SUSE-SU-2025:01620-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48933: netfilter: nf_tables: fix memory leak during stateful obj update (bsc#1229621). - CVE-2022-49110: netfilter: conntrack: revisit gc autotuning (bsc#1237981). - CVE-2022-49139: Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt (bsc#1238032). - CVE-2022-49767: 9p/trans_fd: always use O_NONBLOCK read/write (bsc#1242493). - CVE-2024-46763: fou: Fix null-ptr-deref in GRO (bsc#1230764). - CVE-2024-50038: netfilter: xtables: avoid NFPROTO_UNSPEC where needed (bsc#1231910). - CVE-2025-21726: padata: avoid UAF for reorder_work (bsc#1238865). - CVE-2025-21785: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (bsc#1238747). - CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512). - CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471). - CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061). - CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835). - CVE-2025-22020: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (bsc#1241280). - CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433). - CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371). - CVE-2025-22097: drm/vkms: Fix use after free and double free on init error (bsc#1241541). - CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684). - CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648). - CVE-2025-39735: jfs: fix slab-out-of-bounds read in ea_get() (bsc#1241625). The following non-security bugs were fixed: - cpufreq: ACPI: Mark boost policy as enabled when setting boost (bsc#1236777). - cpufreq: Allow drivers to advertise boost enabled (bsc#1236777). - cpufreq: Fix per-policy boost behavior on SoCs using cpufreq_boost_set_sw() (bsc#1236777). - cpufreq: Support per-policy performance boost (bsc#1236777). - x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778). - x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778). - x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).
Affected Systems
- suse•kernel-64kb&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
< 5.14.21-150500.55.103.1
- suse•kernel-64kb&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
< 5.14.21-150500.55.103.1
- suse•kernel-64kb&distro=SUSE Linux Enterprise Server 15 SP5-LTSS
< 5.14.21-150500.55.103.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
< 5.14.21-150500.55.103.1.150500.6.49.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
< 5.14.21-150500.55.103.1.150500.6.49.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise Micro 5.5
< 5.14.21-150500.55.103.1.150500.6.49.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server 15 SP5-LTSS
< 5.14.21-150500.55.103.1.150500.6.49.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5
< 5.14.21-150500.55.103.1.150500.6.49.1
- suse•kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
< 5.14.21-150500.55.103.1
- suse•kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
< 5.14.21-150500.55.103.1
- suse•kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP5
< 5.14.21-150500.55.103.1
- suse•kernel-default&distro=SUSE Linux Enterprise Micro 5.5
< 5.14.21-150500.55.103.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server 15 SP5-LTSS
< 5.14.21-150500.55.103.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5
< 5.14.21-150500.55.103.1
- suse•kernel-docs&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
< 5.14.21-150500.55.103.1
- suse•kernel-docs&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
< 5.14.21-150500.55.103.1
- suse•kernel-docs&distro=SUSE Linux Enterprise Server 15 SP5-LTSS
< 5.14.21-150500.55.103.1
- suse•kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5
< 5.14.21-150500.55.103.1
- suse•kernel-livepatch-SLE15-SP5_Update_26&distro=SUSE Linux Enterprise Live Patching 15 SP5
< 1-150500.11.3.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
< 5.14.21-150500.55.103.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
< 5.14.21-150500.55.103.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise Server 15 SP5-LTSS
< 5.14.21-150500.55.103.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5
< 5.14.21-150500.55.103.1
- suse•kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
< 5.14.21-150500.55.103.1
- suse•kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
< 5.14.21-150500.55.103.1
- suse•kernel-source&distro=SUSE Linux Enterprise Micro 5.5
< 5.14.21-150500.55.103.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server 15 SP5-LTSS
< 5.14.21-150500.55.103.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5
< 5.14.21-150500.55.103.1
- suse•kernel-syms&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
< 5.14.21-150500.55.103.1
- suse•kernel-syms&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
< 5.14.21-150500.55.103.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server 15 SP5-LTSS
< 5.14.21-150500.55.103.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5
< 5.14.21-150500.55.103.1
- suse•kernel-zfcpdump&distro=SUSE Linux Enterprise Server 15 SP5-LTSS
< 5.14.21-150500.55.103.1
References (88)
- https://www.suse.com/support/update/announcement/2025/suse-su-202501620-1/
- https://bugzilla.suse.com/1054914
- https://bugzilla.suse.com/1206843
- https://bugzilla.suse.com/1210409
- https://bugzilla.suse.com/1225903
- https://bugzilla.suse.com/1229361
- https://bugzilla.suse.com/1229621
- https://bugzilla.suse.com/1230764
- https://bugzilla.suse.com/1231103
- https://bugzilla.suse.com/1231910
- https://bugzilla.suse.com/1236777
- https://bugzilla.suse.com/1237981
- https://bugzilla.suse.com/1238032
- https://bugzilla.suse.com/1238471
- https://bugzilla.suse.com/1238512
- https://bugzilla.suse.com/1238747
- https://bugzilla.suse.com/1238865
- https://bugzilla.suse.com/1239061
- https://bugzilla.suse.com/1239684
- https://bugzilla.suse.com/1239968
- https://bugzilla.suse.com/1240209
- https://bugzilla.suse.com/1240211
- https://bugzilla.suse.com/1240214
- https://bugzilla.suse.com/1240228
- https://bugzilla.suse.com/1240230
- https://bugzilla.suse.com/1240246
- https://bugzilla.suse.com/1240248
- https://bugzilla.suse.com/1240269
- https://bugzilla.suse.com/1240271
- https://bugzilla.suse.com/1240274
- https://bugzilla.suse.com/1240285
- https://bugzilla.suse.com/1240295
- https://bugzilla.suse.com/1240306
- https://bugzilla.suse.com/1240314
- https://bugzilla.suse.com/1240315
- https://bugzilla.suse.com/1240321
- https://bugzilla.suse.com/1240747
- https://bugzilla.suse.com/1240835
- https://bugzilla.suse.com/1241280
- https://bugzilla.suse.com/1241371
- https://bugzilla.suse.com/1241421
- https://bugzilla.suse.com/1241433
- https://bugzilla.suse.com/1241541
- https://bugzilla.suse.com/1241625
- https://bugzilla.suse.com/1241648
- https://bugzilla.suse.com/1242284
- https://bugzilla.suse.com/1242493
- https://bugzilla.suse.com/1242778
- https://www.suse.com/security/cve/CVE-2021-47671
- https://www.suse.com/security/cve/CVE-2022-48933
- https://www.suse.com/security/cve/CVE-2022-49110
- https://www.suse.com/security/cve/CVE-2022-49139
- https://www.suse.com/security/cve/CVE-2022-49741
- https://www.suse.com/security/cve/CVE-2022-49745
- https://www.suse.com/security/cve/CVE-2022-49767
- https://www.suse.com/security/cve/CVE-2023-52928
- https://www.suse.com/security/cve/CVE-2023-52931
- https://www.suse.com/security/cve/CVE-2023-52936
- https://www.suse.com/security/cve/CVE-2023-52937
- https://www.suse.com/security/cve/CVE-2023-52938
- https://www.suse.com/security/cve/CVE-2023-52981
- https://www.suse.com/security/cve/CVE-2023-52982
- https://www.suse.com/security/cve/CVE-2023-52986
- https://www.suse.com/security/cve/CVE-2023-52994
- https://www.suse.com/security/cve/CVE-2023-53001
- https://www.suse.com/security/cve/CVE-2023-53002
- https://www.suse.com/security/cve/CVE-2023-53009
- https://www.suse.com/security/cve/CVE-2023-53014
- https://www.suse.com/security/cve/CVE-2023-53018
- https://www.suse.com/security/cve/CVE-2023-53031
- https://www.suse.com/security/cve/CVE-2023-53051
- https://www.suse.com/security/cve/CVE-2024-42307
- https://www.suse.com/security/cve/CVE-2024-46763
- https://www.suse.com/security/cve/CVE-2024-46865
- https://www.suse.com/security/cve/CVE-2024-50038
- https://www.suse.com/security/cve/CVE-2025-21726
- https://www.suse.com/security/cve/CVE-2025-21785
- https://www.suse.com/security/cve/CVE-2025-21791
- https://www.suse.com/security/cve/CVE-2025-21812
- https://www.suse.com/security/cve/CVE-2025-21839
- https://www.suse.com/security/cve/CVE-2025-22004
- https://www.suse.com/security/cve/CVE-2025-22020
- https://www.suse.com/security/cve/CVE-2025-22045
- https://www.suse.com/security/cve/CVE-2025-22055
- https://www.suse.com/security/cve/CVE-2025-22097
- https://www.suse.com/security/cve/CVE-2025-2312
- https://www.suse.com/security/cve/CVE-2025-23138
- https://www.suse.com/security/cve/CVE-2025-39735