Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2025:0983-1
Release Date:	2025-03-21T17:44:17Z
Rating:	important
References:	bsc#1197331 bsc#1203769 bsc#1235441 bsc#1237768 bsc#1238271 bsc#1238272 bsc#1238454 bsc#1238705 bsc#1238729 bsc#1238911 bsc#1239073 bsc#1239076
Cross-References:	CVE-2021-47633 CVE-2022-1048 CVE-2022-3303 CVE-2022-49272 CVE-2022-49288 CVE-2022-49291 CVE-2022-49545 CVE-2022-49733 CVE-2024-56658 CVE-2024-57996 CVE-2025-21718 CVE-2025-21772
CVSS scores:	CVE-2021-47633 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2021-47633 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVE-2022-1048 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-1048 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-3303 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2022-3303 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-49272 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-49288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-49288 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-49291 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2022-49291 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-49291 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-49545 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2022-49545 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-49733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-49733 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56658 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2024-56658 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-56658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-56658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-57996 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2024-57996 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-21718 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-21718 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-21718 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-21772 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-21772 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:	SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE

An update that solves 12 vulnerabilities can now be installed.

Description:

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

CVE-2021-47633: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 (bsc#1237768).
CVE-2022-49545: ALSA: usb-audio: Cancel pending work at closing a MIDI substream (bsc#1238729).
CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441).
CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).
CVE-2025-21718: net: rose: fix timer races against user threads (bsc#1239073).
CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-983=1
SUSE Linux Enterprise Server 11 SP4
zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-983=1

Package List:

SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (nosrc x86_64)
- kernel-trace-3.0.101-108.180.1
- kernel-default-3.0.101-108.180.1
- kernel-ec2-3.0.101-108.180.1
- kernel-xen-3.0.101-108.180.1
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (x86_64)
- kernel-ec2-base-3.0.101-108.180.1
- kernel-trace-base-3.0.101-108.180.1
- kernel-default-base-3.0.101-108.180.1
- kernel-syms-3.0.101-108.180.1
- kernel-source-3.0.101-108.180.1
- kernel-xen-base-3.0.101-108.180.1
- kernel-trace-devel-3.0.101-108.180.1
- kernel-xen-devel-3.0.101-108.180.1
- kernel-ec2-devel-3.0.101-108.180.1
- kernel-default-devel-3.0.101-108.180.1
SUSE Linux Enterprise Server 11 SP4 (nosrc x86_64)
- kernel-trace-3.0.101-108.180.1
- kernel-default-3.0.101-108.180.1
- kernel-ec2-3.0.101-108.180.1
- kernel-xen-3.0.101-108.180.1
SUSE Linux Enterprise Server 11 SP4 (x86_64)
- kernel-ec2-base-3.0.101-108.180.1
- kernel-trace-base-3.0.101-108.180.1
- kernel-default-base-3.0.101-108.180.1
- kernel-syms-3.0.101-108.180.1
- kernel-source-3.0.101-108.180.1
- kernel-xen-base-3.0.101-108.180.1
- kernel-trace-devel-3.0.101-108.180.1
- kernel-xen-devel-3.0.101-108.180.1
- kernel-ec2-devel-3.0.101-108.180.1
- kernel-default-devel-3.0.101-108.180.1

Security update for the Linux Kernel

Description:

Special Instructions and Notes:

Patch Instructions:

Package List:

References: