SUSE-SU-2025:4149-1

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues

The following security issues were fixed:

• CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpi_dev() return value (bsc#1249859).
• CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam() (bsc#1249857).
• CVE-2022-50490: bpf: Propagate error from htablockbucket() to userspace (bsc#1251164).
• CVE-2022-50516: fs: dlm: fix invalid derefence of sb_lvbptr (bsc#1251741).
• CVE-2023-53365: ip6mr: Fix skbunderpanic in ip6mrcachereport() (bsc#1249988).
• CVE-2023-53500: xfrm: fix slab-use-after-free in decode_session6 (bsc#1250816).
• CVE-2023-53559: ipvti: fix potential slab-use-after-free in decodesession6 (bsc#1251052).
• CVE-2023-53574: wifi: rtw88: delete timer and free skb queue when unloading (bsc#1251222).
• CVE-2023-53619: netfilter: conntrack: Avoid nfcthelper_hash uses after free (bsc#1251743).
• CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before deleting conn (bsc#1251763).
• CVE-2023-53705: ipv6: Fix out-of-bounds access in ipv6findtlv() (bsc#1252554).
• CVE-2025-37885: KVM: x86: Reset IRTE to host control if new route isn't postable (bsc#1242960).
• CVE-2025-38084: hugetlb: unshare some PMDs when splitting VMAs (bsc#1245498).
• CVE-2025-38085: mm/hugetlb: fix hugepmdunshare() vs GUP-fast race (bsc#1245499).
• CVE-2025-38476: rpl: Fix use-after-free in rpldosrh_inline() (bsc#1247317).
• CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in findhwthread_mask() (bsc#1249479).
• CVE-2025-39797: xfrm: Duplicate SPI Handling (bsc#1249608).
• CVE-2025-39945: cnic: Fix use-after-free bugs in cnicdeletetask (bsc#1251230).
• CVE-2025-39967: fbcon: fix integer overflow in fbcondoset_font (bsc#1252033).
• CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).
• CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
• CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2tcadd_flow() (bsc#1252069).
• CVE-2025-39981: Bluetooth: MGMT: Fix possible UAFs (bsc#1252060).
• CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup (bsc#1252688).
• CVE-2025-40044: fs: udf: fix OOB read in lengthAllocDescs handling (bsc#1252785).

The following non security issues were fixed:

• NFS: remove revoked delegation from server's delegation list (bsc#1246211).
• NFSv4: Allow FREE_STATEID to clean up delegations (bsc#1246211).
• fbcon: Fix OOB access in font allocation (bsc#1252033)
• kabi fix for NFSv4: Allow FREE_STATEID to clean up delegations (bsc#1246211).
• mm: avoid unnecessary page fault retires on shared memory types (bsc#1251823).
• net: hv_netvsc: fix loss of early receive events from host during channel open (bsc#1252265).
• net: mana: Switch to page pool for jumbo frames (bsc#1248754).
• net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency (bsc#1248754).
• netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237). No CVE available yet, please see the bugzilla ticket referenced.