The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various
security bugfixes.
The following security bugs were fixed:
* CVE-2022-49775: tcp: cdg: allow tcp_cdg_release() to be called multiple
times (bsc#1242245).
* CVE-2024-53168: net: make sock_inuse_add() available (bsc#1234887).
* CVE-2024-56558: nfsd: make sure exp active before svc_export_show
(bsc#1235100).
* CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).
* CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion
addition (bsc#1241525).
* CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow
(bsc#1242596).
* CVE-2025-37789: net: openvswitch: fix nested key length validation in the
set() action (bsc#1242762).
The following non-security bugs were fixed:
* Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges
(bsc#1243737).
* Remove debug flavor (bsc#1243919).
* arm64: bpf: Add BHB mitigation to the epilogue...
Read the Full Advisory## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2025-1966=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2025-1966=1
* openSUSE Leap 15.5 (noarch)
* kernel-source-rt-5.14.21-150500.13.97.1
* kernel-devel-rt-5.14.21-150500.13.97.1
* openSUSE Leap 15.5 (x86_64)
* kernel-rt-optional-5.14.21-150500.13.97.1
* kernel-rt_debug-vdso-5.14.21-150500.13.97.1
* kernel-rt-vdso-5.14.21-150500.13.97.1
* kernel-rt-debuginfo-5.14.21-150500.13.97.1
* cluster-md-kmp-rt-5.14.21-150500.13.97.1
* gfs2-kmp-rt-5.14.21-150500.13.97.1
* ocfs2-kmp-rt-5.14.21-150500.13.97.1
* kernel-rt-livepatch-devel-5.14.21-150500.13.97.1
* kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.97.1
* cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.97.1
* reiserfs-kmp-rt-5.14.21-150500.13.97.1
* kernel-rt-optional-debuginfo-5.14.21-150500.13.97.1
* kernel-rt-extra-debuginfo-5.14.21-150500.13.97.1
* ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.97.1
* kernel-rt-vdso-debuginfo-5.14.21-150500.13.97.1
* kernel-rt-extra-5.14.21-150500.13.97.1
* kernel-rt-debugsource-5.14.21-150500.13.97.1
* kselftests-kmp-rt-debuginfo-5.14.21-150500.13.97.1
*...
Read the Full Advisory* bsc#1184350
* bsc#1193629
* bsc#1204562
* bsc#1204569
* bsc#1204619
* bsc#1204705
* bsc#1205282
* bsc#1206051
* bsc#1206073
* bsc#1206649
* bsc#1206843
* bsc#1206886
* bsc#1206887
* bsc#1207361
* bsc#1208105
* bsc#1208542
* bsc#1209292
* bsc#1209556
* bsc#1209684
* bsc#1209780
* bsc#1209980
* bsc#1210337
* bsc#1210763
* bsc#1210767
* bsc#1211465
* bsc#1213012
* bsc#1213013
* bsc#1213094
* bsc#1213096
* bsc#1213233
* bsc#1213946
* bsc#1214991
* bsc#1218470
* bsc#1222629
* bsc#1223096
* bsc#1225903
* bsc#1232649
* bsc#1234395
* bsc#1234887
* bsc#1235100
* bsc#1235870
* bsc#1240802
* bsc#1241525
* bsc#1242146
* bsc#1242147
* bsc#1242150
* bsc#1242151
* bsc#1242154
* bsc#1242157
* bsc#1242158
* bsc#1242160
* bsc#1242164
* bsc#1242165
* bsc#1242169
* bsc#1242215
* bsc#1242217
* bsc#1242218
* bsc#1242219
* bsc#1242222
* bsc#1242224
* bsc#1242226
* bsc#1242227
* bsc#1242228
* bsc#1242229
* bsc#1242230
* bsc#1242231
* bsc#1242232
* bsc#1242237
* bsc#1242239
* bsc#1242240
* bsc#1242241
* bsc#1242244
* bsc#1242245
* bsc#1242248
* bsc#1242249
* bsc#1242261
*...
Read the Full AdvisoryGet the latest Linux and open source security news straight to your inbox.