Описание
Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-150500_55_121 fixes several issues.
The following security issues were fixed:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631).
- CVE-2022-50252: igb: Do not free q_vector unless new one was allocated (bsc#1249847).
Список пакетов
SUSE Linux Enterprise Live Patching 15 SP4
kernel-livepatch-5_14_21-150400_24_176-default-3-150400.4.1
SUSE Linux Enterprise Live Patching 15 SP5
kernel-livepatch-5_14_21-150500_55_121-default-3-150500.4.1
Ссылки
- Link for SUSE-SU-2025:4003-1
- E-Mail link for SUSE-SU-2025:4003-1
- SUSE Security Ratings
- SUSE Bug 1248631
- SUSE Bug 1249847
- SUSE CVE CVE-2022-50252 page
- SUSE CVE CVE-2025-38664 page
Описание
In the Linux kernel, the following vulnerability has been resolved: igb: Do not free q_vector unless new one was allocated Avoid potential use-after-free condition under memory pressure. If the kzalloc() fails, q_vector will be freed but left in the original adapter->q_vector[v_idx] array position.
Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_176-default-3-150400.4.1
SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-3-150500.4.1
Ссылки
- CVE-2022-50252
- SUSE Bug 1249846
Описание
In the Linux kernel, the following vulnerability has been resolved: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() Add check for the return value of devm_kmemdup() to prevent potential null pointer dereference.
Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_176-default-3-150400.4.1
SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_121-default-3-150500.4.1
Ссылки
- CVE-2025-38664
- SUSE Bug 1248628
- SUSE Bug 1248631