Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Critical Security Update for SUSE Kernel-Livepatch CVE-2025-21702 and More

suse
Calendar Grey August 28, 2025
Dist Suse Esm H88
This notice outlines essential security enhancements for openSUSE Tumbleweed, tackling several significant vulnerabilities that could impact the system.
* bsc#1245776 * bsc#1245793 * bsc#1245797 Cross-References:

Summary

## This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues: * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776) * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793) * CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-70=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-28-rt-3-3.1 * kernel-livepatch-MICRO-6-0-RT_Update_6-debugsource-3-3.1

References

* bsc#1245776

* bsc#1245793

* bsc#1245797

Cross-

* CVE-2025-21702

* CVE-2025-37752

* CVE-2025-37797

CVSS scores:

* CVE-2025-21702 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* SUSE Linux Micro 6.0

An update that solves three vulnerabilities can now be installed.

##

* https://www.suse.com/security/cve/CVE-2025-21702.html

* https://www.suse.com/security/cve/CVE-2025-37752.html

* https://www.suse.com/security/cve/CVE-2025-37797.html

* https://bugzilla.suse.com/show_bug.cgi?id=1245776

* https://bugzilla.suse.com/show_bug.cgi?id=1245793

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:20581-1
Release Date: 2025-08-25T12:45:12Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here