SUSE-SU-2025:02334-1

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2021-47212: net/mlx5: Update error handler for UCTX and UMEM (bsc#1222709).
• CVE-2021-47455: ptp: Fix possible memory leak in ptpclockregister() (bsc#1225254).
• CVE-2021-47527: serial: core: fix transmit-buffer reset and memleak (bsc#1227768).
• CVE-2022-21546: scsi: target: Fix WRITE_SAME No Data Buffer crash (bsc#1242243).
• CVE-2022-49154: KVM: SVM: fix panic on out-of-bounds guest IRQ (bsc#1238167).
• CVE-2022-49622: netfilter: nftables: fix crash when nftrace is enabled (bsc#1239042).
• CVE-2022-49731: ata: libata-core: fix NULL pointer deref in atahostalloc_pinfo() (bsc#1239071).
• CVE-2022-49764: kABI: workaround 'bpf: Prevent bpf program recursion for raw tracepoint probes' changes (bsc#1242301).
• CVE-2022-49780: scsi: target: tcmloop: Fix possible name leak in tcmloopsetuphba_bus() (bsc#1242262).
• CVE-2022-49814: kcm: close race conditions on skreceivequeue (bsc#1242498).
• CVE-2022-49879: ext4: fix BUGON() when directory entry has invalid reclen (bsc#1242733).
• CVE-2022-49881: wifi: cfg80211: fix memory leak in queryregdbfile() (bsc#1242481).
• CVE-2022-49917: ipvs: fix WARNING in ipvsappnetcleanup() (bsc#1242406).
• CVE-2022-49921: net: sched: Fix use after free in red_enqueue() (bsc#1242359).
• CVE-2022-50055: iavf: Fix adminq error handling (bsc#1245039).
• CVE-2022-50087: firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails (bsc#1245119).
• CVE-2022-50134: RDMA/hfi1: fix potential memory leak in setupbasectxt() (bsc#1244802).
• CVE-2022-50200: selinux: Add boundary check in put_entry() (bsc#1245149).
• CVE-2023-52500: Fixed information leaking when processing OPCINBSETCONTROLLERCONFIG command (bsc#1220883).
• CVE-2023-52927: netfilter: allow exp not to be removed in nfctfind_expectation (bsc#1239644).
• CVE-2023-53020: l2tp: fix lockdep splat (bsc#1240224).
• CVE-2023-53090: drm/amdkfd: Fix an illegal memory access (bsc#1242753).
• CVE-2023-53091: ext4: update sjournalinum if it changes after journal replay (bsc#1242767).
• CVE-2023-53133: bpf, sockmap: Fix an infinite loop error when len is 0 in tcpbpfrecvmsg_parser() (bsc#1242423).
• CVE-2024-26586: mlxsw: spectrumacltcam: Fix stack corruption (bsc#1220243).
• CVE-2024-26825: nfc: nci: free rxdatareassembly skb on NCI device cleanup (bsc#1223065).
• CVE-2024-26872: RDMA/srpt: Do not register event handler until srpt device is fully setup (bsc#1223115).
• CVE-2024-26875: media: pvrusb2: fix uaf in pvr2contextset_notify (bsc#1223118).
• CVE-2024-35790: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group (bsc#1224712).
• CVE-2024-35839: kABI fix for netfilter: bridge: replace physindev with physinif in nfbridgeinfo (bsc#1224726).
• CVE-2024-38588: ftrace: Fix possible use-after-free issue in ftrace_location() (bsc#1226837).
• CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913).
• CVE-2025-21898: ftrace: Avoid potential division by zero in functionstatshow() (bsc#1240610).
• CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686).
• CVE-2025-21971: netsched: Prevent creation of classes with TCH_ROOT (bsc#1240799).
• CVE-2025-22035: tracing: Fix use-after-free in printgraphfunction_flags during tracer switching (bsc#1241544).
• CVE-2025-23149: tpm: do not start chip while suspended (bsc#1242758).
• CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515).
• CVE-2025-37757: tipc: fix memory leak in tipclinkxmit (bsc#1242521).
• CVE-2025-37781: i2c: cros-ec-tunnel: defer probe if parent EC is not present (bsc#1242575).
• CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).
• CVE-2025-37810: usb: dwc3: gadget: check that event count does not exceed event buffer length (bsc#1242906).
• CVE-2025-37836: PCI: Fix reference leak in pciregisterhost_bridge() (bsc#1242957).
• CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946).
• CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidfffindfields (bsc#1242982).
• CVE-2025-37892: mtd: inftlcore: Add error check for inftlreadoob() (bsc#1243536).
• CVE-2025-37911: bnxt_en: Fix out-of-bound memcpy() during ethtool -w (bsc#1243469).
• CVE-2025-37923: tracing: Fix oob write in traceseqto_buffer() (bsc#1243551).
• CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parseivrsacpihid (bsc#1243620).
• CVE-2025-37928: dm-bufio: do not schedule in atomic context (bsc#1243621).
• CVE-2025-37961: ipvs: fix uninit-value for saddr in dooutputroute4 (bsc#1243523).
• CVE-2025-37980: block: fix resource leak in blkregisterqueue() error path (bsc#1243522).
• CVE-2025-37982: wifi: wl1251: fix memory leak in wl1251txwork (bsc#1243524).
• CVE-2025-37992: netsched: Flush gsoskb list too during ->change() (bsc#1243698).
• CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827).
• CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836).
• CVE-2025-38000: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue() (bsc#1244277).
• CVE-2025-38004: can: bcm: add locking for bcm_op runtime updates (bsc#1244274).
• CVE-2025-38023: nfs: handle failure of nfsgetlock_context in unlock path (bsc#1245004).
• CVE-2025-38024: RDMA/rxe: Fix slab-use-after-free Read in rxequeuecleanup bug (bsc#1245025).
• CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgenthreadwrite() (bsc#1245440).
• CVE-2025-38072: libnvdimm/labels: Fix divide error in ndlabeldata_init() (bsc#1244743).
• CVE-2025-38078: ALSA: pcm: Fix race of buffer access at PCM OSS layer (bsc#1244737).
• CVE-2025-38083: netsched: prio: fix a race in priotune() (bsc#1245183).

The following non-security bugs were fixed:

• ftrace: Fix possible warning on checking all pages used in ftraceprocesslocs() (bsc#1226837).
• ftrace: Return the first found result in lookup_rec() (bsc#1226837).
• ftrace: Separate out functionality from ftracelocationrange() (bsc#1226837).
• ftrace: Zero out ftrace hashes when a module is removed (bsc#1226837).
• mnt: fix _detachmounts infinite loop (bsc#1242140).
• netsched: schfifo: implement lockless _fifodump() (bsc#1237312)
• netfilter: nf_tables: consolidate rule verdict trace call (bsc#1239042).
• netfilter: nftables: remove old nflog based tracing (bsc#1239042).
• scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).
• scsi: storvsc: Increase the timeouts to storvsc_timeout (bsc#1245455).
• tracing: Fix compilation warning on arm32 (bsc#1243551).