SUSE-SU-2025:1573-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2025/suse-su-20251573-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:1573-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2025:1573-1
Upstream
Related
Published
2025-05-16T16:32:08Z
Modified
2025-05-22T10:59:14.752962Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2025-21726: padata: avoid UAF for reorder_work (bsc#1238865).
  • CVE-2025-21785: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (bsc#1238747).
  • CVE-2025-21791: vrf: use RCU protection in l3mdevl3out() (bsc#1238512).
  • CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471).
  • CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).
  • CVE-2025-22020: memstick: rtsxusbms: Fix slab-use-after-free in rtsxusbmsdrvremove (bsc#1241280).
  • CVE-2025-22029: exec: fix the racy usage of fsstruct->inexec (bsc#1241378).
  • CVE-2025-22045: x86/mm: Fix flushtlbrange() when used for zapping normal PMDs (bsc#1241433).
  • CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).
  • CVE-2025-22097: drm/vkms: Fix use after free and double free on init error (bsc#1241541).

The following non-security bugs were fixed:

  • scsi: smartpqi: Add ctrl ready timeout module parameter (jsc#PED-1557, bsc#1201855, bsc#1240553).
References

Affected packages

SUSE:Linux Enterprise Micro 5.3 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.118.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.118.1",
            "kernel-rt": "5.14.21-150400.15.118.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.3 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.118.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.118.1",
            "kernel-rt": "5.14.21-150400.15.118.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.4 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.118.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.118.1",
            "kernel-rt": "5.14.21-150400.15.118.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.4 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.118.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.118.1",
            "kernel-rt": "5.14.21-150400.15.118.1"
        }
    ]
}