SUSE-SU-2025:4515-1

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2022-50364: i2c: mux: reg: check return value after calling platform_get_resource() (bsc#1250083).
• CVE-2022-50368: drm/msm/dsi: fix memory corruption with too many bridges (bsc#1250009).
• CVE-2022-50494: thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash (bsc#1251173).
• CVE-2022-50545: r6040: Fix kmemleak in probe and remove (bsc#1251285).
• CVE-2022-50551: wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() (bsc#1251322).
• CVE-2022-50569: xfrm: Update ipcomp_scratches with NULL when freed (bsc#1252640).
• CVE-2022-50578: class: fix possible memory leak in __class_register() (bsc#1252519).
• CVE-2023-53229: wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta (bsc#1249650).
• CVE-2023-53369: net: dcb: choose correct policy to parse DCB_ATTR_BCN (bsc#1250206).
• CVE-2023-53431: scsi: ses: Don't attach if enclosure has no components (bsc#1250374).
• CVE-2023-53542: ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy (bsc#1251154).
• CVE-2023-53597: cifs: fix mid leak during reconnection after timeout threshold (bsc#1251159).
• CVE-2023-53641: wifi: ath9k: hif_usb: fix memory leak of remain_skbs (bsc#1251728).
• CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251786).
• CVE-2025-38436: drm/scheduler: signal scheduled fence when kill job (bsc#1247227).
• CVE-2025-39819: fs/smb: Fix inconsistent refcnt update (bsc#1250176).
• CVE-2025-39967: fbcon: fix integer overflow in fbcon_do_set_font (bsc#1252033).
• CVE-2025-40001: scsi: mvsas: Fix use-after-free bugs in mvs_work_queue (bsc#1252303).
• CVE-2025-40027: net/9p: fix double req put in p9_fd_cancelled (bsc#1252763).
• CVE-2025-40030: pinctrl: check the return value of pinmux_ops::get_function_name() (bsc#1252773).
• CVE-2025-40040: mm/ksm: fix flag-dropping behavior in ksm_madvise (bsc#1252780).
• CVE-2025-40048: uio_hv_generic: Let userspace take care of interrupt mask (bsc#1252862).
• CVE-2025-40055: ocfs2: fix double free in user_cluster_connect() (bsc#1252821).
• CVE-2025-40070: pps: fix warning in pps_register_cdev when register device fail (bsc#1252836).
• CVE-2025-40083: net/sched: sch_qfq: Fix null-deref in agg_dequeue (bsc#1252912).
• CVE-2025-40173: net/ip6_tunnel: Prevent perpetual tunnel growth (bsc#1253421).
• CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253436).
• CVE-2025-40205: btrfs: avoid potential out-of-bounds in btrfs_encode_fh() (bsc#1253456).

The following non-security bugs were fixed:

• KVM: x86: Give a hint when Win2016 might fail to boot due to XSAVES erratum (git-fixes).
• PCI: aardvark: Fix checking for MEM resource type (git-fixes).
• cifs: Check the lease context if we actually got a lease (bsc#1228688).
• cifs: return a single-use cfid if we did not get a lease (bsc#1228688).
• dmaengine: bcm2835: Avoid GFP_KERNEL in device_prep_slave_sg (bsc#1070872).
• kabi/severities: Update info about kvm_86_ops.
• net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve (bsc#1220419).
• skmsg: Return copied bytes in sk_msg_memcopy_from_iter (bsc#1250650).
• smb3: fix Open files on server counter going negative (git-fixes).
• tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork (bsc#1250705).
• tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650).
• thermal: intel_powerclamp: Use first online CPU as control_cpu (bsc#1251173).