SUSE-SU-2025:0230-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2025/suse-su-20250230-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:0230-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2025:0230-1
Related
Published
2025-01-24T10:10:41Z
Modified
2025-05-08T17:30:52.046258Z
Upstream
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2022-49035: media: s5pcec: limit msg.len to CECMAXMSGSIZE (bsc#1215304).
  • CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853).
  • CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice() (bsc#1234846).
  • CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891).
  • CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921).
  • CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004).
  • CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054).
  • CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281).
  • CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiexconfigscan() (bsc#1234963).
  • CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073).
  • CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcommsockalloc() (bsc#1235056).
  • CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2capsockcreate() (bsc#1235061).
  • CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release() (bsc#1235480).
  • CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).

The following non-security bugs were fixed:

  • net: mana: Increase the DEFRXBUFFERSPERQUEUE to 1024 (bsc#1235246).
References

Affected packages

SUSE:Linux Enterprise Micro 5.1 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.197.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.197.1",
            "kernel-rt": "5.3.18-150300.197.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.1 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.197.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.197.1",
            "kernel-rt": "5.3.18-150300.197.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.197.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.197.1",
            "kernel-rt": "5.3.18-150300.197.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.197.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.197.1",
            "kernel-rt": "5.3.18-150300.197.1"
        }
    ]
}