SUSE-SU-2025:02393-1

Опубликовано: 19 июл. 2025

Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-150500_55_94 fixes one issue.

The following security issue was fixed:

CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912).

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP5

kernel-livepatch-5_14_21-150500_55_94-default-3-150500.2.1

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-202502393-1/
Link for SUSE-SU-2025:02393-1
https://lists.suse.com/pipermail/sle-updates/2025-July/040803.html
E-Mail link for SUSE-SU-2025:02393-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1238912
SUSE Bug 1238912
https://www.suse.com/security/cve/CVE-2025-21772/
SUSE CVE CVE-2025-21772 page

Описание

In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeeded. - If the partition table claims a silly sector size like 0xfff bytes (which results in partition table entries straddling sector boundaries), bail out instead of accessing out-of-bounds memory. - We must not assume that the partition table contains proper NUL termination - use strnlen() and strncmp() instead of strlen() and strcmp().

Затронутые продукты

SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_94-default-3-150500.2.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-21772.html
CVE-2025-21772
https://bugzilla.suse.com/1238911
SUSE Bug 1238911
https://bugzilla.suse.com/1238912
SUSE Bug 1238912

SUSE-SU-2025:02393-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP5

Ссылки

Уязвимость: CVE-2025-21772

Описание

Затронутые продукты

Ссылки