4.40.1
* libipa_hbac0-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-common-2.5.2-150400.4.40.1
* sssd-common-debuginfo-2.5.2-150400.4.40.1
* libsss_certmap-devel-2.5.2-150400.4.40.1
* python3-sssd-config-2.5.2-150400.4.40.1
* sssd-dbus-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap-devel-2.5.2-150400.4.40.1
* sssd-ad-2.5.2-150400.4.40.1
* sssd-ipa-debuginfo-2.5.2-150400.4.40.1
* sssd-ldap-2.5.2-150400.4.40.1
* libsss_certmap0-2.5.2-150400.4.40.1
* libipa_hbac0-2.5.2-150400.4.40.1
* libsss_simpleifp0-2.5.2-150400.4.40.1
* libsss_simpleifp0-debuginfo-2.5.2-150400.4.40.1
* libsss_idmap0-debuginfo-2.5.2-150400.4.40.1
* sssd-2.5.2-150400.4.40.1
* sssd-debugsource-2.5.2-150400.4.40.1
* sssd-common-2.5.2-150400.4.40.1
* sssd-krb5-common-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-debuginfo-2.5.2-150400.4.40.1
* sssd-kcm-2.5.2-150400.4.40.1
* libsss_certmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-2.5.2-150400.4.40.1
* python3-sssd-config-debuginfo-2.5.2-150400.4.40.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
* sssd-common-32bit-debuginfo-2.5.2-150400.4.40.1
* sssd-common-32bit-2.5.2-150400.4.40.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* sssd-ldap-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_idmap0-2.5.2-150400.4.40.1
* libipa_hbac-devel-2.5.2-150400.4.40.1
* sssd-proxy-debuginfo-2.5.2-150400.4.40.1
* sssd-proxy-2.5.2-150400.4.40.1
* sssd-winbind-idmap-2.5.2-150400.4.40.1
* sssd-krb5-2.5.2-150400.4.40.1
* sssd-ipa-2.5.2-150400.4.40.1
* sssd-tools-debuginfo-2.5.2-150400.4.40.1
* sssd-tools-2.5.2-150400.4.40.1
* libsss_idmap-devel-2.5.2-150400.4.40.1
* sssd-kcm-debuginfo-2.5.2-150400.4.40.1
* sssd-ad-debuginfo-2.5.2-150400.4.40.1
* sssd-winbind-idmap-debuginfo-2.5.2-150400.4.40.1
* libsss_simpleifp-devel-2.5.2-150400.4.40.1
* sssd-dbus-2.5.2-150400.4.40.1
* libipa_hbac0-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-common-2.5.2-150400.4.40.1
* sssd-common-debuginfo-2.5.2-150400.4.40.1
* libsss_certmap-devel-2.5.2-150400.4.40.1
* python3-sssd-config-2.5.2-150400.4.40.1
* sssd-dbus-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap-devel-2.5.2-150400.4.40.1
* sssd-ad-2.5.2-150400.4.40.1
* sssd-ipa-debuginfo-2.5.2-150400.4.40.1
* sssd-ldap-2.5.2-150400.4.40.1
* libsss_certmap0-2.5.2-150400.4.40.1
* libipa_hbac0-2.5.2-150400.4.40.1
* libsss_simpleifp0-2.5.2-150400.4.40.1
* libsss_simpleifp0-debuginfo-2.5.2-150400.4.40.1
* libsss_idmap0-debuginfo-2.5.2-150400.4.40.1
* sssd-2.5.2-150400.4.40.1
* sssd-debugsource-2.5.2-150400.4.40.1
* sssd-common-2.5.2-150400.4.40.1
* sssd-krb5-common-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-debuginfo-2.5.2-150400.4.40.1
* sssd-kcm-2.5.2-150400.4.40.1
* libsss_certmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-2.5.2-150400.4.40.1
* python3-sssd-config-debuginfo-2.5.2-150400.4.40.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* sssd-common-32bit-debuginfo-2.5.2-150400.4.40.1
* sssd-common-32bit-2.5.2-150400.4.40.1
* SUSE Manager Proxy 4.3 LTS (x86_64)
* sssd-ldap-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_idmap0-2.5.2-150400.4.40.1
* libipa_hbac-devel-2.5.2-150400.4.40.1
* sssd-proxy-debuginfo-2.5.2-150400.4.40.1
* sssd-proxy-2.5.2-150400.4.40.1
* sssd-winbind-idmap-2.5.2-150400.4.40.1
* sssd-krb5-2.5.2-150400.4.40.1
* sssd-ipa-2.5.2-150400.4.40.1
* sssd-tools-debuginfo-2.5.2-150400.4.40.1
* sssd-tools-2.5.2-150400.4.40.1
* libsss_idmap-devel-2.5.2-150400.4.40.1
* sssd-kcm-debuginfo-2.5.2-150400.4.40.1
* sssd-ad-debuginfo-2.5.2-150400.4.40.1
* sssd-winbind-idmap-debuginfo-2.5.2-150400.4.40.1
* libsss_simpleifp-devel-2.5.2-150400.4.40.1
* sssd-dbus-2.5.2-150400.4.40.1
* libipa_hbac0-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-common-2.5.2-150400.4.40.1
* sssd-common-debuginfo-2.5.2-150400.4.40.1
* libsss_certmap-devel-2.5.2-150400.4.40.1
* python3-sssd-config-2.5.2-150400.4.40.1
* sssd-dbus-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap-devel-2.5.2-150400.4.40.1
* sssd-ad-2.5.2-150400.4.40.1
* sssd-ipa-debuginfo-2.5.2-150400.4.40.1
* sssd-ldap-2.5.2-150400.4.40.1
* libsss_certmap0-2.5.2-150400.4.40.1
* libipa_hbac0-2.5.2-150400.4.40.1
* libsss_simpleifp0-2.5.2-150400.4.40.1
* libsss_simpleifp0-debuginfo-2.5.2-150400.4.40.1
* libsss_idmap0-debuginfo-2.5.2-150400.4.40.1
* sssd-2.5.2-150400.4.40.1
* sssd-debugsource-2.5.2-150400.4.40.1
* sssd-common-2.5.2-150400.4.40.1
* sssd-krb5-common-debuginfo-2.5.2-150400.4.40.1
* sssd-krb5-debuginfo-2.5.2-150400.4.40.1
* sssd-common-32bit-debuginfo-2.5.2-150400.4.40.1
* sssd-kcm-2.5.2-150400.4.40.1
* libsss_certmap0-debuginfo-2.5.2-150400.4.40.1
* libsss_nss_idmap0-2.5.2-150400.4.40.1
* sssd-common-32bit-2.5.2-150400.4.40.1
* python3-sssd-config-debuginfo-2.5.2-150400.4.40.1

## References:

* https://www.suse.com/security/cve/CVE-2025-11561.html
* https://bugzilla.suse.com/show_bug.cgi?id=1244325
* https://bugzilla.suse.com/show_bug.cgi?id=1251827

SUSE-SU-2025:4182-1: important: Security update for sssd

# Security update for sssd

Announcement ID: SUSE-SU-2025:4182-1
Release Date: 2025-11-24T07:56:26Z
Rating: important
References:

* bsc#1244325
* bsc#1251827

Cross-References:

* CVE-2025-11561

CVSS scores:

* CVE-2025-11561 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-11561 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-11561 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for sssd fixes the following issues:

* CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to
default Kerberos configuration disabling localauth an2ln plugin
(bsc#1251827)

Other fixes:

* Install file in krb5.conf.d to include sssd krb5 config snippets
(bsc#1244325)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2025-4182=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-4182=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4182=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4182=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4182=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4182=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* libsss_nss_idmap0-2.5.2-150500.10.39.1
* sssd-debugsource-2.5.2-150500.10.39.1
* libsss_simpleifp0-debuginfo-2.5.2-150500.10.39.1
* sssd-proxy-debuginfo-2.5.2-150500.10.39.1
* sssd-common-debuginfo-2.5.2-150500.10.39.1
* sssd-ldap-debuginfo-2.5.2-150500.10.39.1
* libsss_certmap0-2.5.2-150500.10.39.1
* libsss_idmap-devel-2.5.2-150500.10.39.1
* python3-sss_nss_idmap-2.5.2-150500.10.39.1
* sssd-krb5-2.5.2-150500.10.39.1
* libnfsidmap-sss-2.5.2-150500.10.39.1
* libsss_simpleifp0-2.5.2-150500.10.39.1
* sssd-krb5-common-debuginfo-2.5.2-150500.10.39.1
* sssd-proxy-2.5.2-150500.10.39.1
* python3-ipa_hbac-2.5.2-150500.10.39.1
* python3-ipa_hbac-debuginfo-2.5.2-150500.10.39.1
* sssd-common-2.5.2-150500.10.39.1
* sssd-ad-2.5.2-150500.10.39.1
* libsss_certmap-devel-2.5.2-150500.10.39.1
* sssd-dbus-debuginfo-2.5.2-150500.10.39.1
* sssd-kcm-2.5.2-150500.10.39.1
* python3-sssd-config-debuginfo-2.5.2-150500.10.39.1
* python3-sss-murmur-debuginfo-2.5.2-150500.10.39.1
* sssd-dbus-2.5.2-150500.10.39.1
* libsss_simpleifp-devel-2.5.2-150500.10.39.1
* sssd-ipa-2.5.2-150500.10.39.1
* libsss_nss_idmap0-debuginfo-2.5.2-150500.10.39.1
* libipa_hbac0-2.5.2-150500.10.39.1
* python3-sssd-config-2.5.2-150500.10.39.1
* sssd-tools-debuginfo-2.5.2-150500.10.39.1
* libsss_nss_idmap-devel-2.5.2-150500.10.39.1
* libnfsidmap-sss-debuginfo-2.5.2-150500.10.39.1
* libsss_certmap0-debuginfo-2.5.2-150500.10.39.1
* sssd-winbind-idmap-debuginfo-2.5.2-150500.10.39.1
* sssd-2.5.2-150500.10.39.1
* python3-sss_nss_idmap-debuginfo-2.5.2-150500.10.39.1
* sssd-ipa-debuginfo-2.5.2-150500.10.39.1
* libsss_idmap0-2.5.2-150500.10.39.1
* libipa_hbac0-debuginfo-2.5.2-150500.10.39.1
* sssd-kcm-debuginfo-2.5.2-150500.10.39.1
* sssd-tools-2.5.2-150500.10.39.1
* sssd-winbind-idmap-2.5.2-150500.10.39.1
* sssd-krb5-common-2.5.2-150500.10.39.1
* libipa_hbac-devel-2.5.2-150500.10.39.1
* libsss_idmap0-debuginfo-2.5.2-150500.10.39.1
* python3-sss-murmur-2.5.2-150500.10.39.1
* sssd-krb5-debuginfo-2.5.2-150500.10.39.1
* sssd-ad-debuginfo-2.5.2-150500.10.39.1
* sssd-ldap-2.5.2-150500.10.39.1
* openSUSE Leap 15.5 (x86_64)
* sssd-common-32bit-2.5.2-150500.10.39.1
* sssd-common-32bit-debuginfo-2.5.2-150500.10.39.1
* openSUSE Leap 15.5 (aarch64_ilp32)
* sssd-common-64bit-2.5.2-150500.10.39.1
* sssd-common-64bit-debuginfo-2.5.2-150500.10.39.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* libsss_nss_idmap0-2.5.2-150500.10.39.1
* sssd-debugsource-2.5.2-150500.10.39.1
* sssd-common-debuginfo-2.5.2-150500.10.39.1
* sssd-ldap-debuginfo-2.5.2-150500.10.39.1
* libsss_certmap0-2.5.2-150500.10.39.1
* sssd-krb5-2.5.2-150500.10.39.1
* sssd-krb5-common-debuginfo-2.5.2-150500.10.39.1
* sssd-common-2.5.2-150500.10.39.1
* sssd-ad-2.5.2-150500.10.39.1
* sssd-dbus-2.5.2-150500.10.39.1
* libsss_nss_idmap0-debuginfo-2.5.2-150500.10.39.1
* libsss_certmap0-debuginfo-2.5.2-150500.10.39.1
* sssd-2.5.2-150500.10.39.1
* libsss_idmap0-debuginfo-2.5.2-150500.10.39.1
* libsss_idmap0-2.5.2-150500.10.39.1
* sssd-tools-2.5.2-150500.10.39.1
* sssd-krb5-common-2.5.2-150500.10.39.1
* python3-sssd-config-2.5.2-150500.10.39.1
* sssd-krb5-debuginfo-2.5.2-150500.10.39.1
* sssd-ad-debuginfo-2.5.2-150500.10.39.1
* sssd-ldap-2.5.2-150500.10.39.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* libsss_nss_idmap0-2.5.2-150500.10.39.1
* sssd-debugsource-2.5.2-150500.10.39.1
* libsss_simpleifp0-debuginfo-2.5.2-150500.10.39.1
* sssd-proxy-debuginfo-2.5.2-150500.10.39.1
* sssd-common-debuginfo-2.5.2-150500.10.39.1
* sssd-ldap-debuginfo-2.5.2-150500.10.39.1
* libsss_certmap0-2.5.2-150500.10.39.1
* libsss_idmap-devel-2.5.2-150500.10.39.1
* sssd-krb5-2.5.2-150500.10.39.1
* libsss_simpleifp0-2.5.2-150500.10.39.1
* sssd-krb5-common-debuginfo-2.5.2-150500.10.39.1
* sssd-proxy-2.5.2-150500.10.39.1
* sssd-common-2.5.2-150500.10.39.1
* sssd-ad-2.5.2-150500.10.39.1
* libsss_certmap-devel-2.5.2-150500.10.39.1
* sssd-dbus-debuginfo-2.5.2-150500.10.39.1
* sssd-kcm-2.5.2-150500.10.39.1
* python3-sssd-config-debuginfo-2.5.2-150500.10.39.1
* sssd-dbus-2.5.2-150500.10.39.1
* libsss_simpleifp-devel-2.5.2-150500.10.39.1
* sssd-ipa-2.5.2-150500.10.39.1
* libsss_nss_idmap0-debuginfo-2.5.2-150500.10.39.1
* libipa_hbac0-2.5.2-150500.10.39.1
* sssd-tools-debuginfo-2.5.2-150500.10.39.1
* libsss_nss_idmap-devel-2.5.2-150500.10.39.1
* libsss_certmap0-debuginfo-2.5.2-150500.10.39.1
* sssd-winbind-idmap-debuginfo-2.5.2-150500.10.39.1
* sssd-2.5.2-150500.10.39.1
* libsss_idmap0-debuginfo-2.5.2-150500.10.39.1
* sssd-ipa-debuginfo-2.5.2-150500.10.39.1
* libsss_idmap0-2.5.2-150500.10.39.1
* libipa_hbac0-debuginfo-2.5.2-150500.10.39.1
* sssd-kcm-debuginfo-2.5.2-150500.10.39.1
* sssd-tools-2.5.2-150500.10.39.1
* sssd-winbind-idmap-2.5.2-150500.10.39.1
* sssd-krb5-common-2.5.2-150500.10.39.1
* libipa_hbac-devel-2.5.2-150500.10.39.1
* python3-sssd-config-2.5.2-150500.10.39.1
* sssd-krb5-debuginfo-2.5.2-150500.10.39.1
* sssd-ad-debuginfo-2.5.2-150500.10.39.1
* sssd-ldap-2.5.2-150500.10.39.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
* sssd-common-32bit-2.5.2-150500.10.39.1
* sssd-common-32bit-debuginfo-2.5.2-150500.10.39.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* libsss_nss_idmap0-2.5.2-150500.10.39.1
* sssd-debugsource-2.5.2-150500.10.39.1
* libsss_simpleifp0-debuginfo-2.5.2-150500.10.39.1
* sssd-proxy-debuginfo-2.5.2-150500.10.39.1
* sssd-common-debuginfo-2.5.2-150500.10.39.1
* sssd-ldap-debuginfo-2.5.2-150500.10.39.1
* libsss_certmap0-2.5.2-150500.10.39.1
* libsss_idmap-devel-2.5.2-150500.10.39.1
* sssd-krb5-2.5.2-150500.10.39.1
* libsss_simpleifp0-2.5.2-150500.10.39.1
* sssd-krb5-common-debuginfo-2.5.2-150500.10.39.1
* sssd-proxy-2.5.2-150500.10.39.1
* sssd-common-2.5.2-150500.10.39.1
* sssd-ad-2.5.2-150500.10.39.1
* libsss_certmap-devel-2.5.2-150500.10.39.1
* sssd-dbus-debuginfo-2.5.2-150500.10.39.1
* sssd-kcm-2.5.2-150500.10.39.1
* python3-sssd-config-debuginfo-2.5.2-150500.10.39.1
* sssd-dbus-2.5.2-150500.10.39.1
* libsss_simpleifp-devel-2.5.2-150500.10.39.1
* sssd-ipa-2.5.2-150500.10.39.1
* libsss_nss_idmap0-debuginfo-2.5.2-150500.10.39.1
* libipa_hbac0-2.5.2-150500.10.39.1
* sssd-tools-debuginfo-2.5.2-150500.10.39.1
* libsss_nss_idmap-devel-2.5.2-150500.10.39.1
* libsss_certmap0-debuginfo-2.5.2-150500.10.39.1
* sssd-winbind-idmap-debuginfo-2.5.2-150500.10.39.1
* sssd-2.5.2-150500.10.39.1
* libsss_idmap0-debuginfo-2.5.2-150500.10.39.1
* sssd-ipa-debuginfo-2.5.2-150500.10.39.1
* libsss_idmap0-2.5.2-150500.10.39.1
* libipa_hbac0-debuginfo-2.5.2-150500.10.39.1
* sssd-kcm-debuginfo-2.5.2-150500.10.39.1
* sssd-tools-2.5.2-150500.10.39.1
* sssd-winbind-idmap-2.5.2-150500.10.39.1
* sssd-krb5-common-2.5.2-150500.10.39.1
* libipa_hbac-devel-2.5.2-150500.10.39.1
* python3-sssd-config-2.5.2-150500.10.39.1
* sssd-krb5-debuginfo-2.5.2-150500.10.39.1
* sssd-ad-debuginfo-2.5.2-150500.10.39.1
* sssd-ldap-2.5.2-150500.10.39.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
* sssd-common-32bit-2.5.2-150500.10.39.1
* sssd-common-32bit-debuginfo-2.5.2-150500.10.39.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* libsss_nss_idmap0-2.5.2-150500.10.39.1
* sssd-debugsource-2.5.2-150500.10.39.1
* libsss_simpleifp0-debuginfo-2.5.2-150500.10.39.1
* sssd-proxy-debuginfo-2.5.2-150500.10.39.1
* sssd-common-debuginfo-2.5.2-150500.10.39.1
* sssd-ldap-debuginfo-2.5.2-150500.10.39.1
* libsss_certmap0-2.5.2-150500.10.39.1
* libsss_idmap-devel-2.5.2-150500.10.39.1
* sssd-krb5-2.5.2-150500.10.39.1
* libsss_simpleifp0-2.5.2-150500.10.39.1
* sssd-krb5-common-debuginfo-2.5.2-150500.10.39.1
* sssd-proxy-2.5.2-150500.10.39.1
* sssd-common-2.5.2-150500.10.39.1
* sssd-ad-2.5.2-150500.10.39.1
* libsss_certmap-devel-2.5.2-150500.10.39.1
* sssd-dbus-debuginfo-2.5.2-150500.10.39.1
* sssd-kcm-2.5.2-150500.10.39.1
* python3-sssd-config-debuginfo-2.5.2-150500.10.39.1
* sssd-dbus-2.5.2-150500.10.39.1
* libsss_simpleifp-devel-2.5.2-150500.10.39.1
* sssd-ipa-2.5.2-150500.10.39.1
* libsss_nss_idmap0-debuginfo-2.5.2-150500.10.39.1
* libipa_hbac0-2.5.2-150500.10.39.1
* sssd-tools-debuginfo-2.5.2-150500.10.39.1
* libsss_nss_idmap-devel-2.5.2-150500.10.39.1
* libsss_certmap0-debuginfo-2.5.2-150500.10.39.1
* sssd-winbind-idmap-debuginfo-2.5.2-150500.10.39.1
* sssd-2.5.2-150500.10.39.1
* libsss_idmap0-debuginfo-2.5.2-150500.10.39.1
* sssd-ipa-debuginfo-2.5.2-150500.10.39.1
* libsss_idmap0-2.5.2-150500.10.39.1
* libipa_hbac0-debuginfo-2.5.2-150500.10.39.1
* sssd-kcm-debuginfo-2.5.2-150500.10.39.1
* sssd-tools-2.5.2-150500.10.39.1
* sssd-winbind-idmap-2.5.2-150500.10.39.1
* sssd-krb5-common-2.5.2-150500.10.39.1
* libipa_hbac-devel-2.5.2-150500.10.39.1
* python3-sssd-config-2.5.2-150500.10.39.1
* sssd-krb5-debuginfo-2.5.2-150500.10.39.1
* sssd-ad-debuginfo-2.5.2-150500.10.39.1
* sssd-ldap-2.5.2-150500.10.39.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
* sssd-common-32bit-2.5.2-150500.10.39.1
* sssd-common-32bit-debuginfo-2.5.2-150500.10.39.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* libsss_nss_idmap0-2.5.2-150500.10.39.1
* sssd-debugsource-2.5.2-150500.10.39.1
* libsss_simpleifp0-debuginfo-2.5.2-150500.10.39.1
* sssd-proxy-debuginfo-2.5.2-150500.10.39.1
* sssd-common-debuginfo-2.5.2-150500.10.39.1
* sssd-ldap-debuginfo-2.5.2-150500.10.39.1
* libsss_certmap0-2.5.2-150500.10.39.1
* libsss_idmap-devel-2.5.2-150500.10.39.1
* sssd-krb5-2.5.2-150500.10.39.1
* libsss_simpleifp0-2.5.2-150500.10.39.1
* sssd-krb5-common-debuginfo-2.5.2-150500.10.39.1
* sssd-proxy-2.5.2-150500.10.39.1
* sssd-common-2.5.2-150500.10.39.1
* sssd-ad-2.5.2-150500.10.39.1
* libsss_certmap-devel-2.5.2-150500.10.39.1
* sssd-dbus-debuginfo-2.5.2-150500.10.39.1
* sssd-kcm-2.5.2-150500.10.39.1
* python3-sssd-config-debuginfo-2.5.2-150500.10.39.1
* sssd-dbus-2.5.2-150500.10.39.1
* libsss_simpleifp-devel-2.5.2-150500.10.39.1
* sssd-ipa-2.5.2-150500.10.39.1
* libsss_nss_idmap0-debuginfo-2.5.2-150500.10.39.1
* libipa_hbac0-2.5.2-150500.10.39.1
* sssd-tools-debuginfo-2.5.2-150500.10.39.1
* libsss_nss_idmap-devel-2.5.2-150500.10.39.1
* libsss_certmap0-debuginfo-2.5.2-150500.10.39.1
* sssd-winbind-idmap-debuginfo-2.5.2-150500.10.39.1
* sssd-2.5.2-150500.10.39.1
* libsss_idmap0-debuginfo-2.5.2-150500.10.39.1
* sssd-ipa-debuginfo-2.5.2-150500.10.39.1
* libsss_idmap0-2.5.2-150500.10.39.1
* libipa_hbac0-debuginfo-2.5.2-150500.10.39.1
* sssd-kcm-debuginfo-2.5.2-150500.10.39.1
* sssd-tools-2.5.2-150500.10.39.1
* sssd-winbind-idmap-2.5.2-150500.10.39.1
* sssd-krb5-common-2.5.2-150500.10.39.1
* libipa_hbac-devel-2.5.2-150500.10.39.1
* python3-sssd-config-2.5.2-150500.10.39.1
* sssd-krb5-debuginfo-2.5.2-150500.10.39.1
* sssd-ad-debuginfo-2.5.2-150500.10.39.1
* sssd-ldap-2.5.2-150500.10.39.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
* sssd-common-32bit-2.5.2-150500.10.39.1
* sssd-common-32bit-debuginfo-2.5.2-150500.10.39.1

## References:

* https://www.suse.com/security/cve/CVE-2025-11561.html
* https://bugzilla.suse.com/show_bug.cgi?id=1244325
* https://bugzilla.suse.com/show_bug.cgi?id=1251827

SUSE-SU-2025:4185-1: important: Security update for podman

# Security update for podman

Announcement ID: SUSE-SU-2025:4185-1
Release Date: 2025-11-24T07:57:39Z
Rating: important
References:

* bsc#1253542

Cross-References:

* CVE-2025-47913

CVSS scores:

* CVE-2025-47913 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-47913 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-47913 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Containers Module 15-SP6
* Containers Module 15-SP7
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for podman fixes the following issues:

* CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process
termination when receiving an unexpected message type in response to a key
listing or signing request (bsc#1253542)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2025-4185=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-4185=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-4185=1

* Containers Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-4185=1

* Containers Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2025-4185=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4185=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4185=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4185=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4185=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* podman-4.9.5-150500.3.59.1
* podman-remote-debuginfo-4.9.5-150500.3.59.1
* podman-debuginfo-4.9.5-150500.3.59.1
* podman-remote-4.9.5-150500.3.59.1
* podmansh-4.9.5-150500.3.59.1
* openSUSE Leap 15.5 (noarch)
* podman-docker-4.9.5-150500.3.59.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* podman-4.9.5-150500.3.59.1
* podman-remote-debuginfo-4.9.5-150500.3.59.1
* podman-debuginfo-4.9.5-150500.3.59.1
* podman-remote-4.9.5-150500.3.59.1
* podmansh-4.9.5-150500.3.59.1
* openSUSE Leap 15.6 (noarch)
* podman-docker-4.9.5-150500.3.59.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* podman-4.9.5-150500.3.59.1
* podman-remote-debuginfo-4.9.5-150500.3.59.1
* podman-debuginfo-4.9.5-150500.3.59.1
* podman-remote-4.9.5-150500.3.59.1
* podmansh-4.9.5-150500.3.59.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* podman-docker-4.9.5-150500.3.59.1
* Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* podman-4.9.5-150500.3.59.1
* podman-remote-debuginfo-4.9.5-150500.3.59.1
* podman-debuginfo-4.9.5-150500.3.59.1
* podman-remote-4.9.5-150500.3.59.1
* podmansh-4.9.5-150500.3.59.1
* Containers Module 15-SP6 (noarch)
* podman-docker-4.9.5-150500.3.59.1
* Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* podman-4.9.5-150500.3.59.1
* podman-remote-debuginfo-4.9.5-150500.3.59.1
* podman-debuginfo-4.9.5-150500.3.59.1
* podman-remote-4.9.5-150500.3.59.1
* podmansh-4.9.5-150500.3.59.1
* Containers Module 15-SP7 (noarch)
* podman-docker-4.9.5-150500.3.59.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* podman-4.9.5-150500.3.59.1
* podman-remote-debuginfo-4.9.5-150500.3.59.1
* podman-debuginfo-4.9.5-150500.3.59.1
* podman-remote-4.9.5-150500.3.59.1
* podmansh-4.9.5-150500.3.59.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* podman-docker-4.9.5-150500.3.59.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* podman-4.9.5-150500.3.59.1
* podman-remote-debuginfo-4.9.5-150500.3.59.1
* podman-debuginfo-4.9.5-150500.3.59.1
* podman-remote-4.9.5-150500.3.59.1
* podmansh-4.9.5-150500.3.59.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* podman-docker-4.9.5-150500.3.59.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* podman-4.9.5-150500.3.59.1
* podman-remote-debuginfo-4.9.5-150500.3.59.1
* podman-debuginfo-4.9.5-150500.3.59.1
* podman-remote-4.9.5-150500.3.59.1
* podmansh-4.9.5-150500.3.59.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* podman-docker-4.9.5-150500.3.59.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* podman-4.9.5-150500.3.59.1
* podman-remote-debuginfo-4.9.5-150500.3.59.1
* podman-debuginfo-4.9.5-150500.3.59.1
* podman-remote-4.9.5-150500.3.59.1
* podmansh-4.9.5-150500.3.59.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* podman-docker-4.9.5-150500.3.59.1

## References:

* https://www.suse.com/security/cve/CVE-2025-47913.html
* https://bugzilla.suse.com/show_bug.cgi?id=1253542

SUSE-SU-2025:4172-1: important: Security update for the Linux Kernel (Live Patch 60 for SUSE Linux Enterprise 15 SP3)

# Security update for the Linux Kernel (Live Patch 60 for SUSE Linux Enterprise
15 SP3)

Announcement ID: SUSE-SU-2025:4172-1
Release Date: 2025-11-23T20:05:00Z
Rating: important
References:

* bsc#1250295
* bsc#1251228
* bsc#1251983

Cross-References:

* CVE-2022-50388
* CVE-2022-50432
* CVE-2023-53673

CVSS scores:

* CVE-2022-50388 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50388 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50432 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50432 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53673 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53673 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.3
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise Live Patching 15-SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP3

An update that solves three vulnerabilities can now be installed.

## Description:

This update for the SUSE Linux Enterprise kernel 5.3.18-150300.59.215 fixes
various security issues

The following security issues were fixed:

* CVE-2022-50388: nvme: fix multipath crash caused by flush request when
blktrace is enabled (bsc#1250295).
* CVE-2022-50432: kernfs: fix use-after-free in __kernfs_remove (bsc#1251228).
* CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before
deleting conn (bsc#1251983).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2025-4172=1

* SUSE Linux Enterprise Live Patching 15-SP3
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-4172=1

## Package List:

* openSUSE Leap 15.3 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP3_Update_60-debugsource-6-150300.2.1
* kernel-livepatch-5_3_18-150300_59_215-default-debuginfo-6-150300.2.1
* kernel-livepatch-5_3_18-150300_59_215-default-6-150300.2.1
* openSUSE Leap 15.3 (x86_64)
* kernel-livepatch-5_3_18-150300_59_215-preempt-6-150300.2.1
* kernel-livepatch-5_3_18-150300_59_215-preempt-debuginfo-6-150300.2.1
* SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP3_Update_60-debugsource-6-150300.2.1
* kernel-livepatch-5_3_18-150300_59_215-default-debuginfo-6-150300.2.1
* kernel-livepatch-5_3_18-150300_59_215-default-6-150300.2.1

## References:

* https://www.suse.com/security/cve/CVE-2022-50388.html
* https://www.suse.com/security/cve/CVE-2022-50432.html
* https://www.suse.com/security/cve/CVE-2023-53673.html
* https://bugzilla.suse.com/show_bug.cgi?id=1250295
* https://bugzilla.suse.com/show_bug.cgi?id=1251228
* https://bugzilla.suse.com/show_bug.cgi?id=1251983

SUSE-SU-2025:4187-1: critical: Security update for nvidia-container-toolkit

# Security update for nvidia-container-toolkit

Announcement ID: SUSE-SU-2025:4187-1
Release Date: 2025-11-24T07:59:26Z
Rating: critical
References:

* bsc#1231032
* bsc#1231033
* bsc#1232855
* bsc#1236496
* bsc#1236497
* bsc#1236498
* bsc#1237085
* bsc#1246614
* bsc#1246860

Cross-References:

* CVE-2024-0132
* CVE-2024-0133
* CVE-2024-0134
* CVE-2024-0135
* CVE-2024-0136
* CVE-2024-0137
* CVE-2025-23266
* CVE-2025-23267
* CVE-2025-23359

CVSS scores:

* CVE-2024-0132 ( SUSE ): 8.9
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
* CVE-2024-0132 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
* CVE-2024-0132 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
* CVE-2024-0132 ( NVD ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
* CVE-2024-0133 ( SUSE ): 2.1
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
* CVE-2024-0133 ( SUSE ): 4.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
* CVE-2024-0133 ( NVD ): 4.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N
* CVE-2024-0133 ( NVD ): 3.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N
* CVE-2024-0134 ( SUSE ): 1.8
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
* CVE-2024-0134 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
* CVE-2024-0134 ( NVD ): 4.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N
* CVE-2024-0134 ( NVD ): 4.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N
* CVE-2024-0135 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
* CVE-2024-0135 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
* CVE-2024-0135 ( NVD ): 7.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
* CVE-2024-0135 ( NVD ): 7.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
* CVE-2024-0136 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
* CVE-2024-0136 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
* CVE-2024-0136 ( NVD ): 7.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
* CVE-2024-0136 ( NVD ): 8.4 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
* CVE-2024-0137 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
* CVE-2024-0137 ( SUSE ): 5.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
* CVE-2024-0137 ( NVD ): 5.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
* CVE-2024-0137 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
* CVE-2025-23266 ( SUSE ): 9.4
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
* CVE-2025-23266 ( SUSE ): 9.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2025-23266 ( NVD ): 9.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2025-23267 ( SUSE ): 8.4
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:L/SA:H
* CVE-2025-23267 ( SUSE ): 8.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H
* CVE-2025-23267 ( NVD ): 8.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H
* CVE-2025-23359 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
* CVE-2025-23359 ( NVD ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
* CVE-2025-23359 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* Containers Module 15-SP6
* Containers Module 15-SP7
* openSUSE Leap 15.6
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves nine vulnerabilities can now be installed.

## Description:

This update for nvidia-container-toolkit fixes the following issues:

* Update to version 1.18.0:
* This is a major release and includes the following high-level changes:

* The default mode of the NVIDIA Container Runtime has been updated to make use of a just-in-time-generated CDI specification instead of defaulting to the legacy mode.
* Added a systemd unit to generate CDI specifications for available devices automatically. This allows native CDI support in container engines such as Docker and Podman to be used without additional steps.
* Security issues fixed:

* CVE-2024-0133: Fixed data tampering in host file system via specially
crafted container image (bsc#1231032)
* CVE-2024-0132: Fixed time-of-check time-of-use (TOCTOU) race condition in
default configuration via specifically crafted container image (bsc#1231033)
* CVE-2024-0134: Fixed specially-crafted container image can lead to the
creation of unauthorized files on the host (bsc#1232855)
* CVE-2024-0135: Fixed Improper Isolation or Compartmentalization in NVIDIA
Container Toolkit (bsc#1236496)
* CVE-2024-0136: Fixed Improper Isolation or Compartmentalization in NVIDIA
Container Toolkit (bsc#1236497)
* CVE-2024-0137: Fixed Improper Isolation or Compartmentalization in NVIDIA
Container Toolkit (bsc#1236498)
* CVE-2025-23359: Fixed TOCTOU Vulnerability in NVIDIA Container Toolkit
(bsc#1237085)
* CVE-2025-23267: Fixed link following can lead to container escape
(bsc#1246614)
* CVE-2025-23266: Fixed hook initialization might lead to escalation of
privileges (bsc#1246860)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4187=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4187=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4187=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4187=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4187=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2025-4187=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-4187=1

* Containers Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-4187=1

* Containers Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2025-4187=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4187=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4187=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4187=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4187=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4187=1

* SUSE Linux Enterprise Server 15 SP3 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4187=1

## Package List:

* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le x86_64)
* nvidia-container-toolkit-1.18.0-150200.5.17.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64)
* nvidia-container-toolkit-1.18.0-150200.5.17.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* nvidia-container-toolkit-1.18.0-150200.5.17.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* nvidia-container-toolkit-1.18.0-150200.5.17.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* nvidia-container-toolkit-1.18.0-150200.5.17.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* nvidia-container-toolkit-1.18.0-150200.5.17.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* nvidia-container-toolkit-1.18.0-150200.5.17.1
* Containers Module 15-SP6 (aarch64 ppc64le x86_64)
* nvidia-container-toolkit-1.18.0-150200.5.17.1
* Containers Module 15-SP7 (aarch64 ppc64le x86_64)
* nvidia-container-toolkit-1.18.0-150200.5.17.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* nvidia-container-toolkit-1.18.0-150200.5.17.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* nvidia-container-toolkit-1.18.0-150200.5.17.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* nvidia-container-toolkit-1.18.0-150200.5.17.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* nvidia-container-toolkit-1.18.0-150200.5.17.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* nvidia-container-toolkit-1.18.0-150200.5.17.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le x86_64)
* nvidia-container-toolkit-1.18.0-150200.5.17.1

## References:

* https://www.suse.com/security/cve/CVE-2024-0132.html
* https://www.suse.com/security/cve/CVE-2024-0133.html
* https://www.suse.com/security/cve/CVE-2024-0134.html
* https://www.suse.com/security/cve/CVE-2024-0135.html
* https://www.suse.com/security/cve/CVE-2024-0136.html
* https://www.suse.com/security/cve/CVE-2024-0137.html
* https://www.suse.com/security/cve/CVE-2025-23266.html
* https://www.suse.com/security/cve/CVE-2025-23267.html
* https://www.suse.com/security/cve/CVE-2025-23359.html
* https://bugzilla.suse.com/show_bug.cgi?id=1231032
* https://bugzilla.suse.com/show_bug.cgi?id=1231033
* https://bugzilla.suse.com/show_bug.cgi?id=1232855
* https://bugzilla.suse.com/show_bug.cgi?id=1236496
* https://bugzilla.suse.com/show_bug.cgi?id=1236497
* https://bugzilla.suse.com/show_bug.cgi?id=1236498
* https://bugzilla.suse.com/show_bug.cgi?id=1237085
* https://bugzilla.suse.com/show_bug.cgi?id=1246614
* https://bugzilla.suse.com/show_bug.cgi?id=1246860

SUSE-SU-2025:4092-1: moderate: Security update for elfutils

# Security update for elfutils

Announcement ID: SUSE-SU-2025:4092-1
Release Date: 2025-11-24T09:09:10Z
Rating: moderate
References:

* bsc#1237236
* bsc#1237240
* bsc#1237241
* bsc#1237242

Cross-References:

* CVE-2025-1352
* CVE-2025-1372
* CVE-2025-1376
* CVE-2025-1377

CVSS scores:

* CVE-2025-1352 ( SUSE ): 1.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-1352 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2025-1352 ( NVD ): 2.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-1352 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-1352 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-1372 ( SUSE ): 4.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-1372 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2025-1372 ( NVD ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-1372 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-1372 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-1376 ( SUSE ): 1.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-1376 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2025-1376 ( NVD ): 2.0
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-1376 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-1376 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-1377 ( SUSE ): 0.0
CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-1377 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N
* CVE-2025-1377 ( NVD ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-1377 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-1377 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP6
* Basesystem Module 15-SP7
* openSUSE Leap 15.4
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Manager Proxy 4.3
* SUSE Manager Proxy 4.3 LTS
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Retail Branch Server 4.3 LTS
* SUSE Manager Server 4.3
* SUSE Manager Server 4.3 LTS

An update that solves four vulnerabilities can now be installed.

## Description:

This update for elfutils fixes the following issues:

* Fixing build/testsuite for more recent glibc and kernels.

* Fixing denial of service and general buffer overflow errors (bsc#1237236,
bsc#1237240, bsc#1237241, bsc#1237242):

* CVE-2025-1376: Fixed denial of service in function elf_strptr in the library
/libelf/elf_strptr.c of the component eu-strip

* CVE-2025-1377: Fixed denial of service in function gelf_getsymshndx of the
file strip.c of the component eu-strip
* CVE-2025-1372: Fixed buffer overflow in function
dump_data_section/print_string_section of the file readelf.c of the
component eu-readelf
* CVE-2025-1352: Fixed SEGV (illegal read access) in function
__libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf

* Fixing testsuite race conditions in run-debuginfod-find.sh.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4092=1

* SUSE Manager Proxy 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-4092=1

* SUSE Manager Retail Branch Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-LTS-2025-4092=1

* SUSE Manager Server 4.3 LTS
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-4092=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-4092=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-4092=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-4092=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2025-4092=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-4092=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2025-4092=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-4092=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-4092=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-4092=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4092=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4092=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4092=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4092=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4092=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4092=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4092=1

## Package List:

* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* libelf1-0.185-150400.5.8.3
* libasm-devel-0.185-150400.5.8.3
* elfutils-debuginfod-0.185-150400.5.8.2
* elfutils-debuginfod-debugsource-0.185-150400.5.8.2
* libdw-devel-0.185-150400.5.8.3
* libdebuginfod1-debuginfo-0.185-150400.5.8.2
* elfutils-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libdebuginfod1-0.185-150400.5.8.2
* libelf-devel-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-0.185-150400.5.8.2
* elfutils-debuginfod-debuginfo-0.185-150400.5.8.2
* libasm1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-debuginfo-0.185-150400.5.8.2
* elfutils-debugsource-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* libdebuginfod-devel-0.185-150400.5.8.2
* elfutils-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* elfutils-lang-0.185-150400.5.8.3
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
* libelf1-32bit-0.185-150400.5.8.3
* libdw1-32bit-debuginfo-0.185-150400.5.8.3
* libdw1-32bit-0.185-150400.5.8.3
* libelf1-32bit-debuginfo-0.185-150400.5.8.3
* SUSE Manager Proxy 4.3 LTS (x86_64)
* libdw-devel-0.185-150400.5.8.3
* libdebuginfod1-debuginfo-0.185-150400.5.8.2
* libelf-devel-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* libelf1-32bit-0.185-150400.5.8.3
* debuginfod-client-0.185-150400.5.8.2
* libasm1-debuginfo-0.185-150400.5.8.3
* elfutils-debugsource-0.185-150400.5.8.3
* libdw1-32bit-0.185-150400.5.8.3
* libasm-devel-0.185-150400.5.8.3
* libelf1-32bit-debuginfo-0.185-150400.5.8.3
* elfutils-debuginfod-debuginfo-0.185-150400.5.8.2
* debuginfod-client-debuginfo-0.185-150400.5.8.2
* libdw1-32bit-debuginfo-0.185-150400.5.8.3
* elfutils-debuginfo-0.185-150400.5.8.3
* libelf1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* libdebuginfod1-0.185-150400.5.8.2
* elfutils-debuginfod-0.185-150400.5.8.2
* elfutils-debuginfod-debugsource-0.185-150400.5.8.2
* elfutils-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* SUSE Manager Proxy 4.3 LTS (noarch)
* elfutils-lang-0.185-150400.5.8.3
* SUSE Manager Retail Branch Server 4.3 LTS (x86_64)
* libdw-devel-0.185-150400.5.8.3
* libdebuginfod1-debuginfo-0.185-150400.5.8.2
* libelf-devel-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* libelf1-32bit-0.185-150400.5.8.3
* debuginfod-client-0.185-150400.5.8.2
* libasm1-debuginfo-0.185-150400.5.8.3
* elfutils-debugsource-0.185-150400.5.8.3
* libdw1-32bit-0.185-150400.5.8.3
* libasm-devel-0.185-150400.5.8.3
* libelf1-32bit-debuginfo-0.185-150400.5.8.3
* elfutils-debuginfod-debuginfo-0.185-150400.5.8.2
* debuginfod-client-debuginfo-0.185-150400.5.8.2
* libdw1-32bit-debuginfo-0.185-150400.5.8.3
* elfutils-debuginfo-0.185-150400.5.8.3
* libelf1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* libdebuginfod1-0.185-150400.5.8.2
* elfutils-debuginfod-0.185-150400.5.8.2
* elfutils-debuginfod-debugsource-0.185-150400.5.8.2
* elfutils-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* SUSE Manager Retail Branch Server 4.3 LTS (noarch)
* elfutils-lang-0.185-150400.5.8.3
* SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64)
* libelf1-0.185-150400.5.8.3
* libasm-devel-0.185-150400.5.8.3
* elfutils-debuginfod-0.185-150400.5.8.2
* elfutils-debuginfod-debugsource-0.185-150400.5.8.2
* libdw-devel-0.185-150400.5.8.3
* libdebuginfod1-debuginfo-0.185-150400.5.8.2
* elfutils-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libdebuginfod1-0.185-150400.5.8.2
* libelf-devel-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-0.185-150400.5.8.2
* elfutils-debuginfod-debuginfo-0.185-150400.5.8.2
* libasm1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-debuginfo-0.185-150400.5.8.2
* elfutils-debugsource-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* elfutils-debuginfo-0.185-150400.5.8.3
* SUSE Manager Server 4.3 LTS (noarch)
* elfutils-lang-0.185-150400.5.8.3
* SUSE Manager Server 4.3 LTS (x86_64)
* libelf1-32bit-0.185-150400.5.8.3
* libdw1-32bit-debuginfo-0.185-150400.5.8.3
* libdw1-32bit-0.185-150400.5.8.3
* libelf1-32bit-debuginfo-0.185-150400.5.8.3
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libdw-devel-0.185-150400.5.8.3
* libdebuginfod-dummy-devel-0.185-150400.5.8.3
* libdebuginfod1-debuginfo-0.185-150400.5.8.2
* libelf-devel-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-0.185-150400.5.8.2
* libasm1-debuginfo-0.185-150400.5.8.3
* elfutils-debugsource-0.185-150400.5.8.3
* libdebuginfod-devel-0.185-150400.5.8.2
* libasm-devel-0.185-150400.5.8.3
* elfutils-debuginfod-debuginfo-0.185-150400.5.8.2
* debuginfod-client-debuginfo-0.185-150400.5.8.2
* debuginfod-dummy-client-debuginfo-0.185-150400.5.8.3
* debuginfod-dummy-client-0.185-150400.5.8.3
* elfutils-debuginfo-0.185-150400.5.8.3
* libelf1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* libdebuginfod1-dummy-debuginfo-0.185-150400.5.8.3
* libdebuginfod1-0.185-150400.5.8.2
* elfutils-debuginfod-0.185-150400.5.8.2
* elfutils-debuginfod-debugsource-0.185-150400.5.8.2
* elfutils-0.185-150400.5.8.3
* libdebuginfod1-dummy-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* openSUSE Leap 15.4 (noarch)
* elfutils-lang-0.185-150400.5.8.3
* openSUSE Leap 15.4 (x86_64)
* libelf1-32bit-debuginfo-0.185-150400.5.8.3
* libasm1-32bit-0.185-150400.5.8.3
* libelf-devel-32bit-0.185-150400.5.8.3
* libelf1-32bit-0.185-150400.5.8.3
* libasm1-32bit-debuginfo-0.185-150400.5.8.3
* libdw1-32bit-0.185-150400.5.8.3
* libdw1-32bit-debuginfo-0.185-150400.5.8.3
* openSUSE Leap 15.4 (aarch64_ilp32)
* libasm1-64bit-debuginfo-0.185-150400.5.8.3
* libdw1-64bit-debuginfo-0.185-150400.5.8.3
* libasm1-64bit-0.185-150400.5.8.3
* libelf1-64bit-debuginfo-0.185-150400.5.8.3
* libelf-devel-64bit-0.185-150400.5.8.3
* libdw1-64bit-0.185-150400.5.8.3
* libelf1-64bit-0.185-150400.5.8.3
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* libdw-devel-0.185-150400.5.8.3
* libdebuginfod-dummy-devel-0.185-150400.5.8.3
* libdebuginfod1-debuginfo-0.185-150400.5.8.2
* libelf-devel-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-0.185-150400.5.8.2
* libasm1-debuginfo-0.185-150400.5.8.3
* elfutils-debugsource-0.185-150400.5.8.3
* libdebuginfod-devel-0.185-150400.5.8.2
* libasm-devel-0.185-150400.5.8.3
* elfutils-debuginfod-debuginfo-0.185-150400.5.8.2
* debuginfod-client-debuginfo-0.185-150400.5.8.2
* debuginfod-dummy-client-debuginfo-0.185-150400.5.8.3
* debuginfod-dummy-client-0.185-150400.5.8.3
* elfutils-debuginfo-0.185-150400.5.8.3
* libelf1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* libdebuginfod1-dummy-debuginfo-0.185-150400.5.8.3
* libdebuginfod1-0.185-150400.5.8.2
* elfutils-debuginfod-0.185-150400.5.8.2
* elfutils-debuginfod-debugsource-0.185-150400.5.8.2
* elfutils-0.185-150400.5.8.3
* libdebuginfod1-dummy-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* openSUSE Leap 15.6 (noarch)
* elfutils-lang-0.185-150400.5.8.3
* openSUSE Leap 15.6 (x86_64)
* libelf1-32bit-debuginfo-0.185-150400.5.8.3
* libasm1-32bit-0.185-150400.5.8.3
* libelf-devel-32bit-0.185-150400.5.8.3
* libelf1-32bit-0.185-150400.5.8.3
* libasm1-32bit-debuginfo-0.185-150400.5.8.3
* libdw1-32bit-0.185-150400.5.8.3
* libdw1-32bit-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libelf1-0.185-150400.5.8.3
* elfutils-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* libasm1-debuginfo-0.185-150400.5.8.3
* elfutils-debugsource-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* elfutils-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libelf1-0.185-150400.5.8.3
* elfutils-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* libasm1-debuginfo-0.185-150400.5.8.3
* elfutils-debugsource-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* elfutils-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libelf1-0.185-150400.5.8.3
* elfutils-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* libasm1-debuginfo-0.185-150400.5.8.3
* elfutils-debugsource-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* elfutils-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libelf1-0.185-150400.5.8.3
* elfutils-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* libasm1-debuginfo-0.185-150400.5.8.3
* elfutils-debugsource-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* elfutils-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* libelf1-0.185-150400.5.8.3
* elfutils-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* libasm1-debuginfo-0.185-150400.5.8.3
* elfutils-debugsource-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* elfutils-debuginfo-0.185-150400.5.8.3
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libelf1-0.185-150400.5.8.3
* libasm-devel-0.185-150400.5.8.3
* elfutils-debuginfod-0.185-150400.5.8.2
* elfutils-debuginfod-debugsource-0.185-150400.5.8.2
* libdw-devel-0.185-150400.5.8.3
* libdebuginfod1-debuginfo-0.185-150400.5.8.2
* elfutils-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libdebuginfod1-0.185-150400.5.8.2
* libelf-devel-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-0.185-150400.5.8.2
* elfutils-debuginfod-debuginfo-0.185-150400.5.8.2
* libasm1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-debuginfo-0.185-150400.5.8.2
* elfutils-debugsource-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* libdebuginfod-devel-0.185-150400.5.8.2
* elfutils-debuginfo-0.185-150400.5.8.3
* Basesystem Module 15-SP6 (noarch)
* elfutils-lang-0.185-150400.5.8.3
* Basesystem Module 15-SP6 (x86_64)
* libelf1-32bit-0.185-150400.5.8.3
* libdw1-32bit-debuginfo-0.185-150400.5.8.3
* libdw1-32bit-0.185-150400.5.8.3
* libelf1-32bit-debuginfo-0.185-150400.5.8.3
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* libelf1-0.185-150400.5.8.3
* libasm-devel-0.185-150400.5.8.3
* elfutils-debuginfod-0.185-150400.5.8.2
* elfutils-debuginfod-debugsource-0.185-150400.5.8.2
* libdw-devel-0.185-150400.5.8.3
* libdebuginfod1-debuginfo-0.185-150400.5.8.2
* elfutils-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libdebuginfod1-0.185-150400.5.8.2
* libelf-devel-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-0.185-150400.5.8.2
* elfutils-debuginfod-debuginfo-0.185-150400.5.8.2
* libasm1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-debuginfo-0.185-150400.5.8.2
* elfutils-debugsource-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* libdebuginfod-devel-0.185-150400.5.8.2
* elfutils-debuginfo-0.185-150400.5.8.3
* Basesystem Module 15-SP7 (noarch)
* elfutils-lang-0.185-150400.5.8.3
* Basesystem Module 15-SP7 (x86_64)
* libelf1-32bit-0.185-150400.5.8.3
* libdw1-32bit-debuginfo-0.185-150400.5.8.3
* libdw1-32bit-0.185-150400.5.8.3
* libelf1-32bit-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libelf1-0.185-150400.5.8.3
* libasm-devel-0.185-150400.5.8.3
* elfutils-debuginfod-0.185-150400.5.8.2
* elfutils-debuginfod-debugsource-0.185-150400.5.8.2
* libdw-devel-0.185-150400.5.8.3
* libdebuginfod1-debuginfo-0.185-150400.5.8.2
* elfutils-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libdebuginfod1-0.185-150400.5.8.2
* libelf-devel-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-0.185-150400.5.8.2
* elfutils-debuginfod-debuginfo-0.185-150400.5.8.2
* libasm1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-debuginfo-0.185-150400.5.8.2
* elfutils-debugsource-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* elfutils-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* elfutils-lang-0.185-150400.5.8.3
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* libelf1-32bit-0.185-150400.5.8.3
* libdw1-32bit-debuginfo-0.185-150400.5.8.3
* libdw1-32bit-0.185-150400.5.8.3
* libelf1-32bit-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libelf1-0.185-150400.5.8.3
* libasm-devel-0.185-150400.5.8.3
* elfutils-debuginfod-0.185-150400.5.8.2
* elfutils-debuginfod-debugsource-0.185-150400.5.8.2
* libdw-devel-0.185-150400.5.8.3
* libdebuginfod1-debuginfo-0.185-150400.5.8.2
* elfutils-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libdebuginfod1-0.185-150400.5.8.2
* libelf-devel-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-0.185-150400.5.8.2
* elfutils-debuginfod-debuginfo-0.185-150400.5.8.2
* libasm1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-debuginfo-0.185-150400.5.8.2
* elfutils-debugsource-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* elfutils-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* elfutils-lang-0.185-150400.5.8.3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* libelf1-32bit-0.185-150400.5.8.3
* libdw1-32bit-debuginfo-0.185-150400.5.8.3
* libdw1-32bit-0.185-150400.5.8.3
* libelf1-32bit-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* libelf1-0.185-150400.5.8.3
* libasm-devel-0.185-150400.5.8.3
* elfutils-debuginfod-0.185-150400.5.8.2
* elfutils-debuginfod-debugsource-0.185-150400.5.8.2
* libdw-devel-0.185-150400.5.8.3
* libdebuginfod1-debuginfo-0.185-150400.5.8.2
* elfutils-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libdebuginfod1-0.185-150400.5.8.2
* libelf-devel-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-0.185-150400.5.8.2
* elfutils-debuginfod-debuginfo-0.185-150400.5.8.2
* libasm1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-debuginfo-0.185-150400.5.8.2
* elfutils-debugsource-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* libdebuginfod-devel-0.185-150400.5.8.2
* elfutils-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* elfutils-lang-0.185-150400.5.8.3
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
* libelf1-32bit-0.185-150400.5.8.3
* libdw1-32bit-debuginfo-0.185-150400.5.8.3
* libdw1-32bit-0.185-150400.5.8.3
* libelf1-32bit-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* libelf1-0.185-150400.5.8.3
* libasm-devel-0.185-150400.5.8.3
* elfutils-debuginfod-0.185-150400.5.8.2
* elfutils-debuginfod-debugsource-0.185-150400.5.8.2
* libdw-devel-0.185-150400.5.8.3
* libdebuginfod1-debuginfo-0.185-150400.5.8.2
* elfutils-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libdebuginfod1-0.185-150400.5.8.2
* libelf-devel-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-0.185-150400.5.8.2
* elfutils-debuginfod-debuginfo-0.185-150400.5.8.2
* libasm1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-debuginfo-0.185-150400.5.8.2
* elfutils-debugsource-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* libdebuginfod-devel-0.185-150400.5.8.2
* elfutils-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* elfutils-lang-0.185-150400.5.8.3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
* libelf1-32bit-0.185-150400.5.8.3
* libdw1-32bit-debuginfo-0.185-150400.5.8.3
* libdw1-32bit-0.185-150400.5.8.3
* libelf1-32bit-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* libelf1-0.185-150400.5.8.3
* libasm-devel-0.185-150400.5.8.3
* elfutils-debuginfod-0.185-150400.5.8.2
* elfutils-debuginfod-debugsource-0.185-150400.5.8.2
* libdw-devel-0.185-150400.5.8.3
* libdebuginfod1-debuginfo-0.185-150400.5.8.2
* elfutils-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libdebuginfod1-0.185-150400.5.8.2
* libelf-devel-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-0.185-150400.5.8.2
* elfutils-debuginfod-debuginfo-0.185-150400.5.8.2
* libasm1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-debuginfo-0.185-150400.5.8.2
* elfutils-debugsource-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* elfutils-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* elfutils-lang-0.185-150400.5.8.3
* SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
* libelf1-32bit-0.185-150400.5.8.3
* libdw1-32bit-debuginfo-0.185-150400.5.8.3
* libdw1-32bit-0.185-150400.5.8.3
* libelf1-32bit-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* libelf1-0.185-150400.5.8.3
* libasm-devel-0.185-150400.5.8.3
* elfutils-debuginfod-0.185-150400.5.8.2
* elfutils-debuginfod-debugsource-0.185-150400.5.8.2
* libdw-devel-0.185-150400.5.8.3
* libdebuginfod1-debuginfo-0.185-150400.5.8.2
* elfutils-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libdebuginfod1-0.185-150400.5.8.2
* libelf-devel-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-0.185-150400.5.8.2
* elfutils-debuginfod-debuginfo-0.185-150400.5.8.2
* libasm1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-debuginfo-0.185-150400.5.8.2
* elfutils-debugsource-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* libdebuginfod-devel-0.185-150400.5.8.2
* elfutils-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* elfutils-lang-0.185-150400.5.8.3
* SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
* libelf1-32bit-0.185-150400.5.8.3
* libdw1-32bit-debuginfo-0.185-150400.5.8.3
* libdw1-32bit-0.185-150400.5.8.3
* libelf1-32bit-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libelf1-0.185-150400.5.8.3
* libasm-devel-0.185-150400.5.8.3
* elfutils-debuginfod-0.185-150400.5.8.2
* elfutils-debuginfod-debugsource-0.185-150400.5.8.2
* libdw-devel-0.185-150400.5.8.3
* libdebuginfod1-debuginfo-0.185-150400.5.8.2
* elfutils-0.185-150400.5.8.3
* libasm1-0.185-150400.5.8.3
* libdebuginfod1-0.185-150400.5.8.2
* libelf-devel-0.185-150400.5.8.3
* libelf1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-0.185-150400.5.8.2
* elfutils-debuginfod-debuginfo-0.185-150400.5.8.2
* libasm1-debuginfo-0.185-150400.5.8.3
* debuginfod-client-debuginfo-0.185-150400.5.8.2
* elfutils-debugsource-0.185-150400.5.8.3
* libdw1-0.185-150400.5.8.3
* libdw1-debuginfo-0.185-150400.5.8.3
* elfutils-debuginfo-0.185-150400.5.8.3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* elfutils-lang-0.185-150400.5.8.3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* libelf1-32bit-0.185-150400.5.8.3
* libdw1-32bit-debuginfo-0.185-150400.5.8.3
* libdw1-32bit-0.185-150400.5.8.3
* libelf1-32bit-debuginfo-0.185-150400.5.8.3

## References:

* https://www.suse.com/security/cve/CVE-2025-1352.html
* https://www.suse.com/security/cve/CVE-2025-1372.html
* https://www.suse.com/security/cve/CVE-2025-1376.html
* https://www.suse.com/security/cve/CVE-2025-1377.html
* https://bugzilla.suse.com/show_bug.cgi?id=1237236
* https://bugzilla.suse.com/show_bug.cgi?id=1237240
* https://bugzilla.suse.com/show_bug.cgi?id=1237241
* https://bugzilla.suse.com/show_bug.cgi?id=1237242

SUSE-SU-2025:4188-1: important: Security update for the Linux Kernel

# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:4188-1
Release Date: 2025-11-24T09:17:18Z
Rating: important
References:

* bsc#1065729
* bsc#1199304
* bsc#1205128
* bsc#1206893
* bsc#1210124
* bsc#1247317
* bsc#1249186
* bsc#1249857
* bsc#1249859
* bsc#1249988
* bsc#1250293
* bsc#1250311
* bsc#1250358
* bsc#1250742
* bsc#1250784
* bsc#1250816
* bsc#1250851
* bsc#1250946
* bsc#1251040
* bsc#1251047
* bsc#1251052
* bsc#1251072
* bsc#1251088
* bsc#1251091
* bsc#1251115
* bsc#1251169
* bsc#1251173
* bsc#1251182
* bsc#1251201
* bsc#1251202
* bsc#1251208
* bsc#1251222
* bsc#1251292
* bsc#1251300
* bsc#1251550
* bsc#1251723
* bsc#1251725
* bsc#1251730
* bsc#1251741
* bsc#1251743
* bsc#1251747
* bsc#1251763
* bsc#1251930
* bsc#1252035
* bsc#1252047
* bsc#1252480
* bsc#1252499
* bsc#1252516
* bsc#1252554
* bsc#1252688
* bsc#1252775
* jsc#PED-4593
* jsc#PED-568

Cross-References:

* CVE-2022-43945
* CVE-2022-50327
* CVE-2022-50334
* CVE-2022-50388
* CVE-2022-50423
* CVE-2022-50432
* CVE-2022-50470
* CVE-2022-50480
* CVE-2022-50484
* CVE-2022-50487
* CVE-2022-50488
* CVE-2022-50489
* CVE-2022-50493
* CVE-2022-50494
* CVE-2022-50496
* CVE-2022-50504
* CVE-2022-50513
* CVE-2022-50516
* CVE-2022-50532
* CVE-2022-50534
* CVE-2022-50544
* CVE-2022-50546
* CVE-2022-50549
* CVE-2022-50563
* CVE-2022-50574
* CVE-2023-53282
* CVE-2023-53365
* CVE-2023-53395
* CVE-2023-53500
* CVE-2023-53559
* CVE-2023-53564
* CVE-2023-53566
* CVE-2023-53574
* CVE-2023-53619
* CVE-2023-53673
* CVE-2023-53705
* CVE-2023-53722
* CVE-2025-38476
* CVE-2025-39968
* CVE-2025-39973
* CVE-2025-40018
* CVE-2025-40082

CVSS scores:

* CVE-2022-43945 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-43945 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-43945 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50327 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50327 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50334 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50334 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50388 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50388 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50423 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50423 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50432 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50432 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50470 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50470 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2022-50480 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2022-50480 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-50484 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50487 ( SUSE ): 7.1
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50487 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2022-50488 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50488 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50489 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2022-50489 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-50493 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50493 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50494 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50494 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50496 ( SUSE ): 7.1
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50496 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50504 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50504 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50513 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2022-50513 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-50516 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50516 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50534 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50544 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50544 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50546 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50549 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-50563 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50563 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2022-50574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-53282 ( SUSE ): 7.1
CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53282 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53365 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-53395 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53395 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53500 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-53559 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-53564 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53564 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-53566 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-53574 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53574 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53619 ( SUSE ): 8.4
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53619 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53673 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53673 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53705 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2023-53705 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
* CVE-2023-53722 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53722 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38476 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38476 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-39968 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-39968 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-39973 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-39973 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-40018 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-40018 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-40082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.3
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Availability Extension 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise Live Patching 15-SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 Business Critical Linux
* SUSE Linux Enterprise Server 15 SP3 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Manager Proxy 4.2
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Server 4.2

An update that solves 42 vulnerabilities, contains two features and has nine
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP3 kernel was updated to fix various security
issues

The following security issues were fixed:

* CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return
value (bsc#1249859).
* CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()
(bsc#1249857).
* CVE-2022-50388: nvme: fix multipath crash caused by flush request when
blktrace is enabled (bsc#1250293).
* CVE-2022-50423: ACPICA: Fix use-after-free in
acpi_ut_copy_ipackage_to_ipackage() (bsc#1250784).
* CVE-2022-50432: kernfs: fix use-after-free in __kernfs_remove (bsc#1250851).
* CVE-2022-50488: block, bfq: fix possible uaf for 'bfqq->bic' (bsc#1251201).
* CVE-2022-50516: fs: dlm: fix invalid derefence of sb_lvbptr (bsc#1251741).
* CVE-2023-53282: scsi: lpfc: Fix use-after-free KFENCE violation during sysfs
firmware write (bsc#1250311).
* CVE-2023-53365: ip6mr: Fix skb_under_panic in ip6mr_cache_report()
(bsc#1249988).
* CVE-2023-53395: ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer
(bsc#1250358).
* CVE-2023-53500: xfrm: fix slab-use-after-free in decode_session6
(bsc#1250816).
* CVE-2023-53559: ip_vti: fix potential slab-use-after-free in decode_session6
(bsc#1251052).
* CVE-2023-53574: wifi: rtw88: delete timer and free skb queue when unloading
(bsc#1251222).
* CVE-2023-53619: netfilter: conntrack: Avoid nf_ct_helper_hash uses after
free (bsc#1251743).
* CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before
deleting conn (bsc#1251763).
* CVE-2023-53705: ipv6: Fix out-of-bounds access in ipv6_find_tlv()
(bsc#1252554).
* CVE-2023-53722: md: raid1: fix potential OOB in raid1_remove_disk()
(bsc#1252499).
* CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline()
(bsc#1247317).
* CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).
* CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
* CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup
(bsc#1252688).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2025-4188=1

* SUSE Linux Enterprise High Availability Extension 15 SP3
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2025-4188=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4188=1

* SUSE Linux Enterprise Server 15 SP3 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4188=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4188=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2025-4188=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-4188=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-4188=1

* SUSE Linux Enterprise Live Patching 15-SP3
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-4188=1

## Package List:

* openSUSE Leap 15.3 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.226.3
* openSUSE Leap 15.3 (noarch)
* kernel-devel-5.3.18-150300.59.226.2
* kernel-source-5.3.18-150300.59.226.2
* kernel-docs-html-5.3.18-150300.59.226.3
* kernel-source-vanilla-5.3.18-150300.59.226.2
* kernel-macros-5.3.18-150300.59.226.2
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64)
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.226.2
* reiserfs-kmp-default-5.3.18-150300.59.226.2
* kernel-default-debugsource-5.3.18-150300.59.226.2
* kernel-default-base-rebuild-5.3.18-150300.59.226.2.150300.18.134.2
* kselftests-kmp-default-5.3.18-150300.59.226.2
* kernel-default-optional-5.3.18-150300.59.226.2
* ocfs2-kmp-default-5.3.18-150300.59.226.2
* kernel-default-extra-debuginfo-5.3.18-150300.59.226.2
* kernel-default-base-5.3.18-150300.59.226.2.150300.18.134.2
* gfs2-kmp-default-debuginfo-5.3.18-150300.59.226.2
* kernel-syms-5.3.18-150300.59.226.1
* kernel-default-devel-debuginfo-5.3.18-150300.59.226.2
* dlm-kmp-default-5.3.18-150300.59.226.2
* cluster-md-kmp-default-5.3.18-150300.59.226.2
* kernel-obs-qa-5.3.18-150300.59.226.1
* kernel-default-livepatch-5.3.18-150300.59.226.2
* kernel-obs-build-5.3.18-150300.59.226.2
* gfs2-kmp-default-5.3.18-150300.59.226.2
* dlm-kmp-default-debuginfo-5.3.18-150300.59.226.2
* kselftests-kmp-default-debuginfo-5.3.18-150300.59.226.2
* kernel-default-extra-5.3.18-150300.59.226.2
* cluster-md-kmp-default-debuginfo-5.3.18-150300.59.226.2
* kernel-default-optional-debuginfo-5.3.18-150300.59.226.2
* kernel-default-devel-5.3.18-150300.59.226.2
* kernel-default-debuginfo-5.3.18-150300.59.226.2
* ocfs2-kmp-default-debuginfo-5.3.18-150300.59.226.2
* kernel-obs-build-debugsource-5.3.18-150300.59.226.2
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.3.18-150300.59.226.2
* openSUSE Leap 15.3 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP3_Update_63-debugsource-1-150300.7.5.2
* kernel-livepatch-5_3_18-150300_59_226-default-debuginfo-1-150300.7.5.2
* kernel-livepatch-5_3_18-150300_59_226-default-1-150300.7.5.2
* kernel-default-livepatch-devel-5.3.18-150300.59.226.2
* openSUSE Leap 15.3 (nosrc ppc64le x86_64)
* kernel-kvmsmall-5.3.18-150300.59.226.2
* openSUSE Leap 15.3 (ppc64le x86_64)
* kernel-kvmsmall-debuginfo-5.3.18-150300.59.226.2
* kernel-kvmsmall-debugsource-5.3.18-150300.59.226.2
* kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.226.2
* kernel-kvmsmall-devel-5.3.18-150300.59.226.2
* openSUSE Leap 15.3 (x86_64)
* kernel-livepatch-5_3_18-150300_59_226-preempt-debuginfo-1-150300.7.5.2
* kernel-livepatch-5_3_18-150300_59_226-preempt-1-150300.7.5.2
* openSUSE Leap 15.3 (aarch64 x86_64)
* gfs2-kmp-preempt-5.3.18-150300.59.226.2
* cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.226.2
* kernel-preempt-debugsource-5.3.18-150300.59.226.2
* dlm-kmp-preempt-debuginfo-5.3.18-150300.59.226.2
* kernel-preempt-extra-5.3.18-150300.59.226.2
* ocfs2-kmp-preempt-5.3.18-150300.59.226.2
* kselftests-kmp-preempt-5.3.18-150300.59.226.2
* reiserfs-kmp-preempt-5.3.18-150300.59.226.2
* dlm-kmp-preempt-5.3.18-150300.59.226.2
* gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.226.2
* ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.226.2
* cluster-md-kmp-preempt-5.3.18-150300.59.226.2
* reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.226.2
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.226.2
* kernel-preempt-optional-debuginfo-5.3.18-150300.59.226.2
* kernel-preempt-devel-5.3.18-150300.59.226.2
* kernel-preempt-extra-debuginfo-5.3.18-150300.59.226.2
* kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.226.2
* kernel-preempt-optional-5.3.18-150300.59.226.2
* kernel-preempt-debuginfo-5.3.18-150300.59.226.2
* openSUSE Leap 15.3 (aarch64 nosrc x86_64)
* kernel-preempt-5.3.18-150300.59.226.2
* openSUSE Leap 15.3 (nosrc s390x)
* kernel-zfcpdump-5.3.18-150300.59.226.2
* openSUSE Leap 15.3 (s390x)
* kernel-zfcpdump-debugsource-5.3.18-150300.59.226.2
* kernel-zfcpdump-debuginfo-5.3.18-150300.59.226.2
* openSUSE Leap 15.3 (nosrc)
* dtb-aarch64-5.3.18-150300.59.226.1
* openSUSE Leap 15.3 (aarch64)
* dtb-qcom-5.3.18-150300.59.226.1
* kernel-64kb-devel-debuginfo-5.3.18-150300.59.226.2
* dtb-lg-5.3.18-150300.59.226.1
* dtb-amd-5.3.18-150300.59.226.1
* dtb-sprd-5.3.18-150300.59.226.1
* kernel-64kb-debuginfo-5.3.18-150300.59.226.2
* kernel-64kb-optional-debuginfo-5.3.18-150300.59.226.2
* reiserfs-kmp-64kb-5.3.18-150300.59.226.2
* dtb-arm-5.3.18-150300.59.226.1
* ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.226.2
* dtb-altera-5.3.18-150300.59.226.1
* dtb-marvell-5.3.18-150300.59.226.1
* dtb-rockchip-5.3.18-150300.59.226.1
* dtb-broadcom-5.3.18-150300.59.226.1
* kernel-64kb-devel-5.3.18-150300.59.226.2
* ocfs2-kmp-64kb-5.3.18-150300.59.226.2
* dlm-kmp-64kb-5.3.18-150300.59.226.2
* dtb-xilinx-5.3.18-150300.59.226.1
* kernel-64kb-extra-debuginfo-5.3.18-150300.59.226.2
* kselftests-kmp-64kb-5.3.18-150300.59.226.2
* gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.226.2
* kernel-64kb-optional-5.3.18-150300.59.226.2
* dtb-zte-5.3.18-150300.59.226.1
* dtb-socionext-5.3.18-150300.59.226.1
* cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.226.2
* reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.226.2
* dtb-cavium-5.3.18-150300.59.226.1
* cluster-md-kmp-64kb-5.3.18-150300.59.226.2
* dlm-kmp-64kb-debuginfo-5.3.18-150300.59.226.2
* dtb-renesas-5.3.18-150300.59.226.1
* dtb-hisilicon-5.3.18-150300.59.226.1
* dtb-mediatek-5.3.18-150300.59.226.1
* dtb-amlogic-5.3.18-150300.59.226.1
* dtb-al-5.3.18-150300.59.226.1
* dtb-apm-5.3.18-150300.59.226.1
* dtb-freescale-5.3.18-150300.59.226.1
* kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.226.2
* kernel-64kb-debugsource-5.3.18-150300.59.226.2
* dtb-nvidia-5.3.18-150300.59.226.1
* kernel-64kb-extra-5.3.18-150300.59.226.2
* gfs2-kmp-64kb-5.3.18-150300.59.226.2
* dtb-allwinner-5.3.18-150300.59.226.1
* dtb-exynos-5.3.18-150300.59.226.1
* openSUSE Leap 15.3 (aarch64 nosrc)
* kernel-64kb-5.3.18-150300.59.226.2
* SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le
s390x x86_64)
* dlm-kmp-default-5.3.18-150300.59.226.2
* cluster-md-kmp-default-debuginfo-5.3.18-150300.59.226.2
* kernel-default-debuginfo-5.3.18-150300.59.226.2
* kernel-default-debugsource-5.3.18-150300.59.226.2
* cluster-md-kmp-default-5.3.18-150300.59.226.2
* ocfs2-kmp-default-debuginfo-5.3.18-150300.59.226.2
* gfs2-kmp-default-debuginfo-5.3.18-150300.59.226.2
* ocfs2-kmp-default-5.3.18-150300.59.226.2
* gfs2-kmp-default-5.3.18-150300.59.226.2
* dlm-kmp-default-debuginfo-5.3.18-150300.59.226.2
* SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc)
* kernel-default-5.3.18-150300.59.226.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc)
* kernel-64kb-5.3.18-150300.59.226.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64)
* kernel-64kb-debuginfo-5.3.18-150300.59.226.2
* kernel-64kb-devel-debuginfo-5.3.18-150300.59.226.2
* kernel-64kb-debugsource-5.3.18-150300.59.226.2
* kernel-64kb-devel-5.3.18-150300.59.226.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc
x86_64)
* kernel-default-5.3.18-150300.59.226.2
* kernel-preempt-5.3.18-150300.59.226.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* kernel-preempt-devel-5.3.18-150300.59.226.2
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.226.2
* reiserfs-kmp-default-5.3.18-150300.59.226.2
* kernel-preempt-debugsource-5.3.18-150300.59.226.2
* kernel-default-devel-5.3.18-150300.59.226.2
* kernel-default-debugsource-5.3.18-150300.59.226.2
* kernel-default-debuginfo-5.3.18-150300.59.226.2
* kernel-default-base-5.3.18-150300.59.226.2.150300.18.134.2
* kernel-syms-5.3.18-150300.59.226.1
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.226.2
* kernel-obs-build-5.3.18-150300.59.226.2
* kernel-default-devel-debuginfo-5.3.18-150300.59.226.2
* kernel-obs-build-debugsource-5.3.18-150300.59.226.2
* kernel-preempt-debuginfo-5.3.18-150300.59.226.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* kernel-macros-5.3.18-150300.59.226.2
* kernel-source-5.3.18-150300.59.226.2
* kernel-devel-5.3.18-150300.59.226.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.226.3
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc)
* kernel-64kb-5.3.18-150300.59.226.2
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64)
* kernel-64kb-debuginfo-5.3.18-150300.59.226.2
* kernel-64kb-devel-debuginfo-5.3.18-150300.59.226.2
* kernel-64kb-debugsource-5.3.18-150300.59.226.2
* kernel-64kb-devel-5.3.18-150300.59.226.2
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64
nosrc)
* kernel-default-5.3.18-150300.59.226.2
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.226.2
* reiserfs-kmp-default-5.3.18-150300.59.226.2
* kernel-default-devel-5.3.18-150300.59.226.2
* kernel-default-debugsource-5.3.18-150300.59.226.2
* kernel-default-debuginfo-5.3.18-150300.59.226.2
* kernel-default-base-5.3.18-150300.59.226.2.150300.18.134.2
* kernel-syms-5.3.18-150300.59.226.1
* kernel-obs-build-5.3.18-150300.59.226.2
* kernel-default-devel-debuginfo-5.3.18-150300.59.226.2
* kernel-obs-build-debugsource-5.3.18-150300.59.226.2
* SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
* kernel-macros-5.3.18-150300.59.226.2
* kernel-source-5.3.18-150300.59.226.2
* kernel-devel-5.3.18-150300.59.226.2
* SUSE Linux Enterprise Server 15 SP3 LTSS (noarch nosrc)
* kernel-docs-5.3.18-150300.59.226.3
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc x86_64)
* kernel-preempt-5.3.18-150300.59.226.2
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 x86_64)
* kernel-preempt-devel-5.3.18-150300.59.226.2
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.226.2
* kernel-preempt-debugsource-5.3.18-150300.59.226.2
* kernel-preempt-debuginfo-5.3.18-150300.59.226.2
* SUSE Linux Enterprise Server 15 SP3 LTSS (nosrc s390x)
* kernel-zfcpdump-5.3.18-150300.59.226.2
* SUSE Linux Enterprise Server 15 SP3 LTSS (s390x)
* kernel-zfcpdump-debugsource-5.3.18-150300.59.226.2
* kernel-zfcpdump-debuginfo-5.3.18-150300.59.226.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le
x86_64)
* kernel-default-5.3.18-150300.59.226.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.226.2
* reiserfs-kmp-default-5.3.18-150300.59.226.2
* kernel-default-devel-5.3.18-150300.59.226.2
* kernel-default-debugsource-5.3.18-150300.59.226.2
* kernel-default-debuginfo-5.3.18-150300.59.226.2
* kernel-default-base-5.3.18-150300.59.226.2.150300.18.134.2
* kernel-syms-5.3.18-150300.59.226.1
* kernel-obs-build-5.3.18-150300.59.226.2
* kernel-default-devel-debuginfo-5.3.18-150300.59.226.2
* kernel-obs-build-debugsource-5.3.18-150300.59.226.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* kernel-macros-5.3.18-150300.59.226.2
* kernel-source-5.3.18-150300.59.226.2
* kernel-devel-5.3.18-150300.59.226.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.226.3
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64)
* kernel-preempt-5.3.18-150300.59.226.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
* kernel-preempt-devel-5.3.18-150300.59.226.2
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.226.2
* kernel-preempt-debugsource-5.3.18-150300.59.226.2
* kernel-preempt-debuginfo-5.3.18-150300.59.226.2
* SUSE Enterprise Storage 7.1 (aarch64 nosrc)
* kernel-64kb-5.3.18-150300.59.226.2
* SUSE Enterprise Storage 7.1 (aarch64)
* kernel-64kb-debuginfo-5.3.18-150300.59.226.2
* kernel-64kb-devel-debuginfo-5.3.18-150300.59.226.2
* kernel-64kb-debugsource-5.3.18-150300.59.226.2
* kernel-64kb-devel-5.3.18-150300.59.226.2
* SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64)
* kernel-default-5.3.18-150300.59.226.2
* kernel-preempt-5.3.18-150300.59.226.2
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* kernel-preempt-devel-5.3.18-150300.59.226.2
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.226.2
* reiserfs-kmp-default-5.3.18-150300.59.226.2
* kernel-preempt-debugsource-5.3.18-150300.59.226.2
* kernel-default-devel-5.3.18-150300.59.226.2
* kernel-default-debugsource-5.3.18-150300.59.226.2
* kernel-default-debuginfo-5.3.18-150300.59.226.2
* kernel-default-base-5.3.18-150300.59.226.2.150300.18.134.2
* kernel-syms-5.3.18-150300.59.226.1
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.226.2
* kernel-obs-build-5.3.18-150300.59.226.2
* kernel-default-devel-debuginfo-5.3.18-150300.59.226.2
* kernel-obs-build-debugsource-5.3.18-150300.59.226.2
* kernel-preempt-debuginfo-5.3.18-150300.59.226.2
* SUSE Enterprise Storage 7.1 (noarch)
* kernel-macros-5.3.18-150300.59.226.2
* kernel-source-5.3.18-150300.59.226.2
* kernel-devel-5.3.18-150300.59.226.2
* SUSE Enterprise Storage 7.1 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.226.3
* SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64)
* kernel-default-5.3.18-150300.59.226.2
* SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64)
* kernel-default-base-5.3.18-150300.59.226.2.150300.18.134.2
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* kernel-default-debugsource-5.3.18-150300.59.226.2
* kernel-default-debuginfo-5.3.18-150300.59.226.2
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64)
* kernel-default-5.3.18-150300.59.226.2
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64)
* kernel-default-base-5.3.18-150300.59.226.2.150300.18.134.2
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* kernel-default-debugsource-5.3.18-150300.59.226.2
* kernel-default-debuginfo-5.3.18-150300.59.226.2
* SUSE Linux Enterprise Live Patching 15-SP3 (nosrc)
* kernel-default-5.3.18-150300.59.226.2
* SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
* kernel-livepatch-5_3_18-150300_59_226-default-debuginfo-1-150300.7.5.2
* kernel-default-debugsource-5.3.18-150300.59.226.2
* kernel-default-debuginfo-5.3.18-150300.59.226.2
* kernel-default-livepatch-devel-5.3.18-150300.59.226.2
* kernel-default-livepatch-5.3.18-150300.59.226.2
* kernel-livepatch-SLE15-SP3_Update_63-debugsource-1-150300.7.5.2
* kernel-livepatch-5_3_18-150300_59_226-default-1-150300.7.5.2

## References:

* https://www.suse.com/security/cve/CVE-2022-43945.html
* https://www.suse.com/security/cve/CVE-2022-50327.html
* https://www.suse.com/security/cve/CVE-2022-50334.html
* https://www.suse.com/security/cve/CVE-2022-50388.html
* https://www.suse.com/security/cve/CVE-2022-50423.html
* https://www.suse.com/security/cve/CVE-2022-50432.html
* https://www.suse.com/security/cve/CVE-2022-50470.html
* https://www.suse.com/security/cve/CVE-2022-50480.html
* https://www.suse.com/security/cve/CVE-2022-50484.html
* https://www.suse.com/security/cve/CVE-2022-50487.html
* https://www.suse.com/security/cve/CVE-2022-50488.html
* https://www.suse.com/security/cve/CVE-2022-50489.html
* https://www.suse.com/security/cve/CVE-2022-50493.html
* https://www.suse.com/security/cve/CVE-2022-50494.html
* https://www.suse.com/security/cve/CVE-2022-50496.html
* https://www.suse.com/security/cve/CVE-2022-50504.html
* https://www.suse.com/security/cve/CVE-2022-50513.html
* https://www.suse.com/security/cve/CVE-2022-50516.html
* https://www.suse.com/security/cve/CVE-2022-50532.html
* https://www.suse.com/security/cve/CVE-2022-50534.html
* https://www.suse.com/security/cve/CVE-2022-50544.html
* https://www.suse.com/security/cve/CVE-2022-50546.html
* https://www.suse.com/security/cve/CVE-2022-50549.html
* https://www.suse.com/security/cve/CVE-2022-50563.html
* https://www.suse.com/security/cve/CVE-2022-50574.html
* https://www.suse.com/security/cve/CVE-2023-53282.html
* https://www.suse.com/security/cve/CVE-2023-53365.html
* https://www.suse.com/security/cve/CVE-2023-53395.html
* https://www.suse.com/security/cve/CVE-2023-53500.html
* https://www.suse.com/security/cve/CVE-2023-53559.html
* https://www.suse.com/security/cve/CVE-2023-53564.html
* https://www.suse.com/security/cve/CVE-2023-53566.html
* https://www.suse.com/security/cve/CVE-2023-53574.html
* https://www.suse.com/security/cve/CVE-2023-53619.html
* https://www.suse.com/security/cve/CVE-2023-53673.html
* https://www.suse.com/security/cve/CVE-2023-53705.html
* https://www.suse.com/security/cve/CVE-2023-53722.html
* https://www.suse.com/security/cve/CVE-2025-38476.html
* https://www.suse.com/security/cve/CVE-2025-39968.html
* https://www.suse.com/security/cve/CVE-2025-39973.html
* https://www.suse.com/security/cve/CVE-2025-40018.html
* https://www.suse.com/security/cve/CVE-2025-40082.html
* https://bugzilla.suse.com/show_bug.cgi?id=1065729
* https://bugzilla.suse.com/show_bug.cgi?id=1199304
* https://bugzilla.suse.com/show_bug.cgi?id=1205128
* https://bugzilla.suse.com/show_bug.cgi?id=1206893
* https://bugzilla.suse.com/show_bug.cgi?id=1210124
* https://bugzilla.suse.com/show_bug.cgi?id=1247317
* https://bugzilla.suse.com/show_bug.cgi?id=1249186
* https://bugzilla.suse.com/show_bug.cgi?id=1249857
* https://bugzilla.suse.com/show_bug.cgi?id=1249859
* https://bugzilla.suse.com/show_bug.cgi?id=1249988
* https://bugzilla.suse.com/show_bug.cgi?id=1250293
* https://bugzilla.suse.com/show_bug.cgi?id=1250311
* https://bugzilla.suse.com/show_bug.cgi?id=1250358
* https://bugzilla.suse.com/show_bug.cgi?id=1250742
* https://bugzilla.suse.com/show_bug.cgi?id=1250784
* https://bugzilla.suse.com/show_bug.cgi?id=1250816
* https://bugzilla.suse.com/show_bug.cgi?id=1250851
* https://bugzilla.suse.com/show_bug.cgi?id=1250946
* https://bugzilla.suse.com/show_bug.cgi?id=1251040
* https://bugzilla.suse.com/show_bug.cgi?id=1251047
* https://bugzilla.suse.com/show_bug.cgi?id=1251052
* https://bugzilla.suse.com/show_bug.cgi?id=1251072
* https://bugzilla.suse.com/show_bug.cgi?id=1251088
* https://bugzilla.suse.com/show_bug.cgi?id=1251091
* https://bugzilla.suse.com/show_bug.cgi?id=1251115
* https://bugzilla.suse.com/show_bug.cgi?id=1251169
* https://bugzilla.suse.com/show_bug.cgi?id=1251173
* https://bugzilla.suse.com/show_bug.cgi?id=1251182
* https://bugzilla.suse.com/show_bug.cgi?id=1251201
* https://bugzilla.suse.com/show_bug.cgi?id=1251202
* https://bugzilla.suse.com/show_bug.cgi?id=1251208
* https://bugzilla.suse.com/show_bug.cgi?id=1251222
* https://bugzilla.suse.com/show_bug.cgi?id=1251292
* https://bugzilla.suse.com/show_bug.cgi?id=1251300
* https://bugzilla.suse.com/show_bug.cgi?id=1251550
* https://bugzilla.suse.com/show_bug.cgi?id=1251723
* https://bugzilla.suse.com/show_bug.cgi?id=1251725
* https://bugzilla.suse.com/show_bug.cgi?id=1251730
* https://bugzilla.suse.com/show_bug.cgi?id=1251741
* https://bugzilla.suse.com/show_bug.cgi?id=1251743
* https://bugzilla.suse.com/show_bug.cgi?id=1251747
* https://bugzilla.suse.com/show_bug.cgi?id=1251763
* https://bugzilla.suse.com/show_bug.cgi?id=1251930
* https://bugzilla.suse.com/show_bug.cgi?id=1252035
* https://bugzilla.suse.com/show_bug.cgi?id=1252047
* https://bugzilla.suse.com/show_bug.cgi?id=1252480
* https://bugzilla.suse.com/show_bug.cgi?id=1252499
* https://bugzilla.suse.com/show_bug.cgi?id=1252516
* https://bugzilla.suse.com/show_bug.cgi?id=1252554
* https://bugzilla.suse.com/show_bug.cgi?id=1252688
* https://bugzilla.suse.com/show_bug.cgi?id=1252775
* https://jira.suse.com/browse/PED-4593
* https://jira.suse.com/browse/PED-568

SUSE-SU-2025:4190-1: important: Security update for helm

# Security update for helm

Announcement ID: SUSE-SU-2025:4190-1
Release Date: 2025-11-24T09:21:06Z
Rating: important
References:

* bsc#1246152
* bsc#1251442
* bsc#1251649

Cross-References:

* CVE-2025-47911
* CVE-2025-53547
* CVE-2025-58190

CVSS scores:

* CVE-2025-47911 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-47911 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-53547 ( SUSE ): 8.4
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H
* CVE-2025-53547 ( SUSE ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H
* CVE-2025-53547 ( NVD ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H
* CVE-2025-53547 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
* CVE-2025-58190 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-58190 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* Containers Module 15-SP6
* Containers Module 15-SP7
* openSUSE Leap 15.6
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Package Hub 15 15-SP6
* SUSE Package Hub 15 15-SP7

An update that solves three vulnerabilities can now be installed.

## Description:

This update for helm fixes the following issues:

* Update to version 3.19.1
* CVE-2025-53547: Fixed local code execution in Helm Chart. (bsc#1246152)
* CVE-2025-58190: Fixed excessive memory consumption by `html.ParseFragment`
when processing specially crafted input. (bsc#1251649)
* CVE-2025-47911: Fixed various algorithms with quadratic complexity when
parsing HTML documents. (bsc#1251442)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-4190=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-4190=1

* Containers Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-4190=1

* Containers Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2025-4190=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-4190=1

* SUSE Package Hub 15 15-SP7
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4190=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4190=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4190=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4190=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4190=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4190=1

* SUSE Linux Enterprise Server 15 SP3 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4190=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4190=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4190=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4190=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4190=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4190=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2025-4190=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* helm-debuginfo-3.19.1-150000.1.57.1
* helm-3.19.1-150000.1.57.1
* openSUSE Leap 15.6 (noarch)
* helm-fish-completion-3.19.1-150000.1.57.1
* helm-zsh-completion-3.19.1-150000.1.57.1
* helm-bash-completion-3.19.1-150000.1.57.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* helm-debuginfo-3.19.1-150000.1.57.1
* helm-3.19.1-150000.1.57.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* helm-bash-completion-3.19.1-150000.1.57.1
* Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* helm-debuginfo-3.19.1-150000.1.57.1
* helm-3.19.1-150000.1.57.1
* Containers Module 15-SP6 (noarch)
* helm-zsh-completion-3.19.1-150000.1.57.1
* helm-bash-completion-3.19.1-150000.1.57.1
* Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* helm-debuginfo-3.19.1-150000.1.57.1
* helm-3.19.1-150000.1.57.1
* Containers Module 15-SP7 (noarch)
* helm-zsh-completion-3.19.1-150000.1.57.1
* helm-bash-completion-3.19.1-150000.1.57.1
* SUSE Package Hub 15 15-SP6 (noarch)
* helm-fish-completion-3.19.1-150000.1.57.1
* SUSE Package Hub 15 15-SP7 (noarch)
* helm-fish-completion-3.19.1-150000.1.57.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* helm-debuginfo-3.19.1-150000.1.57.1
* helm-3.19.1-150000.1.57.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* helm-zsh-completion-3.19.1-150000.1.57.1
* helm-bash-completion-3.19.1-150000.1.57.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* helm-debuginfo-3.19.1-150000.1.57.1
* helm-3.19.1-150000.1.57.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* helm-zsh-completion-3.19.1-150000.1.57.1
* helm-bash-completion-3.19.1-150000.1.57.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* helm-debuginfo-3.19.1-150000.1.57.1
* helm-3.19.1-150000.1.57.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* helm-zsh-completion-3.19.1-150000.1.57.1
* helm-bash-completion-3.19.1-150000.1.57.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* helm-debuginfo-3.19.1-150000.1.57.1
* helm-3.19.1-150000.1.57.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* helm-zsh-completion-3.19.1-150000.1.57.1
* helm-bash-completion-3.19.1-150000.1.57.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* helm-debuginfo-3.19.1-150000.1.57.1
* helm-3.19.1-150000.1.57.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* helm-zsh-completion-3.19.1-150000.1.57.1
* helm-bash-completion-3.19.1-150000.1.57.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
* helm-debuginfo-3.19.1-150000.1.57.1
* helm-3.19.1-150000.1.57.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
* helm-zsh-completion-3.19.1-150000.1.57.1
* helm-bash-completion-3.19.1-150000.1.57.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* helm-debuginfo-3.19.1-150000.1.57.1
* helm-3.19.1-150000.1.57.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* helm-zsh-completion-3.19.1-150000.1.57.1
* helm-bash-completion-3.19.1-150000.1.57.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* helm-debuginfo-3.19.1-150000.1.57.1
* helm-3.19.1-150000.1.57.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* helm-zsh-completion-3.19.1-150000.1.57.1
* helm-bash-completion-3.19.1-150000.1.57.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* helm-debuginfo-3.19.1-150000.1.57.1
* helm-3.19.1-150000.1.57.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* helm-zsh-completion-3.19.1-150000.1.57.1
* helm-bash-completion-3.19.1-150000.1.57.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* helm-debuginfo-3.19.1-150000.1.57.1
* helm-3.19.1-150000.1.57.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* helm-zsh-completion-3.19.1-150000.1.57.1
* helm-bash-completion-3.19.1-150000.1.57.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* helm-debuginfo-3.19.1-150000.1.57.1
* helm-3.19.1-150000.1.57.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* helm-zsh-completion-3.19.1-150000.1.57.1
* helm-bash-completion-3.19.1-150000.1.57.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* helm-debuginfo-3.19.1-150000.1.57.1
* helm-3.19.1-150000.1.57.1
* SUSE Enterprise Storage 7.1 (noarch)
* helm-zsh-completion-3.19.1-150000.1.57.1
* helm-bash-completion-3.19.1-150000.1.57.1

## References:

* https://www.suse.com/security/cve/CVE-2025-47911.html
* https://www.suse.com/security/cve/CVE-2025-53547.html
* https://www.suse.com/security/cve/CVE-2025-58190.html
* https://bugzilla.suse.com/show_bug.cgi?id=1246152
* https://bugzilla.suse.com/show_bug.cgi?id=1251442
* https://bugzilla.suse.com/show_bug.cgi?id=1251649

SUSE-SU-2025:4191-1: important: Security update for amazon-ssm-agent

# Security update for amazon-ssm-agent

Announcement ID: SUSE-SU-2025:4191-1
Release Date: 2025-11-24T09:22:27Z
Rating: important
References:

* bsc#1253611

Cross-References:

* CVE-2025-47913

CVSS scores:

* CVE-2025-47913 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-47913 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-47913 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.6
* Public Cloud Module 15-SP3
* Public Cloud Module 15-SP4
* Public Cloud Module 15-SP5
* Public Cloud Module 15-SP6
* Public Cloud Module 15-SP7
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Manager Proxy 4.2
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.2
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for amazon-ssm-agent fixes the following issues:

* CVE-2025-47913: Fixed a bug in the client process termination when receiving
an unexpected message type in response to a key listing or signing request.
(bsc#1253598)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-4191=1

* Public Cloud Module 15-SP3
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-4191=1

* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-4191=1

* Public Cloud Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-4191=1

* Public Cloud Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-4191=1

* Public Cloud Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP7-2025-4191=1

## Package List:

* openSUSE Leap 15.6 (aarch64 x86_64)
* amazon-ssm-agent-3.3.1611.0-150000.5.26.1
* Public Cloud Module 15-SP3 (aarch64 x86_64)
* amazon-ssm-agent-3.3.1611.0-150000.5.26.1
* Public Cloud Module 15-SP4 (aarch64 x86_64)
* amazon-ssm-agent-3.3.1611.0-150000.5.26.1
* Public Cloud Module 15-SP5 (aarch64 x86_64)
* amazon-ssm-agent-3.3.1611.0-150000.5.26.1
* Public Cloud Module 15-SP6 (aarch64 x86_64)
* amazon-ssm-agent-3.3.1611.0-150000.5.26.1
* Public Cloud Module 15-SP7 (aarch64 x86_64)
* amazon-ssm-agent-3.3.1611.0-150000.5.26.1

## References:

* https://www.suse.com/security/cve/CVE-2025-47913.html
* https://bugzilla.suse.com/show_bug.cgi?id=1253611

SUSE-SU-2025:4195-1: important: Security update for MozillaThunderbird

# Security update for MozillaThunderbird

Announcement ID: SUSE-SU-2025:4195-1
Release Date: 2025-11-24T10:54:03Z
Rating: important
References:

* bsc#1253188

Cross-References:

* CVE-2025-13012
* CVE-2025-13013
* CVE-2025-13014
* CVE-2025-13015
* CVE-2025-13016
* CVE-2025-13017
* CVE-2025-13018
* CVE-2025-13019
* CVE-2025-13020

CVSS scores:

* CVE-2025-13012 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-13012 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-13013 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-13013 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-13014 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-13014 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-13015 ( SUSE ): 3.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
* CVE-2025-13015 ( NVD ): 3.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
* CVE-2025-13016 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-13016 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-13017 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-13017 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
* CVE-2025-13018 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-13018 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
* CVE-2025-13019 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-13019 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
* CVE-2025-13020 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2025-13020 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Linux Enterprise Workstation Extension 15 SP6
* SUSE Linux Enterprise Workstation Extension 15 SP7
* SUSE Package Hub 15 15-SP6
* SUSE Package Hub 15 15-SP7

An update that solves nine vulnerabilities can now be installed.

## Description:

This update for MozillaThunderbird fixes the following issues:

* Update Mozilla Thunderbird to version 140.5 (bsc#1253188)
* CVE-2025-13012: Race condition in the Graphics component.
* CVE-2025-13016: Incorrect boundary conditions in the JavaScript: WebAssembly
component.
* CVE-2025-13017: Same-origin policy bypass in the DOM: Notifications
component.
* CVE-2025-13018: Mitigation bypass in the DOM: Security component.
* CVE-2025-13019: Same-origin policy bypass in the DOM: Workers component.
* CVE-2025-13013: Mitigation bypass in the DOM: Core & HTML component.
* CVE-2025-13020: Use-after-free in the WebRTC: Audio/Video component.
* CVE-2025-13014: Use-after-free in the Audio/Video component.
* CVE-2025-13015: Spoofing issue in Thunderbird.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-4195=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-4195=1

* SUSE Package Hub 15 15-SP7
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4195=1

* SUSE Linux Enterprise Workstation Extension 15 SP6
zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-4195=1

* SUSE Linux Enterprise Workstation Extension 15 SP7
zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2025-4195=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* MozillaThunderbird-translations-other-140.5.0-150200.8.245.1
* MozillaThunderbird-debuginfo-140.5.0-150200.8.245.1
* MozillaThunderbird-debugsource-140.5.0-150200.8.245.1
* MozillaThunderbird-140.5.0-150200.8.245.1
* MozillaThunderbird-translations-common-140.5.0-150200.8.245.1
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x)
* MozillaThunderbird-translations-other-140.5.0-150200.8.245.1
* MozillaThunderbird-debuginfo-140.5.0-150200.8.245.1
* MozillaThunderbird-debugsource-140.5.0-150200.8.245.1
* MozillaThunderbird-140.5.0-150200.8.245.1
* MozillaThunderbird-translations-common-140.5.0-150200.8.245.1
* SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x)
* MozillaThunderbird-translations-other-140.5.0-150200.8.245.1
* MozillaThunderbird-debuginfo-140.5.0-150200.8.245.1
* MozillaThunderbird-debugsource-140.5.0-150200.8.245.1
* MozillaThunderbird-140.5.0-150200.8.245.1
* MozillaThunderbird-translations-common-140.5.0-150200.8.245.1
* SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
* MozillaThunderbird-translations-other-140.5.0-150200.8.245.1
* MozillaThunderbird-debuginfo-140.5.0-150200.8.245.1
* MozillaThunderbird-debugsource-140.5.0-150200.8.245.1
* MozillaThunderbird-140.5.0-150200.8.245.1
* MozillaThunderbird-translations-common-140.5.0-150200.8.245.1
* SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64)
* MozillaThunderbird-translations-other-140.5.0-150200.8.245.1
* MozillaThunderbird-debuginfo-140.5.0-150200.8.245.1
* MozillaThunderbird-debugsource-140.5.0-150200.8.245.1
* MozillaThunderbird-140.5.0-150200.8.245.1
* MozillaThunderbird-translations-common-140.5.0-150200.8.245.1

## References:

* https://www.suse.com/security/cve/CVE-2025-13012.html
* https://www.suse.com/security/cve/CVE-2025-13013.html
* https://www.suse.com/security/cve/CVE-2025-13014.html
* https://www.suse.com/security/cve/CVE-2025-13015.html
* https://www.suse.com/security/cve/CVE-2025-13016.html
* https://www.suse.com/security/cve/CVE-2025-13017.html
* https://www.suse.com/security/cve/CVE-2025-13018.html
* https://www.suse.com/security/cve/CVE-2025-13019.html
* https://www.suse.com/security/cve/CVE-2025-13020.html
* https://bugzilla.suse.com/show_bug.cgi?id=1253188

SUSE-SU-2025:4196-1: moderate: Security update for grub2

# Security update for grub2

Announcement ID: SUSE-SU-2025:4196-1
Release Date: 2025-11-24T10:54:35Z
Rating: moderate
References:

* bsc#1236744
* bsc#1241132
* bsc#1245953
* bsc#1252269
* bsc#1252930
* bsc#1252931
* bsc#1252932
* bsc#1252933
* bsc#1252934
* bsc#1252935

Cross-References:

* CVE-2025-54770
* CVE-2025-54771
* CVE-2025-61661
* CVE-2025-61662
* CVE-2025-61663
* CVE-2025-61664

CVSS scores:

* CVE-2025-54770 ( SUSE ): 2.1
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-54770 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-54770 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-54771 ( SUSE ): 2.1
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-54771 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-54771 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-61661 ( SUSE ): 4.3
CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-61661 ( SUSE ): 4.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-61661 ( NVD ): 4.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-61662 ( SUSE ): 2.1
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-61662 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-61662 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-61663 ( SUSE ): 2.1
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-61663 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-61663 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-61664 ( SUSE ): 2.1
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-61664 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-61664 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Affected Products:

* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* Server Applications Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves six vulnerabilities and has four security fixes can now be
installed.

## Description:

This update for grub2 fixes the following issues:

* CVE-2025-54770: Fixed missing unregister call for net_set_vlan command may
lead to use-after-free (bsc#1252930)
* CVE-2025-54771: Fixed rub_file_close() does not properly controls the fs
refcount (bsc#1252931)
* CVE-2025-61661: Fixed out-of-bounds write in grub_usb_get_string() function
(bsc#1252932)
* CVE-2025-61662: Fixed missing unregister call for gettext command may lead
to use-after-free (bsc#1252933)
* CVE-2025-61663: Fixed missing unregister call for normal commands may lead
to use-after-free (bsc#1252934)
* CVE-2025-61664: Fixed missing unregister call for normal_exit command may
lead to use-after-free (bsc#1252935)

Other fixes:

* Bump upstream SBAT generation to 6
* Fix timeout when loading initrd via http after PPC CAS reboot (bsc#1245953)
* Fix PPC CAS reboot failure work when initiated via submenu (bsc#1241132)
* Fix out of memory issue on PowerPC by increasing RMA size (bsc#1236744,
bsc#1252269)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-4196=1 openSUSE-SLE-15.6-2025-4196=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-4196=1

* Server Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-4196=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* grub2-2.12-150600.8.44.2
* grub2-debuginfo-2.12-150600.8.44.2
* grub2-branding-upstream-2.12-150600.8.44.2
* openSUSE Leap 15.6 (aarch64 s390x x86_64 i586)
* grub2-debugsource-2.12-150600.8.44.2
* openSUSE Leap 15.6 (noarch)
* grub2-i386-xen-2.12-150600.8.44.2
* grub2-arm64-efi-extras-2.12-150600.8.44.2
* grub2-snapper-plugin-2.12-150600.8.44.2
* grub2-i386-pc-debug-2.12-150600.8.44.2
* grub2-i386-efi-2.12-150600.8.44.2
* grub2-systemd-sleep-plugin-2.12-150600.8.44.2
* grub2-x86_64-xen-debug-2.12-150600.8.44.2
* grub2-x86_64-xen-2.12-150600.8.44.2
* grub2-powerpc-ieee1275-extras-2.12-150600.8.44.2
* grub2-x86_64-efi-2.12-150600.8.44.2
* grub2-i386-efi-debug-2.12-150600.8.44.2
* grub2-i386-pc-extras-2.12-150600.8.44.2
* grub2-powerpc-ieee1275-2.12-150600.8.44.2
* grub2-x86_64-efi-debug-2.12-150600.8.44.2
* grub2-i386-pc-2.12-150600.8.44.2
* grub2-x86_64-xen-extras-2.12-150600.8.44.2
* grub2-i386-xen-debug-2.12-150600.8.44.2
* grub2-x86_64-efi-extras-2.12-150600.8.44.2
* grub2-powerpc-ieee1275-debug-2.12-150600.8.44.2
* grub2-i386-xen-extras-2.12-150600.8.44.2
* grub2-s390x-emu-extras-2.12-150600.8.44.2
* grub2-arm64-efi-2.12-150600.8.44.2
* grub2-arm64-efi-debug-2.12-150600.8.44.2
* grub2-i386-efi-extras-2.12-150600.8.44.2
* openSUSE Leap 15.6 (s390x)
* grub2-s390x-emu-debug-2.12-150600.8.44.2
* grub2-s390x-emu-2.12-150600.8.44.2
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* grub2-2.12-150600.8.44.2
* grub2-debuginfo-2.12-150600.8.44.2
* Basesystem Module 15-SP6 (noarch)
* grub2-i386-pc-2.12-150600.8.44.2
* grub2-systemd-sleep-plugin-2.12-150600.8.44.2
* grub2-arm64-efi-2.12-150600.8.44.2
* grub2-snapper-plugin-2.12-150600.8.44.2
* grub2-x86_64-efi-2.12-150600.8.44.2
* grub2-powerpc-ieee1275-2.12-150600.8.44.2
* Basesystem Module 15-SP6 (aarch64 s390x x86_64)
* grub2-debugsource-2.12-150600.8.44.2
* Basesystem Module 15-SP6 (s390x)
* grub2-s390x-emu-2.12-150600.8.44.2
* Server Applications Module 15-SP6 (noarch)
* grub2-x86_64-xen-2.12-150600.8.44.2

## References:

* https://www.suse.com/security/cve/CVE-2025-54770.html
* https://www.suse.com/security/cve/CVE-2025-54771.html
* https://www.suse.com/security/cve/CVE-2025-61661.html
* https://www.suse.com/security/cve/CVE-2025-61662.html
* https://www.suse.com/security/cve/CVE-2025-61663.html
* https://www.suse.com/security/cve/CVE-2025-61664.html
* https://bugzilla.suse.com/show_bug.cgi?id=1236744
* https://bugzilla.suse.com/show_bug.cgi?id=1241132
* https://bugzilla.suse.com/show_bug.cgi?id=1245953
* https://bugzilla.suse.com/show_bug.cgi?id=1252269
* https://bugzilla.suse.com/show_bug.cgi?id=1252930
* https://bugzilla.suse.com/show_bug.cgi?id=1252931
* https://bugzilla.suse.com/show_bug.cgi?id=1252932
* https://bugzilla.suse.com/show_bug.cgi?id=1252933
* https://bugzilla.suse.com/show_bug.cgi?id=1252934
* https://bugzilla.suse.com/show_bug.cgi?id=1252935

SUSE-SU-2025:4199-1: important: Security update for the Linux Kernel (Live Patch 33 for SUSE Linux Enterprise 15 SP4)

# Security update for the Linux Kernel (Live Patch 33 for SUSE Linux Enterprise
15 SP4)

Announcement ID: SUSE-SU-2025:4199-1
Release Date: 2025-11-24T12:33:54Z
Rating: important
References:

* bsc#1242882
* bsc#1245778
* bsc#1251983

Cross-References:

* CVE-2023-53673
* CVE-2024-53141
* CVE-2025-23145

CVSS scores:

* CVE-2023-53673 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53673 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53141 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-53141 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53141 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-23145 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-23145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-23145 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4

An update that solves three vulnerabilities can now be installed.

## Description:

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.141 fixes
various security issues

The following security issues were fixed:

* CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before
deleting conn (bsc#1251983).
* CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt
(bsc#1245778).
* CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow
(bsc#1242882).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-4199=1

* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-4199=1

## Package List:

* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-18-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_33-debugsource-18-150400.2.1
* kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-18-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_33-debugsource-18-150400.2.1
* kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1

## References:

* https://www.suse.com/security/cve/CVE-2023-53673.html
* https://www.suse.com/security/cve/CVE-2024-53141.html
* https://www.suse.com/security/cve/CVE-2025-23145.html
* https://bugzilla.suse.com/show_bug.cgi?id=1242882
* https://bugzilla.suse.com/show_bug.cgi?id=1245778
* https://bugzilla.suse.com/show_bug.cgi?id=1251983

openSUSE-SU-2025:0439-1: important: Security update for tcpreplay

openSUSE Security Update: Security update for tcpreplay
_______________________________

Announcement ID: openSUSE-SU-2025:0439-1
Rating: important
References: #1218249 #1221324 #1222131 #1243845 #1247919
#1248322 #1248595 #1248596 #1248597 #1248964
#1250356
Cross-References: CVE-2023-4256 CVE-2023-43279 CVE-2024-22654
CVE-2024-3024 CVE-2025-51006 CVE-2025-8746
CVE-2025-9157 CVE-2025-9384 CVE-2025-9385
CVE-2025-9386 CVE-2025-9649
CVSS scores:
CVE-2024-22654 (SUSE): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
CVE-2025-8746 (SUSE): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________

An update that fixes 11 vulnerabilities is now available.

Description:

This update for tcpreplay fixes the following issues:

- update to 4.5.2:
* features added since 4.4.4
- fix/recalculate header checksum for ipv6-frag
- IPv6 frag checksum support
- AF_XDP socket support
- tcpreplay -w (write into a pcap file)
- tcpreaplay --fixhdrlen
- --include and --exclude options
- SLL2 support
- Haiku support
* security fixes reported for 4.4.4 fixed in 4.5.2
- CVE-2023-4256 / boo#1218249
- CVE-2023-43279 / boo#1221324
- CVE-2024-3024 / boo#1222131 (likely)
- CVE-2024-22654 / boo#1243845
- CVE-2025-9157 / boo#1248322
- CVE-2025-9384 / boo#1248595
- CVE-2025-9385 / boo#1248596
- CVE-2025-9386 / boo#1248597
- CVE-2025-9649 / boo#1248964
- CVE-2025-51006 / boo#1250356
- security fix for CVE-2025-8746 / boo#1247919

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2025-439=1

Package List:

- openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64):

tcpreplay-4.5.2-bp156.2.3.1

References:

https://www.suse.com/security/cve/CVE-2023-4256.html
https://www.suse.com/security/cve/CVE-2023-43279.html
https://www.suse.com/security/cve/CVE-2024-22654.html
https://www.suse.com/security/cve/CVE-2024-3024.html
https://www.suse.com/security/cve/CVE-2025-51006.html
https://www.suse.com/security/cve/CVE-2025-8746.html
https://www.suse.com/security/cve/CVE-2025-9157.html
https://www.suse.com/security/cve/CVE-2025-9384.html
https://www.suse.com/security/cve/CVE-2025-9385.html
https://www.suse.com/security/cve/CVE-2025-9386.html
https://www.suse.com/security/cve/CVE-2025-9649.html
https://bugzilla.suse.com/1218249
https://bugzilla.suse.com/1221324
https://bugzilla.suse.com/1222131
https://bugzilla.suse.com/1243845
https://bugzilla.suse.com/1247919
https://bugzilla.suse.com/1248322
https://bugzilla.suse.com/1248595
https://bugzilla.suse.com/1248596
https://bugzilla.suse.com/1248597
https://bugzilla.suse.com/1248964
https://bugzilla.suse.com/1250356

SUSE-SU-2025:4203-1: important: Security update for the Linux Kernel (Live Patch 58 for SUSE Linux Enterprise 15 SP3)

# Security update for the Linux Kernel (Live Patch 58 for SUSE Linux Enterprise
15 SP3)

Announcement ID: SUSE-SU-2025:4203-1
Release Date: 2025-11-24T17:43:34Z
Rating: important
References:

* bsc#1245778
* bsc#1250295
* bsc#1251228
* bsc#1251983

Cross-References:

* CVE-2022-50388
* CVE-2022-50432
* CVE-2023-53673
* CVE-2024-53141

CVSS scores:

* CVE-2022-50388 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50388 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50432 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50432 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53673 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53673 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53141 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-53141 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53141 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.3
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise Live Patching 15-SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP3

An update that solves four vulnerabilities can now be installed.

## Description:

This update for the SUSE Linux Enterprise kernel 5.3.18-150300.59.207 fixes
various security issues

The following security issues were fixed:

* CVE-2022-50388: nvme: fix multipath crash caused by flush request when
blktrace is enabled (bsc#1250295).
* CVE-2022-50432: kernfs: fix use-after-free in __kernfs_remove (bsc#1251228).
* CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before
deleting conn (bsc#1251983).
* CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt
(bsc#1245778).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2025-4203=1 SUSE-2025-4204=1 SUSE-2025-4205=1
SUSE-2025-4210=1 SUSE-2025-4214=1 SUSE-2025-4216=1 SUSE-2025-4206=1

* SUSE Linux Enterprise Live Patching 15-SP3
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-4203=1 SUSE-SLE-
Module-Live-Patching-15-SP3-2025-4204=1 SUSE-SLE-Module-Live-
Patching-15-SP3-2025-4205=1 SUSE-SLE-Module-Live-Patching-15-SP3-2025-4210=1
SUSE-SLE-Module-Live-Patching-15-SP3-2025-4214=1 SUSE-SLE-Module-Live-
Patching-15-SP3-2025-4216=1 SUSE-SLE-Module-Live-Patching-15-SP3-2025-4206=1

## Package List:

* openSUSE Leap 15.3 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP3_Update_57-debugsource-10-150300.2.1
* kernel-livepatch-SLE15-SP3_Update_50-debugsource-18-150300.2.1
* kernel-livepatch-5_3_18-150300_59_204-default-debuginfo-10-150300.2.1
* kernel-livepatch-5_3_18-150300_59_188-default-15-150300.2.1
* kernel-livepatch-5_3_18-150300_59_201-default-debuginfo-10-150300.2.1
* kernel-livepatch-5_3_18-150300_59_198-default-12-150300.2.1
* kernel-livepatch-SLE15-SP3_Update_54-debugsource-12-150300.2.1
* kernel-livepatch-5_3_18-150300_59_188-default-debuginfo-15-150300.2.1
* kernel-livepatch-5_3_18-150300_59_198-default-debuginfo-12-150300.2.1
* kernel-livepatch-5_3_18-150300_59_207-default-debuginfo-9-150300.2.1
* kernel-livepatch-SLE15-SP3_Update_55-debugsource-12-150300.2.1
* kernel-livepatch-5_3_18-150300_59_195-default-debuginfo-12-150300.2.1
* kernel-livepatch-5_3_18-150300_59_204-default-10-150300.2.1
* kernel-livepatch-SLE15-SP3_Update_52-debugsource-15-150300.2.1
* kernel-livepatch-5_3_18-150300_59_195-default-12-150300.2.1
* kernel-livepatch-5_3_18-150300_59_182-default-debuginfo-18-150300.2.1
* kernel-livepatch-SLE15-SP3_Update_56-debugsource-10-150300.2.1
* kernel-livepatch-5_3_18-150300_59_201-default-10-150300.2.1
* kernel-livepatch-5_3_18-150300_59_207-default-9-150300.2.1
* kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1
* kernel-livepatch-SLE15-SP3_Update_58-debugsource-9-150300.2.1
* openSUSE Leap 15.3 (x86_64)
* kernel-livepatch-5_3_18-150300_59_207-preempt-debuginfo-9-150300.2.1
* kernel-livepatch-5_3_18-150300_59_204-preempt-10-150300.2.1
* kernel-livepatch-5_3_18-150300_59_188-preempt-15-150300.2.1
* kernel-livepatch-5_3_18-150300_59_195-preempt-12-150300.2.1
* kernel-livepatch-5_3_18-150300_59_201-preempt-debuginfo-10-150300.2.1
* kernel-livepatch-5_3_18-150300_59_198-preempt-debuginfo-12-150300.2.1
* kernel-livepatch-5_3_18-150300_59_207-preempt-9-150300.2.1
* kernel-livepatch-5_3_18-150300_59_182-preempt-18-150300.2.1
* kernel-livepatch-5_3_18-150300_59_188-preempt-debuginfo-15-150300.2.1
* kernel-livepatch-5_3_18-150300_59_195-preempt-debuginfo-12-150300.2.1
* kernel-livepatch-5_3_18-150300_59_182-preempt-debuginfo-18-150300.2.1
* kernel-livepatch-5_3_18-150300_59_198-preempt-12-150300.2.1
* kernel-livepatch-5_3_18-150300_59_204-preempt-debuginfo-10-150300.2.1
* kernel-livepatch-5_3_18-150300_59_201-preempt-10-150300.2.1
* SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
* kernel-livepatch-5_3_18-150300_59_198-default-12-150300.2.1
* kernel-livepatch-5_3_18-150300_59_204-default-10-150300.2.1
* kernel-livepatch-SLE15-SP3_Update_57-debugsource-10-150300.2.1
* kernel-livepatch-5_3_18-150300_59_201-default-10-150300.2.1
* kernel-livepatch-5_3_18-150300_59_207-default-debuginfo-9-150300.2.1
* kernel-livepatch-5_3_18-150300_59_207-default-9-150300.2.1
* kernel-livepatch-5_3_18-150300_59_195-default-12-150300.2.1
* kernel-livepatch-5_3_18-150300_59_204-default-debuginfo-10-150300.2.1
* kernel-livepatch-5_3_18-150300_59_188-default-15-150300.2.1
* kernel-livepatch-SLE15-SP3_Update_56-debugsource-10-150300.2.1
* kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1
* kernel-livepatch-SLE15-SP3_Update_58-debugsource-9-150300.2.1
* kernel-livepatch-5_3_18-150300_59_201-default-debuginfo-10-150300.2.1

## References:

* https://www.suse.com/security/cve/CVE-2022-50388.html
* https://www.suse.com/security/cve/CVE-2022-50432.html
* https://www.suse.com/security/cve/CVE-2023-53673.html
* https://www.suse.com/security/cve/CVE-2024-53141.html
* https://bugzilla.suse.com/show_bug.cgi?id=1245778
* https://bugzilla.suse.com/show_bug.cgi?id=1250295
* https://bugzilla.suse.com/show_bug.cgi?id=1251228
* https://bugzilla.suse.com/show_bug.cgi?id=1251983

SUSE-SU-2025:4213-1: important: Security update for the Linux Kernel (Live Patch 61 for SUSE Linux Enterprise 15 SP3)

# Security update for the Linux Kernel (Live Patch 61 for SUSE Linux Enterprise
15 SP3)

Announcement ID: SUSE-SU-2025:4213-1
Release Date: 2025-11-24T17:42:25Z
Rating: important
References:

* bsc#1250295
* bsc#1251228
* bsc#1251983

Cross-References:

* CVE-2022-50388
* CVE-2022-50432
* CVE-2023-53673

CVSS scores:

* CVE-2022-50388 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50388 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-50432 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-50432 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-53673 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53673 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.3
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise Live Patching 15-SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP3

An update that solves three vulnerabilities can now be installed.

## Description:

This update for the SUSE Linux Enterprise kernel 5.3.18-150300.59.218 fixes
various security issues

The following security issues were fixed:

* CVE-2022-50388: nvme: fix multipath crash caused by flush request when
blktrace is enabled (bsc#1250295).
* CVE-2022-50432: kernfs: fix use-after-free in __kernfs_remove (bsc#1251228).
* CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before
deleting conn (bsc#1251983).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2025-4213=1 SUSE-2025-4207=1

* SUSE Linux Enterprise Live Patching 15-SP3
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-4213=1 SUSE-SLE-
Module-Live-Patching-15-SP3-2025-4207=1

## Package List:

* openSUSE Leap 15.3 (ppc64le s390x x86_64)
* kernel-livepatch-5_3_18-150300_59_211-default-debuginfo-9-150300.2.1
* kernel-livepatch-5_3_18-150300_59_218-default-debuginfo-3-150300.2.1
* kernel-livepatch-SLE15-SP3_Update_59-debugsource-9-150300.2.1
* kernel-livepatch-5_3_18-150300_59_211-default-9-150300.2.1
* kernel-livepatch-5_3_18-150300_59_218-default-3-150300.2.1
* kernel-livepatch-SLE15-SP3_Update_61-debugsource-3-150300.2.1
* openSUSE Leap 15.3 (x86_64)
* kernel-livepatch-5_3_18-150300_59_218-preempt-debuginfo-3-150300.2.1
* kernel-livepatch-5_3_18-150300_59_218-preempt-3-150300.2.1
* kernel-livepatch-5_3_18-150300_59_211-preempt-debuginfo-9-150300.2.1
* kernel-livepatch-5_3_18-150300_59_211-preempt-9-150300.2.1
* SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
* kernel-livepatch-5_3_18-150300_59_218-default-3-150300.2.1
* kernel-livepatch-5_3_18-150300_59_211-default-debuginfo-9-150300.2.1
* kernel-livepatch-SLE15-SP3_Update_59-debugsource-9-150300.2.1
* kernel-livepatch-5_3_18-150300_59_211-default-9-150300.2.1

## References:

* https://www.suse.com/security/cve/CVE-2022-50388.html
* https://www.suse.com/security/cve/CVE-2022-50432.html
* https://www.suse.com/security/cve/CVE-2023-53673.html
* https://bugzilla.suse.com/show_bug.cgi?id=1250295
* https://bugzilla.suse.com/show_bug.cgi?id=1251228
* https://bugzilla.suse.com/show_bug.cgi?id=1251983

SUSE-SU-2025:4215-1: important: Security update for the Linux Kernel (Live Patch 35 for SUSE Linux Enterprise 15 SP4)

# Security update for the Linux Kernel (Live Patch 35 for SUSE Linux Enterprise
15 SP4)

Announcement ID: SUSE-SU-2025:4215-1
Release Date: 2025-11-24T17:43:06Z
Rating: important
References:

* bsc#1242882
* bsc#1245778
* bsc#1251983

Cross-References:

* CVE-2023-53673
* CVE-2024-53141
* CVE-2025-23145

CVSS scores:

* CVE-2023-53673 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2023-53673 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53141 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-53141 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53141 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-23145 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-23145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-23145 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4

An update that solves three vulnerabilities can now be installed.

## Description:

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.147 fixes
various security issues

The following security issues were fixed:

* CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before
deleting conn (bsc#1251983).
* CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt
(bsc#1245778).
* CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow
(bsc#1242882).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-4215=1 SUSE-2025-4211=1

* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-4215=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2025-4211=1

## Package List:

* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP4_Update_34-debugsource-17-150400.2.1
* kernel-livepatch-5_14_21-150400_24_144-default-17-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_35-debugsource-16-150400.2.1
* kernel-livepatch-5_14_21-150400_24_147-default-16-150400.2.1
* kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-17-150400.2.1
* kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-16-150400.2.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP4_Update_34-debugsource-17-150400.2.1
* kernel-livepatch-5_14_21-150400_24_144-default-17-150400.2.1
* kernel-livepatch-SLE15-SP4_Update_35-debugsource-16-150400.2.1
* kernel-livepatch-5_14_21-150400_24_147-default-16-150400.2.1
* kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-17-150400.2.1
* kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-16-150400.2.1

## References:

* https://www.suse.com/security/cve/CVE-2023-53673.html
* https://www.suse.com/security/cve/CVE-2024-53141.html
* https://www.suse.com/security/cve/CVE-2025-23145.html
* https://bugzilla.suse.com/show_bug.cgi?id=1242882
* https://bugzilla.suse.com/show_bug.cgi?id=1245778
* https://bugzilla.suse.com/show_bug.cgi?id=1251983

openSUSE-SU-2025:0437-1: important: Security update for act

openSUSE Security Update: Security update for act
_______________________________

Announcement ID: openSUSE-SU-2025:0437-1
Rating: important
References: #1253608
Cross-References: CVE-2025-47913
CVSS scores:
CVE-2025-47913 (SUSE): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for act fixes the following issues:

- CVE-2025-47913: Prevent panic in embedded golang.org/x/crypto/ssh/agent
client when receiving unexpected message types for key listing or
signing requests by returning a descriptive error instead. (boo#1253608)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2025-437=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

act-0.2.45-bp157.3.3.1

References:

https://www.suse.com/security/cve/CVE-2025-47913.html
https://bugzilla.suse.com/1253608

openSUSE-SU-2025:0438-1: important: Security update for libebml

openSUSE Security Update: Security update for libebml
_______________________________

Announcement ID: openSUSE-SU-2025:0438-1
Rating: important
References: #1218432
Cross-References: CVE-2023-52339
Affected Products:
openSUSE Backports SLE-15-SP6
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for libebml fixes the following issues:

- update to 1.4.5 (boo#1218432, CVE-2023-52339):
* Fix invalid memory access (reading beyond allocated memory) due to
missing integer overflow check.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2025-438=1

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2025-438=1

Package List:

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

libebml-debugsource-1.4.5-bp157.2.3.1
libebml-devel-1.4.5-bp157.2.3.1
libebml5-1.4.5-bp157.2.3.1
libebml5-debuginfo-1.4.5-bp157.2.3.1

- openSUSE Backports SLE-15-SP7 (aarch64_ilp32):

libebml5-64bit-1.4.5-bp157.2.3.1
libebml5-64bit-debuginfo-1.4.5-bp157.2.3.1

- openSUSE Backports SLE-15-SP7 (x86_64):

libebml5-32bit-1.4.5-bp157.2.3.1
libebml5-32bit-debuginfo-1.4.5-bp157.2.3.1

- openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64):

libebml-devel-1.4.5-bp156.3.3.1
libebml5-1.4.5-bp156.3.3.1

- openSUSE Backports SLE-15-SP6 (aarch64_ilp32):

libebml5-64bit-1.4.5-bp156.3.3.1

- openSUSE Backports SLE-15-SP6 (x86_64):

libebml5-32bit-1.4.5-bp156.3.3.1

References:

https://www.suse.com/security/cve/CVE-2023-52339.html
https://bugzilla.suse.com/1218432