The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed: - CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON(1) when dissolvefreehugetlbfolio() (bsc#1225707). - CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357: x86/process: Move the buffer clearing before MONITOR (bsc#1238896). - CVE-2024-42134: virtio-pci: Check if isavq is NULL (bsc#1228664 bsc#1247831). - CVE-2024-44963: btrfs: do not BUGON() when freeing tree block after error (bsc#1230216). - CVE-2024-56742: vfio/mlx5: Fix an unwind issue in mlx5vfaddmigrationpages() (bsc#1235613). - CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpurun() loop (bsc#1239061). - CVE-2025-21872: efi/mokvar-table: Avoid repeated map/unmap of the same page (bsc#1240323). - CVE-2025-23163: net: vlan: do not propagate flags on open (bsc#1242837). - CVE-2025-37856: btrfs: harden blockgroup::bglist against listdel() races (bsc#1243068). - CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965). - CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960). - CVE-2025-37920: kABI workaround for xsk: Fix race condition in AFXDP generic RX path (bsc#1243479). - CVE-2025-37984: crypto: ecdsa - Harden against integer overflows in DIVROUNDUP() (bsc#1243669). - CVE-2025-38034: btrfs: correct the order of prelimref arguments in btrfsprelimref (bsc#1244792). - CVE-2025-38035: nvmet-tcp: do not restore null skstatechange (bsc#1244801). - CVE-2025-38047: x86/fred: Fix system hang during S4 resume with FRED enabled (bsc#1245084). - CVE-2025-38051: smb: client: Fix use-after-free in cifsfilldirent (bsc#1244750). - CVE-2025-38058: _legitimizemnt(): check for MNTSYNCUMOUNT should be under mountlock (bsc#1245151). - CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgenthreadwrite() (bsc#1245440). - CVE-2025-38062: kABI: restore layout of struct msidesc (bsc#1245216). - CVE-2025-38063: dm: fix unconditional IO throttle caused by REQPREFLUSH (bsc#1245202). - CVE-2025-38064: virtio: break and reset virtio devices on deviceshutdown() (bsc#1245201). - CVE-2025-38074: vhost-scsi: protect vq->logused with vq->mutex (bsc#1244735). - CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macbhalttx (bsc#1245649). - CVE-2025-38097: kabi: restore encapsk in struct xfrmstate (bsc#1245660). - CVE-2025-38098: drm/amd/display: Do not treat wb connector as physical in (bsc#1245654). - CVE-2025-38099: Bluetooth: btusb: Fix regression in the initialization of fake Bluetooth controllers (bsc#1245671). - CVE-2025-38100: x86/iopl: Cure TIFIOBITMAP inconsistencies (bsc#1245650). - CVE-2025-38105: ALSA: usb-audio: Kill timer properly at removal (bsc#1245682). - CVE-2025-38106: iouring/sqpoll: do not put taskstruct on tctx setup failure (bsc#1245664). - CVE-2025-38115: netsched: schsfq: fix a potential crash on gsoskb handling (bsc#1245689). - CVE-2025-38117: hcidev centralize extra lock (bsc#1245695). - CVE-2025-38126: net: stmmac: make sure that ptprate is not 0 before configuring timestamping (bsc#1245708). - CVE-2025-38131: coresight: prevent deactivate active config while enabling the config (bsc#1245677). - CVE-2025-38132: coresight: holding cscfgcsdevlock while removing cscfg from csdev (bsc#1245679). - CVE-2025-38147: calipso: unlock rcu before returning -EAFNOSUPPORT (bsc#1245768). - CVE-2025-38158: hisiaccvfiopci: fix XQE dma address error (bsc#1245750). - CVE-2025-38162: netfilter: nftsetpipapo: prevent overflow in lookup table allocation (bsc#1245752). - CVE-2025-38166: bpf: fix ktls panic with sockmap (bsc#1245758). - CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970). - CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937). - CVE-2025-38183: net: lan743x: fix potential out-of-bounds write in lan743xptpioeventclockget() (bsc#1246006). - CVE-2025-38187: drm/nouveau: fix a use-after-free in r535gsprpcpush() (bsc#1245951). - CVE-2025-38188: drm/msm/a7xx: Call CPRESETCONTEXTSTATE (bsc#1246098). - CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40eclearhw (bsc#1246045). - CVE-2025-38202: bpf: Check rcureadlocktraceheld() in bpfmaplookuppercpuelem() (bsc#1245980). - CVE-2025-38203: jfs: Fix null-ptr-deref in jfsioctrim (bsc#1246044). - CVE-2025-38204: jfs: fix array-index-out-of-bounds read in addmissingindices (bsc#1245983). - CVE-2025-38206: exfat: fix double free in delayedfree (bsc#1246073). - CVE-2025-38210: configfs-tsm-report: Fix NULL dereference of tsmops (bsc#1246020). - CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029). - CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966). - CVE-2025-38222: ext4: inline: fix len overflow in ext4prepareinlinedata (bsc#1245976). - CVE-2025-38236: afunix: Disable MSGOOB for unprivileged users (bsc#1246093). - CVE-2025-38239: scsi: megaraidsas: Fix invalid node index (bsc#1246178). - CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183). - CVE-2025-38248: bridge: mcast: Fix use-after-free during router port configuration (bsc#1246173). - CVE-2025-38250: kABI workaround for bluetooth hcidev changes (bsc#1246182). - CVE-2025-38256: iouring/rsrc: fix folio unpinning (bsc#1246188). - CVE-2025-38264: llist: add interface to check if a node is on a list (bsc#1246387). - CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268). - CVE-2025-38279: selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264). - CVE-2025-38283: hisiaccvfiopci: bugfix live migration function without VF device driver (bsc#1246273). - CVE-2025-38303: Bluetooth: eir: Fix possible crashes on eircreateadvdata (bsc#1246354). - CVE-2025-38310: seg6: Fix validation of nexthop addresses (bsc#1246361). - CVE-2025-38323: net: atm: add lecmutex (bsc#1246473). - CVE-2025-38334: x86/sgx: Prevent attempts to reclaim poisoned pages (bsc#1246384). - CVE-2025-38335: Input: gpio-keys - fix a sleep while atomic with PREEMPTRT (bsc#1246250). - CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2journaldirtymetadata() (bsc#1246253). - CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777). - CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781). - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers() and posixcputimerdel() (bsc#1246911). - CVE-2025-38364: mapletree: fix MASTATEPREALLOC flag in maspreallocate() (bsc#1247091). - CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023). - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177). - CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031). - CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169). - CVE-2025-38396: fs: export anoninodemakesecureinode() and fix secretmem LSM bypass (bsc#1247156). - CVE-2025-38399: scsi: target: Fix NULL pointer dereference in corescsi3decodespeciport() (bsc#1247097). - CVE-2025-38403: vsock/vmci: Clear the vmci transport packet properly when initializing it (bsc#1247141). - CVE-2025-38414: wifi: ath12k: fix GCCGCCPCIEHOTRST definition for WCN7850 (bsc#1247145). - CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252). - CVE-2025-38429: bus: mhi: ep: Update read pointer only after buffer is written (bsc#1247253). - CVE-2025-38453: kABI: iouring: msgring ensure iokiocb freeing is deferred (bsc#1247234). - CVE-2025-38455: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (bsc#1247101). - CVE-2025-38457: net/sched: Abort _tcmodifyqdisc if parent class does not exist (bsc#1247098). - CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in toatmarpd() (bsc#1247143). - CVE-2025-38461: vsock: Fix transport* TOCTOU (bsc#1247103). - CVE-2025-38462: vsock: Fix transport{g2h,h2g} TOCTOU (bsc#1247104). - CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113). - CVE-2025-38465: netlink: make sure we allow at least one dump skb (bsc#1247118). - CVE-2025-38470: kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (bsc#1247288). - CVE-2025-38471: tls: always refresh the queue when reading sock (bsc#1247450). - CVE-2025-38475: smc: Fix various oops due to inetsock type confusion (bsc#1247308). - CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). - CVE-2025-38498: dochangetype(): refuse to operate on unmounted/not ours mounts (bsc#1247374).
The following non-security bugs were fixed:
dma_unmap_sg()
nents value (git-fixes).{ "binaries": [ { "kernel-source-rt": "6.4.0-150700.7.13.1", "kernel-rt-devel": "6.4.0-150700.7.13.1", "gfs2-kmp-rt": "6.4.0-150700.7.13.1", "cluster-md-kmp-rt": "6.4.0-150700.7.13.1", "kernel-devel-rt": "6.4.0-150700.7.13.1", "kernel-rt": "6.4.0-150700.7.13.1", "dlm-kmp-rt": "6.4.0-150700.7.13.1", "kernel-syms-rt": "6.4.0-150700.7.13.1", "ocfs2-kmp-rt": "6.4.0-150700.7.13.1" } ] }
{ "binaries": [ { "kernel-source-rt": "6.4.0-150700.7.13.1", "kernel-rt-devel": "6.4.0-150700.7.13.1", "gfs2-kmp-rt": "6.4.0-150700.7.13.1", "cluster-md-kmp-rt": "6.4.0-150700.7.13.1", "kernel-devel-rt": "6.4.0-150700.7.13.1", "kernel-rt": "6.4.0-150700.7.13.1", "dlm-kmp-rt": "6.4.0-150700.7.13.1", "kernel-syms-rt": "6.4.0-150700.7.13.1", "ocfs2-kmp-rt": "6.4.0-150700.7.13.1" } ] }
{ "binaries": [ { "kernel-source-rt": "6.4.0-150700.7.13.1", "kernel-rt-devel": "6.4.0-150700.7.13.1", "gfs2-kmp-rt": "6.4.0-150700.7.13.1", "cluster-md-kmp-rt": "6.4.0-150700.7.13.1", "kernel-devel-rt": "6.4.0-150700.7.13.1", "kernel-rt": "6.4.0-150700.7.13.1", "dlm-kmp-rt": "6.4.0-150700.7.13.1", "kernel-syms-rt": "6.4.0-150700.7.13.1", "ocfs2-kmp-rt": "6.4.0-150700.7.13.1" } ] }