SB2025102109 - SUSE update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP7) 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025102109

SB2025102109 - SUSE update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP7)

Published: October 21, 2025

Security Bulletin ID SB2025102109
Severity
Low
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Local access
Highest impact Denial of service

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2025-38499)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the clone_private_mount() function in fs/namespace.c. A local user can perform a denial of service (DoS) attack.


2) Resource management error (CVE-ID: CVE-2025-38566)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the svc_tcp_sock_process_cmsg(), svc_tcp_read_msg() and svc_tcp_read_marker() functions in net/sunrpc/svcsock.c. A local user can perform a denial of service (DoS) attack.


3) Resource management error (CVE-ID: CVE-2025-38678)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the nf_tables_updchain() and nft_flowtable_update() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.


Remediation

Install update from vendor's website.

References