SUSE-SU-2025:03384-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2025/suse-su-202503384-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:03384-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2025:03384-1
Upstream
Related
Published
2025-09-26T17:28:20Z
Modified
2026-03-11T07:29:18.645330Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2022-49492: nvme-pci: fix a NULL pointer dereference in nvmeallocadmin_tags (bsc#1238954).
  • CVE-2022-50116: kernel: tty: n_gsm: fix deadlock and link starvation in outgoing data path (bsc#1244824).
  • CVE-2023-53117: fs: prevent out-of-bounds array speculation when closing a file descriptor (bsc#1242780).
  • CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
  • CVE-2024-58239: tls: stop recv() if initial processrxlist gave us non-DATA (bsc#1248614).
  • CVE-2025-21971: netsched: Prevent creation of classes with TCH_ROOT (bsc#1240799).
  • CVE-2025-22045: x86/mm: Fix flushtlbrange() when used for zapping normal PMDs (bsc#1241433).
  • CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970).
  • CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073).
  • CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473).
  • CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781).
  • CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers() and posixcputimerdel() (bsc#1246911).
  • CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143).
  • CVE-2025-38468: net/sched: Return NULL when htblookupleaf encounters an empty rbtree (bsc#1247437).
  • CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate (bsc#1247314).
  • CVE-2025-38498: dochangetype(): refuse to operate on unmounted/not ours mounts (bsc#1247374).
  • CVE-2025-38499: cloneprivatemnt(): make sure that caller has CAPSYSADMIN in the right userns (bsc#1247976).
  • CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
  • CVE-2025-38563: perf/core: Prevent VMA split of buffer mappings (bsc#1248306).
  • CVE-2025-38608: bpf, ktls: Fix data corruption when using bpfmsgpop_data() in ktls (bsc#1248338).
  • CVE-2025-38617: net/packet: fix a race in packetsetring() and packet_notifier() (bsc#1248621).
  • CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY (bsc#1248511).
  • CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248748).

The following non-security bugs were fixed:

  • Disable N_GSM (bsc#1244824 jsc#PED-8240).
  • NFSv4.1: fix backchannel maxrespsz verification check (bsc#1247518).
  • scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() (bsc#1243278).
  • scsi: iscsitcp: Check that sock is valid before iscsiset_param() (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Micro 5.1
kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.220.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-rt": "5.3.18-150300.220.1",
            "kernel-source-rt": "5.3.18-150300.220.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:03384-1.json"
kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.220.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-rt": "5.3.18-150300.220.1",
            "kernel-source-rt": "5.3.18-150300.220.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:03384-1.json"
SUSE:Linux Enterprise Micro 5.2
kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.220.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-rt": "5.3.18-150300.220.1",
            "kernel-source-rt": "5.3.18-150300.220.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:03384-1.json"
kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.220.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-rt": "5.3.18-150300.220.1",
            "kernel-source-rt": "5.3.18-150300.220.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:03384-1.json"