SUSE-SU-2025:1176-1

Source
https://www.suse.com/support/update/announcement/2025/suse-su-20251176-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:1176-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2025:1176-1
Upstream
Related
Published
2025-04-08T15:35:00Z
Modified
2025-04-09T12:00:37.847929Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF (bsc#1237918).
  • CVE-2022-49465: blk-throttle: Set BIO_THROTTLED when bio has been throttled (bsc#1238919).
  • CVE-2022-49739: gfs2: Always check inode size of inline inodes (bsc#1240207).
  • CVE-2023-52935: mm/khugepaged: fix ->anon_vma race (bsc#1240276).
  • CVE-2024-53124: net: fix data-races around sk->skforwardalloc (bsc#1234074).
  • CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894).
  • CVE-2024-53178: smb: Do not leak cfid when reconnect races with opencacheddir (bsc#1234895).
  • CVE-2024-56651: can: hi311x: hi3110canist(): fix potential use-after-free (bsc#1235528).
  • CVE-2024-57996: netsched: schsfq: do not allow 1 packet limit (bsc#1239076).
  • CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync (bsc#1239095).
  • CVE-2024-58014: wifi: brcmsmac: add gain range check to wlcphyiqcalgainparamsnphy() (bsc#1239109).
  • CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
  • CVE-2025-21718: net: rose: fix timer races against user threads (bsc#1239073).
  • CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911).
  • CVE-2025-21780: drm/amdgpu: avoid buffer overflow attach in smusyssetpptable() (bsc#1239115).

The following non-security bugs were fixed:

  • ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
  • RDMA/manaib: Prefer structsize over open coded arithmetic (bsc#1239016).
  • RDMA/manaib: Use v2 version of cfgrxsteerreq to enable RX coalescing (bsc#1239016).
  • Revert 'gfs2: Fix inode height consistency check (git-fixes).
  • btrfs: defrag: do not use merged extent map for their generation check (bsc#1239968).
  • btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1239968).
  • btrfs: fix extent map merging not happening for adjacent extents (bsc#1239968).
  • btrfs: send: allow cloning non-aligned extent if it ends at i_size (bsc#1239969).
  • btrfs: send: fix invalid clone operation for file that got its size decreased (bsc#1239969).
  • cifs: Add a laundromat thread for cached directories (git-fixes).
  • cifs: fix potential null pointer use in destroyworkqueue in initcifs error path (git-fixes).
  • gfs2: Fix inode height consistency check (git-fixes).
  • mm/mmunotifier.c: fix race in mmuintervalnotifierremove() (bsc#1239126).
  • mm: zswap: move allocations during CPU init outside the lock (git-fixes).
  • net: mana: Add flex array to struct manacfgrxsteerreq_v2 (bsc#1239016).
  • net: mana: Allow variable size indirection table (bsc#1239016).
  • net: mana: Avoid open coded arithmetic (bsc#1239016).
  • net: mana: Support holes in device list reply msg (bsc#1240133).
  • sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).
  • smb3: allow controlling length of time directory entries are cached with dir leases (git-fixes).
  • smb3: do not start laundromat thread when dir leases disabled (git-fixes).
  • smb3: retrying on failed server close (git-fixes).
  • smb: client: destroy cfidputwq on module exit (git-fixes).
  • smb: client: disable directory caching when dircachetimeout is zero (git-fixes).
  • smb: client: do not start laundromat thread on nohandlecache (git-fixes).
  • smb: client: make laundromat a delayed worker (git-fixes).
  • smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896).
  • tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).
References

Affected packages

SUSE:Linux Enterprise Micro 5.5 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.13.91.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.14.21-150500.13.91.1",
            "kernel-rt": "5.14.21-150500.13.91.1",
            "kernel-source-rt": "5.14.21-150500.13.91.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.5 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.13.91.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.14.21-150500.13.91.1",
            "kernel-rt": "5.14.21-150500.13.91.1",
            "kernel-source-rt": "5.14.21-150500.13.91.1"
        }
    ]
}