{"affected":[{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.14.21-150400.15.112.1","kernel-source-rt":"5.14.21-150400.15.112.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.3","name":"kernel-rt","purl":"pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.14.21-150400.15.112.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.14.21-150400.15.112.1","kernel-source-rt":"5.14.21-150400.15.112.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.3","name":"kernel-source-rt","purl":"pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.14.21-150400.15.112.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.14.21-150400.15.112.1","kernel-source-rt":"5.14.21-150400.15.112.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.4","name":"kernel-rt","purl":"pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.14.21-150400.15.112.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.14.21-150400.15.112.1","kernel-source-rt":"5.14.21-150400.15.112.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.4","name":"kernel-source-rt","purl":"pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.14.21-150400.15.112.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThe SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033).\n- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700).\n- CVE-2024-50128: net: wwan: fix global oob in wwan_rtnl_policy (bsc#1232905).\n- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).\n- CVE-2024-57948: mac802154: check local interfaces before deleting sdata list (bsc#1236677).\n- CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025).\n- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).\n- CVE-2025-21699: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (bsc#1237139).\n\nThe following non-security bugs were fixed:\n\n- idpf: call set_real_num_queues in idpf_open (bsc#1236661 bsc#1237316).\n- ipv4/tcp: do not use per netns ctl sockets (bsc#1237693).\n- net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).\n- net: mana: Cleanup 'mana' debugfs dir after cleanup of all children (bsc#1236760).\n- net: mana: Enable debugfs files for MANA device (bsc#1236758).\n- net: netvsc: Update default VMBus channels (bsc#1236757).\n- scsi: storvsc: Use scsi_cmd_to_rq() instead of scsi_cmnd.request (git-fixes).\n- x86/kvm: fix is_stale_page_fault() (bsc#1236675).\n- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).\n- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes).\n","id":"SUSE-SU-2025:0945-1","modified":"2025-03-19T12:13:45Z","published":"2025-03-19T12:13:45Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-20250945-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1208995"},{"type":"REPORT","url":"https://bugzilla.suse.com/1220946"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224700"},{"type":"REPORT","url":"https://bugzilla.suse.com/1225742"},{"type":"REPORT","url":"https://bugzilla.suse.com/1232905"},{"type":"REPORT","url":"https://bugzilla.suse.com/1232919"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234154"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234853"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234891"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234963"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235054"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235061"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235073"},{"type":"REPORT","url":"https://bugzilla.suse.com/1236661"},{"type":"REPORT","url":"https://bugzilla.suse.com/1236675"},{"type":"REPORT","url":"https://bugzilla.suse.com/1236677"},{"type":"REPORT","url":"https://bugzilla.suse.com/1236757"},{"type":"REPORT","url":"https://bugzilla.suse.com/1236758"},{"type":"REPORT","url":"https://bugzilla.suse.com/1236760"},{"type":"REPORT","url":"https://bugzilla.suse.com/1236761"},{"type":"REPORT","url":"https://bugzilla.suse.com/1237025"},{"type":"REPORT","url":"https://bugzilla.suse.com/1237028"},{"type":"REPORT","url":"https://bugzilla.suse.com/1237139"},{"type":"REPORT","url":"https://bugzilla.suse.com/1237316"},{"type":"REPORT","url":"https://bugzilla.suse.com/1237693"},{"type":"REPORT","url":"https://bugzilla.suse.com/1238033"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-49080"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-1192"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-52572"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-35949"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-50115"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-50128"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53135"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53173"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53239"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56539"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56548"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56605"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-57948"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21690"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21692"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21699"}],"related":["CVE-2022-49080","CVE-2023-1192","CVE-2023-52572","CVE-2024-35949","CVE-2024-50115","CVE-2024-50128","CVE-2024-53135","CVE-2024-53173","CVE-2024-53239","CVE-2024-56539","CVE-2024-56548","CVE-2024-56605","CVE-2024-57948","CVE-2025-21690","CVE-2025-21692","CVE-2025-21699"],"summary":"Security update for the Linux Kernel","upstream":["CVE-2022-49080","CVE-2023-1192","CVE-2023-52572","CVE-2024-35949","CVE-2024-50115","CVE-2024-50128","CVE-2024-53135","CVE-2024-53173","CVE-2024-53239","CVE-2024-56539","CVE-2024-56548","CVE-2024-56605","CVE-2024-57948","CVE-2025-21690","CVE-2025-21692","CVE-2025-21699"]}