SUSE-SU-2025:1176-1

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF (bsc#1237918).
• CVE-2022-49465: blk-throttle: Set BIO_THROTTLED when bio has been throttled (bsc#1238919).
• CVE-2022-49739: gfs2: Always check inode size of inline inodes (bsc#1240207).
• CVE-2023-52935: mm/khugepaged: fix ->anon_vma race (bsc#1240276).
• CVE-2024-53124: net: fix data-races around sk->skforwardalloc (bsc#1234074).
• CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894).
• CVE-2024-53178: smb: Do not leak cfid when reconnect races with opencacheddir (bsc#1234895).
• CVE-2024-56651: can: hi311x: hi3110canist(): fix potential use-after-free (bsc#1235528).
• CVE-2024-57996: netsched: schsfq: do not allow 1 packet limit (bsc#1239076).
• CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync (bsc#1239095).
• CVE-2024-58014: wifi: brcmsmac: add gain range check to wlcphyiqcalgainparamsnphy() (bsc#1239109).
• CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
• CVE-2025-21718: net: rose: fix timer races against user threads (bsc#1239073).
• CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911).
• CVE-2025-21780: drm/amdgpu: avoid buffer overflow attach in smusyssetpptable() (bsc#1239115).

The following non-security bugs were fixed:

• ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
• RDMA/manaib: Prefer structsize over open coded arithmetic (bsc#1239016).
• RDMA/manaib: Use v2 version of cfgrxsteerreq to enable RX coalescing (bsc#1239016).
• Revert 'gfs2: Fix inode height consistency check (git-fixes).
• btrfs: defrag: do not use merged extent map for their generation check (bsc#1239968).
• btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1239968).
• btrfs: fix extent map merging not happening for adjacent extents (bsc#1239968).
• btrfs: send: allow cloning non-aligned extent if it ends at i_size (bsc#1239969).
• btrfs: send: fix invalid clone operation for file that got its size decreased (bsc#1239969).
• cifs: Add a laundromat thread for cached directories (git-fixes).
• cifs: fix potential null pointer use in destroyworkqueue in initcifs error path (git-fixes).
• gfs2: Fix inode height consistency check (git-fixes).
• mm/mmunotifier.c: fix race in mmuintervalnotifierremove() (bsc#1239126).
• mm: zswap: move allocations during CPU init outside the lock (git-fixes).
• net: mana: Add flex array to struct manacfgrxsteerreq_v2 (bsc#1239016).
• net: mana: Allow variable size indirection table (bsc#1239016).
• net: mana: Avoid open coded arithmetic (bsc#1239016).
• net: mana: Support holes in device list reply msg (bsc#1240133).
• sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).
• smb3: allow controlling length of time directory entries are cached with dir leases (git-fixes).
• smb3: do not start laundromat thread when dir leases disabled (git-fixes).
• smb3: retrying on failed server close (git-fixes).
• smb: client: destroy cfidputwq on module exit (git-fixes).
• smb: client: disable directory caching when dircachetimeout is zero (git-fixes).
• smb: client: do not start laundromat thread on nohandlecache (git-fixes).
• smb: client: make laundromat a delayed worker (git-fixes).
• smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896).
• tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).