SUSE-SU-2025:02851-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49138: Bluetooth: hci_event: Fix checking conn for le_conn_complete_evt (bsc#1238160). - CVE-2023-52923: netfilter: nf_tables: split async and sync catchall in two functions (bsc#1236104). - CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644). - CVE-2023-53117: fs: prevent out-of-bounds array speculation when closing a file descriptor (bsc#1242780). - CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829). - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334). - CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863). - CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185). - CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1240799). - CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245217). - CVE-2025-38181: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246000). - CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045). - CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073). - CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029). - CVE-2025-38213: vgacon: Add check for vc_origin address range in vgacon_scroll() (bsc#1246037). - CVE-2025-38257: s390/pkey: Prevent overflow in size calculation for memdup_user() (bsc#1246186). - CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781). - CVE-2025-38468: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (bsc#1247437). - CVE-2025-38477: net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (bsc#1247314). - CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247349). - CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247348). - CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). The following non-security bugs were fixed: - Revert 'hugetlb: unshare some PMDs when splitting VMAs (bsc#1245431).' - Revert 'mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race' - Revert 'mm/hugetlb: unshare page tables during VMA split, not before'
Affected Systems
- suse•kernel-rt&distro=SUSE Linux Enterprise Micro 5.3
< 5.14.21-150400.15.127.1
- suse•kernel-rt&distro=SUSE Linux Enterprise Micro 5.4
< 5.14.21-150400.15.127.1
- suse•kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.3
< 5.14.21-150400.15.127.1
- suse•kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.4
< 5.14.21-150400.15.127.1
References (59)
- https://www.suse.com/support/update/announcement/2025/suse-su-202502851-1/
- https://bugzilla.suse.com/1206051
- https://bugzilla.suse.com/1221829
- https://bugzilla.suse.com/1229334
- https://bugzilla.suse.com/1234863
- https://bugzilla.suse.com/1236104
- https://bugzilla.suse.com/1236333
- https://bugzilla.suse.com/1238160
- https://bugzilla.suse.com/1239644
- https://bugzilla.suse.com/1240185
- https://bugzilla.suse.com/1240799
- https://bugzilla.suse.com/1242414
- https://bugzilla.suse.com/1242780
- https://bugzilla.suse.com/1244309
- https://bugzilla.suse.com/1245217
- https://bugzilla.suse.com/1245431
- https://bugzilla.suse.com/1245506
- https://bugzilla.suse.com/1245711
- https://bugzilla.suse.com/1245986
- https://bugzilla.suse.com/1246000
- https://bugzilla.suse.com/1246029
- https://bugzilla.suse.com/1246037
- https://bugzilla.suse.com/1246045
- https://bugzilla.suse.com/1246073
- https://bugzilla.suse.com/1246186
- https://bugzilla.suse.com/1246781
- https://bugzilla.suse.com/1247314
- https://bugzilla.suse.com/1247347
- https://bugzilla.suse.com/1247348
- https://bugzilla.suse.com/1247349
- https://bugzilla.suse.com/1247437
- https://www.suse.com/security/cve/CVE-2022-49138
- https://www.suse.com/security/cve/CVE-2022-49770
- https://www.suse.com/security/cve/CVE-2023-52923
- https://www.suse.com/security/cve/CVE-2023-52927
- https://www.suse.com/security/cve/CVE-2023-53117
- https://www.suse.com/security/cve/CVE-2024-26643
- https://www.suse.com/security/cve/CVE-2024-42265
- https://www.suse.com/security/cve/CVE-2024-53164
- https://www.suse.com/security/cve/CVE-2024-57947
- https://www.suse.com/security/cve/CVE-2025-21881
- https://www.suse.com/security/cve/CVE-2025-21971
- https://www.suse.com/security/cve/CVE-2025-37798
- https://www.suse.com/security/cve/CVE-2025-38079
- https://www.suse.com/security/cve/CVE-2025-38088
- https://www.suse.com/security/cve/CVE-2025-38120
- https://www.suse.com/security/cve/CVE-2025-38177
- https://www.suse.com/security/cve/CVE-2025-38181
- https://www.suse.com/security/cve/CVE-2025-38200
- https://www.suse.com/security/cve/CVE-2025-38206
- https://www.suse.com/security/cve/CVE-2025-38212
- https://www.suse.com/security/cve/CVE-2025-38213
- https://www.suse.com/security/cve/CVE-2025-38257
- https://www.suse.com/security/cve/CVE-2025-38350
- https://www.suse.com/security/cve/CVE-2025-38468
- https://www.suse.com/security/cve/CVE-2025-38477
- https://www.suse.com/security/cve/CVE-2025-38494
- https://www.suse.com/security/cve/CVE-2025-38495
- https://www.suse.com/security/cve/CVE-2025-38497