Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP5) SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:02438-1 Final 1 1 2025-07-21T12:33:57Z current 2025-07-21T12:33:57Z 2025-07-21T12:33:57Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP5) This update for the Linux Kernel 5.14.21-150500_55_97 fixes one issue. The following security issue was fixed: - CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-2438,SUSE-SLE-Module-Live-Patching-15-SP5-2025-2438 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202502438-1/ Link for SUSE-SU-2025:02438-1 https://lists.suse.com/pipermail/sle-updates/2025-July/040831.html E-Mail link for SUSE-SU-2025:02438-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1238912 SUSE Bug 1238912 https://www.suse.com/security/cve/CVE-2025-21772/ SUSE CVE CVE-2025-21772 page SUSE Linux Enterprise Live Patching 15 SP5 kernel-livepatch-5_14_21-150500_55_97-default-3-150500.2.1 kernel-livepatch-5_14_21-150500_55_97-default-3-150500.2.1 as a component of SUSE Linux Enterprise Live Patching 15 SP5 In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeeded. - If the partition table claims a silly sector size like 0xfff bytes (which results in partition table entries straddling sector boundaries), bail out instead of accessing out-of-bounds memory. - We must not assume that the partition table contains proper NUL termination - use strnlen() and strncmp() instead of strlen() and strcmp(). CVE-2025-21772 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_97-default-3-150500.2.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502438-1/ https://www.suse.com/security/cve/CVE-2025-21772.html CVE-2025-21772 https://bugzilla.suse.com/1238911 SUSE Bug 1238911 https://bugzilla.suse.com/1238912 SUSE Bug 1238912