{"affected":[{"ecosystem_specific":{"binaries":[{"kernel-livepatch-6_4_0-150600_10_5-rt":"20-150600.2.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Live Patching 15 SP6","name":"kernel-livepatch-SLE15-SP6-RT_Update_1","purl":"pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20-150600.2.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for the Linux Kernel 6.4.0-150600_10_5 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245504) .\n- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579).\n- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235).\n- CVE-2024-49867: btrfs: wait for fixup workers before stopping cleaner kthread during umount (bsc#1232271).\n- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236207).\n- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775).\n- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791).\n- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231676).\n- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1245805).\n- CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231943).\n- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030).\n","id":"SUSE-SU-2025:03097-1","modified":"2025-09-08T20:04:31Z","published":"2025-09-08T20:04:31Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202503097-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1231676"},{"type":"REPORT","url":"https://bugzilla.suse.com/1231943"},{"type":"REPORT","url":"https://bugzilla.suse.com/1232271"},{"type":"REPORT","url":"https://bugzilla.suse.com/1236207"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242579"},{"type":"REPORT","url":"https://bugzilla.suse.com/1244235"},{"type":"REPORT","url":"https://bugzilla.suse.com/1245505"},{"type":"REPORT","url":"https://bugzilla.suse.com/1245775"},{"type":"REPORT","url":"https://bugzilla.suse.com/1245791"},{"type":"REPORT","url":"https://bugzilla.suse.com/1245805"},{"type":"REPORT","url":"https://bugzilla.suse.com/1246030"},{"type":"REPORT","url":"https://bugzilla.suse.com/1248108"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-47674"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-47706"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-49867"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21659"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21701"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21999"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-37890"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-38000"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-38001"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-38087"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-38212"}],"related":["CVE-2024-47674","CVE-2024-47706","CVE-2024-49867","CVE-2025-21659","CVE-2025-21701","CVE-2025-21999","CVE-2025-37890","CVE-2025-38000","CVE-2025-38001","CVE-2025-38087","CVE-2025-38212"],"summary":"Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)","upstream":["CVE-2024-47674","CVE-2024-47706","CVE-2024-49867","CVE-2025-21659","CVE-2025-21701","CVE-2025-21999","CVE-2025-37890","CVE-2025-38000","CVE-2025-38001","CVE-2025-38087","CVE-2025-38212"]}