Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE Linux Kernel 15 SP3: 2025:0202-1 important: Security Bug Fixes

suse
Calendar Grey January 21, 2025
Dist Suse Esm H88
Critical patch released for the Linux kernel addressing various vulnerabilities, as detailed in Red Hat's notice.
* bsc#1215304 * bsc#1220927 * bsc#1220937 * bsc#1230697 * bsc#1232436

Summary

## The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-49035: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE (bsc#1215304). * CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). * CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). * CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). * CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054).

Topics%20covered

Topics Covered

security advisory security update important kernel threat mitigation SUSE bug fixes

References

* bsc#1215304

* bsc#1220927

* bsc#1220937

* bsc#1230697

* bsc#1232436

* bsc#1234281

* bsc#1234690

* bsc#1234846

* bsc#1234853

* bsc#1234891

* bsc#1234921

* bsc#1234963

* bsc#1235004

* bsc#1235054

* bsc#1235056

* bsc#1235061

* bsc#1235073

* bsc#1235246

* bsc#1235480

* bsc#1235584

Cross-

* CVE-2022-49035

* CVE-2023-52524

* CVE-2024-53142

* CVE-2024-53144

* CVE-2024-53146

* CVE-2024-53156

* CVE-2024-53173

* CVE-2024-53179

* CVE-2024-53214

* CVE-2024-53239

* CVE-2024-53240

* CVE-2024-56539

* CVE-2024-56548

* CVE-2024-56604

* CVE-2024-56605

* CVE-2024-56631

* CVE-2024-56704

* CVE-2024-8805

CVSS scores:

* CVE-2022-49035 ( SUSE ): 8.5

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2022-49035 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:0202-1
Release Date: 2025-01-21T12:52:58Z
Rating: important

Topics%20covered

Topics Covered

security advisory security update important kernel threat mitigation SUSE bug fixes

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here