The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-27415: netfilter: bridge: confirm multicast packets before passing them up the stack (bsc#1224757).
- CVE-2024-28956: Intel CPU: Indirect Target Selection (ITS) (bsc#1242006).
- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).
- CVE-2024-46763: fou: Fix null-ptr-deref in GRO (bsc#1230764).
- CVE-2024-50038: netfilter: xtables: avoid NFPROTO_UNSPEC where needed (bsc#1231910).
- CVE-2024-50162: bpf: devmap: provide rxq after redirect (bsc#1233075).
- CVE-2024-50163: bpf: Make sure internal and UAPI bpf_redirect flags do not overlap (bsc#1233098).
- CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc (bsc#1234074).
- CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157).
- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).
- CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990).
- CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961).
- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).
- CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970).
- CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510).
- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).
- CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111).
- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).
- CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874).
- CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882).
- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).
- CVE-2025-21768: net: ipv6: fix dst...