Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3) SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:0944-1 Final 1 1 2025-03-19T12:04:27Z current 2025-03-19T12:04:27Z 2025-03-19T12:04:27Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3) This update for the Linux Kernel 5.3.18-150300_59_164 fixes several issues. The following security issues were fixed: - CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). - CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). - CVE-2022-48792: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (bsc#1228017). - CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-944,SUSE-2025-948,SUSE-SLE-Module-Live-Patching-15-SP3-2025-944 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20250944-1/ Link for SUSE-SU-2025:0944-1 https://lists.suse.com/pipermail/sle-security-updates/2025-March/020558.html E-Mail link for SUSE-SU-2025:0944-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1228017 SUSE Bug 1228017 https://bugzilla.suse.com/1229640 SUSE Bug 1229640 https://bugzilla.suse.com/1231204 SUSE Bug 1231204 https://bugzilla.suse.com/1233679 SUSE Bug 1233679 https://www.suse.com/security/cve/CVE-2022-48792/ SUSE CVE CVE-2022-48792 page https://www.suse.com/security/cve/CVE-2022-48911/ SUSE CVE CVE-2022-48911 page https://www.suse.com/security/cve/CVE-2024-46818/ SUSE CVE CVE-2024-46818 page https://www.suse.com/security/cve/CVE-2024-50302/ SUSE CVE CVE-2024-50302 page SUSE Linux Enterprise Live Patching 15 SP3 kernel-livepatch-5_3_18-150300_59_164-default-10-150300.2.1 kernel-livepatch-5_3_18-150300_59_164-preempt-10-150300.2.1 kernel-livepatch-5_3_18-150300_59_167-default-9-150300.2.1 kernel-livepatch-5_3_18-150300_59_167-preempt-9-150300.2.1 kernel-livepatch-5_3_18-150300_59_164-default-10-150300.2.1 as a component of SUSE Linux Enterprise Live Patching 15 SP3 In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task Currently a use-after-free may occur if a sas_task is aborted by the upper layer before we handle the I/O completion in mpi_ssp_completion() or mpi_sata_completion(). In this case, the following are the two steps in handling those I/O completions: - Call complete() to inform the upper layer handler of completion of the I/O. - Release driver resources associated with the sas_task in pm8001_ccb_task_free() call. When complete() is called, the upper layer may free the sas_task. As such, we should not touch the associated sas_task afterwards, but we do so in the pm8001_ccb_task_free() call. Fix by swapping the complete() and pm8001_ccb_task_free() calls ordering. CVE-2022-48792 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_164-default-10-150300.2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250944-1/ https://www.suse.com/security/cve/CVE-2022-48792.html CVE-2022-48792 https://bugzilla.suse.com/1228013 SUSE Bug 1228013 https://bugzilla.suse.com/1228017 SUSE Bug 1228017 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_queue: fix possible use-after-free Eric Dumazet says: The sock_hold() side seems suspect, because there is no guarantee that sk_refcnt is not already 0. On failure, we cannot queue the packet and need to indicate an error. The packet will be dropped by the caller. v2: split skb prefetch hunk into separate change CVE-2022-48911 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_164-default-10-150300.2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250944-1/ https://www.suse.com/security/cve/CVE-2022-48911.html CVE-2022-48911 https://bugzilla.suse.com/1229633 SUSE Bug 1229633 https://bugzilla.suse.com/1229640 SUSE Bug 1229640 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore should be checked in advance. This fixes 5 OVERRUN issues reported by Coverity. CVE-2024-46818 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_164-default-10-150300.2.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250944-1/ https://www.suse.com/security/cve/CVE-2024-46818.html CVE-2024-46818 https://bugzilla.suse.com/1231203 SUSE Bug 1231203 https://bugzilla.suse.com/1231204 SUSE Bug 1231204 In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report. CVE-2024-50302 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_164-default-10-150300.2.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250944-1/ https://www.suse.com/security/cve/CVE-2024-50302.html CVE-2024-50302 https://bugzilla.suse.com/1233491 SUSE Bug 1233491 https://bugzilla.suse.com/1233679 SUSE Bug 1233679