SUSE-SU-2025:0867-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47633: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 (bsc#1237768). - CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033). - CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763). - CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700). - CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112). - CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025). - CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217). - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230). - CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466). - CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235430). - CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441). - CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249). - CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645). - CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759). - CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (bsc#1235818). - CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling (bsc#1235814). - CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages (bsc#1235920). - CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025). - CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028). - CVE-2025-21699: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (bsc#1237139). The following non-security bugs were fixed: - net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761). - net: netvsc: Update default VMBus channels (bsc#1236757). - NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847). - NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847). - NFS: Improve heuristic for readdirplus -revert (bsc#1237160). - NFS: Improve heuristic for readdirplus (bsc#1231847). - NFS: Reduce readdir stack usage (bsc#1231847). - NFS: Trigger the 'ls -l' readdir heuristic sooner (bsc#1231847). - NFS: Use kmemdup_nul() in nfs_readdir_make_qstr() (bsc#1231847). - scsi: storvsc: Handle SRB status value 0x30 (git-fixes).
Affected Systems
- suse•kernel-rt&distro=SUSE Linux Enterprise Micro 5.1
< 5.3.18-150300.202.1
- suse•kernel-rt&distro=SUSE Linux Enterprise Micro 5.2
< 5.3.18-150300.202.1
- suse•kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.1
< 5.3.18-150300.202.1
- suse•kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.2
< 5.3.18-150300.202.1
References (66)
- https://www.suse.com/support/update/announcement/2025/suse-su-20250867-1/
- https://bugzilla.suse.com/1215420
- https://bugzilla.suse.com/1224700
- https://bugzilla.suse.com/1224763
- https://bugzilla.suse.com/1225742
- https://bugzilla.suse.com/1231847
- https://bugzilla.suse.com/1232919
- https://bugzilla.suse.com/1233112
- https://bugzilla.suse.com/1234025
- https://bugzilla.suse.com/1234853
- https://bugzilla.suse.com/1234891
- https://bugzilla.suse.com/1234963
- https://bugzilla.suse.com/1235054
- https://bugzilla.suse.com/1235061
- https://bugzilla.suse.com/1235073
- https://bugzilla.suse.com/1235217
- https://bugzilla.suse.com/1235230
- https://bugzilla.suse.com/1235249
- https://bugzilla.suse.com/1235430
- https://bugzilla.suse.com/1235441
- https://bugzilla.suse.com/1235466
- https://bugzilla.suse.com/1235645
- https://bugzilla.suse.com/1235759
- https://bugzilla.suse.com/1235814
- https://bugzilla.suse.com/1235818
- https://bugzilla.suse.com/1235920
- https://bugzilla.suse.com/1236104
- https://bugzilla.suse.com/1236757
- https://bugzilla.suse.com/1236761
- https://bugzilla.suse.com/1236821
- https://bugzilla.suse.com/1237025
- https://bugzilla.suse.com/1237028
- https://bugzilla.suse.com/1237139
- https://bugzilla.suse.com/1237160
- https://bugzilla.suse.com/1237389
- https://bugzilla.suse.com/1237768
- https://bugzilla.suse.com/1238033
- https://www.suse.com/security/cve/CVE-2021-47633
- https://www.suse.com/security/cve/CVE-2022-49080
- https://www.suse.com/security/cve/CVE-2023-4244
- https://www.suse.com/security/cve/CVE-2023-52923
- https://www.suse.com/security/cve/CVE-2023-52924
- https://www.suse.com/security/cve/CVE-2024-35863
- https://www.suse.com/security/cve/CVE-2024-35949
- https://www.suse.com/security/cve/CVE-2024-50115
- https://www.suse.com/security/cve/CVE-2024-50199
- https://www.suse.com/security/cve/CVE-2024-53104
- https://www.suse.com/security/cve/CVE-2024-53173
- https://www.suse.com/security/cve/CVE-2024-53239
- https://www.suse.com/security/cve/CVE-2024-56539
- https://www.suse.com/security/cve/CVE-2024-56548
- https://www.suse.com/security/cve/CVE-2024-56600
- https://www.suse.com/security/cve/CVE-2024-56601
- https://www.suse.com/security/cve/CVE-2024-56605
- https://www.suse.com/security/cve/CVE-2024-56623
- https://www.suse.com/security/cve/CVE-2024-56650
- https://www.suse.com/security/cve/CVE-2024-56658
- https://www.suse.com/security/cve/CVE-2024-56664
- https://www.suse.com/security/cve/CVE-2024-56759
- https://www.suse.com/security/cve/CVE-2024-57791
- https://www.suse.com/security/cve/CVE-2024-57798
- https://www.suse.com/security/cve/CVE-2024-57849
- https://www.suse.com/security/cve/CVE-2024-57893
- https://www.suse.com/security/cve/CVE-2025-21690
- https://www.suse.com/security/cve/CVE-2025-21692
- https://www.suse.com/security/cve/CVE-2025-21699