Security update for kernel-livepatch-MICRO-6-0-RT_Update_10 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:20781-1 Final 1 1 2025-09-11T15:47:02Z current 2025-09-11T15:47:02Z 2025-09-11T15:47:02Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for kernel-livepatch-MICRO-6-0-RT_Update_10 This update for kernel-livepatch-MICRO-6-0-RT_Update_10 fixes the following issues: - CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030) - CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350) - CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-Micro-6.1-kernel-119 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202520781-1/ Link for SUSE-SU-2025:20781-1 https://lists.suse.com/pipermail/sle-updates/2025-September/041870.html E-Mail link for SUSE-SU-2025:20781-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1244337 SUSE Bug 1244337 https://bugzilla.suse.com/1246030 SUSE Bug 1246030 https://bugzilla.suse.com/1247350 SUSE Bug 1247350 https://bugzilla.suse.com/1247351 SUSE Bug 1247351 https://bugzilla.suse.com/1248108 SUSE Bug 1248108 https://www.suse.com/security/cve/CVE-2025-38212/ SUSE CVE CVE-2025-38212 page https://www.suse.com/security/cve/CVE-2025-38494/ SUSE CVE CVE-2025-38494 page https://www.suse.com/security/cve/CVE-2025-38495/ SUSE CVE CVE-2025-38495 page SUSE Linux Micro 6.1 kernel-livepatch-6_4_0-34-rt-3-1.1 kernel-livepatch-6_4_0-34-rt-3-1.1 as a component of SUSE Linux Micro 6.1 In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, [0] [0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/ idr_for_each() is protected by rwsem, but this is not enough. If it is not protected by RCU read-critical region, when idr_for_each() calls radix_tree_node_free() through call_rcu() to free the radix_tree_node structure, the node will be freed immediately, and when reading the next node in radix_tree_for_each_slot(), the already freed memory may be read. Therefore, we need to add code to make sure that idr_for_each() is protected within the RCU read-critical region when we call it in shm_destroy_orphaned(). CVE-2025-38212 SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-3-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202520781-1/ https://www.suse.com/security/cve/CVE-2025-38212.html CVE-2025-38212 https://bugzilla.suse.com/1246029 SUSE Bug 1246029 https://bugzilla.suse.com/1246030 SUSE Bug 1246030 In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used. CVE-2025-38494 SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-3-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202520781-1/ https://www.suse.com/security/cve/CVE-2025-38494.html CVE-2025-38494 https://bugzilla.suse.com/1247349 SUSE Bug 1247349 https://bugzilla.suse.com/1247350 SUSE Bug 1247350 In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated buffer not account for that extra byte, meaning that instead of having 8 guaranteed bytes for implement to be working, we only have 7. CVE-2025-38495 SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-34-rt-3-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202520781-1/ https://www.suse.com/security/cve/CVE-2025-38495.html CVE-2025-38495 https://bugzilla.suse.com/1247348 SUSE Bug 1247348 https://bugzilla.suse.com/1247351 SUSE Bug 1247351