SUSE-SU-2025:3716-1

Advisory lineage Upstream: 324 Downstream: 0
Published: 22 Oct 2025, 07:11
Last modified:04 Feb 2026, 02:18

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

22 Oct 2025, 07:11
Published
Vulnerability first disclosed
04 Feb 2026, 02:18
Last Modified
Vulnerability information updated

Description

Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49980: USB: gadget: fix use-after-free read in usb_udc_uevent() (bsc#1245110). - CVE-2022-50233: Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name} (bsc#1246968). - CVE-2022-50252: igb: Do not free q_vector unless new one was allocated (bsc#1249846). - CVE-2022-50409: net: If sock is dead do not access sock's sk_wq in sk_stream_wait_memory (bsc#1250392). - CVE-2023-53178: mm: fix zswap writeback race condition (bsc#1249827). - CVE-2023-53321: wifi: mac80211_hwsim: drop short frames (bsc#1250313). - CVE-2023-53438: x86/MCE: Always save CS register on AMD Zen IF Poison errors (bsc#1250180). - CVE-2025-23155: net: stmmac: Fix accessing freed irq affinity_hint (bsc#1242573). - CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846). - CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960). - CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539). - CVE-2025-38084: mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245498). - CVE-2025-38085: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245499). - CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1245666). - CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956). - CVE-2025-38380: i2c/designware: Fix an initialization issue (bsc#1247028). - CVE-2025-38470: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime (bsc#1247288). - CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1247317). - CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239). - CVE-2025-38553: net/sched: Restrict conditions for adding duplicating netems to qdisc tree (bsc#1248255). - CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248399). - CVE-2025-38659: gfs2: No more self recovery (bsc#1248639). - CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628). - CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126). - CVE-2025-38685: fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (bsc#1249220). - CVE-2025-38706: ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (bsc#1249195). - CVE-2025-38713: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (bsc#1249200). - CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324). - CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374). - CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315). - CVE-2025-39726: s390/ism: fix concurrency management in ism_cmd() (bsc#1249266). - CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516). - CVE-2025-39751: ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (bsc#1249538). - CVE-2025-39790: bus: mhi: host: Detect events pointing to unexpected TREs (bsc#1249548). - CVE-2025-39797: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (bsc#1249608). - CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002). - CVE-2025-39824: HID: asus: fix UAF via HID_CLAIMED_INPUT validation (bsc#1250007). - CVE-2025-39860: Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (bsc#1250247). - CVE-2025-39869: dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (bsc#1250406). The following non-security bugs were fixed: - Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186). - Limit patch filenames to 100 characters (bsc#1249604). - Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108). - Revert backported patches for bsc#1238160. - btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1249158). - build_bug.h: Add KABI assert (bsc#1249186). - kernel-binary: Another installation ordering fix (bsc#1241353). - kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522). - kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346) - kernel-syms.spec: Drop old rpm release number hack (bsc#1247172). - net/sched: ets: use old 'nbands' while purging unused classes (git-fixes). - netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237). - rpm/kernel-subpackage-spec: Skip brp-strip-debug to avoid file truncation (bsc#1246879). - rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337) - rpm: Configure KABI checkingness macro (bsc#1249186). - rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186). - rpm: Link arch-symbols script from scripts directory. - rpm: Link guards script from scripts directory. - use uniform permission checks for all mount propagation changes (git-fixes).

Affected Systems

  • susekernel-rt&distro=SUSE Linux Enterprise Micro 5.3

    < 5.14.21-150400.15.133.1

  • susekernel-rt&distro=SUSE Linux Enterprise Micro 5.4

    < 5.14.21-150400.15.133.1

  • susekernel-source-rt&distro=SUSE Linux Enterprise Micro 5.3

    < 5.14.21-150400.15.133.1

  • susekernel-source-rt&distro=SUSE Linux Enterprise Micro 5.4

    < 5.14.21-150400.15.133.1

References (694)