## The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2025-21726: padata: avoid UAF for reorder_work (bsc#1238865). * CVE-2025-21785: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (bsc#1238747). * CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512). * CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471). * CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835). * CVE-2025-22020: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (bsc#1241280). * CVE-2025-22029: exec: fix the racy usage of fs_struct->in_exec (bsc#1241378). * CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal
* bsc#1201855
* bsc#1230771
* bsc#1238471
* bsc#1238512
* bsc#1238747
* bsc#1238865
* bsc#1239968
* bsc#1240188
* bsc#1240195
* bsc#1240553
* bsc#1240747
* bsc#1240835
* bsc#1241280
* bsc#1241371
* bsc#1241378
* bsc#1241421
* bsc#1241433
* bsc#1241541
Cross-
* CVE-2021-47671
* CVE-2022-49741
* CVE-2024-46784
* CVE-2025-21726
* CVE-2025-21785
* CVE-2025-21791
* CVE-2025-21812
* CVE-2025-21886
* CVE-2025-22004
* CVE-2025-22020
* CVE-2025-22029
* CVE-2025-22045
* CVE-2025-22055
* CVE-2025-22097
CVSS scores:
* CVE-2021-47671 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2021-47671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47671 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-49741 ( SUSE ): 6.8
Get the latest Linux and open source security news straight to your inbox.