SUSE-SU-2025:1183-1

Source
https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:1183-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2025:1183-1
Upstream
Related
Published
2025-04-09T13:57:53Z
Modified
2025-04-10T12:46:04.654969Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF (bsc#1237918).
  • CVE-2022-49465: blk-throttle: Set BIO_THROTTLED when bio has been throttled (bsc#1238919).
  • CVE-2022-49739: gfs2: Always check inode size of inline inodes (bsc#1240207).
  • CVE-2023-52935: mm/khugepaged: fix ->anon_vma race (bsc#1240276).
  • CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
  • CVE-2024-41092: drm/i915/gt: Fix potential UAF by revoke of fence registers (bsc#1228483).
  • CVE-2024-42098: crypto: ecdh - explicitly zeroize private_key (bsc#1228779).
  • CVE-2024-42229: crypto: aead,cipher - zeroize key buffer after use (bsc#1228708).
  • CVE-2024-53064: idpf: fix idpfvccore_init error path (bsc#1233558 bsc#1234464).
  • CVE-2024-56651: can: hi311x: hi3110canist(): fix potential use-after-free (bsc#1235528).
  • CVE-2024-57996: netsched: schsfq: do not allow 1 packet limit (bsc#1239076).
  • CVE-2024-58014: wifi: brcmsmac: add gain range check to wlcphyiqcalgainparamsnphy() (bsc#1239109).
  • CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvmgetvcpu() (bsc#1239036).
  • CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
  • CVE-2025-21714: RDMA/mlx5: Fix implicit ODP use after free (bsc#1237890).
  • CVE-2025-21718: net: rose: fix timer races against user threads (bsc#1239073).
  • CVE-2025-21732: RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (bsc#1237877).
  • CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
  • CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911).
  • CVE-2025-21780: drm/amdgpu: avoid buffer overflow attach in smusyssetpptable() (bsc#1239115).
  • CVE-2025-21839: kABI: Fix kABI after backport od CVE-2025-21839 (bsc#1239061).

The following non-security bugs were fixed:

  • ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
  • RDMA/manaib: Prefer structsize over open coded arithmetic (bsc#1239016).
  • RDMA/manaib: Use v2 version of cfgrxsteerreq to enable RX coalescing (bsc#1239016).
  • RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)
  • btrfs: defrag: do not use merged extent map for their generation check (bsc#1239968).
  • btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1239968).
  • btrfs: fix extent map merging not happening for adjacent extents (bsc#1239968).
  • btrfs: send: allow cloning non-aligned extent if it ends at i_size (bsc#1239969).
  • btrfs: send: fix invalid clone operation for file that got its size decreased (bsc#1239969).
  • gfs2: Fix inode height consistency check (git-fixes).
  • mm/mmunotifier.c: fix race in mmuintervalnotifierremove() (bsc#1239126).
  • mm: zswap: move allocations during CPU init outside the lock (git-fixes).
  • net: mana: Add flex array to struct manacfgrxsteerreq_v2 (bsc#1239016).
  • net: mana: Allow variable size indirection table (bsc#1239016).
  • net: mana: Avoid open coded arithmetic (bsc#1239016).
  • net: mana: Fix error handling in manacreatetxq/rxq's NAPI cleanup (bsc#1240195).
  • net: mana: Support holes in device list reply msg (bsc#1240133).
  • x86/bhi: Avoid warning in #DB handler due to BHI mitigation (git-fixes).
  • x86/bugs: Cache the value of MSRIA32ARCH_CAPABILITIES (git-fixes).
  • x86/bugs: Fix BHI documentation (git-fixes).
  • x86/bugs: Fix BHI handling of RRSBA (git-fixes).
  • x86/bugs: Fix BHI retpoline check (git-fixes).
  • x86/bugs: Fix return type of spectrebhistate() (git-fixes).
  • x86/bugs: Remove CONFIGBHIMITIGATIONAUTO and spectrebhi=auto (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Micro 5.3 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.115.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.115.1",
            "kernel-rt": "5.14.21-150400.15.115.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.3 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.115.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.115.1",
            "kernel-rt": "5.14.21-150400.15.115.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.4 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.115.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.115.1",
            "kernel-rt": "5.14.21-150400.15.115.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.4 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.115.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.115.1",
            "kernel-rt": "5.14.21-150400.15.115.1"
        }
    ]
}