The SUSE 2025 Security Lowdown

Let’s be real—a “Security Report” doesn’t usually scream “fun weekend read.” But the SUSE Solution Security Risk Report 2025 (authored by our colleage Stoyan Manolov) is more than just a data dump. It’s a roadmap of how we’re navigating a digital world that’s getting faster, smarter, and—yes—a bit more crowded with vulnerabilities.

Here is the summary of what happened in 2025 and how SUSE is handling the open-source trenches.

Understanding the Volume 

If you look at the charts, you might see a 35% increase in vulnerabilities impacting SUSE or openSUSE products. Before you worry, remember that this isn’t because the software is getting less secure; it’s because we’ve become much better at finding the cracks.

• The Kernel CNA Shift: In 2024, the Linux kernel team became its own CVE Numbering Authority (CNA). They now flag almost every security-related fix, including minor bugs that previously went unreported. Our team processed over 11,000 kernel CVEs in the last two years alone.
• The AI Double-Edge: Researchers are now using Large Language Models to simulate complex scenarios—like parallel execution bugs—that traditional scanners often miss. On the flip side, as more organizations use AI assistants to write code, new vulnerabilities can appear if security controls aren’t tight.

High-Impact Fixes 

We didn’t just watch the numbers; we got to work. Here are a few notable incidents we addressed this year:

• MadeYouReset (CVE-2025-8671): This HTTP/2 DoS attack involved an implementation flaw where servers continued processing streams even after a reset. We provided patches for affected packages like Netty, Jetty, and Tomcat.
• Training Solo & Branch Privilege Injection: Researchers found new transient execution attacks in Intel CPUs (like CVE-2024-45332). Mitigation required a combination of updated Intel CPU Microcode and kernel changes.
• Kerberos Configuration (CVE-2025-11561): A default SSSD configuration could have allowed privilege escalation on AD-joined Linux systems. We updated defaults to enable the local authentication plugin and disable insecure modules.

Security by the Numbers 

Security is a constant process. To keep systems protected, SUSE released a significant volume of updates in 2025:

• 197 Critical updates.
• 2,855 Important patches.
• 1,633 Moderate fixes.

We’ve also prioritized transparency by offering machine-readable CSAF 2.0 and OSV data, allowing you to automate your own security triage.

Trust and Reliability 

We don’t just say we’re secure; we prove it through industry-recognized certifications:

• Common Criteria (CC): SUSE Linux Enterprise Micro 5.3 attained CC Certification for the NIAP General Purpose OS protection profile.
• SOC 2 and SOC 3: We achieved these for both SUSE Corporate and Rancher Prime Hosted, providing an assessment of our organizational security controls.
• NIST FIPS 140-3: Attained for the SLES 15 SP6 OpenSSL 3 Cryptographic Module.
• ISO 27001 & 27701: Successfully renewed our certifications for information security and privacy excellence.

The bottom line? The threat landscape is evolving, but with proactive code reviews and a focus on transparency, SUSE remains committed to your security.

For the deep-dive technical details, you can find more information on our security blog.

🔗 Read the full report