SB2025102113 - SUSE update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP7) 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025102113

SB2025102113 - SUSE update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP7)

Published: October 21, 2025

Security Bulletin ID SB2025102113
Severity
Low
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Double free (CVE-ID: CVE-2025-38206)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the exfat_free_upcase_table() function in fs/exfat/nls.c. A local user can perform a denial of service (DoS) attack.


2) Buffer overflow (CVE-ID: CVE-2025-38396)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the secretmem_file_create() function in mm/secretmem.c, within the anon_inode_make_secure_inode() and __anon_inode_getfile() functions in fs/anon_inodes.c. A local user can perform a denial of service (DoS) attack.


3) Use-after-free (CVE-ID: CVE-2025-38471)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tls_strp_read_sock() function in net/tls/tls_strp.c. A local user can escalate privileges on the system.


4) Input validation error (CVE-ID: CVE-2025-38499)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the clone_private_mount() function in fs/namespace.c. A local user can perform a denial of service (DoS) attack.


5) Resource management error (CVE-ID: CVE-2025-38566)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the svc_tcp_sock_process_cmsg(), svc_tcp_read_msg() and svc_tcp_read_marker() functions in net/sunrpc/svcsock.c. A local user can perform a denial of service (DoS) attack.


6) Use of uninitialized resource (CVE-ID: CVE-2025-38644)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the ieee80211_tdls_oper() function in net/mac80211/tdls.c. A local user can perform a denial of service (DoS) attack.


7) Resource management error (CVE-ID: CVE-2025-38678)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the nf_tables_updchain() and nft_flowtable_update() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.


Remediation

Install update from vendor's website.

References