SUSE-SU-2025:4132-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2025/suse-su-20254132-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:4132-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2025:4132-1
Upstream
Related
Published
2025-11-18T16:45:55Z
Modified
2025-11-20T10:32:35.577544Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to fix various security issues

The following security issues were fixed:

  • CVE-2025-38008: mm/page_alloc: fix race condition in unaccepted memory handling (bsc#1244939).
  • CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister notifier (bsc#1248211).
  • CVE-2025-38552: mptcp: plug races between subflow fail and subflow creation (bsc#1248230).
  • CVE-2025-38653: proc: use the same treatment to check proclseek as ones for procread_iter et.al (bsc#1248630).
  • CVE-2025-38699: scsi: bfa: Double-free fix (bsc#1249224).
  • CVE-2025-38700: scsi: libiscsi: Initialize iscsiconn->dddata only if memory is allocated (bsc#1249182).
  • CVE-2025-38718: sctp: linearize cloned gso packets in sctp_rcv (bsc#1249161).
  • CVE-2025-38734: net/smc: fix UAF on smcsk after smclistenout() (bsc#1249324).
  • CVE-2025-38735: gve: prevent ethtool ops after shutdown (bsc#1249288).
  • CVE-2025-39673: ppp: fix race conditions in pppfillforward_path (bsc#1249320).
  • CVE-2025-39676: scsi: qla4xxx: Prevent a potential error pointer dereference (bsc#1249302).
  • CVE-2025-39683: tracing: Limit access to parser->buffer when tracegetuser failed (bsc#1249286).
  • CVE-2025-39697: nfs: remove dead code for the old swap over NFS implementation (bsc#1249319).
  • CVE-2025-39702: ipv6: sr: Fix MAC comparison to be constant-time (bsc#1249317).
  • CVE-2025-39756: fs: Prevent file descriptor table allocations exceeding INT_MAX (bsc#1249512).
  • CVE-2025-39794: ARM: tegra: Use I/O memcpy to write to IRAM (bsc#1249595).
  • CVE-2025-39810: bnxt_en: Fix memory corruption when FW resources change during ifdown (bsc#1249975).
  • CVE-2025-39812: sctp: initialize more fields in sctpv6from_sk() (bsc#1250202).
  • CVE-2025-39813: ftrace: Fix potential warning in traceprintkseq during ftrace_dump (bsc#1250032).
  • CVE-2025-39828: atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol() (bsc#1250205).
  • CVE-2025-39832: net/mlx5: Add sync reset drop mode support (bsc#1249901).
  • CVE-2025-39847: ppp: fix memory leak in padcompressskb (bsc#1250292).
  • CVE-2025-39850: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (bsc#1250276).
  • CVE-2025-39851: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object (bsc#1250296).
  • CVE-2025-39853: i40e: Fix potential invalid access when MAC list is empty (bsc#1250275).
  • CVE-2025-39854: ice: fix NULL access of tx->inuse in icelltsintr (bsc#1250297).
  • CVE-2025-39866: fs: writeback: fix use-after-free in _markinode_dirty() (bsc#1250455).
  • CVE-2025-39876: net: fec: Fix possible NPD in fecenetphyresetafterclkenable() (bsc#1250400).
  • CVE-2025-39881: kernfs: Fix UAF in polling when open file is released (bsc#1250379).
  • CVE-2025-39895: sched: Fix schednumafindnthcpu() if mask offline (bsc#1250721).
  • CVE-2025-39900: netsched: genestimator: fix esttimer() vs CONFIGPREEMPT_RT=y (bsc#1250758).
  • CVE-2025-39902: mm/slub: avoid accessing metadata when pointer is invalid in object_err() (bsc#1250702).
  • CVE-2025-39911: i40e: fix IRQ freeing in i40evsirequestirqmsix error path (bsc#1250704).
  • CVE-2025-39945: cnic: Fix use-after-free bugs in cnicdeletetask (bsc#1251230).
  • CVE-2025-39946: tls: make sure to abort the stream if headers are bogus (bsc#1251114).
  • CVE-2025-39947: net/mlx5e: Harden uplink netdev access against device unbind (bsc#1251232).
  • CVE-2025-39948: ice: fix Rx page leak on multi-buffer frames (bsc#1251233).
  • CVE-2025-39949: qed: Don't collect too many protection override GRC elements (bsc#1251177).
  • CVE-2025-39955: tcp: Clear tcpsk(sk)->fastopenrsk in tcp_disconnect() (bsc#1251804).
  • CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).
  • CVE-2025-39969: i40e: fix validation of VF state in get resources (bsc#1252044).
  • CVE-2025-39970: i40e: fix input validation logic for action_meta (bsc#1252051).
  • CVE-2025-39971: i40e: fix idx validation in config queues msg (bsc#1252052).
  • CVE-2025-39972: i40e: fix idx validation in i40evalidatequeue_map (bsc#1252039).
  • CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
  • CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2tcadd_flow() (bsc#1252069).
  • CVE-2025-39984: net: tun: Update napi->skb after XDP process (bsc#1252081).
  • CVE-2025-40000: wifi: rtw89: fix use-after-free in rtw89coretxkickoffandwait() (bsc#1252062).
  • CVE-2025-40005: spi: cadence-quadspi: Implement refcount to handle unbind during busy (bsc#1252349).
  • CVE-2025-40012: net/smc: fix warning in smcrxsplice() when calling get_page() (bsc#1252330).
  • CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup (bsc#1252688).
  • CVE-2025-40051: vhost: vringh: Modify the return value check (bsc#1252858).
  • CVE-2025-40056: vhost: vringh: Fix copytoiter return value check (bsc#1252826).
  • CVE-2025-40060: coresight: trbe: Return NULL pointer for allocation failures (bsc#1252848).
  • CVE-2025-40078: bpf: Explicitly check accesses to bpfsockaddr (bsc#1252789).
  • CVE-2025-40080: nbd: restrict sockets to TCP and UDP (bsc#1252774).
  • CVE-2025-40100: btrfs: do not assert we found block group item when creating free space tree (bsc#1252918).

The following non security issues were fixed:

  • ACPI/processor_idle: Add FFH state handling (jsc#PED-13815).
  • ACPI/processoridle: Export acpiprocessorffhplay_dead() (jsc#PED-13815).
  • ACPI: battery: Add synchronization between interface updates (git-fixes).
  • ACPI: processor: Rescan 'dead' SMT siblings during initialization (jsc#PED-13815).
  • KVM: PPC: Fix misleading interrupts comment in kvmppcprepareto_enter() (bsc#1215199).
  • KVM: x86: Plumb in the vCPU to kvmx86ops.hwapicisrupdate() (git-fixes).
  • KVM: x86: Process 'guest stopped request' once per guest time update (git-fixes).
  • PM: hibernate: Add pmhibernationmodeissuspend() (bsc#1243112).
  • PM: hibernate: Add stub for pmhibernateis_recovering() (bsc#1243112).
  • PM: hibernate: Fix pmhibernationmodeissuspend() build breakage (bsc#1243112).
  • PM: hibernate: add new api pmhibernateis_recovering() (bsc#1243112).
  • bpf: Allow helper bpfget[ns]currentpid_tgid() for all prog types (bsc#1252364).
  • cpufreq: intelpstate: Fix object lifecycle issue in updateqos_request() (stable-fixes git-fixes).
  • cpuidle: Do not return from cpuidleplaydead() on callback failures (jsc#PED-13815).
  • dpll: Make ZL3073X invisible (bsc#1252253).
  • dpll: zl3073x: Add firmware loading functionality (bsc#1252253).
  • dpll: zl3073x: Add functions to access hardware registers (bsc#1252253).
  • dpll: zl3073x: Add low-level flash functions (bsc#1252253).
  • dpll: zl3073x: Add support to get fractional frequency offset (bsc#1252253).
  • dpll: zl3073x: Add support to get phase offset on connected input pin (bsc#1252253).
  • dpll: zl3073x: Add support to get/set esync on pins (bsc#1252253).
  • dpll: zl3073x: Fix build failure (bsc#1252253).
  • dpll: zl3073x: Fix double free in zl3073xdevlinkflash_update() (bsc#1252253).
  • dpll: zl3073x: Handle missing or corrupted flash configuration (bsc#1252253).
  • dpll: zl3073x: Implement devlink flash callback (bsc#1252253).
  • dpll: zl3073x: Increase maximum size of flash utility (bsc#1252253).
  • dpll: zl3073x: Refactor DPLL initialization (bsc#1252253).
  • dpll: zl3073x: ZL3073XI2C and ZL3073XSPI should depend on NET (bsc#1252253).
  • drm/amd : Update MES API header file for v11 & v12 (stable-fixes).
  • drm/amd/amdgpu: Implement MES suspend/resume gang functionality for v12 (bsc#1243112).
  • drm/amd/display: Add NULL check for stream before dereference in 'dmvupdatehigh_irq' (bsc#1243112).
  • drm/amd/display: Enable Dynamic DTBCLK Switch (bsc#1243112).
  • drm/amd/display: Fix vupdateoffloadwork doc (bsc#1243112).
  • drm/amd/display: fix dmub access race condition (bsc#1243112).
  • drm/amd/display: more liberal vmin/vmax update for freesync (bsc#1243112).
  • drm/amd/include : MES v11 and v12 API header update (stable-fixes).
  • drm/amd/include : Update MES v12 API for fence update (stable-fixes).
  • drm/amd/pm: fix smu table id bound check issue in smucmnupdate_table() (git-fixes).
  • drm/amd: Avoid evicting resources at S5 (bsc#1243112).
  • drm/amd: Check whether secure display TA loaded successfully (bsc#1243112).
  • drm/amd: Fix hybrid sleep (bsc#1243112).
  • drm/amd: Only restore cached manual clock settings in restore if OD enabled (bsc#1243112).
  • drm/amd: Restore cached manual clock settings during resume (bsc#1243112).
  • drm/amdgpu/mes11: implement detect and reset callback (bsc#1243112).
  • drm/amdgpu/mes12: implement detect and reset callback (bsc#1243112).
  • drm/amdgpu/mes: add front end for detect and reset hung queue (bsc#1243112).
  • drm/amdgpu/vpe: cancel delayed work in hw_fini (bsc#1243112).
  • drm/amdgpu: Avoid rma causes GPU duplicate reset (bsc#1243112).
  • drm/amdgpu: Fix for GPU reset being blocked by KIQ I/O (bsc#1243112).
  • drm/amdgpu: Report individual reset error (bsc#1243112).
  • drm/amdgpu: do not resume device in thaw for normal hibernation (bsc#1243112).
  • drm/amdgpu: fix link error for !PM_SLEEP (bsc#1243112).
  • drm/amdkfd: Fix mmap write lock not release (bsc#1243112).
  • drm/xe/guc: Prepare GuC register list and update ADS size for error capture (stable-fixes).
  • ext4: fix checks for orphan inodes (bsc#1250119).
  • hfsplus: fix KMSAN uninit-value issue in hfsplusdeletecat() (git-fixes).
  • intelidle: Provide the default enterdead() handler (jsc#PED-13815).
  • intel_idle: Rescan 'dead' SMT siblings during initialization (jsc#PED-13815).
  • intelidle: Use subsysinitcall_sync() for initialization (jsc#PED-13815).
  • ixgbe: handle IXGBEVFFEATURES_NEGOTIATE mbox cmd (bsc#1247222).
  • ixgbe: handle IXGBEVFGETPFLINK_STATE mailbox operation (bsc#1247222).
  • ixgbevf: fix getting link speed data for E610 devices (bsc#1247222).
  • ixgbevf: fix mailbox API compatibility by negotiating supported features (bsc#1247222).
  • kdb: Replace deprecated strcpy() with memmove() in vkdb_printf() (bsc#1252939).
  • module: Prevent silent truncation of module name in delete_module(2) (git-fixes).
  • net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency (bsc#1248754).
  • netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237).
  • nvme-auth: update bi_directional flag (git-fixes bsc#1249735).
  • nvme-auth: update sc_c in host response (git-fixes bsc#1249397).
  • nvme-fc: use lock accessing port_state and rport state (bsc#1245193 bsc#1247500).
  • nvme-tcp: send only permitted commands for secure concat (git-fixes bsc#1247683).
  • nvmet-fc: avoid scheduling association deletion twice (bsc#1245193 bsc#1247500).
  • nvmet-fc: move lsop put work to nvmetfclsreqop (bsc#1245193 bsc#1247500).
  • nvmet-fcloop: call done callback even when remote port is gone (bsc#1245193 bsc#1247500).
  • perf/x86/intel: Allow to update user space GPRs from PEBS records (git-fixes).
  • perf/x86/intel: Fix crash in iclupdatetopdown_event() (git-fixes).
  • phy: cadence: cdns-dphy: Update calibration wait time for startup state machine (git-fixes).
  • platform/x86/amd/pmc: Add 1Ah family series to STB support list (bsc#1243112).
  • platform/x86/amd/pmc: Add MECHREVO Yilong15Pro to spurious_8042 list (bsc#1243112).
  • platform/x86/amd/pmc: Add Stellaris Slim Gen6 AMD to spurious 8042 quirks list (bsc#1243112).
  • platform/x86/amd/pmc: Add VPE information for AMDI000A platform (bsc#1243112).
  • platform/x86/amd/pmc: Add idlemask support for 1Ah family (bsc#1243112).
  • platform/x86/amd/pmc: Extend support for PMC features on new AMD platform (bsc#1243112).
  • platform/x86/amd/pmc: Fix SMU command submission path on new AMD platform (bsc#1243112).
  • platform/x86/amd/pmc: Modify SMU message port for latest AMD platform (bsc#1243112).
  • platform/x86/amd/pmc: Notify user when platform does not support s0ix transition (bsc#1243112).
  • platform/x86/amd/pmc: Remove unnecessary line breaks (bsc#1243112).
  • platform/x86/amd/pmc: Send OS_HINT command for AMDI000A platform (bsc#1243112).
  • platform/x86/amd/pmc: Send OS_HINT command for new AMD platform (bsc#1243112).
  • platform/x86/amd/pmc: Update IP information structure for newer SoCs (bsc#1243112).
  • platform/x86/amd/pmc: Use ARRAYSIZE() to fill numips information (bsc#1243112).
  • platform/x86/amd/pmc: call amdpmcgetipinfo() during driver probe (bsc#1243112).
  • platform/x86/amd: pmc: Add new ACPI ID AMDI000B (bsc#1243112).
  • platform/x86/amd: pmc: Drop SMU F/W match for Cezanne (bsc#1243112).
  • platform/x86/amd: pmc: Use guard(mutex) (bsc#1243112).
  • powerpc/boot: Fix build with gcc 15 (bsc#1215199).
  • powerpc/fadump: skip parameter area allocation when fadump is disabled (jsc#PED-9891 git-fixes).
  • powerpc/kvm: Fix ifdef to remove build warning (bsc#1215199).
  • powerpc/powernv/pci: Fix underflow and leak issue (bsc#1215199).
  • powerpc/pseries/msi: Fix potential underflow and leak issue (bsc#1215199).
  • powerpc: floppy: Add missing checks after DMA map (bsc#1215199).
  • proc: fix missing pdesetflags() for net proc files (bsc#1248630)
  • proc: fix type confusion in pdesetflags() (bsc#1248630)
  • sched/idle: Conditionally handle tick broadcast in defaultidlecall() (bsc#1248517).
  • scsi: fc: Avoid -Wflex-array-member-not-at-end warnings (bsc#1250519).
  • scsi: lpfc: Abort outstanding ELS WQEs regardless of if rmmod is in progress (bsc#1250519).
  • scsi: lpfc: Check return status of lpfcresetflushiocontext during TGT_RESET (bsc#1250519).
  • scsi: lpfc: Clean up allocated queues when queue setup mbox commands fail (bsc#1250519).
  • scsi: lpfc: Copyright updates for 14.4.0.11 patches (bsc#1250519).
  • scsi: lpfc: Decrement ndlp kref after FDISC retries exhausted (bsc#1250519).
  • scsi: lpfc: Ensure PLOGI_ACC is sent prior to PRLI in Point to Point topology (bsc#1250519).
  • scsi: lpfc: Fix buffer free/clear order in deferred receive path (bsc#1250519).
  • scsi: lpfc: Fix wrong function reference in a comment (bsc#1250519).
  • scsi: lpfc: Remove ndlp kref decrement clause for FPortCtrl in lpfc_cleanup (bsc#1250519).
  • scsi: lpfc: Remove redundant assignment to avoid memory leak (bsc#1250519).
  • scsi: lpfc: Remove unused member variables in struct lpfchba and lpfcvport (bsc#1250519).
  • scsi: lpfc: Update lpfc version to 14.4.0.11 (bsc#1250519).
  • scsi: lpfc: Use int type to store negative error codes (bsc#1250519).
  • scsi: lpfc: use min() to improve code (bsc#1250519).
  • serial: sc16is7xx: rename Kconfig CONFIGSERIALSC16IS7XX_CORE (bsc#1252469).
  • skmsg: Return copied bytes in skmsgmemcopyfromiter (bsc#1250650).
  • smb: client: fix crypto buffers in non-linear memory (bsc#1250491, bsc#1239206).
  • smb: client: fix potential cfid UAF in smb2queryinfo_compound (bsc#1248886).
  • tcpbpf: Fix copied value in tcpbpf_sendmsg (bsc#1250650).
  • tracing: Remove unneeded goto out logic (bsc#1249286).
  • x86/idle: Sanitize X86BUGAMD_E400 handling (bsc#1248517).
  • x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID (bsc#1252734).
  • x86/resctrl: Refactor resctrlarchrmid_read() (bsc#1252734).
  • x86/smp: Allow calling mwaitplaydead with an arbitrary hint (jsc#PED-13815).
  • x86/smp: Fix mwaitplaydead() and acpiprocessorffhplaydead() noreturn behavior (jsc#PED-13815).
  • x86/smp: PM/hibernate: Split archresumenosmt() (jsc#PED-13815).
  • x86/topology: Implement topologyiscore_online() to address SMT regression (jsc#PED-13815).
References

Affected packages

SUSE:Linux Enterprise Module for Public Cloud 15 SP7

kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.0-150700.20.18.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-azure": "6.4.0-150700.20.18.1",
            "kernel-devel-azure": "6.4.0-150700.20.18.1",
            "kernel-source-azure": "6.4.0-150700.20.18.1",
            "kernel-azure-devel": "6.4.0-150700.20.18.1",
            "kernel-syms-azure": "6.4.0-150700.20.18.1"
        }
    ]
}

kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.0-150700.20.18.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-azure": "6.4.0-150700.20.18.1",
            "kernel-devel-azure": "6.4.0-150700.20.18.1",
            "kernel-source-azure": "6.4.0-150700.20.18.1",
            "kernel-azure-devel": "6.4.0-150700.20.18.1",
            "kernel-syms-azure": "6.4.0-150700.20.18.1"
        }
    ]
}

kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.0-150700.20.18.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-azure": "6.4.0-150700.20.18.1",
            "kernel-devel-azure": "6.4.0-150700.20.18.1",
            "kernel-source-azure": "6.4.0-150700.20.18.1",
            "kernel-azure-devel": "6.4.0-150700.20.18.1",
            "kernel-syms-azure": "6.4.0-150700.20.18.1"
        }
    ]
}