SUSE-IU-2025:1707-1: Security update of suse/sle-micro/base-5.5
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Tue Jul 1 07:06:46 UTC 2025
SUSE Image Update Advisory: suse/sle-micro/base-5.5
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:1707-1
Image Tags : suse/sle-micro/base-5.5:2.0.4 , suse/sle-micro/base-5.5:2.0.4-5.8.181 , suse/sle-micro/base-5.5:latest
Image Release : 5.8.181
Severity : important
Type : security
References : 1184350 1193629 1204562 1204569 1204619 1204705 1205282 1206051
1206073 1206649 1206843 1206886 1206887 1207361 1208105 1208542
1209292 1209556 1209684 1209780 1209980 1210337 1210763 1210767
1211465 1213012 1213013 1213094 1213096 1213233 1213946 1214991
1218470 1222629 1223096 1225903 1228659 1231293 1232649 1234395
1234454 1234887 1235100 1235870 1238303 1238570 1239986 1240785
1240802 1241038 1241525 1241640 1242006 1242146 1242147 1242150
1242151 1242154 1242157 1242158 1242160 1242164 1242165 1242169
1242215 1242217 1242218 1242219 1242222 1242224 1242226 1242227
1242228 1242229 1242230 1242231 1242232 1242237 1242239 1242240
1242241 1242244 1242245 1242248 1242249 1242261 1242264 1242265
1242270 1242276 1242278 1242279 1242280 1242281 1242282 1242285
1242286 1242289 1242294 1242295 1242298 1242302 1242305 1242311
1242312 1242320 1242338 1242349 1242351 1242352 1242353 1242355
1242357 1242358 1242359 1242360 1242361 1242365 1242366 1242369
1242370 1242371 1242372 1242377 1242378 1242380 1242381 1242382
1242385 1242387 1242389 1242391 1242392 1242393 1242394 1242398
1242399 1242400 1242402 1242403 1242405 1242406 1242409 1242410
1242411 1242415 1242416 1242421 1242422 1242425 1242426 1242428
1242440 1242443 1242448 1242449 1242452 1242453 1242454 1242455
1242456 1242458 1242464 1242465 1242467 1242469 1242473 1242474
1242478 1242481 1242484 1242489 1242497 1242527 1242542 1242544
1242545 1242547 1242548 1242549 1242550 1242551 1242558 1242570
1242580 1242586 1242589 1242596 1242597 1242685 1242686 1242688
1242689 1242695 1242716 1242733 1242734 1242735 1242736 1242739
1242740 1242743 1242744 1242745 1242746 1242747 1242748 1242749
1242751 1242752 1242753 1242756 1242759 1242762 1242765 1242767
1242778 1242779 1242790 1242791 1243047 1243133 1243737 1243919
CVE-2022-3564 CVE-2022-3619 CVE-2022-3640 CVE-2022-49762 CVE-2022-49763
CVE-2022-49769 CVE-2022-49770 CVE-2022-49771 CVE-2022-49772 CVE-2022-49773
CVE-2022-49775 CVE-2022-49776 CVE-2022-49777 CVE-2022-49779 CVE-2022-49781
CVE-2022-49783 CVE-2022-49784 CVE-2022-49786 CVE-2022-49787 CVE-2022-49788
CVE-2022-49789 CVE-2022-49790 CVE-2022-49792 CVE-2022-49793 CVE-2022-49794
CVE-2022-49795 CVE-2022-49796 CVE-2022-49797 CVE-2022-49799 CVE-2022-49800
CVE-2022-49801 CVE-2022-49802 CVE-2022-49807 CVE-2022-49809 CVE-2022-49810
CVE-2022-49812 CVE-2022-49813 CVE-2022-49818 CVE-2022-49821 CVE-2022-49822
CVE-2022-49823 CVE-2022-49824 CVE-2022-49825 CVE-2022-49826 CVE-2022-49827
CVE-2022-49830 CVE-2022-49832 CVE-2022-49834 CVE-2022-49835 CVE-2022-49836
CVE-2022-49837 CVE-2022-49839 CVE-2022-49841 CVE-2022-49842 CVE-2022-49845
CVE-2022-49846 CVE-2022-49850 CVE-2022-49853 CVE-2022-49858 CVE-2022-49860
CVE-2022-49861 CVE-2022-49863 CVE-2022-49864 CVE-2022-49865 CVE-2022-49868
CVE-2022-49869 CVE-2022-49870 CVE-2022-49871 CVE-2022-49874 CVE-2022-49879
CVE-2022-49880 CVE-2022-49881 CVE-2022-49885 CVE-2022-49886 CVE-2022-49887
CVE-2022-49888 CVE-2022-49889 CVE-2022-49890 CVE-2022-49891 CVE-2022-49892
CVE-2022-49900 CVE-2022-49901 CVE-2022-49902 CVE-2022-49905 CVE-2022-49906
CVE-2022-49908 CVE-2022-49909 CVE-2022-49910 CVE-2022-49915 CVE-2022-49916
CVE-2022-49917 CVE-2022-49918 CVE-2022-49921 CVE-2022-49922 CVE-2022-49923
CVE-2022-49924 CVE-2022-49925 CVE-2022-49927 CVE-2022-49928 CVE-2022-49929
CVE-2022-49931 CVE-2023-1990 CVE-2023-28866 CVE-2023-53035 CVE-2023-53036
CVE-2023-53038 CVE-2023-53039 CVE-2023-53040 CVE-2023-53041 CVE-2023-53042
CVE-2023-53044 CVE-2023-53045 CVE-2023-53049 CVE-2023-53052 CVE-2023-53054
CVE-2023-53056 CVE-2023-53057 CVE-2023-53058 CVE-2023-53059 CVE-2023-53060
CVE-2023-53062 CVE-2023-53064 CVE-2023-53065 CVE-2023-53066 CVE-2023-53068
CVE-2023-53070 CVE-2023-53071 CVE-2023-53073 CVE-2023-53074 CVE-2023-53075
CVE-2023-53077 CVE-2023-53078 CVE-2023-53079 CVE-2023-53081 CVE-2023-53082
CVE-2023-53084 CVE-2023-53087 CVE-2023-53089 CVE-2023-53090 CVE-2023-53091
CVE-2023-53092 CVE-2023-53093 CVE-2023-53095 CVE-2023-53096 CVE-2023-53098
CVE-2023-53099 CVE-2023-53100 CVE-2023-53101 CVE-2023-53102 CVE-2023-53105
CVE-2023-53106 CVE-2023-53108 CVE-2023-53109 CVE-2023-53111 CVE-2023-53112
CVE-2023-53114 CVE-2023-53116 CVE-2023-53118 CVE-2023-53119 CVE-2023-53123
CVE-2023-53124 CVE-2023-53125 CVE-2023-53128 CVE-2023-53131 CVE-2023-53134
CVE-2023-53137 CVE-2023-53139 CVE-2023-53140 CVE-2023-53142 CVE-2023-53143
CVE-2023-53145 CVE-2024-26804 CVE-2024-28956 CVE-2024-53168 CVE-2024-56558
CVE-2025-21999 CVE-2025-22056 CVE-2025-23145 CVE-2025-37785 CVE-2025-37789
-----------------------------------------------------------------
The container suse/sle-micro/base-5.5 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2173-1
Released: Mon Jun 30 15:01:26 2025
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1184350,1193629,1204562,1204569,1204619,1204705,1205282,1206051,1206073,1206649,1206843,1206886,1206887,1207361,1208105,1208542,1209292,1209556,1209684,1209780,1209980,1210337,1210763,1210767,1211465,1213012,1213013,1213094,1213096,1213233,1213946,1214991,1218470,1222629,1223096,1225903,1228659,1231293,1232649,1234395,1234454,1234887,1235100,1235870,1238303,1238570,1239986,1240785,1240802,1241038,1241525,1241640,1242006,1242146,1242147,1242150,1242151,1242154,1242157,1242158,1242160,1242164,1242165,1242169,1242215,1242217,1242218,1242219,1242222,1242224,1242226,1242227,1242228,1242229,1242230,1242231,1242232,1242237,1242239,1242240,1242241,1242244,1242245,1242248,1242249,1242261,1242264,1242265,1242270,1242276,1242278,1242279,1242280,1242281,1242282,1242285,1242286,1242289,1242294,1242295,1242298,1242302,1242305,1242311,1242312,1242320,1242338,1242349,1242351,1242352,1242353,1242355,1242357,1242358,1242359,1242360,1242361,1242365,1242366,1242369,1242370,1242371,1242372,1
242377,1242378,1242380,1242381,1242382,1242385,1242387,1242389,1242391,1242392,1242393,1242394,1242398,1242399,1242400,1242402,1242403,1242405,1242406,1242409,1242410,1242411,1242415,1242416,1242421,1242422,1242425,1242426,1242428,1242440,1242443,1242448,1242449,1242452,1242453,1242454,1242455,1242456,1242458,1242464,1242465,1242467,1242469,1242473,1242474,1242478,1242481,1242484,1242489,1242497,1242527,1242542,1242544,1242545,1242547,1242548,1242549,1242550,1242551,1242558,1242570,1242580,1242586,1242589,1242596,1242597,1242685,1242686,1242688,1242689,1242695,1242716,1242733,1242734,1242735,1242736,1242739,1242740,1242743,1242744,1242745,1242746,1242747,1242748,1242749,1242751,1242752,1242753,1242756,1242759,1242762,1242765,1242767,1242778,1242779,1242790,1242791,1243047,1243133,1243737,1243919,CVE-2022-3564,CVE-2022-3619,CVE-2022-3640,CVE-2022-49762,CVE-2022-49763,CVE-2022-49769,CVE-2022-49770,CVE-2022-49771,CVE-2022-49772,CVE-2022-49773,CVE-2022-49775,CVE-2022-49776,CVE-2022-4977
7,CVE-2022-49779,CVE-2022-49781,CVE-2022-49783,CVE-2022-49784,CVE-2022-49786,CVE-2022-49787,CVE-2022-49788,CVE-2022-49789,CVE-2022-49790,CVE-2022-49792,CVE-2022-49793,CVE-2022-49794,CVE-2022-49795,CVE-2022-49796,CVE-2022-49797,CVE-2022-49799,CVE-2022-49800,CVE-2022-49801,CVE-2022-49802,CVE-2022-49807,CVE-2022-49809,CVE-2022-49810,CVE-2022-49812,CVE-2022-49813,CVE-2022-49818,CVE-2022-49821,CVE-2022-49822,CVE-2022-49823,CVE-2022-49824,CVE-2022-49825,CVE-2022-49826,CVE-2022-49827,CVE-2022-49830,CVE-2022-49832,CVE-2022-49834,CVE-2022-49835,CVE-2022-49836,CVE-2022-49837,CVE-2022-49839,CVE-2022-49841,CVE-2022-49842,CVE-2022-49845,CVE-2022-49846,CVE-2022-49850,CVE-2022-49853,CVE-2022-49858,CVE-2022-49860,CVE-2022-49861,CVE-2022-49863,CVE-2022-49864,CVE-2022-49865,CVE-2022-49868,CVE-2022-49869,CVE-2022-49870,CVE-2022-49871,CVE-2022-49874,CVE-2022-49879,CVE-2022-49880,CVE-2022-49881,CVE-2022-49885,CVE-2022-49886,CVE-2022-49887,CVE-2022-49888,CVE-2022-49889,CVE-2022-49890,CVE-2022-49891,CVE-2
022-49892,CVE-2022-49900,CVE-2022-49901,CVE-2022-49902,CVE-2022-49905,CVE-2022-49906,CVE-2022-49908,CVE-2022-49909,CVE-2022-49910,CVE-2022-49915,CVE-2022-49916,CVE-2022-49917,CVE-2022-49918,CVE-2022-49921,CVE-2022-49922,CVE-2022-49923,CVE-2022-49924,CVE-2022-49925,CVE-2022-49927,CVE-2022-49928,CVE-2022-49929,CVE-2022-49931,CVE-2023-1990,CVE-2023-28866,CVE-2023-53035,CVE-2023-53036,CVE-2023-53038,CVE-2023-53039,CVE-2023-53040,CVE-2023-53041,CVE-2023-53042,CVE-2023-53044,CVE-2023-53045,CVE-2023-53049,CVE-2023-53052,CVE-2023-53054,CVE-2023-53056,CVE-2023-53057,CVE-2023-53058,CVE-2023-53059,CVE-2023-53060,CVE-2023-53062,CVE-2023-53064,CVE-2023-53065,CVE-2023-53066,CVE-2023-53068,CVE-2023-53070,CVE-2023-53071,CVE-2023-53073,CVE-2023-53074,CVE-2023-53075,CVE-2023-53077,CVE-2023-53078,CVE-2023-53079,CVE-2023-53081,CVE-2023-53082,CVE-2023-53084,CVE-2023-53087,CVE-2023-53089,CVE-2023-53090,CVE-2023-53091,CVE-2023-53092,CVE-2023-53093,CVE-2023-53095,CVE-2023-53096,CVE-2023-53098,CVE-2023-5309
9,CVE-2023-53100,CVE-2023-53101,CVE-2023-53102,CVE-2023-53105,CVE-2023-53106,CVE-2023-53108,CVE-2023-53109,CVE-2023-53111,CVE-2023-53112,CVE-2023-53114,CVE-2023-53116,CVE-2023-53118,CVE-2023-53119,CVE-2023-53123,CVE-2023-53124,CVE-2023-53125,CVE-2023-53128,CVE-2023-53131,CVE-2023-53134,CVE-2023-53137,CVE-2023-53139,CVE-2023-53140,CVE-2023-53142,CVE-2023-53143,CVE-2023-53145,CVE-2024-26804,CVE-2024-28956,CVE-2024-53168,CVE-2024-56558,CVE-2025-21999,CVE-2025-22056,CVE-2025-23145,CVE-2025-37785,CVE-2025-37789
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-49775: tcp: cdg: allow tcp_cdg_release() to be called multiple times (bsc#1242245).
- CVE-2024-53168: net: make sock_inuse_add() available (bsc#1234887).
- CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1235100).
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2024-28956: x86/its: Add support for ITS-safe indirect thunk (bsc#1242006).
- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).
The following non-security bugs were fixed:
- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (bsc#1243737).
- Move upstreamed sched/membarrier patch into sorted section
- Remove debug flavor (bsc#1243919). This is only released in Leap, and we do not have Leap 15.4 anymore.
- Remove debug flavor (bsc#1243919). This is only released in Leap, and we do not have Leap 15.5 anymore.
- Use gcc-13 for build on SLE16 (jsc#PED-10028).
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (bsc#1242778).
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (bsc#1242778).
- arm64: insn: Add support for encoding DSB (bsc#1242778).
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (bsc#1242778).
- arm64: proton-pack: Expose whether the branchy loop k value (bsc#1242778).
- arm64: proton-pack: Expose whether the platform is mitigated by firmware (bsc#1242778).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (bsc#1243737).
- hv_netvsc: Remove rmsg_pgcnt (bsc#1243737).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (bsc#1243737).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- net :mana :Add remaining GDMA stats for MANA to ethtool (bsc#1234395).
- net :mana :Request a V2 response version for MANA_QUERY_GF_STAT (bsc#1234395).
- net: mana: Add gdma stats to ethtool output for mana (bsc#1234395).
- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (bsc#1223096).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW (bsc#1218470 ltc#204531).
- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).
- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986)
- rpm/kernel-binary.spec.in: fix KMPs build on 6.13+ (bsc#1234454)
- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)
- scsi: core: Fix unremoved procfs host directory regression (git-fixes).
- tcp: Dump bound-only sockets in inet_diag (bsc#1204562).
- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).
- tpm: tis: Double the timeout B to 4s (bsc#1235870).
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).
The following package changes have been done:
- kernel-default-5.14.21-150500.55.110.1 updated
More information about the sle-container-updates
mailing list