SUSE-SU-2025:0152-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2017-14051: scsi/qla2xxx: Fix an integer overflow in sysfs code. (bsc#1056588) - CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). - CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). - CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). - CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054). - CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963). - CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073). - CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220). - CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). - CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). - CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224). The following non-security bugs were fixed: - Enable CONFIG_FIRMWARE_SIG () - r8169: check ALDPS bit and disable it if enabled for the 8168g (bnc#845352). - rpm/kernel-binary.spec.in: Remove obsolete ext4-writeable. Needs to be handled differently. (bnc#830822)
Affected Systems
- suse•kernel-default&distro=SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
< 3.0.101-108.174.1
- suse•kernel-ec2&distro=SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
< 3.0.101-108.174.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
< 3.0.101-108.174.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
< 3.0.101-108.174.1
- suse•kernel-trace&distro=SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
< 3.0.101-108.174.1
- suse•kernel-xen&distro=SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
< 3.0.101-108.174.1
References (31)
- https://www.suse.com/support/update/announcement/2025/suse-su-20250152-1/
- https://bugzilla.suse.com/1027565
- https://bugzilla.suse.com/1056588
- https://bugzilla.suse.com/1059525
- https://bugzilla.suse.com/1202346
- https://bugzilla.suse.com/1227985
- https://bugzilla.suse.com/1234846
- https://bugzilla.suse.com/1234853
- https://bugzilla.suse.com/1234891
- https://bugzilla.suse.com/1234963
- https://bugzilla.suse.com/1235054
- https://bugzilla.suse.com/1235056
- https://bugzilla.suse.com/1235061
- https://bugzilla.suse.com/1235073
- https://bugzilla.suse.com/1235220
- https://bugzilla.suse.com/1235224
- https://www.suse.com/security/cve/CVE-2017-1000253
- https://www.suse.com/security/cve/CVE-2017-14051
- https://www.suse.com/security/cve/CVE-2017-2636
- https://www.suse.com/security/cve/CVE-2022-20368
- https://www.suse.com/security/cve/CVE-2022-48839
- https://www.suse.com/security/cve/CVE-2024-53146
- https://www.suse.com/security/cve/CVE-2024-53156
- https://www.suse.com/security/cve/CVE-2024-53173
- https://www.suse.com/security/cve/CVE-2024-53239
- https://www.suse.com/security/cve/CVE-2024-56539
- https://www.suse.com/security/cve/CVE-2024-56548
- https://www.suse.com/security/cve/CVE-2024-56598
- https://www.suse.com/security/cve/CVE-2024-56604
- https://www.suse.com/security/cve/CVE-2024-56605
- https://www.suse.com/security/cve/CVE-2024-56619