SUSE-SU-2025:0867-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2025/suse-su-20250867-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:0867-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2025:0867-1
Upstream
Related
Published
2025-03-14T09:55:18Z
Modified
2025-05-08T17:29:41.889351Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2021-47633: ath5k: fix OOB in ath5keepromreadpcalinfo_5111 (bsc#1237768).
  • CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicy_replace (bsc#1238033).
  • CVE-2024-35863: Fixed potential UAF in isvalidoplock_break() (bsc#1224763).
  • CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700).
  • CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  • CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat (bsc#1234025).
  • CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217).
  • CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230).
  • CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466).
  • CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtg_check() (bsc#1235430).
  • CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441).
  • CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249).
  • CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645).
  • CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759).
  • CVE-2024-57798: drm/dpmst: Ensure mstprimary pointer is valid in drmdpmsthandleup_req() (bsc#1235818).
  • CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling (bsc#1235814).
  • CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages (bsc#1235920).
  • CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025).
  • CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).
  • CVE-2025-21699: gfs2: Truncate address space when flipping GFS2DIFJDATA flag (bsc#1237139).

The following non-security bugs were fixed:

  • net: mana: Add getlink and getlink_ksettings in ethtool (bsc#1236761).
  • net: netvsc: Update default VMBus channels (bsc#1236757).
  • NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847).
  • NFS: Do not flush the readdir cache in nfsdentryiput() (bsc#1231847).
  • NFS: Improve heuristic for readdirplus -revert (bsc#1237160).
  • NFS: Improve heuristic for readdirplus (bsc#1231847).
  • NFS: Reduce readdir stack usage (bsc#1231847).
  • NFS: Trigger the 'ls -l' readdir heuristic sooner (bsc#1231847).
  • NFS: Use kmemdupnul() in nfsreaddirmakeqstr() (bsc#1231847).
  • scsi: storvsc: Handle SRB status value 0x30 (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Micro 5.1 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.202.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.202.1",
            "kernel-rt": "5.3.18-150300.202.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.1 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.202.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.202.1",
            "kernel-rt": "5.3.18-150300.202.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.202.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.202.1",
            "kernel-rt": "5.3.18-150300.202.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.202.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.202.1",
            "kernel-rt": "5.3.18-150300.202.1"
        }
    ]
}