{"affected":[{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.3.18-150300.197.1","kernel-source-rt":"5.3.18-150300.197.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.1","name":"kernel-rt","purl":"pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.3.18-150300.197.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.3.18-150300.197.1","kernel-source-rt":"5.3.18-150300.197.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.1","name":"kernel-source-rt","purl":"pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.3.18-150300.197.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.3.18-150300.197.1","kernel-source-rt":"5.3.18-150300.197.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.2","name":"kernel-rt","purl":"pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.3.18-150300.197.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.3.18-150300.197.1","kernel-source-rt":"5.3.18-150300.197.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.2","name":"kernel-source-rt","purl":"pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.3.18-150300.197.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThe SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-49035: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE (bsc#1215304).\n- CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853).\n- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846).\n- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891).\n- CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921).\n- CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004).\n- CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054).\n- CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281).\n- CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963).\n- CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073).\n- CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056).\n- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061).\n- CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release() (bsc#1235480).\n- CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).\n\nThe following non-security bugs were fixed:\n\n- net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246).\n","id":"SUSE-SU-2025:0230-1","modified":"2025-01-24T10:10:41Z","published":"2025-01-24T10:10:41Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-20250230-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215304"},{"type":"REPORT","url":"https://bugzilla.suse.com/1220927"},{"type":"REPORT","url":"https://bugzilla.suse.com/1220937"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230697"},{"type":"REPORT","url":"https://bugzilla.suse.com/1232436"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234281"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234690"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234846"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234853"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234891"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234921"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234963"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235004"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235054"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235056"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235061"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235073"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235246"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235480"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235584"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-49035"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-52524"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53142"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53144"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53146"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53156"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53173"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53179"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53214"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53239"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53240"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56539"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56548"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56604"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56605"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56631"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56704"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-8805"}],"related":["CVE-2022-49035","CVE-2023-52524","CVE-2024-53142","CVE-2024-53144","CVE-2024-53146","CVE-2024-53156","CVE-2024-53173","CVE-2024-53179","CVE-2024-53214","CVE-2024-53239","CVE-2024-53240","CVE-2024-56539","CVE-2024-56548","CVE-2024-56604","CVE-2024-56605","CVE-2024-56631","CVE-2024-56704","CVE-2024-8805"],"summary":"Security update for the Linux Kernel","upstream":["CVE-2022-49035","CVE-2023-52524","CVE-2024-53142","CVE-2024-53144","CVE-2024-53146","CVE-2024-53156","CVE-2024-53173","CVE-2024-53179","CVE-2024-53214","CVE-2024-53239","CVE-2024-53240","CVE-2024-56539","CVE-2024-56548","CVE-2024-56604","CVE-2024-56605","CVE-2024-56631","CVE-2024-56704","CVE-2024-8805"]}