This update for the SUSE Linux Enterprise kernel 6.4.0-150700.5 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).