Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP3) SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:1275-1 Final 1 1 2025-04-15T09:33:37Z current 2025-04-15T09:33:37Z 2025-04-15T09:33:37Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP3) This update for the Linux Kernel 5.3.18-150300_59_182 fixes several issues. The following security issues were fixed: - CVE-2022-49563: crypto: qat - add param check for RSA (bsc#1238788). - CVE-2022-49564: crypto: qat - add param check for DH (bsc#1238790). - CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235218). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-1267,SUSE-2025-1275,SUSE-2025-1282,SUSE-SLE-Live-Patching-12-SP5-2025-1279,SUSE-SLE-Module-Live-Patching-15-SP3-2025-1275 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20251275-1/ Link for SUSE-SU-2025:1275-1 https://lists.suse.com/pipermail/sle-updates/2025-April/038999.html E-Mail link for SUSE-SU-2025:1275-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1235218 SUSE Bug 1235218 https://bugzilla.suse.com/1238788 SUSE Bug 1238788 https://bugzilla.suse.com/1238790 SUSE Bug 1238790 https://www.suse.com/security/cve/CVE-2022-49563/ SUSE CVE CVE-2022-49563 page https://www.suse.com/security/cve/CVE-2022-49564/ SUSE CVE CVE-2022-49564 page https://www.suse.com/security/cve/CVE-2024-56600/ SUSE CVE CVE-2024-56600 page SUSE Linux Enterprise Live Patching 12 SP5 SUSE Linux Enterprise Live Patching 15 SP3 kernel-livepatch-5_3_18-150300_59_185-default-3-150300.2.1 kernel-livepatch-5_3_18-150300_59_185-preempt-3-150300.2.1 kernel-livepatch-5_3_18-150300_59_182-default-5-150300.2.1 kernel-livepatch-5_3_18-150300_59_182-preempt-5-150300.2.1 kernel-livepatch-5_3_18-150300_59_188-default-3-150300.2.1 kernel-livepatch-5_3_18-150300_59_188-preempt-3-150300.2.1 kgraft-patch-4_12_14-122_234-default-6-2.1 kgraft-patch-4_12_14-122_234-default-6-2.1 as a component of SUSE Linux Enterprise Live Patching 12 SP5 kernel-livepatch-5_3_18-150300_59_182-default-5-150300.2.1 as a component of SUSE Linux Enterprise Live Patching 15 SP3 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2022-49563 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_234-default-6-2.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-5-150300.2.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20251275-1/ https://www.suse.com/security/cve/CVE-2022-49563.html CVE-2022-49563 https://bugzilla.suse.com/1238787 SUSE Bug 1238787 https://bugzilla.suse.com/1238788 SUSE Bug 1238788 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2022-49564 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_234-default-6-2.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-5-150300.2.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20251275-1/ https://www.suse.com/security/cve/CVE-2022-49564.html CVE-2022-49564 https://bugzilla.suse.com/1238789 SUSE Bug 1238789 https://bugzilla.suse.com/1238790 SUSE Bug 1238790 In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6_create() sock_init_data() attaches the allocated sk pointer to the provided sock object. If inet6_create() fails later, the sk object is released, but the sock object retains the dangling sk pointer, which may cause use-after-free later. Clear the sock sk pointer on error. CVE-2024-56600 SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_234-default-6-2.1 SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-5-150300.2.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20251275-1/ https://www.suse.com/security/cve/CVE-2024-56600.html CVE-2024-56600 https://bugzilla.suse.com/1235217 SUSE Bug 1235217 https://bugzilla.suse.com/1235218 SUSE Bug 1235218