CVE treatment

I have a general question about CVE: in most of case, if I found a CVE on mitre, I can find it on and see its status (pending, analysis, running, resolved, etc…).
Now, I found a CVE on mitre (, concerning the kernel but nothing on suse website (even in bugzilla). How can I be sure that this CVE does not impact my SLES (SLES12SP3 LTSS or SLES12SP5 for info) ?
When a CVE is created, what’s its way on SUSE side ? is there any way to check that SUSE treats it ?


@Frederic Hi, the kernel commit is for kernels > 5.13(?), you might need to open a Support Request about this, else did you see the announcement about this forum closing, perhaps a post to the new one may glean additional comments?

I didn’t see that forum is closing, thanks to highlighting that.