SUSE-SU-2025:0231-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642). - CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). - CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). - CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). - CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). - CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). - CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054). - CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281). - CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282). - CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963). - CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073). - CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035). - CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220). - CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). - CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). - CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224). - CVE-2024-8805: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (bsc#1230697). The following non-security bugs were fixed: - KVM: x86: fix sending PV IPI (git-fixes). - idpf: add support for SW triggered interrupts (bsc#1235507). - idpf: enable WB_ON_ITR (bsc#1235507). - idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507). - kernel-binary: do not BuildIgnore m4. It is actually needed for regenerating zconf when it is not up-to-date due to merge. - kernel/fork: beware of __put_task_struct() calling context (bsc#1189998 (PREEMPT_RT prerequisite backports)). - net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246). - rpm/kernel-binary.spec.in: Fix build regression The previous fix forgot to take over grep -c option that broke the conditional expression - scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes). - smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: this fixes issue discussed in bsc#1233642]. - usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode() (git-fixes). - usb: typec: tps6598x: Fix return value check in tps6598x_probe() (git-fixes). - x86/bug: Merge annotate_reachable() into _BUG_FLAGS() asm (git-fixes). - x86/fpu/xsave: Handle compacted offsets correctly with supervisor states (git-fixes). - x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes). - x86/fpu: Remove unused supervisor only offsets (git-fixes). - x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes). - x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes). - x86/mce: Allow instrumentation during task work queueing (git-fixes). - x86/mce: Mark mce_end() noinstr (git-fixes). - x86/mce: Mark mce_panic() noinstr (git-fixes). - x86/mce: Mark mce_read_aux() noinstr (git-fixes). - x86/mm: Flush global TLB when switching to trampoline page-table (git-fixes). - x86/sgx: Free backing memory after faulting the enclave page (git-fixes). - x86/sgx: Silence softlockup detection when releasing large enclaves (git-fixes). - x86/uaccess: Move variable into switch case statement (git-fixes). - x86: Annotate call_on_stack() (git-fixes).
Affected Systems
- suse•kernel-rt&distro=SUSE Linux Enterprise Micro 5.3
< 5.14.21-150400.15.106.1
- suse•kernel-rt&distro=SUSE Linux Enterprise Micro 5.4
< 5.14.21-150400.15.106.1
- suse•kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.3
< 5.14.21-150400.15.106.1
- suse•kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.4
< 5.14.21-150400.15.106.1
References (142)
- https://www.suse.com/support/update/announcement/2025/suse-su-20250231-1/
- https://bugzilla.suse.com/1170891
- https://bugzilla.suse.com/1173139
- https://bugzilla.suse.com/1185010
- https://bugzilla.suse.com/1189998
- https://bugzilla.suse.com/1190358
- https://bugzilla.suse.com/1190428
- https://bugzilla.suse.com/1191949
- https://bugzilla.suse.com/1193983
- https://bugzilla.suse.com/1196869
- https://bugzilla.suse.com/1200313
- https://bugzilla.suse.com/1201308
- https://bugzilla.suse.com/1201489
- https://bugzilla.suse.com/1209657
- https://bugzilla.suse.com/1209798
- https://bugzilla.suse.com/1211592
- https://bugzilla.suse.com/1215304
- https://bugzilla.suse.com/1216702
- https://bugzilla.suse.com/1217169
- https://bugzilla.suse.com/1218447
- https://bugzilla.suse.com/1221044
- https://bugzilla.suse.com/1222721
- https://bugzilla.suse.com/1222878
- https://bugzilla.suse.com/1223481
- https://bugzilla.suse.com/1223501
- https://bugzilla.suse.com/1223512
- https://bugzilla.suse.com/1223520
- https://bugzilla.suse.com/1223894
- https://bugzilla.suse.com/1223921
- https://bugzilla.suse.com/1223922
- https://bugzilla.suse.com/1223923
- https://bugzilla.suse.com/1223924
- https://bugzilla.suse.com/1223929
- https://bugzilla.suse.com/1223931
- https://bugzilla.suse.com/1223932
- https://bugzilla.suse.com/1223934
- https://bugzilla.suse.com/1223941
- https://bugzilla.suse.com/1223948
- https://bugzilla.suse.com/1223952
- https://bugzilla.suse.com/1223953
- https://bugzilla.suse.com/1223957
- https://bugzilla.suse.com/1223962
- https://bugzilla.suse.com/1223963
- https://bugzilla.suse.com/1223964
- https://bugzilla.suse.com/1223996
- https://bugzilla.suse.com/1224099
- https://bugzilla.suse.com/1224482
- https://bugzilla.suse.com/1224511
- https://bugzilla.suse.com/1224592
- https://bugzilla.suse.com/1224685
- https://bugzilla.suse.com/1224730
- https://bugzilla.suse.com/1224816
- https://bugzilla.suse.com/1224895
- https://bugzilla.suse.com/1224898
- https://bugzilla.suse.com/1224900
- https://bugzilla.suse.com/1224901
- https://bugzilla.suse.com/1230697
- https://bugzilla.suse.com/1232436
- https://bugzilla.suse.com/1233070
- https://bugzilla.suse.com/1233642
- https://bugzilla.suse.com/1234281
- https://bugzilla.suse.com/1234282
- https://bugzilla.suse.com/1234846
- https://bugzilla.suse.com/1234853
- https://bugzilla.suse.com/1234891
- https://bugzilla.suse.com/1234921
- https://bugzilla.suse.com/1234960
- https://bugzilla.suse.com/1234963
- https://bugzilla.suse.com/1235004
- https://bugzilla.suse.com/1235035
- https://bugzilla.suse.com/1235054
- https://bugzilla.suse.com/1235056
- https://bugzilla.suse.com/1235061
- https://bugzilla.suse.com/1235073
- https://bugzilla.suse.com/1235220
- https://bugzilla.suse.com/1235224
- https://bugzilla.suse.com/1235246
- https://bugzilla.suse.com/1235507
- https://www.suse.com/security/cve/CVE-2020-36788
- https://www.suse.com/security/cve/CVE-2021-4148
- https://www.suse.com/security/cve/CVE-2021-42327
- https://www.suse.com/security/cve/CVE-2021-47202
- https://www.suse.com/security/cve/CVE-2021-47365
- https://www.suse.com/security/cve/CVE-2021-47489
- https://www.suse.com/security/cve/CVE-2021-47491
- https://www.suse.com/security/cve/CVE-2021-47492
- https://www.suse.com/security/cve/CVE-2022-48632
- https://www.suse.com/security/cve/CVE-2022-48634
- https://www.suse.com/security/cve/CVE-2022-48636
- https://www.suse.com/security/cve/CVE-2022-48652
- https://www.suse.com/security/cve/CVE-2022-48671
- https://www.suse.com/security/cve/CVE-2022-48672
- https://www.suse.com/security/cve/CVE-2022-48673
- https://www.suse.com/security/cve/CVE-2022-48675
- https://www.suse.com/security/cve/CVE-2022-48686
- https://www.suse.com/security/cve/CVE-2022-48687
- https://www.suse.com/security/cve/CVE-2022-48688
- https://www.suse.com/security/cve/CVE-2022-48692
- https://www.suse.com/security/cve/CVE-2022-48693
- https://www.suse.com/security/cve/CVE-2022-48694
- https://www.suse.com/security/cve/CVE-2022-48695
- https://www.suse.com/security/cve/CVE-2022-48697
- https://www.suse.com/security/cve/CVE-2022-48699
- https://www.suse.com/security/cve/CVE-2022-48700
- https://www.suse.com/security/cve/CVE-2022-48701
- https://www.suse.com/security/cve/CVE-2022-48702
- https://www.suse.com/security/cve/CVE-2022-48703
- https://www.suse.com/security/cve/CVE-2022-48704
- https://www.suse.com/security/cve/CVE-2022-49035
- https://www.suse.com/security/cve/CVE-2023-0160
- https://www.suse.com/security/cve/CVE-2023-2860
- https://www.suse.com/security/cve/CVE-2023-47233
- https://www.suse.com/security/cve/CVE-2023-52591
- https://www.suse.com/security/cve/CVE-2023-52654
- https://www.suse.com/security/cve/CVE-2023-52655
- https://www.suse.com/security/cve/CVE-2023-52676
- https://www.suse.com/security/cve/CVE-2023-6531
- https://www.suse.com/security/cve/CVE-2024-26764
- https://www.suse.com/security/cve/CVE-2024-35811
- https://www.suse.com/security/cve/CVE-2024-35815
- https://www.suse.com/security/cve/CVE-2024-35895
- https://www.suse.com/security/cve/CVE-2024-35914
- https://www.suse.com/security/cve/CVE-2024-50154
- https://www.suse.com/security/cve/CVE-2024-53095
- https://www.suse.com/security/cve/CVE-2024-53142
- https://www.suse.com/security/cve/CVE-2024-53146
- https://www.suse.com/security/cve/CVE-2024-53156
- https://www.suse.com/security/cve/CVE-2024-53173
- https://www.suse.com/security/cve/CVE-2024-53179
- https://www.suse.com/security/cve/CVE-2024-53206
- https://www.suse.com/security/cve/CVE-2024-53214
- https://www.suse.com/security/cve/CVE-2024-53239
- https://www.suse.com/security/cve/CVE-2024-53240
- https://www.suse.com/security/cve/CVE-2024-53241
- https://www.suse.com/security/cve/CVE-2024-56539
- https://www.suse.com/security/cve/CVE-2024-56548
- https://www.suse.com/security/cve/CVE-2024-56570
- https://www.suse.com/security/cve/CVE-2024-56598
- https://www.suse.com/security/cve/CVE-2024-56604
- https://www.suse.com/security/cve/CVE-2024-56605
- https://www.suse.com/security/cve/CVE-2024-56619
- https://www.suse.com/security/cve/CVE-2024-8805