Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

SUSE: 2025:1574-1 important: Linux Kernel Security Threat Fix

suse
Calendar Grey May 16, 2025
Dist Suse Esm H88
SUSE Linux Kernel has released an update to rectify critical vulnerabilities. It is advised to apply the suggested fixes and restart the system to ensure optimal security.
* bsc#1207034 * bsc#1207878 * bsc#1221980 * bsc#1234931 * bsc#1235433

Summary

## The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2025-21726: padata: avoid UAF for reorder_work (bsc#1238865). * CVE-2025-21785: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (bsc#1238747). * CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512). * CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835). * CVE-2025-22020: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (bsc#1241280). * CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).

References

* bsc#1207034

* bsc#1207878

* bsc#1221980

* bsc#1234931

* bsc#1235433

* bsc#1237984

* bsc#1238512

* bsc#1238747

* bsc#1238865

* bsc#1240210

* bsc#1240308

* bsc#1240835

* bsc#1241280

* bsc#1241371

* bsc#1241404

* bsc#1241405

* bsc#1241407

* bsc#1241408

Cross-

* CVE-2020-36789

* CVE-2021-47163

* CVE-2021-47668

* CVE-2021-47669

* CVE-2021-47670

* CVE-2022-49111

* CVE-2023-0179

* CVE-2023-53026

* CVE-2023-53033

* CVE-2024-56642

* CVE-2024-56661

* CVE-2025-21726

* CVE-2025-21785

* CVE-2025-21791

* CVE-2025-22004

* CVE-2025-22020

* CVE-2025-22055

CVSS scores:

* CVE-2020-36789 ( SUSE ): 6.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2020-36789 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:1574-1
Release Date: 2025-05-16T18:36:35Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here