{"affected":[{"ecosystem_specific":{"binaries":[{"kernel-livepatch-5_14_21-150500_55_110-default":"4-150500.2.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Live Patching 15 SP5","name":"kernel-livepatch-SLE15-SP5_Update_27","purl":"pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_27&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4-150500.2.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for the Linux Kernel 5.14.21-150500_55_110 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235).\n- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775).\n- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791).\n- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1245805).\n- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030).\n","id":"SUSE-SU-2025:03195-1","modified":"2025-09-12T11:33:46Z","published":"2025-09-12T11:33:46Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202503195-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1244235"},{"type":"REPORT","url":"https://bugzilla.suse.com/1245775"},{"type":"REPORT","url":"https://bugzilla.suse.com/1245791"},{"type":"REPORT","url":"https://bugzilla.suse.com/1245805"},{"type":"REPORT","url":"https://bugzilla.suse.com/1246030"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21701"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-37890"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-38000"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-38001"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-38212"}],"related":["CVE-2025-21701","CVE-2025-37890","CVE-2025-38000","CVE-2025-38001","CVE-2025-38212"],"summary":"Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP5)","upstream":["CVE-2025-21701","CVE-2025-37890","CVE-2025-38000","CVE-2025-38001","CVE-2025-38212"]}