SUSE-SU-2025:0867-1

Source
https://www.suse.com/support/update/announcement/2025/suse-su-20250867-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:0867-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2025:0867-1
Related
Published
2025-03-14T09:55:18Z
Modified
2025-05-02T04:32:17.918753Z
Upstream
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2021-47633: ath5k: fix OOB in ath5keepromreadpcalinfo_5111 (bsc#1237768).
  • CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicy_replace (bsc#1238033).
  • CVE-2024-35863: Fixed potential UAF in isvalidoplock_break() (bsc#1224763).
  • CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700).
  • CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  • CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat (bsc#1234025).
  • CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217).
  • CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230).
  • CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466).
  • CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtg_check() (bsc#1235430).
  • CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441).
  • CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249).
  • CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645).
  • CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759).
  • CVE-2024-57798: drm/dpmst: Ensure mstprimary pointer is valid in drmdpmsthandleup_req() (bsc#1235818).
  • CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling (bsc#1235814).
  • CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages (bsc#1235920).
  • CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025).
  • CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).
  • CVE-2025-21699: gfs2: Truncate address space when flipping GFS2DIFJDATA flag (bsc#1237139).

The following non-security bugs were fixed:

  • net: mana: Add getlink and getlink_ksettings in ethtool (bsc#1236761).
  • net: netvsc: Update default VMBus channels (bsc#1236757).
  • NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847).
  • NFS: Do not flush the readdir cache in nfsdentryiput() (bsc#1231847).
  • NFS: Improve heuristic for readdirplus -revert (bsc#1237160).
  • NFS: Improve heuristic for readdirplus (bsc#1231847).
  • NFS: Reduce readdir stack usage (bsc#1231847).
  • NFS: Trigger the 'ls -l' readdir heuristic sooner (bsc#1231847).
  • NFS: Use kmemdupnul() in nfsreaddirmakeqstr() (bsc#1231847).
  • scsi: storvsc: Handle SRB status value 0x30 (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Micro 5.1 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.202.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.202.1",
            "kernel-rt": "5.3.18-150300.202.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.1 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.202.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.202.1",
            "kernel-rt": "5.3.18-150300.202.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.202.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.202.1",
            "kernel-rt": "5.3.18-150300.202.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.202.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.202.1",
            "kernel-rt": "5.3.18-150300.202.1"
        }
    ]
}