Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

SUSE-SU-2025:4302-1 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceSUSE-SU-2025:4302-1

SUSE-SU-2025:4302-1

UNKNOWN

Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7)

Published Nov 28, 2025

Modified 1 months ago

Fix available

Details

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.51 fixes various security issues

The following security issues were fixed:

CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882).
CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672).
CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537).

Affected Packages

kernel-livepatch-6_4_0-150700_51-default

SUSE Linux Enterprise Live Patching 15 SP7

Fixed in:

8-150700.3.21.2

kernel-livepatch-SLE15-SP7_Update_0

SUSE Linux Enterprise Live Patching 15 SP7

Fixed in:

8-150700.3.21.2

References

REPORThttps://bugzilla.suse.com/1242882 REPORThttps://bugzilla.suse.com/1248672 REPORThttps://bugzilla.suse.com/1249537 WEBhttps://www.suse.com/security/cve/CVE-2025-23145 WEBhttps://www.suse.com/security/cve/CVE-2025-38500 WEBhttps://www.suse.com/security/cve/CVE-2025-38616 ADVISORYhttps://www.suse.com/support/update/announcement/2025/suse-su-20254302-1/

Upstream

CVE-2025-23145 CVE-2025-38500 CVE-2025-38616

Related

CVE-2025-23145 CVE-2025-38500 CVE-2025-38616

Ecosystems

SUSE Linux Enterprise Live Patching 15 SP7

Timeline

PublishedNov 28, 2025

ModifiedNov 28, 2025