SUSE-SU-2025:0229-1

Source
https://www.suse.com/support/update/announcement/2025/suse-su-20250229-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:0229-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2025:0229-1
Related
Published
2025-01-24T10:10:25Z
Modified
2025-05-02T04:30:27.459121Z
Upstream
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332).
  • CVE-2022-48742: rtnetlink: make sure to refresh masterdev/mops in _rtnlnewlink() (bsc#1226694).
  • CVE-2022-49033: btrfs: qgroup: fix sleep from invalid context bug in btrfsqgroupinherit() (bsc#1232045).
  • CVE-2023-1382: Fixed denial of service in tipcconnclose (bsc#1209288).
  • CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking (bsc#1232823).
  • CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044).
  • CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfcworkerwake_up() (bsc#1225820).
  • CVE-2024-36915: nfc: llcp: fix nfcllcpsetsockopt() unsafe copies (bsc#1225758).
  • CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809).
  • CVE-2024-47666: scsi: pm80xx: Set phy->enable_completion only when we wait for it (bsc#1231453).
  • CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854).
  • CVE-2024-49944: sctp: set skstate back to CLOSED if autobind fails in sctplisten_start (bsc#1232166).
  • CVE-2024-49952: netfilter: nftables: prevent nfskb_duplicated corruption (bsc#1232157).
  • CVE-2024-50018: net: napi: Prevent overflow of napideferhard_irqs (bsc#1232419).
  • CVE-2024-50143: udf: fix uninit-value use in udfgetfileshortad (bsc#1233038).
  • CVE-2024-50166: fsl/fman: Fix refcount handling of fman-related devices (bsc#1233050).
  • CVE-2024-50181: clk: imx: Remove CLKSETPARENT_GATE for DRAM mux for i.MX7D (bsc#1233127).
  • CVE-2024-50202: nilfs2: propagate directory read errors from nilfsfindentry() (bsc#1233324).
  • CVE-2024-50211: udf: refactor inode_bmap() to handle error (bsc#1233096).
  • CVE-2024-50256: netfilter: nfrejectipv6: fix potential crash in nfsendreset6() (bsc#1233200).
  • CVE-2024-50262: bpf: Fix out-of-bounds write in triegetnext_key() (bsc#1233239).
  • CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485).
  • CVE-2024-53051: drm/i915/hdcp: Add encoder check in intelhdcpget_capability (bsc#1233547).
  • CVE-2024-53055: wifi: iwlwifi: mvm: fix 6 GHz scan construction (bsc#1233550).
  • CVE-2024-53056: drm/mediatek: Fix potential NULL dereference in mtkcrtcdestroy() (bsc#1233568).
  • CVE-2024-53064: idpf: fix idpfvccore_init error path (bsc#1233558).
  • CVE-2024-53072: platform/x86/amd/pmc: Detect when STB is not available (bsc#1233564).
  • CVE-2024-53090: afs: Fix lock recursion (bsc#1233637).
  • CVE-2024-53101: fs: Fix uninitialized value issue in fromkuid and fromkgid (bsc#1233769).
  • CVE-2024-53113: mm: fix NULL pointer dereference in allocpagesbulk_noprof (bsc#1234077).
  • CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072).
  • CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073).
  • CVE-2024-53122: mptcp: cope racing subflow creation in mptcprcvspace_adjust (bsc#1234076).
  • CVE-2024-53125: bpf: synclinkedregs() must preserve subreg_def (bsc#1234156).
  • CVE-2024-53130: nilfs2: fix null-ptr-deref in blockdirtybuffer tracepoint (bsc#1234219).
  • CVE-2024-53131: nilfs2: fix null-ptr-deref in blocktouchbuffer tracepoint (bsc#1234220).
  • CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853).
  • CVE-2024-53150: ALSA: usb-audio: Fix out of bounds reads when finding clock sources (bsc#1234834).
  • CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice() (bsc#1234846).
  • CVE-2024-53157: firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (bsc#1234827).
  • CVE-2024-53158: soc: qcom: geni-se: fix array underflow in geniseclktblget() (bsc#1234811).
  • CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856).
  • CVE-2024-53162: crypto: qat/qat4xxx - fix off by one in uofget_name() (bsc#1234843).
  • CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891).
  • CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921).
  • CVE-2024-53210: s390/iucv: MSGPEEK causes memory leak in iucvsock_destruct() (bsc#1234971).
  • CVE-2024-53213: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (bsc#1234973).
  • CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004).
  • CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054).
  • CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281).
  • CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (bsc#1234282).
  • CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiexconfigscan() (bsc#1234963).
  • CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073).
  • CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912).
  • CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035).
  • CVE-2024-56571: media: uvcvideo: Require entities to have a non-zero unique ID (bsc#1235037).
  • CVE-2024-56575: media: imx-jpeg: Ensure power suppliers be suspended before detach them (bsc#1235039).
  • CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220).
  • CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcommsockalloc() (bsc#1235056).
  • CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2capsockcreate() (bsc#1235061).
  • CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfsfindentry() (bsc#1235224).
  • CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHEVOLUMECREATING (bsc#1234920).

The following non-security bugs were fixed:

  • ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294)
  • amd_hsmp: Add HSMP protocol version 5 messages (jsc#PED-1295).
  • arm64: dts: allwinner: pinephone: Add mount matrix to accelerometer (git-fixes).
  • arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (git-fixes).
  • arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc (git-fixes).
  • arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator (git-fixes).
  • arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion (git-fixes).
  • arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (git-fixes).
  • arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605)
  • autofs: fix memory leak of waitqueues in autofscatatonicmode (git-fixes).
  • autofs: use flexible array in ioctl structure (git-fixes).
  • devlink: allow registering parameters after the instance (bsc#1231388 bsc#1230422).
  • devlink: do not require setting features before registration (bsc#1231388 bsc#1230422).
  • dma-fence: Fix reference leak on fence merge failure path (git-fixes).
  • dmaengine: idxd: add wq driver name support for accel-config user tool (bsc#1234357).
  • dmaengine: idxd: Check for driver name match before sva user feature (bsc#1234357).
  • Documentation: Add x86/amd_hsmp driver (jsc#PED-1295).
  • Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git-fixes).
  • drm/sti: Add _iomem for mixerdbg_mxn's parameter (git-fixes).
  • drm/v3d: Enable Performance Counters before clearing them (git-fixes).
  • exfat: fix uninit-value in _exfatgetdentryset (git-fixes).
  • hfsplus: do not query the device logical block size multiple times (git-fixes).
  • idpf: add support for SW triggered interrupts (bsc#1235507).
  • idpf: enable WBONITR (bsc#1235507).
  • idpf: trigger SW interrupt when exiting wbonitr mode (bsc#1235507).
  • ipc/sem: Fix dangling sem_array access in semtimedop race (bsc#1234727).
  • jffs2: Fix rtime decompressor (git-fixes).
  • jffs2: fix use of uninitialized variable (git-fixes).
  • jffs2: Prevent rtime decompress memory corruption (git-fixes).
  • jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (git-fixes).
  • jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes).
  • jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes).
  • jfs: fix shift-out-of-bounds in dbSplit (git-fixes).
  • jfs: xattr: check invalid xattr size more strictly (git-fixes).
  • kabi/severities: ignore intermodule symbols between fslfman and fsldpaa_eth
  • kobject: Add sanity check for kset->kobj.ktype in kset_register() (bsc#1234639).
  • KVM: x86: fix sending PV IPI (git-fixes).
  • memory: tegra: Add API for retrieving carveout bounds (jsc#PED-1763).
  • mm/kfence: reset PGslab and memcgdata before freeing _kfencepool (bsc#1234120).
  • mmc: core: Further prevent card detect during shutdown (git-fixes).
  • net: mana: Increase the DEFRXBUFFERSPERQUEUE to 1024 (bsc#1235246).
  • net/ipv6: release expired exception dst cached in socket (bsc#1216813).
  • NFS/pnfs: Fix a live lock between recalled layouts and layoutget (git-fixes).
  • NFSD: Fix nfsd4shutdowncopy() (git-fixes).
  • nfsd: make sure exp active before svcexportshow (git-fixes).
  • NFSD: Move fillprewcc() and fillpostwcc() (bsc#1234650 bsc#1233701 bsc#1232472).
  • NFSD: Prevent a potential integer overflow (git-fixes).
  • NFSD: Prevent NULL dereference in nfsd4processcb_update() (git-fixes).
  • NFSD: reduce locking in nfsd_lookup() (bsc#1234650 bsc#1233701 bsc#1232472).
  • nfsd: remove unsafe BUGON from setchange_info (bsc#1234650 bsc#1233701 bsc#1232472).
  • nfsd: restore callback functionality for NFSv4.0 (git-fixes).
  • NFSv4.0: Fix a use-after-free problem in the asynchronous open() (git-fixes).
  • nilfs2: fix potential out-of-bounds memory access in nilfsfindentry() (git-fixes).
  • nilfs2: prevent use of deleted inode (git-fixes).
  • ocfs2: uncache inode which has failed entering the group (bsc#1234087).
  • PCI: vmd: Fix secondary bus reset for Intel bridges (git-fixes).
  • phy: tegra: p2u: Set ENABLEL2EXITRATECHANGE in calibration (jsc#PED-1763).
  • platform/x86: Add AMD system management interface (jsc#PED-1295).
  • proc/softirqs: replace seqprintf with seqputdecimalull_width (git-fixes).
  • pwm: tegra: Improve required rate calculation (jsc#PED-1763).
  • RDMA/hns: Disassociate mmap pages for all uctx when HW is being reset (git-fixes)
  • regmap: detach regmap from dev on regmap_exit (git-fixes).
  • scatterlist: fix incorrect func name in kernel-doc (git-fixes).
  • scripts/gitsort/gitsort.py: add tegra DRM and linux-pwm repo
  • scsi: storvsc: Do not flag MAINTENANCEIN return of SRBSTATUSDATAOVERRUN as an error (git-fixes).
  • serial: tegra: Read DMA status before terminating (jsc#PED-1763).
  • smb: client: fix TCP timers deadlock after rmmod (git-fixes) (bsc#1233642).
  • spi: mpc52xx: Add cancelworksync before module remove (git-fixes).
  • SUNRPC: make sure cache entry active before cache_show (git-fixes).
  • sunrpc: simplify two-level sysctl registration for svcrdmaparmtable (git-fixes).
  • svcrdma: Address an integer overflow (git-fixes).
  • svcrdma: fix miss destroy percpucounter in svcrdmaprocinit() (git-fixes).
  • tpmtisspi: Release chip select when flow control fails (bsc#1234338)
  • ubifs: authentication: Fix use-after-free in ubifstncend_commit (git-fixes).
  • ubifs: Correct the total block count by deducting journal reservation (git-fixes).
  • udf: Handle error when adding extent to a file (bsc#1234437).
  • udf: refactor udfcurrentaext() to handle error (bsc#1234240).
  • udf: refactor udfnextaext() to handle error (bsc#1234241).
  • usb: roles: Call trymoduleget() from usbroleswitchfindby_fwnode() (git-fixes).
  • usb: typec: tps6598x: Fix return value check in tps6598x_probe() (git-fixes).
  • x86: Annotate callonstack() (git-fixes).
  • x86/bug: Merge annotatereachable() into _BUGFLAGS() asm (git-fixes).
  • x86/fpu: Remove unused supervisor only offsets (git-fixes).
  • x86/fpu/xsave: Handle compacted offsets correctly with supervisor states (git-fixes).
  • x86/fpu/xstate: Fix the ARCHREQXCOMP_PERM implementation (git-fixes).
  • x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes).
  • x86/mce: Allow instrumentation during task work queueing (git-fixes).
  • x86/mce: Mark mce_end() noinstr (git-fixes).
  • x86/mce: Mark mce_panic() noinstr (git-fixes).
  • x86/mce: Mark mcereadaux() noinstr (git-fixes).
  • x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes).
  • x86/mm: Flush global TLB when switching to trampoline page-table (git-fixes).
  • x86/sgx: Free backing memory after faulting the enclave page (git-fixes).
  • x86/sgx: Silence softlockup detection when releasing large enclaves (git-fixes).
  • x86/uaccess: Move variable into switch case statement (git-fixes).
  • xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909).
  • zonefs: fix zone report size in _zonefsio_error() (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Micro 5.5 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.13.82.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150500.13.82.1",
            "kernel-rt": "5.14.21-150500.13.82.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.5 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.13.82.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150500.13.82.1",
            "kernel-rt": "5.14.21-150500.13.82.1"
        }
    ]
}