{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP4)","title":"Title of the patch"},{"category":"description","text":"This update for the Linux Kernel 5.14.21-150400_24_150 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2022-49465: blk-throttle: Set BIO_THROTTLED when bio has been throttled (bsc#1238920).\n- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912).\n- CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648).\n","title":"Description of the patch"},{"category":"details","text":"SUSE-2025-2444,SUSE-SLE-Module-Live-Patching-15-SP4-2025-2444","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02444-1.json"},{"category":"self","summary":"URL for SUSE-SU-2025:02444-1","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202502444-1/"},{"category":"self","summary":"E-Mail link for SUSE-SU-2025:02444-1","url":"https://lists.suse.com/pipermail/sle-updates/2025-July/040828.html"},{"category":"self","summary":"SUSE Bug 1238912","url":"https://bugzilla.suse.com/1238912"},{"category":"self","summary":"SUSE Bug 1238920","url":"https://bugzilla.suse.com/1238920"},{"category":"self","summary":"SUSE Bug 1243648","url":"https://bugzilla.suse.com/1243648"},{"category":"self","summary":"SUSE CVE CVE-2022-49465 page","url":"https://www.suse.com/security/cve/CVE-2022-49465/"},{"category":"self","summary":"SUSE CVE CVE-2024-56558 page","url":"https://www.suse.com/security/cve/CVE-2024-56558/"},{"category":"self","summary":"SUSE CVE CVE-2025-21772 page","url":"https://www.suse.com/security/cve/CVE-2025-21772/"}],"title":"Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP4)","tracking":{"current_release_date":"2025-07-21T13:04:21Z","generator":{"date":"2025-07-21T13:04:21Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"SUSE-SU-2025:02444-1","initial_release_date":"2025-07-21T13:04:21Z","revision_history":[{"date":"2025-07-21T13:04:21Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.ppc64le","product":{"name":"kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.ppc64le","product_id":"kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.ppc64le"}}],"category":"architecture","name":"ppc64le"},{"branches":[{"category":"product_version","name":"kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.s390x","product":{"name":"kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.s390x","product_id":"kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.s390x"}}],"category":"architecture","name":"s390x"},{"branches":[{"category":"product_version","name":"kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.x86_64","product":{"name":"kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.x86_64","product_id":"kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Live Patching 15 SP4","product":{"name":"SUSE Linux Enterprise Live Patching 15 SP4","product_id":"SUSE Linux Enterprise Live Patching 15 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-live-patching:15:sp4"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4","product_id":"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.ppc64le"},"product_reference":"kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Live Patching 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4","product_id":"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.s390x"},"product_reference":"kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Live Patching 15 SP4"},{"category":"default_component_of","full_product_name":{"name":"kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4","product_id":"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.x86_64"},"product_reference":"kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Live Patching 15 SP4"}]},"vulnerabilities":[{"cve":"CVE-2022-49465","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2022-49465"}],"notes":[{"category":"general","text":"In the Linux kernel, the following vulnerability has been resolved:\n\nblk-throttle: Set BIO_THROTTLED when bio has been throttled\n\n1.In current process, all bio will set the BIO_THROTTLED flag\nafter __blk_throtl_bio().\n\n2.If bio needs to be throttled, it will start the timer and\nstop submit bio directly. Bio will submit in\nblk_throtl_dispatch_work_fn() when the timer expires.But in\nthe current process, if bio is throttled. The BIO_THROTTLED\nwill be set to bio after timer start. If the bio has been\ncompleted, it may cause use-after-free blow.\n\nBUG: KASAN: use-after-free in blk_throtl_bio+0x12f0/0x2c70\nRead of size 2 at addr ffff88801b8902d4 by task fio/26380\n\n dump_stack+0x9b/0xce\n print_address_description.constprop.6+0x3e/0x60\n kasan_report.cold.9+0x22/0x3a\n blk_throtl_bio+0x12f0/0x2c70\n submit_bio_checks+0x701/0x1550\n submit_bio_noacct+0x83/0xc80\n submit_bio+0xa7/0x330\n mpage_readahead+0x380/0x500\n read_pages+0x1c1/0xbf0\n page_cache_ra_unbounded+0x471/0x6f0\n do_page_cache_ra+0xda/0x110\n ondemand_readahead+0x442/0xae0\n page_cache_async_ra+0x210/0x300\n generic_file_buffered_read+0x4d9/0x2130\n generic_file_read_iter+0x315/0x490\n blkdev_read_iter+0x113/0x1b0\n aio_read+0x2ad/0x450\n io_submit_one+0xc8e/0x1d60\n __se_sys_io_submit+0x125/0x350\n do_syscall_64+0x2d/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nAllocated by task 26380:\n kasan_save_stack+0x19/0x40\n __kasan_kmalloc.constprop.2+0xc1/0xd0\n kmem_cache_alloc+0x146/0x440\n mempool_alloc+0x125/0x2f0\n bio_alloc_bioset+0x353/0x590\n mpage_alloc+0x3b/0x240\n do_mpage_readpage+0xddf/0x1ef0\n mpage_readahead+0x264/0x500\n read_pages+0x1c1/0xbf0\n page_cache_ra_unbounded+0x471/0x6f0\n do_page_cache_ra+0xda/0x110\n ondemand_readahead+0x442/0xae0\n page_cache_async_ra+0x210/0x300\n generic_file_buffered_read+0x4d9/0x2130\n generic_file_read_iter+0x315/0x490\n blkdev_read_iter+0x113/0x1b0\n aio_read+0x2ad/0x450\n io_submit_one+0xc8e/0x1d60\n __se_sys_io_submit+0x125/0x350\n do_syscall_64+0x2d/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nFreed by task 0:\n kasan_save_stack+0x19/0x40\n kasan_set_track+0x1c/0x30\n kasan_set_free_info+0x1b/0x30\n __kasan_slab_free+0x111/0x160\n kmem_cache_free+0x94/0x460\n mempool_free+0xd6/0x320\n bio_free+0xe0/0x130\n bio_put+0xab/0xe0\n bio_endio+0x3a6/0x5d0\n blk_update_request+0x590/0x1370\n scsi_end_request+0x7d/0x400\n scsi_io_completion+0x1aa/0xe50\n scsi_softirq_done+0x11b/0x240\n blk_mq_complete_request+0xd4/0x120\n scsi_mq_done+0xf0/0x200\n virtscsi_vq_done+0xbc/0x150\n vring_interrupt+0x179/0x390\n __handle_irq_event_percpu+0xf7/0x490\n handle_irq_event_percpu+0x7b/0x160\n handle_irq_event+0xcc/0x170\n handle_edge_irq+0x215/0xb20\n common_interrupt+0x60/0x120\n asm_common_interrupt+0x1e/0x40\n\nFix this by move BIO_THROTTLED set into the queue_lock.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.ppc64le","SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.s390x","SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2022-49465","url":"https://www.suse.com/security/cve/CVE-2022-49465"},{"category":"external","summary":"SUSE Bug 1238919 for CVE-2022-49465","url":"https://bugzilla.suse.com/1238919"},{"category":"external","summary":"SUSE Bug 1238920 for CVE-2022-49465","url":"https://bugzilla.suse.com/1238920"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.ppc64le","SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.s390x","SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.ppc64le","SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.s390x","SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.x86_64"]}],"threats":[{"category":"impact","date":"2025-07-21T13:04:21Z","details":"important"}],"title":"CVE-2022-49465"},{"cve":"CVE-2024-56558","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2024-56558"}],"notes":[{"category":"general","text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: make sure exp active before svc_export_show\n\nThe function `e_show` was called with protection from RCU. This only\nensures that `exp` will not be freed. Therefore, the reference count for\n`exp` can drop to zero, which will trigger a refcount use-after-free\nwarning when `exp_get` is called. To resolve this issue, use\n`cache_get_rcu` to ensure that `exp` remains active.\n\n------------[ cut here ]------------\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 3 PID: 819 at lib/refcount.c:25\nrefcount_warn_saturate+0xb1/0x120\nCPU: 3 UID: 0 PID: 819 Comm: cat Not tainted 6.12.0-rc3+ #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb1/0x120\n...\nCall Trace:\n <TASK>\n e_show+0x20b/0x230 [nfsd]\n seq_read_iter+0x589/0x770\n seq_read+0x1e5/0x270\n vfs_read+0x125/0x530\n ksys_read+0xc1/0x160\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.ppc64le","SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.s390x","SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2024-56558","url":"https://www.suse.com/security/cve/CVE-2024-56558"},{"category":"external","summary":"SUSE Bug 1235100 for CVE-2024-56558","url":"https://bugzilla.suse.com/1235100"},{"category":"external","summary":"SUSE Bug 1243648 for CVE-2024-56558","url":"https://bugzilla.suse.com/1243648"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.ppc64le","SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.s390x","SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.ppc64le","SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.s390x","SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.x86_64"]}],"threats":[{"category":"impact","date":"2025-07-21T13:04:21Z","details":"moderate"}],"title":"CVE-2024-56558"},{"cve":"CVE-2025-21772","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2025-21772"}],"notes":[{"category":"general","text":"In the Linux kernel, the following vulnerability has been resolved:\n\npartitions: mac: fix handling of bogus partition table\n\nFix several issues in partition probing:\n\n - The bailout for a bad partoffset must use put_dev_sector(), since the\n   preceding read_part_sector() succeeded.\n - If the partition table claims a silly sector size like 0xfff bytes\n   (which results in partition table entries straddling sector boundaries),\n   bail out instead of accessing out-of-bounds memory.\n - We must not assume that the partition table contains proper NUL\n   termination - use strnlen() and strncmp() instead of strlen() and\n   strcmp().","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.ppc64le","SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.s390x","SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2025-21772","url":"https://www.suse.com/security/cve/CVE-2025-21772"},{"category":"external","summary":"SUSE Bug 1238911 for CVE-2025-21772","url":"https://bugzilla.suse.com/1238911"},{"category":"external","summary":"SUSE Bug 1238912 for CVE-2025-21772","url":"https://bugzilla.suse.com/1238912"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.ppc64le","SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.s390x","SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.ppc64le","SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.s390x","SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_150-default-3-150400.2.1.x86_64"]}],"threats":[{"category":"impact","date":"2025-07-21T13:04:21Z","details":"important"}],"title":"CVE-2025-21772"}]}