SUSE-SU-2025:1183-1

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF (bsc#1237918).
• CVE-2022-49465: blk-throttle: Set BIO_THROTTLED when bio has been throttled (bsc#1238919).
• CVE-2022-49739: gfs2: Always check inode size of inline inodes (bsc#1240207).
• CVE-2023-52935: mm/khugepaged: fix ->anon_vma race (bsc#1240276).
• CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
• CVE-2024-41092: drm/i915/gt: Fix potential UAF by revoke of fence registers (bsc#1228483).
• CVE-2024-42098: crypto: ecdh - explicitly zeroize private_key (bsc#1228779).
• CVE-2024-42229: crypto: aead,cipher - zeroize key buffer after use (bsc#1228708).
• CVE-2024-53064: idpf: fix idpfvccore_init error path (bsc#1233558 bsc#1234464).
• CVE-2024-56651: can: hi311x: hi3110canist(): fix potential use-after-free (bsc#1235528).
• CVE-2024-57996: netsched: schsfq: do not allow 1 packet limit (bsc#1239076).
• CVE-2024-58014: wifi: brcmsmac: add gain range check to wlcphyiqcalgainparamsnphy() (bsc#1239109).
• CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvmgetvcpu() (bsc#1239036).
• CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
• CVE-2025-21714: RDMA/mlx5: Fix implicit ODP use after free (bsc#1237890).
• CVE-2025-21718: net: rose: fix timer races against user threads (bsc#1239073).
• CVE-2025-21732: RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (bsc#1237877).
• CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
• CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911).
• CVE-2025-21780: drm/amdgpu: avoid buffer overflow attach in smusyssetpptable() (bsc#1239115).
• CVE-2025-21839: kABI: Fix kABI after backport od CVE-2025-21839 (bsc#1239061).

The following non-security bugs were fixed:

• ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
• RDMA/manaib: Prefer structsize over open coded arithmetic (bsc#1239016).
• RDMA/manaib: Use v2 version of cfgrxsteerreq to enable RX coalescing (bsc#1239016).
• RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)
• btrfs: defrag: do not use merged extent map for their generation check (bsc#1239968).
• btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1239968).
• btrfs: fix extent map merging not happening for adjacent extents (bsc#1239968).
• btrfs: send: allow cloning non-aligned extent if it ends at i_size (bsc#1239969).
• btrfs: send: fix invalid clone operation for file that got its size decreased (bsc#1239969).
• gfs2: Fix inode height consistency check (git-fixes).
• mm/mmunotifier.c: fix race in mmuintervalnotifierremove() (bsc#1239126).
• mm: zswap: move allocations during CPU init outside the lock (git-fixes).
• net: mana: Add flex array to struct manacfgrxsteerreq_v2 (bsc#1239016).
• net: mana: Allow variable size indirection table (bsc#1239016).
• net: mana: Avoid open coded arithmetic (bsc#1239016).
• net: mana: Fix error handling in manacreatetxq/rxq's NAPI cleanup (bsc#1240195).
• net: mana: Support holes in device list reply msg (bsc#1240133).
• x86/bhi: Avoid warning in #DB handler due to BHI mitigation (git-fixes).
• x86/bugs: Cache the value of MSRIA32ARCH_CAPABILITIES (git-fixes).
• x86/bugs: Fix BHI documentation (git-fixes).
• x86/bugs: Fix BHI handling of RRSBA (git-fixes).
• x86/bugs: Fix BHI retpoline check (git-fixes).
• x86/bugs: Fix return type of spectrebhistate() (git-fixes).
• x86/bugs: Remove CONFIGBHIMITIGATIONAUTO and spectrebhi=auto (git-fixes).