SUSE-SU-2025:1114-1

Опубликовано: 02 апр. 2025

Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-150300_59_174 fixes one issue.

The following security issue was fixed:

CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table (bsc#1233023).

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP3

kernel-livepatch-5_3_18-150300_59_174-default-7-150300.2.1

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-20251114-1/
Link for SUSE-SU-2025:1114-1
https://lists.suse.com/pipermail/sle-updates/2025-April/038890.html
E-Mail link for SUSE-SU-2025:1114-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1233023
SUSE Bug 1233023
https://www.suse.com/security/cve/CVE-2022-49025/
SUSE CVE CVE-2022-49025 page

Описание

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free when reverting termination table When having multiple dests with termination tables and second one or afterwards fails the driver reverts usage of term tables but doesn't reset the assignment in attr->dests[num_vport_dests].termtbl which case a use-after-free when releasing the rule. Fix by resetting the assignment of termtbl to null.

Затронутые продукты

SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_174-default-7-150300.2.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-49025.html
CVE-2022-49025
https://bugzilla.suse.com/1231960
SUSE Bug 1231960
https://bugzilla.suse.com/1233023
SUSE Bug 1233023

SUSE-SU-2025:1114-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP3

Ссылки

Уязвимость: CVE-2022-49025

Описание

Затронутые продукты

Ссылки