Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: 2025:1257-1 important: Linux Kernel fixes for network issues

suse
Calendar Grey April 14, 2025
Dist Suse Esm H88
Important notice regarding SUSE Linux Kernel patching critical vulnerabilities in networking and tap functionalities. Ensure your system is safeguarded by applying the latest updates.
* bsc#1228714 * bsc#1235218 Cross-References: * CVE-2024-41090

Summary

## This update for the Linux Kernel 5.14.21-150400_24_116 fixes several issues. The following security issues were fixed: * CVE-2024-41090: tap: add missing verification for short frame (bsc#1228714). * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235218). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-1257=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1257=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)

Topics%20covered

Topics Covered

security advisory kernel update important network issue SUSE Linux Enterprise tap verification

References

* bsc#1228714

* bsc#1235218

Cross-

* CVE-2024-41090

* CVE-2024-56600

CVSS scores:

* CVE-2024-41090 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

* CVE-2024-56600 ( SUSE ): 8.5

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2024-56600 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.4

* SUSE Linux Enterprise High Performance Computing 15 SP4

* SUSE Linux Enterprise Live Patching 15-SP4

* SUSE Linux Enterprise Micro 5.3

* SUSE Linux Enterprise Micro 5.4

* SUSE Linux Enterprise Real Time 15 SP4

* SUSE Linux Enterprise Server 15 SP4

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:1257-1
Release Date: 2025-04-14T16:33:37Z
Rating: important

Topics%20covered

Topics Covered

security advisory kernel update important network issue SUSE Linux Enterprise tap verification

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here